Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer is running really slow and popups keep coming up


  • This topic is locked This topic is locked

#1
drxsprinkles

drxsprinkles

    Member

  • Member
  • PipPip
  • 47 posts

Hey i believe i have downloaded a virus of some sort.  All of a sudden every time i click something on any website it brings me to another site and it runs extremely slow.

If someone could help me that would be greatly appreciated, i'm not to computer savvy and this site is the best in helping me out

                                               thank you  

                                                          -MM


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

 

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
farbar-recovery-scan-tool/dl/81/Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please also paste it to your reply.


  • 0

#3
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

i ran it but it didnt bring up a log how do i bring that up ?


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts

Hello,

 

 

FRST will make a log (FRST.txt) in the same directory the tool is run from.
The first time the tool is run, it makes also another log (Addition.txt).

 

 

So:

If you downloaded FRST to the desktop, then the log reports will be in that directory or on the  (Desktop). Do you see them on the desktop ?

 

If you don't see the logs on the desktop then perhaps FRST is running from a different location most likely the downloads folder, and the logs would be there;

 

C:\ USER\YOUR NAME\DOWNLOADS

 

 

 

 


  • 0

#5
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by MasTeR J (administrator) on DRXSPRINKLES on 04-03-2015 23:49:04
Running from C:\Users\MasTeR J\Desktop
Loaded Profiles: MasTeR J (Available profiles: MasTeR J)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTSVCCDA.EXE
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource\Detector\CTDetect.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\MasTeR J\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Mamba\RazerTray.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
() C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
() C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
() C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(BitTorrent Inc.) C:\Users\MasTeR J\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
() C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-18] ()
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-08-10] (Bitleader)
HKLM-x32\...\Run: [CTSysVol] => C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [57344 2005-10-31] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-03-13] (cyberlink)
HKLM-x32\...\Run: [Razer Mamba Driver] => C:\Program Files (x86)\Razer\Mamba\RazerTray.exe [3278664 2009-10-30] (Razer USA Ltd)
HKLM-x32\...\Run: [VERIZONDM] => C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe [206120 2011-12-01] (SupportSoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\RunOnce: [DES2] => C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2.exe [354856 2010-03-01] ()
HKLM-x32\...\RunOnce: [SDBOK] => C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe [207400 2009-07-06] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [Creative Detector] => C:\Program Files (x86)\Creative\MediaSource\Detector\CTDetect.exe [102400 2004-12-02] (Creative Technology Ltd)
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-18] (Valve Corporation)
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [Google Update] => "C:\Users\MasTeR J\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [Spotify] => C:\Users\MasTeR J\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Run: [Spotify Web Helper] => C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Policies\Explorer: [HideSCAHealth] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\MasTeR J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\All Day - Kanye West ( CDQ ) feat - Allan Kingdom & Theophilus London New kanye west.lnk
ShortcutTarget: All Day - Kanye West ( CDQ ) feat - Allan Kingdom & Theophilus London New kanye west.lnk -> C:\ProgramData\{57c9a148-af72-f6a4-57c9-9a148af78522}\All Day - Kanye West ( CDQ ) feat - Allan Kingdom & Theophilus London New kanye west.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.swe...&cc=US&unqvl=84
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.swe...&cc=US&unqvl=84
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://my.screennam...aol.com&lang=en
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKU\S-1-5-21-1219521171-3291892493-1830592222-1000 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKU\S-1-5-21-1219521171-3291892493-1830592222-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
BHO: UoniDealsse -> {3977b363-8aa7-442a-9662-5643894c564c} -> C:\Program Files (x86)\UoniDealsse\FRlNPJu7Cg3wW3.x64.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: youtubeadblocker -> {db827244-307b-48d0-bc73-bc7f3ddc4f89} -> C:\Program Files (x86)\youtubeadblocker\cdJB6K3YBUfjge.x64.dll ()
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: UoniDealsse -> {3977b363-8aa7-442a-9662-5643894c564c} -> C:\Program Files (x86)\UoniDealsse\FRlNPJu7Cg3wW3.dll ()
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: youtubeadblocker -> {db827244-307b-48d0-bc73-bc7f3ddc4f89} -> C:\Program Files (x86)\youtubeadblocker\cdJB6K3YBUfjge.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15113/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\MasTeR J\AppData\Roaming\Mozilla\Firefox\Profiles\etbc2ev2.default-1403286055339
FF SelectedSearchEngine: WebSearch
FF Homepage: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84
FF SearchEngineOrder.1: WebSearch
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF DefaultSearchEngine,S: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Keyword.URL: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=
FF DefaultSearchUrl: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1219521171-3291892493-1830592222-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\MasTeR J\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1219521171-3291892493-1830592222-1000: @talk.google.com/O1DPlugin -> C:\Users\MasTeR J\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\MasTeR J\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\MasTeR J\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\MasTeR J\AppData\Roaming\Mozilla\Firefox\Profiles\etbc2ev2.default-1403286055339\searchplugins\WebSearch.xml
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-11-29]
FF HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (Mancala) - C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjlhjhpnhabnfepdfemepiilbjbkecpe [2014-08-30]
CHR Extension: (Google Wallet) - C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-11]
CHR Extension: (UoniDealsse) - C:\ProgramData\ldpmlmfnhgbcajiimjjjfngfpdbebaeo\ []
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 41625311; c:\Program Files (x86)\ClickNRead\ClickNRead.dll [1659392 2015-03-04] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-10-30] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-10-30] (Creative Labs) [File not signed]
R2 Creative Service for CDROM Access; C:\Windows\SysWOW64\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-18] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [206120 2011-12-01] (SupportSoft, Inc.)
R2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [185640 2011-12-01] (SupportSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2010-11-30] ()
S3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-08] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-03-13] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\MASTER~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Cam3820; System32\Drivers\cam3820a.sys [X]
S3 cpuz130; \??\C:\Users\MASTER~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
R3 cpuz134; \??\C:\Users\MASTER~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-04 23:49 - 2015-03-04 23:49 - 00028630 _____ () C:\Users\MasTeR J\Desktop\FRST.txt
2015-03-04 23:48 - 2015-03-04 23:49 - 00000000 ____D () C:\FRST
2015-03-04 23:48 - 2015-03-04 23:48 - 02092544 _____ (Farbar) C:\Users\MasTeR J\Downloads\FRST64.exe
2015-03-04 23:48 - 2015-03-04 23:48 - 02092544 _____ (Farbar) C:\Users\MasTeR J\Desktop\FRST64.exe
2015-03-04 23:07 - 2015-03-04 23:07 - 00000000 __SHD () C:\Users\MasTeR J\AppData\Local\EmieBrowserModeList
2015-03-04 22:59 - 2015-03-04 23:47 - 00000000 ____D () C:\Program Files\Reimage
2015-03-04 22:58 - 2015-03-04 23:33 - 00000165 _____ () C:\Windows\Reimage.ini
2015-03-04 22:58 - 2015-03-04 22:58 - 00784904 _____ (Reimage®) C:\Users\MasTeR J\Downloads\ReimageRepair.exe
2015-03-04 17:58 - 2015-03-04 17:58 - 00000000 ____D () C:\Program Files (x86)\ClickNRead
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\ProgramData\17759028420720109425
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\Program Files (x86)\UoniDealsse
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\Program Files (x86)\Tab Shutter
2015-03-04 17:56 - 2015-03-04 17:56 - 01056768 _____ () C:\Users\MasTeR J\Downloads\All Day - Kanye West ( CDQ ) feat - Allan Kingdom & Theophilus London New kanye west.exe
2015-03-04 17:56 - 2015-03-04 17:56 - 00000000 ____D () C:\ProgramData\ldpmlmfnhgbcajiimjjjfngfpdbebaeo
2015-03-04 17:56 - 2015-03-04 17:56 - 00000000 ____D () C:\ProgramData\{57c9a148-af72-f6a4-57c9-9a148af78522}
2015-03-04 17:45 - 2015-03-04 17:49 - 00000000 ____D () C:\Users\MasTeR J\Downloads\Big Sean - Dark Sky Paradise (Deluxe) 2015 [MP3 320 KBPS]
2015-03-04 17:45 - 2015-03-04 17:45 - 00013415 _____ () C:\Users\MasTeR J\Downloads\[kickasstorrent.kickassdownloads.net]big.sean.dark.sky.paradise.deluxe.2015.mp3.320.kbps.vbuc.torrent
2015-02-25 10:00 - 2015-01-08 18:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 10:00 - 2015-01-08 18:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-20 09:56 - 2015-02-20 09:56 - 00000000 ____D () C:\Users\MasTeR J\AppData\Local\Steam
2015-02-16 20:45 - 2015-02-16 20:54 - 00000000 ____D () C:\Users\MasTeR J\Downloads\Kayne West [Late Registration]
2015-02-16 20:45 - 2015-02-16 20:45 - 00016145 _____ () C:\Users\MasTeR J\Downloads\[kickass.to]kayne.west.late.registration.mp3.320kbps.hannspree.torrent
2015-02-16 12:01 - 2015-02-16 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-16 11:59 - 2015-02-16 12:00 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-16 11:59 - 2015-02-16 12:00 - 00000000 ____D () C:\Program Files\iTunes
2015-02-16 11:59 - 2015-02-16 11:59 - 00000000 ____D () C:\Program Files\iPod
2015-02-16 11:59 - 2015-02-16 11:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-15 13:47 - 2015-02-15 13:51 - 00000000 ____D () C:\Users\MasTeR J\Downloads\Drake - If You're Reading This It's Too Late 2015
2015-02-15 13:46 - 2015-02-15 13:46 - 00014436 _____ () C:\Users\MasTeR J\Downloads\[kickass.hid.im]drake.if.you.re.reading.this.it.s.too.late.2015.album.mp3.320.kpbs.ctrc.torrent
2015-02-12 02:15 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 02:15 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 02:15 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 02:15 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 06:34 - 2015-02-03 22:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 06:34 - 2015-02-03 22:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 06:34 - 2015-02-03 22:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 06:34 - 2015-02-03 22:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 06:34 - 2015-02-03 22:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 06:34 - 2015-02-03 22:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 06:34 - 2015-02-03 22:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 06:34 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 06:34 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 06:34 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 06:34 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 06:34 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 06:34 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 06:34 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 06:34 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 06:34 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 06:34 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 06:34 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 06:34 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 06:34 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 06:34 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 06:34 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 06:34 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 06:34 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 06:34 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 06:34 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 06:34 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 06:34 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 06:34 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 06:34 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 06:34 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 06:34 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 06:34 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 06:34 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 06:34 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 06:34 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 06:34 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 06:34 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 06:34 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 06:34 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 06:34 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 06:34 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 06:34 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 06:34 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 06:34 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 06:34 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 06:34 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 06:34 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 06:34 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 06:34 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 06:34 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 06:34 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 06:34 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 06:34 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 06:34 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 06:34 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 06:34 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 06:34 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 06:34 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 06:34 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 06:34 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 06:34 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 06:34 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 06:34 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 06:34 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 06:34 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 06:34 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 06:34 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 06:34 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 06:34 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 06:34 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 06:34 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 06:34 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 06:34 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 06:34 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-11 06:34 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-11 06:34 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-11 06:34 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-11 06:33 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 06:33 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 06:33 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 06:33 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 06:33 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 06:33 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 06:33 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 06:33 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 06:33 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 06:33 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 06:33 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 06:33 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 06:33 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 06:33 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 06:33 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 06:33 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 06:33 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 06:33 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 06:33 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 06:33 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 06:33 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 06:33 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 06:33 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 06:33 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 06:33 - 2014-10-03 21:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 06:33 - 2014-10-03 20:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 06:33 - 2014-10-03 20:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 06:33 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 06:33 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 06:32 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 06:32 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 06:32 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 06:32 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 06:32 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 06:32 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 06:32 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 06:32 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 06:32 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 06:32 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-05 00:37 - 2015-02-05 00:37 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-04 23:46 - 2013-08-27 17:02 - 00000000 ____D () C:\Users\MasTeR J\AppData\Roaming\uTorrent
2015-03-04 23:37 - 2012-06-19 20:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-04 23:23 - 2012-09-11 14:07 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1219521171-3291892493-1830592222-1000UA.job
2015-03-04 23:00 - 2014-02-11 20:32 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-04 22:26 - 2010-10-30 11:30 - 01087959 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 22:05 - 2013-10-10 17:09 - 00000000 ____D () C:\Users\MasTeR J\AppData\Roaming\Spotify
2015-03-04 06:00 - 2014-02-11 20:32 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-04 04:23 - 2012-09-11 14:07 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1219521171-3291892493-1830592222-1000Core.job
2015-03-03 08:17 - 2010-10-30 12:14 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 15:20 - 2013-10-10 17:09 - 00000000 ____D () C:\Users\MasTeR J\AppData\Local\Spotify
2015-03-02 15:05 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-02 08:57 - 2010-10-30 10:35 - 00000373 _____ () C:\Windows\lgfwup.ini
2015-03-02 08:57 - 2010-10-30 10:35 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2015-03-02 08:20 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-02 08:20 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-02 08:10 - 2012-09-04 19:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-02 08:10 - 2010-10-30 11:56 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-02 08:09 - 2011-10-17 00:33 - 00074572 _____ () C:\Windows\setupact.log
2015-03-02 08:09 - 2010-10-30 11:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-02 08:09 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-26 12:41 - 2011-12-07 17:44 - 00000000 ____D () C:\Users\MasTeR J\Desktop\[bleep]
2015-02-25 21:28 - 2014-04-18 20:12 - 00188416 ___SH () C:\Users\MasTeR J\Desktop\Thumbs.db
2015-02-20 12:20 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-02-16 11:59 - 2012-09-21 11:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-11 10:31 - 2009-07-13 23:45 - 00314376 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 10:29 - 2014-12-10 10:23 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 10:29 - 2014-04-30 09:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 10:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing
2015-02-11 10:12 - 2014-04-28 21:42 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 10:10 - 2010-11-02 21:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 10:09 - 2012-10-02 09:00 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 10:09 - 2012-06-10 15:25 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-02-11 10:08 - 2013-08-14 09:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 10:08 - 2012-06-10 15:25 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 10:08 - 2012-06-10 15:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 10:02 - 2010-10-31 21:08 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-05 15:26 - 2009-07-14 00:13 - 00795818 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 00:37 - 2012-06-19 20:35 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 00:37 - 2012-06-19 20:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 00:37 - 2011-06-23 21:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-07-26 21:30 - 2014-07-31 19:16 - 0000016 _____ () C:\Users\MasTeR J\AppData\Roaming\msregsvv.dll
2010-12-26 01:17 - 2010-12-26 02:20 - 0001770 _____ () C:\Users\MasTeR J\AppData\Roaming\Profile0.dat
2010-10-30 22:14 - 2010-10-30 22:14 - 0000096 _____ () C:\Users\MasTeR J\AppData\Local\fusioncache.dat
2010-11-03 22:41 - 2010-11-03 22:50 - 0007648 _____ () C:\Users\MasTeR J\AppData\Local\Resmon.ResmonCfg
2014-07-26 21:30 - 2014-07-31 19:16 - 0000016 _____ () C:\ProgramData\autobk.inc
2010-10-30 14:35 - 2010-11-30 00:35 - 0000088 __RSH () C:\ProgramData\CFE0928CB5.sys
2010-11-22 11:37 - 2010-11-29 14:43 - 0001117 _____ () C:\ProgramData\hpzinstall.log
2010-10-30 14:35 - 2010-11-30 00:35 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
 
Some content of TEMP:
====================
C:\Users\MasTeR J\AppData\Local\Temp\255E.exe
C:\Users\MasTeR J\AppData\Local\Temp\49D0.exe
C:\Users\MasTeR J\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\MasTeR J\AppData\Local\Temp\ReimagePackage.exe
C:\Users\MasTeR J\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\MasTeR J\AppData\Local\Temp\sqlite3.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-23 00:49
 
==================== End Of Log ============================

  • 0

#6
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by MasTeR J at 2015-03-04 23:49:38
Running from C:\Users\MasTeR J\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
µTorrent (HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.0.3.1 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX 64) (Version: 10.2.161.23 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin 64) (Version: 10.2.161.23 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battlefield 2 Complete Collection (HKLM-x32\...\{A8DBF55D-73C0-4E37-A10E-365BFBB14119}) (Version:  - )
Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version:  - )
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\GFWL_{5454085C-A12E-4456-BDE3-BB1000008300}) (Version: 1.0.0000.131 - 2K Games)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock 2 (x32 Version: 1.0.0000.131 - 2K Games) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - )
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
CPUID HWMonitor 1.15 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource (HKLM-x32\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.12 - Creative Technology Limited)
Cryostasis Demo (Remove Only) (HKLM-x32\...\{97A8C4B4-2B50-42D1-AFE6-5E8433185436}_is1) (Version: 1.0.0.0 - 1C Company)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis WARHEAD® (HKLM-x32\...\Crysis WARHEAD®) (Version:  - Electronic Arts)
Crysis WARHEAD® (x32 Version: 1.0 - Crytek) Hidden
Crysis WARHEAD® Patch (HKLM-x32\...\Crysis WARHEAD® Patch) (Version:  - Electronic Arts)
Crysis WARHEAD® Patch (x32 Version: 1.0 - Crytek) Hidden
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.21.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3715.01 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darkspore™ (HKLM-x32\...\{B1AAE4BF-C98E-467E-94C7-4E1F51DD86E0}) (Version: 1.00.0000 - Electronic Arts)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ Music Mixer (HKLM-x32\...\DJ Music Mixer) (Version: 4.9 - www.program4pc.com)
DJ_AIO_03_F4200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.00 - Electronic Arts, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
EA Installer (HKLM-x32\...\EA Installer.1635480076) (Version: 2.2.0.19 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.19 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Easy Tune 6 B10.0521.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0521.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVGA Precision 2.0.1 (HKLM-x32\...\Precision) (Version: 2.0.1 - EVGA Corporation)
F4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.02.00 - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Game Room (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
GameSpy Comrade (HKLM-x32\...\{E7391464-6939-413C-B427-32F33FE13484}) (Version: 0.26.0.134 - GameSpy)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GreatArcadeHits (HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\{856AD396-519D-4C7A-BED6-6785F64924BC}) (Version: 1.0 - GreatArcadeHits) <==== ATTENTION
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
I-Doser Free (HKLM-x32\...\I-Doser) (Version: 5.0 - I-Doser.com)
IHA_MessageCenter (HKLM-x32\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version:  - Blit Software)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mamba Firmware Updater 1.13 (HKLM-x32\...\{6C6ED584-9F75-4235-8718-1F35B59814E8}) (Version: 1.13.00 - Razer USA Ltd.)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metal Slug 3 (HKLM-x32\...\Steam App 250180) (Version:  - DotEmu)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MykonosScript (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{41625311}) (Version:  - MykonosScript) <==== ATTENTION
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Alien vs. Triangles demo (HKLM-x32\...\Alien vs. Triangles) (Version: 1.0 - NVIDIA Corporation)
NVIDIA Design Garage (HKLM-x32\...\{F16837E3-B99C-4F39-BB40-E95D54CA5182}) (Version: 1.0.0.0 - NVIDIA Corporation)
NVIDIA Endless City demo (HKLM-x32\...\Endless City) (Version: 1.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Hair Demo (HKLM-x32\...\{BF2D55FB-975E-4B59-9C10-439A975701FF}) (Version: 1.00 - )
NVIDIA HD Audio Driver 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA Island Demo (HKLM-x32\...\{D422FDA2-EE96-4556-8F56-6713F92F4D1C}) (Version: 1.00 - )
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Supersonic Sled demo (HKLM-x32\...\Supersonic Sled) (Version:  - )
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - )
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PCDJ DEX 2 2.0.7 (HKLM-x32\...\PCDJdex_is1) (Version: 2.0.7 - PCDJ)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Mamba (HKLM-x32\...\{7BE49DA7-EDA4-4C63-AA06-DCDF6858C3F3}) (Version: 1.06.02 - Razer USA Ltd.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Red Faction: Guerrilla (HKLM-x32\...\GFWL_{54510837-8D99-4877-8C7A-031000008200}) (Version: 1.0.0000.130 - THQ)
Red Faction: Guerrilla (x32 Version: 1.0.0000.130 - THQ) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Shadowrun (HKLM-x32\...\GFWL_{4D5307D6-142D-4487-933E-F31000008200}) (Version: 1.0.0000.130 - Microsoft Game Studios)
Shadowrun (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Shadowrun (x32 Version: 1.0.0000.130 - Microsoft Game Studios) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Smart 6 B10.0422.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version:  - SEGA)
Sonic Adventure™ 2  (HKLM-x32\...\Steam App 213610) (Version:  - )
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version:  - Sega)
Sound Blaster Audigy (HKLM-x32\...\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}) (Version: 1.0 - )
Spotify (HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stone Giant 1.0 (HKLM-x32\...\{1FC46D21-F4A4-42DF-B9A4-27F8A702EBC5}_is1) (Version:  - BitSquid & Fatshark)
Street Racing Syndicate (HKLM-x32\...\Steam App 292410) (Version:  - Eutechnyx)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - )
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
System Requirements Lab (HKLM-x32\...\{4DE938F7-C196-43D7-8EEB-411CDE0A96B1}) (Version: 4.3.1.0 - Husdawg, LLC)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tab Shutter (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
TabIt version 2.01 (HKLM-x32\...\TabIt for Windows_is1) (Version: 2.01 - GTAB Software)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\TeamSpeak 3 Client) (Version: 3.0.10.1 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version:  - 2K Marin)
The War Z version alpha (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: alpha - Arktos Entertainment Group LLC)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TP-LINK Wireless Client Utility (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Unigine Heaven Benchmark v2.1 (HKLM-x32\...\{38468127-9E6F-4FC9-B5F7-42D4AD437D96}) (Version: 2.1 - Unigine Corp.)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UoniDealsse (HKLM-x32\...\{11F6D5AB-263F-388E-74DE-E3DECD390E3F}) (Version:  - ) <==== ATTENTION
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.5.0 - Flagship Industries, Inc.)
Verizon Download Manager (HKLM-x32\...\{F5DAFD10-6E61-49BF-B3C5-5AA9AF3A0863}) (Version: 16 - SupportSoft)
ViewSonic Monitor Drivers (HKLM-x32\...\{B4FEA924-630D-11D4-B78E-005004566E4D}) (Version:  - )
Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.71.0 - Verizon)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
youtubeadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1219521171-3291892493-1830592222-1000_Classes\CLSID\{2ECF8574-A364-319D-BECC-CA0E6E9B2AF9}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
24-02-2015 02:00:02 Automatic creation
25-02-2015 10:48:42 Automatic creation
26-02-2015 02:00:06 Automatic creation
27-02-2015 02:00:04 Automatic creation
28-02-2015 02:00:04 Automatic creation
02-03-2015 08:39:36 Automatic creation
03-03-2015 02:00:01 Automatic creation
04-03-2015 02:00:03 Automatic creation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2014-10-10 21:51 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {2049CD51-393B-4F83-A42D-AF668DDB1EB5} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {227D00C5-1FDA-448D-9541-17923F84AD81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {315A5710-C7DD-4AC1-BF75-E0A6AF9A6FCF} - System32\Tasks\{EB7CC0DF-4984-4658-9BA4-2309C84D0748} => pcalua.exe -a "C:\Program Files (x86)\Creative\SBAudigy\Device Control\USBAudio.cpl" -c Device Control
Task: {361B98FC-25CA-4840-90FB-9D988BF32B7F} - System32\Tasks\{9BBFA01A-E6EE-440A-9B24-D9F7503F1B36} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {4F158CCD-3C05-40A1-9370-9F8645800E65} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {515D65DA-42AC-4E68-8904-1651FFB65280} - System32\Tasks\{C02769D4-5163-400F-B554-ACE85A973A6C} => pcalua.exe -a C:\ProgramData\Microsoft\XLive\InstallerPath\Extract\cabB366.tmp\content\vcredist_x86\vcredist_x86.exe -d C:\ProgramData\Microsoft\XLive\InstallerPath\Extract\cabB366.tmp\content\vcredist_x86\ -c /q:a /c:"msiexec /i vcredist.msi /qn"
Task: {6DFFFF83-AE69-48A9-B358-0E379A6E4277} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1219521171-3291892493-1830592222-1000UA => C:\Users\MasTeR J\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {6E1B6B35-5830-438B-ADC0-DF4A3CE59040} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1
Task: {77A5CDDC-9AAB-482D-9A36-F0671A9B4FBA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1219521171-3291892493-1830592222-1000Core => C:\Users\MasTeR J\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {7ECD02B1-E57C-47D7-A92E-230474D7AD2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8242543C-5263-4D4A-A6D7-E1AF9952E053} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {94943426-F2B7-4EE2-AFB7-5E4B821C51A9} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {9DE72A4A-1BE4-4480-A22F-F7EB2CE3D4B0} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl
Task: {A45C2F15-93F2-4EF6-A064-CE1506E7482D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {ABE6B8A0-1A58-474A-AD4D-D3B8D9FAA5BB} - System32\Tasks\{9BAB5F21-056F-4124-B159-D6B0E0AD2522} => pcalua.exe -a C:\PROGRA~2\ACOUST~3\FX-INS~1.EXE -d "C:\Users\MASTER~1\AppData\Local\Temp\Rar$EX44.632\Acoustica Mixcraft v2.01.33 +keygen" -c C:\Program Files (x86)\Acoustica Shared Effects
Task: {AE721183-3FF1-4894-B18B-EA2E9ABFBACD} - System32\Tasks\{7D8739CD-FBE7-4EB1-8506-23648F8F5147} => pcalua.exe -a C:\ProgramData\Microsoft\XLive\InstallerPath\Extract\cabB366.tmp\content\PhysX_8.10.29_SystemSoftware\PhysX_8.10.29_SystemSoftware.exe -d C:\ProgramData\Microsoft\XLive\InstallerPath\Extract\cabB366.tmp\content\PhysX_8.10.29_SystemSoftware\ -c /quiet
Task: {B1EB7D7D-3485-41E7-BAC9-04DABA4F1846} - System32\Tasks\{AC87F018-6F88-44EF-BFC7-8243AC66D8B0} => pcalua.exe -a C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE -c /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
Task: {CDD74ECB-2820-4A5A-9054-9AC14B9C9342} - System32\Tasks\{EB1F148C-A660-4062-B2EF-FF161F96A333} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe [2007-10-24] (Sony DADC Austria AG)
Task: {E0634B04-6DA3-4264-9403-F744DF2294C5} - System32\Tasks\{0D0A65EA-4607-45AE-9237-1B8614F7DD39} => pcalua.exe -a C:\PROGRA~2\ACOUST~1\FX-INS~1.EXE -d "C:\Users\MASTER~1\AppData\Local\Temp\Rar$EX52.632\Acoustica Beatcraft v1.02.13 +keygen" -c C:\Program Files (x86)\Acoustica Shared Effects
Task: {F2F3310B-9453-4E86-8181-406F09670D38} - System32\Tasks\{151324C9-23D8-4A6A-904E-FA8C170E4D37} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "c:\program files (x86)\steam\steamapps\common\left 4 dead 2" -c /register
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1219521171-3291892493-1830592222-1000Core.job => C:\Users\MasTeR J\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1219521171-3291892493-1830592222-1000UA.job => C:\Users\MasTeR J\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2012-06-19 20:24 - 2013-06-21 05:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-30 11:48 - 2009-06-17 15:13 - 00068136 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2010-10-30 11:45 - 2010-01-18 21:31 - 00072304 ____N () C:\Windows\SysWOW64\XSrvSetup.exe
2011-11-08 22:37 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-10-30 11:48 - 2009-12-01 13:13 - 00035880 _____ () C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
2013-10-10 17:09 - 2014-12-10 15:40 - 00374840 _____ () C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2010-10-30 11:48 - 2009-05-04 16:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2010-10-30 11:48 - 2009-06-10 15:28 - 00106496 _____ () C:\Program Files (x86)\GIGABYTE\smart6\dbios\DBIOS.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-12 16:10 - 2014-11-11 13:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-28 12:02 - 2014-12-01 19:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-28 12:02 - 2014-12-01 19:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-28 12:02 - 2014-12-01 19:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 16:04 - 2015-02-18 18:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 21:23 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 21:23 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 21:23 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 21:23 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 21:23 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-09-04 19:28 - 2015-02-18 18:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-10-23 16:47 - 2011-08-22 00:18 - 00925696 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2013-10-10 17:09 - 2014-12-10 15:40 - 36966968 _____ () C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\libcef.dll
2010-10-30 12:02 - 2009-02-06 17:52 - 00073728 ____N () C:\Windows\SysWOW64\CmdRtr.DLL
2010-10-30 12:02 - 2009-07-10 08:07 - 00166912 ____N () C:\Windows\SysWOW64\APOMngr.DLL
2012-09-04 19:28 - 2015-01-27 20:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-10-10 17:09 - 2014-12-10 15:40 - 00886840 _____ () C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-10 17:09 - 2014-12-10 15:40 - 00108600 _____ () C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\libegl.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-07 18:03 - 2014-12-10 15:40 - 00867896 _____ () C:\Users\MasTeR J\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2015-03-04 17:58 - 2015-03-04 17:58 - 01659392 _____ () c:\Program Files (x86)\ClickNRead\ClickNRead.dll
2015-02-05 00:37 - 2015-02-05 00:37 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2014-09-12 20:02 - 2014-09-03 22:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 20:02 - 2014-09-03 22:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 20:02 - 2014-09-03 22:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 20:02 - 2014-09-03 22:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 20:02 - 2014-09-03 22:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-12 20:02 - 2014-09-03 22:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MasTeR J\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1219521171-3291892493-1830592222-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1219521171-3291892493-1830592222-1004 - Limited - Enabled)
Guest (S-1-5-21-1219521171-3291892493-1830592222-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1219521171-3291892493-1830592222-1002 - Limited - Enabled)
MasTeR J (S-1-5-21-1219521171-3291892493-1830592222-1000 - Administrator - Enabled) => C:\Users\MasTeR J
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/03/2015 11:58:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/02/2015 11:59:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/02/2015 09:01:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/02/2015 08:39:35 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c9822dd4-8c6f-45ea-b33d-771b332bc13e}
 
Error: (02/28/2015 01:06:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/27/2015 00:27:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/26/2015 00:42:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/25/2015 10:48:38 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {fe4f5a01-2431-45d8-833f-d9ce6ad3a457}
 
Error: (02/25/2015 01:28:39 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/24/2015 04:26:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpotifyHelper.exe, version: 0.0.0.0, time stamp: 0x54803c00
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000222d2
Faulting process id: 0x61c
Faulting application start time: 0xSpotifyHelper.exe0
Faulting application path: SpotifyHelper.exe1
Faulting module path: SpotifyHelper.exe2
Report Id: SpotifyHelper.exe3
 
 
System errors:
=============
Error: (03/02/2015 08:12:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
 
Error: (03/02/2015 08:11:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (03/02/2015 08:09:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\athExt.dll
Error Code: 126
 
Error: (02/26/2015 10:28:38 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (02/26/2015 10:28:36 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (02/25/2015 10:28:44 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (02/25/2015 10:28:36 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (02/25/2015 10:20:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (02/25/2015 10:18:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\athExt.dll
Error Code: 126
 
Error: (02/20/2015 09:56:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-25 20:04:19.159
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-25 20:04:19.082
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-16 23:53:39.860
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-16 23:53:39.797
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-16 23:53:26.631
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-16 23:53:26.569
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-16 23:53:13.948
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-16 23:53:13.886
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-09-21 12:35:21.606
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-09-21 12:35:21.558
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU 870 @ 2.93GHz
Percentage of memory in use: 50%
Total physical RAM: 4087.43 MB
Available physical RAM: 2024.41 MB
Total Pagefile: 8173.05 MB
Available Pagefile: 4925.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:401.42 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DBE99D42)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#7
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts

Hello,

I have  noticed in your log file you are using kickasstorrent, uTorrent. P2P programs. We at Geeks to go ! Recommend removing these type of programs, they are a known cause of Malware infections. When you use file sharing programs like this you can never be sure of the file content and you are put at a much greater risk for infection. I strongly recommend you remove this program before we begin our work.

 

Next

Please uninstall these ad-ware producing programs:

To do that:
Click start, click Control panel, click programs & Features

  • GreatArcadeHits
  • youtubeadblocker
  • Java 7 Update 67------Old Java versions are an infection risk.

 

Click the program and choose uninstall. If a program does not uninstall skip it and move to the next provided instruction.

Next

Please download AdwCleaner by Xplode onto your Desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found.  Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner

 

 

Next

thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.

In your next reply post;

 

  • The AdwCleaner [SO].txt Log
  • The JRT.txt Log

 

Thanks
Joe :)


  • 0

#8
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
# AdwCleaner v4.111 - Logfile created 05/03/2015 at 18:17:48
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : MasTeR J - DRXSPRINKLES
# Running from : C:\Users\MasTeR J\Desktop\adwcleaner_4.111.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : YahooAUService
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Driver Mender
Folder Deleted : C:\ProgramData\17759028420720109425
Folder Deleted : C:\Program Files (x86)\UoniDealsse
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\ProgramData\ldpmlmfnhgbcajiimjjjfngfpdbebaeo
File Deleted : C:\Windows\Reimage.ini
File Deleted : C:\Users\MasTeR J\AppData\Roaming\Mozilla\Firefox\Profiles\etbc2ev2.default-1403286055339\searchplugins\WebSearch.xml
File Deleted : C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Key Deleted : HKLM\SOFTWARE\Classes\P3977b363_8aa7_442a_9662_5643894c564c_.P3977b363_8aa7_442a_9662_5643894c564c_
Key Deleted : HKLM\SOFTWARE\Classes\P3977b363_8aa7_442a_9662_5643894c564c_.P3977b363_8aa7_442a_9662_5643894c564c_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pdb827244_307b_48d0_bc73_bc7f3ddc4f89_.Pdb827244_307b_48d0_bc73_bc7f3ddc4f89_
Key Deleted : HKLM\SOFTWARE\Classes\Pdb827244_307b_48d0_bc73_bc7f3ddc4f89_.Pdb827244_307b_48d0_bc73_bc7f3ddc4f89_.9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{41625311}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3977b363-8aa7-442a-9662-5643894c564c}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{db827244-307b-48d0-bc73-bc7f3ddc4f89}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3977b363-8aa7-442a-9662-5643894c564c}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3977b363-8aa7-442a-9662-5643894c564c}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{db827244-307b-48d0-bc73-bc7f3ddc4f89}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3977b363-8aa7-442a-9662-5643894c564c}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{db827244-307b-48d0-bc73-bc7f3ddc4f89}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3977b363-8aa7-442a-9662-5643894c564c}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{db827244-307b-48d0-bc73-bc7f3ddc4f89}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3977b363-8aa7-442a-9662-5643894c564c}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{db827244-307b-48d0-bc73-bc7f3ddc4f89}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3977b363-8aa7-442a-9662-5643894c564c}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\ProPCCleanerLanguage
Key Deleted : HKCU\Software\ProPCCleanerConfig
Key Deleted : HKCU\Software\SearchProtectWS
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKCU\Software\AppDataLow\Software\TheBestDeals
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11F6D5AB-263F-388E-74DE-E3DECD390E3F}
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\getwebcake.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetpacks.com
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v31.0 (x86 en-US)
 
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=");
[etbc2ev2.default-1403286055339\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=");
 
-\\ Google Chrome v37.0.2062.120
 
[C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lcnnhcneegeeojhgpfijnlnocjdmlaon
[C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ldpmlmfnhgbcajiimjjjfngfpdbebaeo
[C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84
[C:\Users\MasTeR J\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84
 
-\\ Comodo Dragon v
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [8907 bytes] - [05/03/2015 18:14:43]
AdwCleaner[S0].txt - [8362 bytes] - [05/03/2015 18:17:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8421  bytes] ##########

  • 0

#9
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by MasTeR J on Thu 03/05/2015 at 18:23:21.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\MasTeR J\appdata\local\google\chrome\user data\default\local storage\http_pricegong.conduitapps.com_0.localstorage"
Successfully deleted: [File] "C:\Users\MasTeR J\appdata\local\google\chrome\user data\default\local storage\http_pricegong.conduitapps.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\MasTeR J\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\MasTeR J\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] C:\Users\MasTeR J\AppData\Roaming\mozilla\firefox\profiles\etbc2ev2.default-1403286055339\extensions\staged
Emptied folder: C:\Users\MasTeR J\AppData\Roaming\mozilla\firefox\profiles\etbc2ev2.default-1403286055339\minidumps [4 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\MasTeR J\appdata\local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/05/2015 at 18:26:03.70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts

Hello,
A few items to fix, most of it already been taken care of. Please run the fix. Then Malwarebytes.

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Policies\Explorer: [HideSCAHealth] 1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.swe...&cc=US&unqvl=84
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.swe...&cc=US&unqvl=84
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://my.screennam...aol.com&lang=en
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKU\S-1-5-21-1219521171-3291892493-1830592222-1000 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKU\S-1-5-21-1219521171-3291892493-1830592222-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
BHO: UoniDealsse -> {3977b363-8aa7-442a-9662-5643894c564c} -> C:\Program Files (x86)\UoniDealsse\FRlNPJu7Cg3wW3.x64.dll ()
BHO: youtubeadblocker -> {db827244-307b-48d0-bc73-bc7f3ddc4f89} -> C:\Program Files (x86)\youtubeadblocker\cdJB6K3YBUfjge.x64.dll ()
BHO-x32: UoniDealsse -> {3977b363-8aa7-442a-9662-5643894c564c} -> C:\Program Files (x86)\UoniDealsse\FRlNPJu7Cg3wW3.dll ()
BHO-x32: youtubeadblocker -> {db827244-307b-48d0-bc73-bc7f3ddc4f89} -> C:\Program Files (x86)\youtubeadblocker\cdJB6K3YBUfjge.dll ()
FF SelectedSearchEngine: WebSearch
FF Homepage: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84
FF SearchEngineOrder.1: WebSearch
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF DefaultSearchEngine,S: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Keyword.URL: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=
FF DefaultSearchUrl: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=
CHR dev: Chrome dev build detected! <======= ATTENTION
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 Cam3820; System32\Drivers\cam3820a.sys [X]
S3 cpuz130; \??\C:\Users\MASTER~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
R3 cpuz134; \??\C:\Users\MASTER~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
2015-03-04 22:59 - 2015-03-04 23:47 - 00000000 ____D () C:\Program Files\Reimage
2015-03-04 22:58 - 2015-03-04 23:33 - 00000165 _____ () C:\Windows\Reimage.ini
2015-03-04 22:58 - 2015-03-04 22:58 - 00784904 _____ (Reimage®) C:\Users\MasTeR J\Downloads\ReimageRepair.exe
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\ProgramData\17759028420720109425
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\Program Files (x86)\UoniDealsse
2015-03-04 17:56 - 2015-03-04 17:56 - 00000000 ____D () C:\ProgramData\ldpmlmfnhgbcajiimjjjfngfpdbebaeo
2015-03-04 17:56 - 2015-03-04 17:56 - 00000000 ____D () C:\ProgramData\{57c9a148-af72-f6a4-57c9-9a148af78522}
Task: {8242543C-5263-4D4A-A6D7-E1AF9952E053} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {94943426-F2B7-4EE2-AFB7-5E4B821C51A9} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end

Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

 

Next

Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Post that log.

 

In your next reply post for me:
1- Fixlog.txt, will be located on the desktop when the FRST fix is complete.
2- Malwarebytes log.

 

Joe


  • 0

Advertisements


#11
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2015 01
Ran by MasTeR J at 2015-03-05 21:41:23 Run:1
Running from C:\Users\MasTeR J\Desktop
Loaded Profiles: MasTeR J (Available profiles: MasTeR J)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\...\Policies\Explorer: [HideSCAHealth] 1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.swe...&cc=US&unqvl=84
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.swe...&cc=US&unqvl=84
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://my.screennam...aol.com&lang=en
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKU\S-1-5-21-1219521171-3291892493-1830592222-1000 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
SearchScopes: HKU\S-1-5-21-1219521171-3291892493-1830592222-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.swe...&cc=US&unqvl=84
BHO: UoniDealsse -> {3977b363-8aa7-442a-9662-5643894c564c} -> C:\Program Files (x86)\UoniDealsse\FRlNPJu7Cg3wW3.x64.dll ()
BHO: youtubeadblocker -> {db827244-307b-48d0-bc73-bc7f3ddc4f89} -> C:\Program Files (x86)\youtubeadblocker\cdJB6K3YBUfjge.x64.dll ()
BHO-x32: UoniDealsse -> {3977b363-8aa7-442a-9662-5643894c564c} -> C:\Program Files (x86)\UoniDealsse\FRlNPJu7Cg3wW3.dll ()
BHO-x32: youtubeadblocker -> {db827244-307b-48d0-bc73-bc7f3ddc4f89} -> C:\Program Files (x86)\youtubeadblocker\cdJB6K3YBUfjge.dll ()
FF SelectedSearchEngine: WebSearch
FF Homepage: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84
FF SearchEngineOrder.1: WebSearch
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF DefaultSearchEngine,S: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Keyword.URL: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=
FF DefaultSearchUrl: hxxp://websearch.swellsearch.info/?pid=2606&r=2015/03/04&hid=536281534437259842&lg=EN&cc=US&unqvl=84&l=1&q=
CHR dev: Chrome dev build detected! <======= ATTENTION
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 Cam3820; System32\Drivers\cam3820a.sys [X]
S3 cpuz130; \??\C:\Users\MASTER~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
R3 cpuz134; \??\C:\Users\MASTER~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
2015-03-04 22:59 - 2015-03-04 23:47 - 00000000 ____D () C:\Program Files\Reimage
2015-03-04 22:58 - 2015-03-04 23:33 - 00000165 _____ () C:\Windows\Reimage.ini
2015-03-04 22:58 - 2015-03-04 22:58 - 00784904 _____ (Reimage®) C:\Users\MasTeR J\Downloads\ReimageRepair.exe
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\ProgramData\17759028420720109425
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker
2015-03-04 17:57 - 2015-03-04 17:57 - 00000000 ____D () C:\Program Files (x86)\UoniDealsse
2015-03-04 17:56 - 2015-03-04 17:56 - 00000000 ____D () C:\ProgramData\ldpmlmfnhgbcajiimjjjfngfpdbebaeo
2015-03-04 17:56 - 2015-03-04 17:56 - 00000000 ____D () C:\ProgramData\{57c9a148-af72-f6a4-57c9-9a148af78522}
Task: {8242543C-5263-4D4A-A6D7-E1AF9952E053} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {94943426-F2B7-4EE2-AFB7-5E4B821C51A9} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully.
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. 
HKCR\Wow6432Node\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. 
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-1219521171-3291892493-1830592222-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. 
HKCR\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3977b363-8aa7-442a-9662-5643894c564c} => Key not found. 
HKCR\CLSID\{3977b363-8aa7-442a-9662-5643894c564c} => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db827244-307b-48d0-bc73-bc7f3ddc4f89} => Key not found. 
HKCR\CLSID\{db827244-307b-48d0-bc73-bc7f3ddc4f89} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3977b363-8aa7-442a-9662-5643894c564c} => Key not found. 
HKCR\Wow6432Node\CLSID\{3977b363-8aa7-442a-9662-5643894c564c} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db827244-307b-48d0-bc73-bc7f3ddc4f89} => Key not found. 
HKCR\Wow6432Node\CLSID\{db827244-307b-48d0-bc73-bc7f3ddc4f89} => Key not found. 
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1,S deleted successfully.
Firefox DefaultSearchEngine,S deleted successfully.
Firefox SelectedSearchEngine,S deleted successfully.
Firefox Keyword.URL deleted successfully.
Firefox DefaultSearchUrl deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
gupdate => Service deleted successfully.
gupdatem => Service deleted successfully.
Cam3820 => Service deleted successfully.
cpuz130 => Service deleted successfully.
cpuz134 => Service deleted successfully.
lmimirr => Service deleted successfully.
"C:\Program Files\Reimage" => File/Directory not found.
"C:\Windows\Reimage.ini" => File/Directory not found.
C:\Users\MasTeR J\Downloads\ReimageRepair.exe => Moved successfully.
"C:\ProgramData\17759028420720109425" => File/Directory not found.
"C:\Program Files (x86)\youtubeadblocker" => File/Directory not found.
"C:\Program Files (x86)\UoniDealsse" => File/Directory not found.
"C:\ProgramData\ldpmlmfnhgbcajiimjjjfngfpdbebaeo" => File/Directory not found.
C:\ProgramData\{57c9a148-af72-f6a4-57c9-9a148af78522} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8242543C-5263-4D4A-A6D7-E1AF9952E053} => Key not found. 
C:\Windows\System32\Tasks\ProPCCleaner_Start not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94943426-F2B7-4EE2-AFB7-5E4B821C51A9} => Key not found. 
C:\Windows\System32\Tasks\ProPCCleaner_Popup not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup => Key not found. 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.2 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 21:42:32 ====

  • 0

#12
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

i finished the final scan i just cant find how to get to the log to send it to you 


  • 0

#13
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
No problem.

Most users have an issue with it,

Try this way:
  • open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

  • 0

#14
drxsprinkles

drxsprinkles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/5/2015
Scan Time: 9:51:16 PM
Logfile: malware.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.03.06.01
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MasTeR J
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 434922
Time Elapsed: 31 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 1
PUP.Optional.Unizeto, C:\FRST\Quarantine\C\ProgramData\{57c9a148-af72-f6a4-57c9-9a148af78522}\All Day - Kanye West ( CDQ ) feat - Allan Kingdom & Theophilus London New kanye west.exe, 2104, Delete-on-Reboot, [b3f6f131414991a5f6bf65c89b671ae6]
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}, Quarantined, [c3e68e94e5a5cc6ad419c26a30d201ff], 
PUP.Optional.SweetIM.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, Quarantined, [c8e10121c3c77cbafbada708fc07ec14], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 5
PUP.Optional.Unizeto, C:\FRST\Quarantine\C\ProgramData\{57c9a148-af72-f6a4-57c9-9a148af78522}\All Day - Kanye West ( CDQ ) feat - Allan Kingdom & Theophilus London New kanye west.exe, Delete-on-Reboot, [b3f6f131414991a5f6bf65c89b671ae6], 
PUP.Optional.Multiplug, C:\Program Files (x86)\ClickNRead\ClickNRead.dll, Quarantined, [7039df4328622d09ea5554d8d230b34d], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Tab Shutter\Tab Shutter.exe, Quarantined, [c3e68e94e5a5cc6ad419c26a30d201ff], 
PUP.Optional.Bundler, C:\Users\MasTeR J\Downloads\Hot Nigga by Bobby Shmurda [Prod by @JahlilBeats] Dir. @MainEFeTTi.mp3.exe, Quarantined, [406992901278fb3bee1b972c12f3837d], 
PUP.Optional.Unizeto, C:\Users\MasTeR J\Downloads\All Day - Kanye West ( CDQ ) feat - Allan Kingdom & Theophilus London New kanye west.exe, Quarantined, [5e4b5cc6f892a78fe6cfca63be445ba5], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#15
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Thanks for that log,

How is the computer running, if any issues what browser ?

Need to log off for 1 hour aprox.

Thanks
Joe :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP