Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Website Hijacker, General slowness [Closed]


  • This topic is locked This topic is locked

#1
ShyneB

ShyneB

    New Member

  • Member
  • Pip
  • 3 posts

Hi.  My PC has a hijacker on it.  I've done some malware steps listed in your how to forum but the problem still exists....Also the net drops out often and the PC is generally much slower than normal.  

 

Here are a copy of my logs.

Thank you in advance!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by MistyIsland (administrator) on MISTYISLAND-PC on 13-03-2015 20:50:17
Running from C:\Users\MistyIsland\Desktop
Loaded Profiles: MistyIsland (Available profiles: MistyIsland)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\ouc.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(Realtek) C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Akamai Technologies, Inc.) C:\Users\MistyIsland\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\MistyIsland\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Logitech) C:\Program Files (x86)\Logitech\H800\H800.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(APN LLC.) C:\Users\MistyIsland\AppData\Local\VNT\vntldr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\MistyIsland\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1934744 2015-01-28] (APN)
HKLM-x32\...\Run: [Logitech H800] => C:\Program Files (x86)\Logitech\H800\H800.exe [273432 2011-07-29] (Logitech)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-08-23] (APN LLC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\Run: [Google Update] => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-13] (Google Inc.)
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\Run: [Akamai NetSession Interface] => C:\Users\MistyIsland\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\MountPoints2: {678460df-d21d-11e3-8f8f-94de8027c579} - F:\AutoRun.exe
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\MountPoints2: {678460ec-d21d-11e3-8f8f-94de8027c579} - F:\AutoRun.exe
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\MountPoints2: {8ca5d79d-d083-11e2-9d01-806e6f6e6963} - Y:\Setup.exe
IFEO\bbqleads.exe: [Debugger] TaskList.exe
IFEO\bbqleadsapplication.exe: [Debugger] TaskList.exe
IFEO\bbqleadsservice.exe: [Debugger] TaskList.exe
IFEO\bbqquotes.exe: [Debugger] TaskList.exe
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\donutleads.exe: [Debugger] TaskList.exe
IFEO\donutquotes.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\pastaleads.exe: [Debugger] TaskList.exe
IFEO\pastaquotes.exe: [Debugger] TaskList.exe
IFEO\theanswerfinder.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\MistyIsland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-2326034556-3691545475-2990337801-1000] => http=127.0.0.1:49313;https=127.0.0.1:49313
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
DPF: HKLM-x32 {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} https://portalsrvs.d...,2012,1109,1356
DPF: HKLM-x32 {45B69029-F3AB-4204-92DE-D5140C3E8E74} https://portalsrvs.d...,2012,1109,1410
DPF: HKLM-x32 {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://portalsrvs.d...,2012,1109,1409
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{DFF43AF2-79CD-4B22-8CA1-E87B770226A0}: [NameServer]  
Tcpip\..\Interfaces\{FD7A32AF-5B7A-476B-B456-A5B202FAF51E}: [NameServer]  
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-06] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2326034556-3691545475-2990337801-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\MistyIsland\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google)
FF Plugin HKU\S-1-5-21-2326034556-3691545475-2990337801-1000: @talk.google.com/O1DPlugin -> C:\Users\MistyIsland\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-10-29] (Google)
FF Plugin HKU\S-1-5-21-2326034556-3691545475-2990337801-1000: @tools.google.com/Google Update;version=3 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2326034556-3691545475-2990337801-1000: @tools.google.com/Google Update;version=9 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\MistyIsland\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\MistyIsland\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-10-29] (Google)
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchKeyword: Default -> 3ABE292AADE855BDACCB18657AA5937D907A651FA0B3DC80692D6B457C025BBE
CHR DefaultSearchURL: Default -> 865A05D7ABC62A38F84311E3E461D28F5EC70FDD34B4C3302C4E6E91B0115FC2
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-08]
CHR Extension: (Google Drive) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-08]
CHR Extension: (Google Search) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-08]
CHR Extension: (toPbuyyeer) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\eolehbfpbifgcohgpiiebdgmphkgaddb [2015-01-12]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-09-23]
CHR Extension: (Google Wallet) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Gmail) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-08]
CHR Extension: (Search Slate) - C:\Users\MistyIsland\AppData\Local\Google\Chrome\User Data\Default\Extensions\poahfhjpeiaonjhbljfgnlllpdbnilon [2015-01-30]
CHR HKLM\...\Chrome\Extension: [nenmginbkicadaakopinjeahdnejgffp] - C:\ProgramData\AskPartnerNetwork\Toolbar\MP3RV7C\CRX\ToolbarCR.crx [2015-02-11]
CHR HKLM-x32\...\Chrome\Extension: [nenmginbkicadaakopinjeahdnejgffp] - C:\ProgramData\AskPartnerNetwork\Toolbar\MP3RV7C\CRX\ToolbarCR.crx [2015-02-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-28] (APN LLC.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-17] (NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-15] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [525312 2013-02-27] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-17] (NVIDIA Corporation)
S2 Optus Mobile Broadband. RunOuc; C:\Program Files (x86)\Optus Mobile Broadband\UpdateDog\ouc.exe [655744 2012-06-28] ()
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 Realtek87B; C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-06-06] (Huawei Technologies Co., Ltd.)
R3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2013-02-27] (Windows ® Win 7 DDK provider)
R3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-27] (Windows ® Win 7 DDK provider)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-10-17] (NVIDIA Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-13 20:50 - 2015-03-13 20:50 - 00025248 _____ () C:\Users\MistyIsland\Desktop\FRST.txt
2015-03-13 20:49 - 2015-03-13 20:50 - 00000000 ____D () C:\FRST
2015-03-13 20:48 - 2015-03-13 20:49 - 02095616 _____ (Farbar) C:\Users\MistyIsland\Desktop\FRST64.exe
2015-03-12 17:05 - 2015-03-12 17:05 - 00080146 _____ () C:\Users\MistyIsland\Downloads\644245_10151487442953784_298662511_n.jpeg
2015-03-12 17:05 - 2015-03-12 17:05 - 00080146 _____ () C:\Users\MistyIsland\Downloads\644245_10151487442953784_298662511_n (1).jpeg
2015-03-11 09:52 - 2015-02-20 15:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 09:52 - 2015-02-20 15:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 09:52 - 2015-02-20 15:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 09:52 - 2015-02-20 15:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 09:52 - 2015-02-20 15:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 09:52 - 2015-02-20 15:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 09:52 - 2015-02-20 15:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 09:52 - 2015-02-20 15:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 09:52 - 2015-02-20 14:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 09:52 - 2015-02-20 14:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 09:52 - 2015-02-03 14:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 09:52 - 2015-02-03 14:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 09:52 - 2015-02-03 14:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 09:52 - 2015-02-03 14:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 09:52 - 2015-02-03 14:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 09:52 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 09:52 - 2015-02-03 14:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 09:52 - 2015-02-03 14:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 09:52 - 2015-02-03 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 09:52 - 2015-02-03 14:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 09:52 - 2015-02-03 14:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 09:52 - 2015-02-03 14:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 09:52 - 2015-02-03 14:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 09:52 - 2015-02-03 14:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 09:52 - 2015-02-03 14:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 09:52 - 2015-02-03 14:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 09:52 - 2015-02-03 14:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 09:52 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 09:52 - 2015-02-03 14:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 09:52 - 2015-02-03 14:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 09:52 - 2015-02-03 14:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 09:52 - 2015-02-03 14:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 09:52 - 2015-02-03 14:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 09:52 - 2015-02-03 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 09:52 - 2015-02-03 13:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 09:52 - 2014-11-01 09:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 09:51 - 2015-03-06 16:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 09:51 - 2015-03-06 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 09:51 - 2015-03-06 16:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 09:51 - 2015-03-06 16:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 09:51 - 2015-03-06 16:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 09:51 - 2015-03-06 16:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 09:51 - 2015-03-06 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 09:51 - 2015-03-06 16:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 09:51 - 2015-03-06 16:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 09:51 - 2015-03-06 16:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 09:51 - 2015-03-06 16:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 09:51 - 2015-03-06 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 09:51 - 2015-03-06 16:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 09:51 - 2015-03-06 16:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 09:51 - 2015-03-06 16:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 09:51 - 2015-02-26 14:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 09:51 - 2015-02-24 14:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 09:51 - 2015-02-24 13:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 09:51 - 2015-02-21 12:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 09:51 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 09:51 - 2015-02-21 11:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 09:51 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 09:51 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 09:51 - 2015-02-21 10:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 09:51 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 09:51 - 2015-02-20 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 09:51 - 2015-02-20 14:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 09:51 - 2015-02-20 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 09:51 - 2015-02-20 13:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 09:51 - 2015-02-20 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 09:51 - 2015-02-20 13:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 09:51 - 2015-02-20 13:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 09:51 - 2015-02-20 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 09:51 - 2015-02-20 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 09:51 - 2015-02-20 13:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 09:51 - 2015-02-20 13:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 09:51 - 2015-02-20 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 09:51 - 2015-02-20 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 09:51 - 2015-02-20 13:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 09:51 - 2015-02-20 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 09:51 - 2015-02-20 13:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 09:51 - 2015-02-20 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 09:51 - 2015-02-20 13:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 09:51 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 09:51 - 2015-02-20 13:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 09:51 - 2015-02-20 13:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 09:51 - 2015-02-20 13:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 09:51 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 09:51 - 2015-02-20 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 09:51 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 09:51 - 2015-02-20 13:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 09:51 - 2015-02-20 13:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 09:51 - 2015-02-20 12:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 09:51 - 2015-02-20 12:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 09:51 - 2015-02-20 12:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 09:51 - 2015-02-20 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 09:51 - 2015-02-20 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 09:51 - 2015-02-20 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 09:51 - 2015-02-20 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 09:51 - 2015-02-20 12:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 09:51 - 2015-02-20 12:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 09:51 - 2015-02-20 12:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 09:51 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 09:51 - 2015-02-20 12:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 09:51 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 09:51 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 09:51 - 2015-02-20 12:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 09:51 - 2015-02-20 12:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 09:51 - 2015-02-20 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 09:51 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 09:51 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 09:51 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 09:51 - 2015-02-13 16:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 09:51 - 2015-02-13 16:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 09:51 - 2015-02-04 14:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 09:51 - 2015-02-04 13:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 09:51 - 2015-02-03 14:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 09:51 - 2015-02-03 14:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 09:51 - 2015-02-03 14:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 09:51 - 2015-02-03 14:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 09:51 - 2015-01-31 14:48 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 09:51 - 2015-01-31 14:05 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 09:51 - 2015-01-31 14:04 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 09:51 - 2015-01-31 10:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 09:51 - 2015-01-17 13:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 09:51 - 2015-01-17 13:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-04 09:44 - 2015-01-09 14:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-04 09:44 - 2015-01-09 14:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-04 09:44 - 2015-01-09 14:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-04 09:44 - 2015-01-09 13:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 21:47 - 2015-03-03 21:50 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\MistyIsland\Desktop\tdsskiller.exe
2015-03-03 21:45 - 2015-03-03 21:45 - 00000330 _____ () C:\Users\MistyIsland\Desktop\GooredFix.txt
2015-03-03 21:45 - 2015-03-03 21:45 - 00000000 ____D () C:\Users\MistyIsland\Desktop\GooredFix Backups
2015-03-03 21:41 - 2015-03-03 21:41 - 00887594 _____ () C:\Users\MistyIsland\Downloads\Unconfirmed 650045.crdownload
2015-03-03 21:39 - 2015-03-03 21:39 - 00071398 _____ (jpshortstuff) C:\Users\MistyIsland\Desktop\GooredFix.exe
2015-03-03 21:38 - 2015-03-03 21:38 - 00000000 ____D () C:\_OTM
2015-03-03 21:35 - 2015-03-03 21:35 - 00522240 _____ (OldTimer Tools) C:\Users\MistyIsland\Desktop\OTM.exe
2015-03-03 20:08 - 2015-03-03 20:08 - 00017857 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]better.call.saul.s01e05.hdtv.x264.lol.ettv.torrent
2015-03-02 20:15 - 2015-03-02 20:15 - 00037039 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]banshee.s03e08.hdtv.x264.killers.ettv.torrent
2015-03-02 20:13 - 2015-03-02 20:13 - 00037333 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]the.walking.dead.s05e12.hdtv.x264.killers.ettv.torrent
2015-03-01 19:10 - 2015-02-06 04:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-01 19:09 - 2015-02-06 08:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-01 19:09 - 2015-02-06 08:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-03-01 19:09 - 2015-02-06 08:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-01 19:09 - 2015-02-06 08:01 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-02-28 21:42 - 2014-01-31 13:26 - 00085766 _____ () C:\Users\MistyIsland\Desktop\Typefocus Blogger Template.xml
2015-02-28 21:40 - 2015-02-28 21:41 - 00146531 _____ () C:\Users\MistyIsland\Downloads\Typefocus-Blogger-Template.zip
2015-02-28 21:36 - 2014-09-21 01:13 - 00340673 _____ () C:\Users\MistyIsland\Desktop\Sora Article Free Version.xml
2015-02-28 21:34 - 2015-02-28 21:34 - 00767444 _____ () C:\Users\MistyIsland\Downloads\Sora Article Free Version.rar
2015-02-28 16:59 - 2015-02-28 16:59 - 00014831 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]basic.ab.workout.for.dummies.torrent
2015-02-28 16:53 - 2015-02-28 16:53 - 00013172 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]jessica.smith.10.minute.solution.belly.butt.and.thigh.blasters.torrent
2015-02-26 03:00 - 2015-01-09 10:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 03:00 - 2015-01-09 10:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 20:44 - 2015-02-24 20:44 - 00016505 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]the.walking.dead.s05e10.nl.subs.hdtvx264.mp4.torrent
2015-02-24 20:43 - 2015-02-24 20:43 - 00028737 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]the.walking.dead.s05e11.hdtv.xvid.fum.ettv.torrent
2015-02-24 19:55 - 2015-02-24 19:55 - 00043080 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]banshee.s03e07.hdtv.x264.killers.ettv (1).torrent
2015-02-24 19:54 - 2015-02-24 19:54 - 00043080 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]banshee.s03e07.hdtv.x264.killers.ettv.torrent
2015-02-24 16:29 - 2015-02-24 16:30 - 00021195 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]better.call.saul.s01e04.hdtv.x264.lol.ettv.torrent
2015-02-23 18:12 - 2015-02-23 18:13 - 00000000 ____D () C:\Users\MistyIsland\Documents\maya
2015-02-23 18:12 - 2015-02-23 18:12 - 00000000 ____D () C:\Users\MistyIsland\AppData\Local\Autodesk
2015-02-23 18:12 - 2015-02-23 18:12 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-02-23 18:09 - 2015-02-23 18:09 - 00000000 ____D () C:\Users\MistyIsland\Documents\Inventor Server x64 Direct Connect
2015-02-23 18:02 - 2015-02-23 18:02 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-02-23 17:54 - 2015-02-23 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-02-23 17:54 - 2015-02-23 17:54 - 00001792 _____ () C:\Users\Public\Desktop\Autodesk Maya 2013 64-bit.lnk
2015-02-23 17:54 - 2015-02-23 17:54 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-02-23 17:53 - 2015-02-23 18:09 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-02-23 17:53 - 2015-02-23 18:01 - 00000000 ____D () C:\Program Files\Autodesk
2015-02-23 17:43 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-02-23 17:43 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-02-23 17:43 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-02-23 17:43 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-02-23 17:43 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-02-23 17:37 - 2015-02-23 18:13 - 00000000 ____D () C:\Users\MistyIsland\AppData\Roaming\Autodesk
2015-02-23 17:37 - 2015-02-23 18:13 - 00000000 ____D () C:\ProgramData\Autodesk
2015-02-23 17:35 - 2015-02-23 17:36 - 00000000 ____D () C:\Users\MistyIsland\AppData\Local\Akamai
2015-02-23 17:35 - 2015-02-23 17:35 - 00000000 ____D () C:\Autodesk
2015-02-23 17:34 - 2015-02-23 17:35 - 15325800 _____ () C:\Users\MistyIsland\Downloads\Autodesk_Maya_2013_English_Japanese_SimplifiedChinese_Win_en-US_Setup1.exe
2015-02-20 20:36 - 2015-02-20 20:36 - 00038871 _____ () C:\Users\MistyIsland\Downloads\[kickass.to]better.call.saul.s01e03.720p.web.dl.reenc.qaac.x264.xred.torrent
2015-02-17 15:26 - 2015-02-17 15:26 - 01217184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-02-16 19:31 - 2015-03-12 03:02 - 00000000 ____D () C:\Program Files (x86)\TicTTaCCoupoN
2015-02-16 19:31 - 2015-02-16 19:31 - 00000000 ____D () C:\Program Files (x86)\FoxFilter  The content filter
2015-02-11 14:16 - 2015-02-04 14:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:16 - 2015-02-04 14:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:16 - 2015-02-04 14:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:16 - 2015-02-04 14:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:16 - 2015-02-04 14:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:16 - 2015-02-04 14:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:16 - 2015-02-04 14:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:16 - 2015-01-28 10:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:15 - 2014-12-08 14:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:15 - 2014-12-08 13:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:15 - 2014-11-26 14:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:15 - 2014-11-26 14:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:15 - 2014-10-04 13:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:15 - 2014-10-04 12:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:15 - 2014-10-04 12:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-13 20:35 - 2013-09-02 22:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-13 20:13 - 2013-09-13 16:04 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA.job
2015-03-13 20:13 - 2013-09-13 16:04 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core.job
2015-03-13 19:58 - 2013-06-08 17:20 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 17:58 - 2013-06-08 17:20 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-13 13:15 - 2013-06-17 22:23 - 00000000 ____D () C:\Users\MistyIsland\AppData\Roaming\Skype
2015-03-13 13:15 - 2013-06-08 15:48 - 02062242 _____ () C:\Windows\WindowsUpdate.log
2015-03-13 10:36 - 2014-12-12 20:57 - 00000000 ____D () C:\Users\MistyIsland\AppData\Local\FirestormOS_x64
2015-03-13 03:01 - 2014-02-27 03:01 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-13 03:01 - 2009-07-14 16:13 - 00766336 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-12 09:54 - 2015-02-03 21:37 - 00000020 _____ () C:\Users\MistyIsland\AppData\Roaming\appdataFr3.bin
2015-03-12 09:54 - 2009-07-14 16:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 03:48 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 03:28 - 2009-07-14 15:45 - 00026368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-12 03:28 - 2009-07-14 15:45 - 00026368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-12 03:23 - 2009-07-14 15:51 - 00119922 _____ () C:\Windows\setupact.log
2015-03-12 03:22 - 2013-06-08 17:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-12 03:22 - 2010-11-21 14:47 - 00211170 _____ () C:\Windows\PFRO.log
2015-03-12 03:22 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-12 03:22 - 2009-07-14 15:45 - 04984536 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 03:22 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 03:22 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 03:07 - 2013-10-07 12:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 03:07 - 2009-07-14 13:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-12 03:04 - 2013-08-16 04:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:02 - 2015-01-30 12:37 - 00000000 ____D () C:\Program Files (x86)\AppptooU
2015-03-12 03:01 - 2013-06-10 08:55 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-07 23:21 - 2014-11-19 20:30 - 00000000 ____D () C:\Users\MistyIsland\AppData\Roaming\vlc
2015-03-07 23:17 - 2011-04-12 19:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-06 21:02 - 2013-06-14 21:21 - 00000132 _____ () C:\Users\MistyIsland\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-05 10:56 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\tracing
2015-03-04 00:17 - 2010-11-21 14:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-03 20:30 - 2013-06-08 17:18 - 00000000 ____D () C:\Users\MistyIsland\AppData\Roaming\Azureus
2015-03-02 13:23 - 2014-10-16 15:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-02 13:23 - 2013-12-27 14:24 - 00000000 ____D () C:\Program Files\Java
2015-03-02 13:23 - 2013-12-27 14:22 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-02 13:22 - 2014-10-16 15:40 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-03-02 13:22 - 2014-10-16 15:40 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-03-02 13:22 - 2014-10-16 15:40 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-03-02 13:22 - 2014-10-16 15:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-02 13:22 - 2013-12-27 14:24 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-02 13:22 - 2013-12-27 14:24 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-02 13:22 - 2013-12-27 14:24 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-02 13:22 - 2013-12-27 14:24 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-01 19:10 - 2013-06-08 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-28 22:01 - 2013-10-07 12:39 - 00000000 ____D () C:\Users\MistyIsland\Documents\Outlook Files
2015-02-28 17:28 - 2013-12-28 17:04 - 00000000 ____D () C:\Users\MistyIsland\Incomplete
2015-02-28 17:20 - 2013-12-28 17:04 - 00000000 ____D () C:\Users\MistyIsland\AppData\Roaming\MP3Rocket
2015-02-28 16:54 - 2014-09-30 19:36 - 00000000 ____D () C:\Program Files\Vuze
2015-02-26 11:44 - 2014-09-20 12:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-26 11:44 - 2013-06-17 22:23 - 00000000 ____D () C:\ProgramData\Skype
2015-02-23 17:42 - 2013-08-31 23:17 - 00028710 _____ () C:\Windows\DirectX.log
2015-02-19 13:07 - 2015-02-05 13:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-18 11:18 - 2015-01-11 16:20 - 00000000 ____D () C:\Program Files (x86)\SegmentEnhancer
2015-02-16 19:31 - 2015-01-30 12:37 - 00000000 ____D () C:\ProgramData\6674903336613869751
2015-02-12 17:11 - 2014-11-24 12:12 - 00000000 ____D () C:\Users\MistyIsland\Desktop\House Stuff
2015-02-12 13:21 - 2014-01-10 18:09 - 00000000 ____D () C:\Program Files (x86)\VNT
2015-02-12 03:20 - 2014-12-11 03:19 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:20 - 2014-05-06 20:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 03:20 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-12 03:03 - 2013-06-11 19:55 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-02-12 03:03 - 2013-06-11 19:54 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 03:03 - 2013-06-11 19:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 03:03 - 2013-06-11 19:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
 
==================== Files in the root of some directories =======
 
2013-06-14 21:21 - 2015-03-06 21:02 - 0000132 _____ () C:\Users\MistyIsland\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-13 11:53 - 2014-01-01 11:38 - 0000132 _____ () C:\Users\MistyIsland\AppData\Roaming\Adobe Targa Format CS5 Prefs
2015-02-03 21:37 - 2015-03-12 09:54 - 0000020 _____ () C:\Users\MistyIsland\AppData\Roaming\appdataFr3.bin
2014-12-05 20:00 - 2014-12-05 20:01 - 0000270 _____ () C:\Users\MistyIsland\AppData\Roaming\settings.xml
2013-10-01 20:45 - 2013-10-03 22:26 - 0001456 _____ () C:\Users\MistyIsland\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-09-24 18:53 - 2015-01-12 15:46 - 0014848 _____ () C:\Users\MistyIsland\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-10 11:39 - 2014-01-10 11:39 - 0000017 _____ () C:\Users\MistyIsland\AppData\Local\resmon.resmoncfg
2014-11-10 19:44 - 2014-11-10 19:44 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-01-10 12:22 - 2014-01-10 12:22 - 0005033 _____ () C:\ProgramData\mtbjfghn.xbe
 
Some content of TEMP:
====================
C:\Users\MistyIsland\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-05 18:55
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by MistyIsland at 2015-03-13 20:50:45
Running from C:\Users\MistyIsland\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMIP (remove only) (HKLM-x32\...\AMIP) (Version:  - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{4D503352-5637-4300-76A7-A758B70C1801}) (Version: 12.24.1.359 - APN, LLC) <==== ATTENTION
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit (HKLM\...\Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit) (Version:  - Autodesk)
Autodesk MatchMover 2013 64-bit (HKLM\...\{5B77A046-DAD6-4F19-A8B9-4E5B3EAD2C24}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)
Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden
BIG-IP Edge Client Components (All Users) (HKLM-x32\...\F5 Networks Client Components) (Version: 70.2012.1109.1410 - F5 Networks, Inc.)
Blender (HKLM\...\Blender) (Version: 2.67b - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Carambis Driver Updater (HKLM-x32\...\Driver Updater) (Version: 2.0.0.6004 - MEDIA FOG LTD)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
ExodusViewerBeta (remove only) (HKLM-x32\...\ExodusViewerBeta) (Version:  - )
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
Firestorm SecondLife and OpenSim viewer (Version: 4.6.42974 - Phoenix Viewer Project) Hidden
Firestorm-Releasex64 x64 (HKLM-x32\...\{4e154806-de7a-4300-b61e-bc0c3a4c5b43}) (Version: 4.6.42974 - Phoenix Firestorm Project Inc)
Free MP4 To AVI Converter (HKLM-x32\...\{40803B44-2D66-4981-83F5-8CEE8193F308}) (Version: 1.0.0 - convertaudiofree)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{C9064E5C-D5AB-4EEB-86A6-50756901038A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KinoniDrivers 2.8.1 (HKLM-x32\...\KinoniDrivers) (Version: 2.8.1 - Kinoni)
Logitech H800 (HKLM\...\{7DE24FDD-A655-4AB7-A877-7236B91A9675}) (Version: 1.0.034 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 6.4.8 - MP3 Rocket Inc)
MPEG Video Wizard DVD 5.0.1.105 (12/2012) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.105 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.1.105 (12/2012) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.1.105 (12/2012) - Womble Multimedia, Inc.)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Optus Mobile Broadband (HKLM-x32\...\Optus Mobile Broadband) (Version: 23.009.05.00.74 - Huawei Technologies Co.,Ltd)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - )
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0175 - REALTEK Semiconductor Corp.)
Red Light Center 3D Client (HKLM-x32\...\Red Light Center 3D Client) (Version: 1.9.4745 - Utherverse Digital Inc)
SAM Broadcaster (remove only) (HKLM-x32\...\SAM3) (Version:  - )
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
saveitkeEpp. (HKLM-x32\...\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}) (Version:  - "") <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programs\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
12-03-2015 03:00:18 Windows Update
13-03-2015 03:00:10 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 13:34 - 2015-03-03 21:38 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {010B7CDC-4CF3-49BA-9825-34854053BD61} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {0C6497DE-7754-4AC1-8E12-8153789EA77E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {1ADE84FF-F79F-4443-AFF9-67C380E95F67} - System32\Tasks\{0F7F3742-759B-4A82-8922-04369C3C7496} => C:\Users\MistyIsland\Downloads\cuva-Admin-fmr.2-3-1\CiscoVTCameraDriverSetup.exe
Task: {1D2D8919-A9CF-4FE5-8140-F5ED954A9A47} - System32\Tasks\AdobeAAMUpdater-1.0-MistyIsland-PC-MistyIsland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {22A96D72-22B7-4855-83F6-B6DCD8FA9DA6} - System32\Tasks\RunTool => C:\Users\MistyIsland\AppData\Local\41e9fc42-c759-432e-9f73-d78ab97ce189\sysad.exe [2015-02-05] ()
Task: {29DFFAD3-5B83-4945-8901-2B5B320BD045} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {4986C849-23DB-4EDF-AEDD-A5AE07CFE3AC} - System32\Tasks\{506009A9-1B9B-46B1-82DB-C61B5D9967EF} => C:\Users\MistyIsland\Downloads\cuva-Admin-fmr.2-3-1\CiscoVTCameraDriverSetup.exe
Task: {575FD78A-F804-4842-A7C8-68BCBA4BBC12} - System32\Tasks\{8896EDBB-52AC-469B-8A14-D4A9D4A1892F} => msiexec.exe /package "C:\Users\MistyIsland\Downloads\cuva-Admin-fmr.2-3-1\CiscoVTCameraDriverSetup.msi"
Task: {610D9BDF-016E-477E-A94B-C31862989734} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C05C2FA-8FE5-48D3-A6CA-864E09139D73} - System32\Tasks\{82A5D007-FCD5-4578-B813-71D0E501D87B} => C:\Users\MistyIsland\Downloads\cuva-Admin-fmr.2-3-1\CiscoVTCameraDriverSetup.exe
Task: {86529FEC-CDCF-4CDF-A7E8-AA2B9A4BAC19} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {88F35AB3-FDA4-467A-A6CC-1F113CBF210A} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {8FAD1ECB-E948-447B-9932-EA834BAAC246} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A020CFEC-1EF5-43CA-9117-CDD0FF2D2DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {A147B805-9CDE-4DDC-AE36-CBD0B6E22DE6} - \RocketTab No Task File <==== ATTENTION
Task: {A481EF63-84A7-41DA-AB15-11EE9DA45C1B} - System32\Tasks\{1C7BF2F7-4FE4-4427-9B99-EE7B8959C719} => C:\Users\MistyIsland\Downloads\cuva-Admin-fmr.2-3-1\CiscoVTCameraDriverSetup.exe
Task: {E6CC2F65-FE4B-4C9D-BF13-352B1C98661D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {EAA0EDDC-76C5-425C-A547-E58FF8A99540} - System32\Tasks\{BA61AEFF-9212-4D8A-80B2-38551DE45B5B} => C:\Users\MistyIsland\Downloads\cuva-Admin-fmr.2-3-1\CiscoVTCameraDriverSetup.exe
Task: {FDB7AA69-466C-480D-B05D-CF2E271D2E11} - System32\Tasks\{C5F1F188-98E4-4219-B2BE-3782D09BC62F} => C:\Users\MistyIsland\Downloads\cuva-Admin-fmr.2-3-1\CiscoVTCameraDriverSetup.exe
Task: {FF2EBB7E-62A7-4416-A51D-4BEE076E76B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core.job => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA.job => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2011-03-15 02:27 - 2011-03-15 02:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-02-27 02:34 - 2013-02-27 02:34 - 00525312 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
2014-05-03 14:27 - 2012-06-28 13:46 - 00655744 _____ () C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\ouc.exe
2013-06-08 17:00 - 2015-02-06 06:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-01-10 12:25 - 2012-08-09 21:55 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-01-10 12:25 - 2012-08-09 21:55 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-07-31 13:16 - 2014-07-31 13:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 13:16 - 2014-07-31 13:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-01-24 00:06 - 2013-01-24 00:06 - 00147456 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\avutil-51.dll
2013-01-24 00:06 - 2013-01-24 00:06 - 03703808 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\avcodec-53.dll
2013-01-24 00:06 - 2013-01-24 00:06 - 00224256 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\swscale-0.dll
2014-05-03 14:27 - 2009-01-10 21:32 - 00011362 _____ () C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\mingwm10.dll
2014-05-03 14:27 - 2009-06-23 05:42 - 00043008 _____ () C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\libgcc_s_dw2-1.dll
2014-05-03 14:27 - 2010-07-23 15:58 - 02415104 _____ () C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\QtCore4.dll
2014-05-03 14:27 - 2010-02-11 01:10 - 01148416 _____ () C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\QtNetwork4.dll
2014-05-03 14:27 - 2012-06-28 13:34 - 00843264 _____ () C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\QueryStrategy.dll
2014-05-03 14:27 - 2010-02-11 01:06 - 00398336 _____ () C:\ProgramData\Optus Mobile Broadband\OnlineUpdate\QtXml4.dll
2013-10-29 18:25 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\EnumDevLib.dll
2014-01-10 11:24 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-10-29 18:32 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2013-02-27 02:34 - 2013-02-27 02:34 - 00468480 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\EpocCam.ax
2014-12-13 11:58 - 2014-12-06 12:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 11:58 - 2014-12-06 12:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 11:58 - 2014-12-06 12:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 11:58 - 2014-12-06 12:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-13 11:58 - 2014-12-06 12:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MistyIsland\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.1.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2326034556-3691545475-2990337801-500 - Administrator - Disabled)
Guest (S-1-5-21-2326034556-3691545475-2990337801-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2326034556-3691545475-2990337801-1002 - Limited - Enabled)
MistyIsland (S-1-5-21-2326034556-3691545475-2990337801-1000 - Administrator - Enabled) => C:\Users\MistyIsland
 
==================== Faulty Device Manager Devices =============
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/13/2015 00:15:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/12/2015 03:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (03/12/2015 03:24:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/11/2015 11:39:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/11/2015 10:37:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/11/2015 09:40:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (03/11/2015 09:39:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/10/2015 00:01:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/10/2015 11:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (03/10/2015 11:35:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (03/13/2015 03:32:59 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (03/13/2015 03:32:57 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (03/12/2015 03:32:59 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (03/12/2015 03:32:57 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (03/12/2015 03:24:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Realtek11nSU service.
 
Error: (03/12/2015 03:23:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Optus Mobile Broadband. OUC service failed to start due to the following error: 
%%1053
 
Error: (03/12/2015 03:23:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Optus Mobile Broadband. OUC service to connect.
 
Error: (03/12/2015 03:23:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect.
 
Error: (03/11/2015 09:47:33 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (03/11/2015 09:47:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
 
Microsoft Office Sessions:
=========================
Error: (03/13/2015 00:15:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (03/12/2015 03:25:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (03/12/2015 03:24:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/11/2015 11:39:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (03/11/2015 10:37:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (03/11/2015 09:40:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (03/11/2015 09:39:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/10/2015 00:01:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (03/10/2015 11:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (03/10/2015 11:35:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 41%
Total physical RAM: 8153.11 MB
Available physical RAM: 4802.06 MB
Total Pagefile: 18151.3 MB
Available Pagefile: 12122.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.69 GB) (Free:15.49 GB) NTFS
Drive d: (DataDrive) (Fixed) (Total:1863.01 GB) (Free:1624.74 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (S3A7731D004) (Fixed) (Total:359.04 GB) (Free:223.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive y: (HP DJ1510) (CDROM) (Total:0.37 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 81203A10)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 54E716E6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 372.6 GB) (Disk ID: 6E2C536C)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=359 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.1 GB) - (Type=17)
 
==================== End Of Log ============================

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi we need to uninstall Chrome, you can re-install on completion

Uninstall Chrome
Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.
1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome. Note: When asked about user data or settings you must remove this also so please check the box.

THEN

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

 

CreateRestorePoint:
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-08-23] (APN LLC.)
IFEO\bbqleads.exe: [Debugger] TaskList.exe
IFEO\bbqleadsapplication.exe: [Debugger] TaskList.exe
IFEO\bbqleadsservice.exe: [Debugger] TaskList.exe
IFEO\bbqquotes.exe: [Debugger] TaskList.exe
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\donutleads.exe: [Debugger] TaskList.exe
IFEO\donutquotes.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\pastaleads.exe: [Debugger] TaskList.exe
IFEO\pastaquotes.exe: [Debugger] TaskList.exe
IFEO\theanswerfinder.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1934744 2015-01-28] (APN)
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-08-23] (APN LLC.)
ProxyServer: [S-1-5-21-2326034556-3691545475-2990337801-1000] => http=127.0.0.1:49313;https=127.0.0.1:49313
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-28] (APN LLC.)
S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
2015-02-16 19:31 - 2015-03-12 03:02 - 00000000 ____D () C:\Program Files (x86)\TicTTaCCoupoN
2015-03-13 19:58 - 2013-06-08 17:20 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 17:58 - 2013-06-08 17:20 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-12 03:02 - 2015-01-30 12:37 - 00000000 ____D () C:\Program Files (x86)\AppptooU
2015-02-16 19:31 - 2015-01-30 12:37 - 00000000 ____D () C:\ProgramData\6674903336613869751
2014-01-10 12:22 - 2014-01-10 12:22 - 0005033 _____ () C:\ProgramData\mtbjfghn.xbe
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programs\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {010B7CDC-4CF3-49BA-9825-34854053BD61} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {0C6497DE-7754-4AC1-8E12-8153789EA77E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {22A96D72-22B7-4855-83F6-B6DCD8FA9DA6} - System32\Tasks\RunTool => C:\Users\MistyIsland\AppData\Local\41e9fc42-c759-432e-9f73-d78ab97ce189\sysad.exe [2015-02-05] ()
Task: {29DFFAD3-5B83-4945-8901-2B5B320BD045} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {88F35AB3-FDA4-467A-A6CC-1F113CBF210A} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {A020CFEC-1EF5-43CA-9117-CDD0FF2D2DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {A147B805-9CDE-4DDC-AE36-CBD0B6E22DE6} - \RocketTab No Task File <==== ATTENTION
Task: {E6CC2F65-FE4B-4C9D-BF13-352B1C98661D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core.job => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA.job => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\VNT
C:\Program Files (x86)\Google\Chrome
C:\Users\MistyIsland\AppData\Local\Google\Chrome
c:\Program Files (x86)\Optimizer Pro 3.11
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\AskPartnerNetwork
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

FINALLY

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
ShyneB

ShyneB

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Thank you again for your help!!

 

Here are the logs you asked for...Also Chrome has now been uninstalled.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by MistyIsland at 2015-03-16 19:25:34 Run:1
Running from C:\Users\MistyIsland\Desktop
Loaded Profiles: MistyIsland (Available profiles: MistyIsland)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-08-23] (APN LLC.)
IFEO\bbqleads.exe: [Debugger] TaskList.exe
IFEO\bbqleadsapplication.exe: [Debugger] TaskList.exe
IFEO\bbqleadsservice.exe: [Debugger] TaskList.exe
IFEO\bbqquotes.exe: [Debugger] TaskList.exe
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\donutleads.exe: [Debugger] TaskList.exe
IFEO\donutquotes.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\pastaleads.exe: [Debugger] TaskList.exe
IFEO\pastaquotes.exe: [Debugger] TaskList.exe
IFEO\theanswerfinder.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1934744 2015-01-28] (APN)
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-08-23] (APN LLC.)
ProxyServer: [S-1-5-21-2326034556-3691545475-2990337801-1000] => http=127.0.0.1:49313;https=127.0.0.1:49313
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-28] (APN LLC.)
S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
2015-02-16 19:31 - 2015-03-12 03:02 - 00000000 ____D () C:\Program Files (x86)\TicTTaCCoupoN
2015-03-13 19:58 - 2013-06-08 17:20 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 17:58 - 2013-06-08 17:20 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-12 03:02 - 2015-01-30 12:37 - 00000000 ____D () C:\Program Files (x86)\AppptooU
2015-02-16 19:31 - 2015-01-30 12:37 - 00000000 ____D () C:\ProgramData\6674903336613869751
2014-01-10 12:22 - 2014-01-10 12:22 - 0005033 _____ () C:\ProgramData\mtbjfghn.xbe
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programs\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\MistyIsland\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {010B7CDC-4CF3-49BA-9825-34854053BD61} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {0C6497DE-7754-4AC1-8E12-8153789EA77E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {22A96D72-22B7-4855-83F6-B6DCD8FA9DA6} - System32\Tasks\RunTool => C:\Users\MistyIsland\AppData\Local\41e9fc42-c759-432e-9f73-d78ab97ce189\sysad.exe [2015-02-05] ()
Task: {29DFFAD3-5B83-4945-8901-2B5B320BD045} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {88F35AB3-FDA4-467A-A6CC-1F113CBF210A} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {A020CFEC-1EF5-43CA-9117-CDD0FF2D2DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {A147B805-9CDE-4DDC-AE36-CBD0B6E22DE6} - \RocketTab No Task File <==== ATTENTION
Task: {E6CC2F65-FE4B-4C9D-BF13-352B1C98661D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core.job => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA.job => C:\Users\MistyIsland\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\VNT
C:\Program Files (x86)\Google\Chrome
C:\Users\MistyIsland\AppData\Local\Google\Chrome
c:\Program Files (x86)\Optimizer Pro 3.11
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\AskPartnerNetwork
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\VNT => value deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bbqleads.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bbqleadsapplication.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bbqleadsservice.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bbqquotes.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ContentExplorer.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\donutleads.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\donutquotes.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\internetenhancer.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\internetenhancerservice.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\pastaleads.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\pastaquotes.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\theanswerfinder.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wajaminternetenhancer.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WajamInternetEnhancerApp.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WajamInternetEnhancerAppservice.exe" => Key Deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wajaminternetenhancerservice.exe" => Key Deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\VNT => Value not found.
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
APNMCP => Service stopped successfully.
APNMCP => Service deleted successfully.
51cdb72 => Service deleted successfully.
C:\Program Files (x86)\TicTTaCCoupoN => Moved successfully.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
C:\Program Files (x86)\AppptooU => Moved successfully.
C:\ProgramData\6674903336613869751 => Moved successfully.
C:\ProgramData\mtbjfghn.xbe => Moved successfully.
"HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => Key deleted successfully.
"HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}" => Key deleted successfully.
"HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => Key deleted successfully.
"HKU\S-1-5-21-2326034556-3691545475-2990337801-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{010B7CDC-4CF3-49BA-9825-34854053BD61}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{010B7CDC-4CF3-49BA-9825-34854053BD61}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab Update Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C6497DE-7754-4AC1-8E12-8153789EA77E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C6497DE-7754-4AC1-8E12-8153789EA77E}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22A96D72-22B7-4855-83F6-B6DCD8FA9DA6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22A96D72-22B7-4855-83F6-B6DCD8FA9DA6}" => Key deleted successfully.
C:\Windows\System32\Tasks\RunTool => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunTool" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29DFFAD3-5B83-4945-8901-2B5B320BD045} => Key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88F35AB3-FDA4-467A-A6CC-1F113CBF210A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F35AB3-FDA4-467A-A6CC-1F113CBF210A}" => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A020CFEC-1EF5-43CA-9117-CDD0FF2D2DC9} => Key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A147B805-9CDE-4DDC-AE36-CBD0B6E22DE6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A147B805-9CDE-4DDC-AE36-CBD0B6E22DE6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6CC2F65-FE4B-4C9D-BF13-352B1C98661D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6CC2F65-FE4B-4C9D-BF13-352B1C98661D}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2326034556-3691545475-2990337801-1000UA.job => Moved successfully.
C:\Program Files (x86)\VNT => Moved successfully.
"C:\Program Files (x86)\Google\Chrome" => File/Directory not found.
"C:\Users\MistyIsland\AppData\Local\Google\Chrome" => File/Directory not found.
"c:\Program Files (x86)\Optimizer Pro 3.11" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
C:\Program Files (x86)\AskPartnerNetwork => Moved successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-2326034556-3691545475-2990337801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.

========= End of RemoveProxy: =========

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{E2A1ADCE-7F1B-44DE-B455-70AB3A07F036} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 374.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog 19:25:50 ====

 

 

_______________________________________________________________________________________________________________________________

 

 

# AdwCleaner v4.112 - Logfile created 16/03/2015 at 19:32:01
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : MistyIsland - MISTYISLAND-PC
# Running from : C:\Users\MistyIsland\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Saferweb
Folder Deleted : C:\ProgramData\saveitkeEpp
Folder Deleted : C:\ProgramData\5ca2053830f078b7
Folder Deleted : C:\Program Files (x86)\segmentenhancer
Folder Deleted : C:\Program Files (x86)\WoowCoupone
Folder Deleted : C:\Users\MistyIsland\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\MistyIsland\AppData\Local\VNT
File Deleted : C:\END

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\S
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\adbabylon.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myhome.vi-view.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vi-view.com
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

*************************

AdwCleaner[R0].txt - [3213 bytes] - [16/03/2015 19:31:01]
AdwCleaner[S0].txt - [2917 bytes] - [16/03/2015 19:32:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2976  bytes] ##########


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now ?

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#5
ShyneB

ShyneB

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Hi Again

 

It's running a bit faster I think....

I haven't put Chrome back on, so getting use to using old IE again lol.  Let me know at what point I can put Chrome back on please.

 

Here is the latest scan log you asked for :)

Thank you again.

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-03-17 10:29:29
-----------------------------
10:29:29.022    OS Version: Windows x64 6.1.7601 Service Pack 1
10:29:29.022    Number of processors: 4 586 0x3A09
10:29:29.022    ComputerName: MISTYISLAND-PC  UserName: MistyIsland
10:29:29.262    Initialize success
10:29:30.007    VM: initialized successfully
10:29:30.007    VM: Intel CPU BiosDisabled
10:33:36.234    AVAST engine defs: 15031600
10:36:44.404    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
10:36:44.404    Disk 0 Vendor: ST2000DM001-1CH164 CC26 Size: 1907729MB BusType: 3
10:36:44.404    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
10:36:44.404    Disk 1 Vendor: INTEL_SSDSC2CT120A3 300i Size: 114473MB BusType: 3
10:36:44.414    Disk 1 MBR read successfully
10:36:44.424    Disk 1 MBR scan
10:36:44.454    Disk 1 Windows 7 default MBR code
10:36:44.454    Disk 1 Partition 1 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 2048
10:36:44.464    Disk 1 default boot code
10:36:44.474    Disk 1 Partition 2 00     07      HPFS/NTFS NTFS       114371 MB offset 206848
10:36:44.514    Disk 1 scanning C:\Windows\system32\drivers
10:36:49.086    Service scanning
10:37:02.098    Modules scanning
10:37:02.098    Disk 1 trace - called modules:
10:37:02.108    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:37:02.108    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8006ef0060]
10:37:02.118    3 CLASSPNP.SYS[fffff8800188543f] -> nt!IofCallDriver -> [0xfffffa80069b4520]
10:37:02.118    5 ACPI.sys[fffff88000f3c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80069b6060]
10:37:02.348    AVAST engine scan C:\Windows
10:37:02.988    AVAST engine scan C:\Windows\system32
10:38:36.368    AVAST engine scan C:\Windows\system32\drivers
10:38:41.903    AVAST engine scan C:\Users\MistyIsland
10:48:30.526    AVAST engine scan C:\ProgramData
10:49:06.765    Disk 1 statistics 5392074/0/0 @ 8.43 MB/s
10:49:06.765    Scan finished successfully
12:34:06.267    Disk 1 MBR has been saved successfully to "C:\Users\MistyIsland\Desktop\MBR.dat"
12:34:06.287    The log file has been saved successfully to "C:\Users\MistyIsland\Desktop\aswMBR.txt"

 


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK methinks you are now clean enough to put Chrome back.. Once you have done that could you tell me how it is behaving
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP