Hi there,
The computer is infected with malware/spyware that is popping up everywhere. Not appearing as Chrome plug-ins, but are listed in programs.
Tried to uninstall without success.
The malicious programs include: Coupoon, InfoNaut, GamesDesktop, SmartWeb, CrossBrowse, BlockAndSurf, StormWatch, possibly others.
If I try to uninstall these programs, the pop-up says: "Please wait until the current program is finished uninstalling" even though there is no uninstalling occurring.
Please help.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Mitey Fresh (administrator) on CAROLMAINMYF-PC on 02-05-2015 17:13:17
Running from C:\Users\Mitey Fresh\Desktop
Loaded Profiles: Mitey Fresh (Available profiles: Mitey Fresh & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser path: "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" -- "%1")
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\Trusted Publisher\GS_Booster\GS_Booster.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\rcore.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Flux Software LLC) C:\Users\Mitey Fresh\AppData\Local\FluxSoftware\Flux\flux.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Super PC Tools Ltd) C:\ProgramData\{04f41e6c-2a9d-2153-04f4-41e6c2a979b0}\hqghumeaylnlf.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\StormWatch.exe
() C:\Program Files (x86)\StormWatch\StormWatchApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr_x64.exe
() C:\Users\Mitey Fresh\AppData\Roaming\00000000-1430531197-0000-0000-1C6F65D74BC8\jnss5797.tmp
() C:\Users\Mitey Fresh\AppData\Local\Temp\nswF427.tmp
() C:\Users\Mitey Fresh\AppData\Local\Temp\nsj87A0.tmp
(CMI Limited) C:\Users\Mitey Fresh\AppData\Local\Temp\nsu10EC.tmp
(CMI Limited) C:\Users\Mitey Fresh\AppData\Local\Temp\nsh10B4.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Infonaut) C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe
() C:\Program Files (x86)\gmsd_au_257\gmsd_au_257.exe
() C:\Users\Mitey Fresh\AppData\Local\gmsd_au_257\upgmsd_au_257.exe
(SoftBrain Technologies Ltd.) C:\Users\Mitey Fresh\AppData\Local\SmartWeb\SmartWebHelper.exe
(SoftBrain Technologies Ltd.) C:\Users\Mitey Fresh\AppData\Local\SmartWeb\SmartWebApp.exe
() C:\Program Files (x86)\Coupoon\UpdateCheck.exe
() C:\Program Files (x86)\version64BlockAndSurf\J4BlockAndSurfJ52.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
() C:\Program Files (x86)\gmsd_au_257\gmsd_au_257.exe
() C:\Users\Mitey Fresh\AppData\Roaming\00000000-1430531197-0000-0000-1C6F65D74BC8\nsd457C.tmp
() C:\Program Files (x86)\Coupoon\UpdateCheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\config\systemprofile\user.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe [259624 2007-04-16] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-07-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-07-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort10reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [255528 2007-02-01] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SignIn] => C:\Program Files (x86)\Microsoft Online Services\Sign In\SignIn.exe [1742704 2011-03-16] (Microsoft Corporation)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [VideoDownloadConverter Search Scope Monitor] => C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe [42536 2012-08-02] (MindSpark)
HKLM-x32\...\Run: [VideoDownloadConverter_4z Browser Plugin Loader] => C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe [30096 2012-08-02] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [gmsd_au_22] => [X]
HKLM-x32\...\Run: [gmsd_au_257] => C:\Program Files (x86)\gmsd_au_257\gmsd_au_257.exe [3982792 2015-04-30] ()
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Mitey Fresh\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\RunOnce: [upgmsd_au_257.exe] => C:\Users\Mitey Fresh\AppData\Local\gmsd_au_257\upgmsd_au_257.exe [3289032 2015-04-30] ()
HKLM-x32\...\RunOnce: [Update] => C:\Users\Mitey Fresh\AppData\Roaming\ASPackage\ASPackage.exe /runonce
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [912688 2012-12-10] ()
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [NvCplWow64] => %SystemRoot%\SysWOW64\Rundll32.exe "%AppData%\Microsoft Corporation\cmspprxy.pig",Control_RunDLL
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [OM2_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [95632 2009-11-25] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [f.lux] => C:\Users\Mitey Fresh\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Run: [GoogleChromeAutoLaunch_23E45583CFC8895BE5D10DE1E4ABBEA7] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-03-17] (Crossbrowse)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bloggie Watcher Utility.lnk [2011-08-23]
ShortcutTarget: Bloggie Watcher Utility.lnk -> C:\Program Files (x86)\Sony\Bloggie Software\BGVolumeWatcher.exe (Sony Corporation)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comm100 Live Chat.lnk [2013-11-18]
ShortcutTarget: Comm100 Live Chat.lnk -> C:\Program Files (x86)\Comm100 Live Chat\Comm100 Live Chat.exe ()
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-05-02]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk [2013-11-18]
ShortcutTarget: Dragon NaturallySpeaking.lnk -> C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe (Nuance Communications, Inc.)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-04-23]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{04f41e6c-2a9d-2153-04f4-41e6c2a979b0}\hqghumeaylnlf.exe (Super PC Tools Ltd)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014-12-23]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-05-02]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Mitey Fresh\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk [2014-12-23]
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (Weather Protector LLC)
Startup: C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk [2014-12-23]
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://tikotin.com
URLSearchHook: HKU\S-1-5-21-571144041-3803823455-759090921-1000 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
SearchScopes: HKU\S-1-5-21-571144041-3803823455-759090921-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-571144041-3803823455-759090921-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: BlockAndSurf -> {9878D989-C010-66BE-051D-F8E5E761D59A} -> C:\Program Files (x86)\version64BlockAndSurf\192_x64.dll [2015-05-02] ()
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27] (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: SimpleAdblock Class -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll [2012-09-20] (Simple Adblock)
BHO-x32: Toolbar BHO -> {312f84fb-8970-4fd3-bddb-7012eac4afc9} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2012-08-02] (MindSpark)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: BlockAndSurf -> {9878D989-C010-66BE-051D-F8E5E761D59A} -> C:\Program Files (x86)\version64BlockAndSurf\192.dll [2015-05-02] ()
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\SEARCH~2.DLL No File
BHO-x32: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll [2013-01-23] (Delta-search.com)
BHO-x32: Search Assistant BHO -> {c547c6c2-561b-4169-a2a5-20ba771ca93b} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2012-08-02] (MindSpark)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-13] (Sun Microsystems, Inc.)
BHO-x32: Yontoo Layers (Drop Down Deals) -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll [2011-11-17] (Yontoo LLC)
BHO-x32: SimpleAdblock Class -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll [2012-09-20] (Simple Adblock)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27] (Google Inc.)
Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2012-08-02] (MindSpark)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll [2013-01-23] (Delta-search.com)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\SEARCH~2.DLL No File
Toolbar: HKU\S-1-5-21-571144041-3803823455-759090921-1000 -> No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} - No File
Toolbar: HKU\S-1-5-21-571144041-3803823455-759090921-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default
FF NewTab: hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1419304002&from=tugs&uid=ST31000524AS_5VP818LNXXXX5VP818LN
FF DefaultSearchEngine: omiga-plus
FF DefaultSearchEngine,S:
FF DefaultSearchUrl:
FF SearchEngineOrder.1:
FF SearchEngineOrder.1,S:
FF SelectedSearchEngine: omiga-plus
FF SelectedSearchEngine,S:
FF Homepage: hxxp://tikotin.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-13] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll [2012-08-02] (MindSpark)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-571144041-3803823455-759090921-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Mitey Fresh\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-15] (Citrix Online)
FF Plugin HKU\S-1-5-21-571144041-3803823455-759090921-1000: @sony.com/Some -> C:\Program Files (x86)\Sony\Bloggie Software\npsome.dll [2011-06-09] (Sony)
FF Plugin HKU\S-1-5-21-571144041-3803823455-759090921-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mitey Fresh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\user.js [2015-05-02]
FF SearchPlugin: C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\searchplugins\askcom.xml [2011-08-23]
FF SearchPlugin: C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\searchplugins\babylon.xml [2013-05-02]
FF SearchPlugin: C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\searchplugins\BrowserProtect.xml [2013-05-02]
FF SearchPlugin: C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\searchplugins\delta.xml [2013-04-06]
FF SearchPlugin: C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\searchplugins\Search_Results.xml [2012-09-12]
FF SearchPlugin: C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\searchplugins\WebSearch.xml [2013-05-20]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2013-04-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\omiga-plus.xml [2014-12-23]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2012-09-12]
FF Extension: VideoDownloadConverter - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2014-01-11]
FF Extension: BrouwsEe2save - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\
[email protected] [2013-04-26]
FF Extension: Fast Start - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\
[email protected] [2014-12-23]
FF Extension: FavIconReloadermozillaorg - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\
[email protected] [2014-12-28]
FF Extension: Delta Toolbar - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\
[email protected] [2013-04-06]
FF Extension: Searcohy-NewTaeb - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\
[email protected] [2013-04-26]
FF Extension: Searchqu Toolbar - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-09-12]
FF Extension: Yontoo - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\
[email protected] [2013-02-20]
FF Extension: Adblock Plus - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-06-21]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-17]
FF HKLM-x32\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF Extension: VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin [2012-08-02]
FF HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Firefox\Extensions: [{A8EF1E73-D8F4-9AEF-BFB9-FCFFD6101C88}] - C:\Program Files (x86)\version64BlockAndSurf\192.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\version64BlockAndSurf\192.xpi [2015-05-02]
FF Extension: No Name - C:\Users\Mitey Fresh\AppData\Roaming\Mozilla\Firefox\Profiles\f9p9w6fz.default\extensions\
[email protected] [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Sony Online Media Engine) - C:\Program Files (x86)\Sony\Bloggie Software\npsome.dll (Sony)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Mitey Fresh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Mitey Fresh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-04]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Mitey Fresh\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Mitey Fresh\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-04-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\MITEYF~1\AppData\Local\Temp\YontooLayers.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-26] (Just Develop It) <==== ATTENTION
S2 CoupoonService64; C:\Program Files (x86)\coupoon\iiwjljrnpc64.exe [172344 2015-04-03] ()
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-03-01] (Microsoft Corporation) [File not signed]
R2 insvc_1.10.0.14; C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600 2015-04-11] (Infonaut)
R2 jedyhusi; C:\Users\Mitey Fresh\AppData\Roaming\00000000-1430531197-0000-0000-1C6F65D74BC8\nsd457C.tmp [148992 2015-05-02] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 rcores; C:\Windows\rcore.exe [4959744 2014-12-21] () [File not signed]
R2 riqeneho; C:\Users\Mitey Fresh\AppData\Roaming\00000000-1430531197-0000-0000-1C6F65D74BC8\jnss5797.tmp [198656 2015-05-02] () [File not signed]
R2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-22] (Weather Protector LLC)
R2 UpdateCheck; C:\Program Files (x86)\Coupoon\UpdateCheck.exe [53040 2015-05-02] ()
R2 VideoDownloadConverter_4zService; C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [42504 2012-08-02] (COMPANYVERS_NAME)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [58224 2015-04-11] (Infonaut)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2015-04-03] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R2 webTinstMKTN84; C:\Windows\system32\Drivers\webTinstMKTN84.sys [50216 2015-05-02] ()
S1 asbatsau; \??\C:\Windows\system32\drivers\asbatsau.sys [X]
S1 evleuqss; \??\C:\Windows\system32\drivers\evleuqss.sys [X]
S1 jqzvopac; \??\C:\Windows\system32\drivers\jqzvopac.sys [X]
S1 kuiivusg; \??\C:\Windows\system32\drivers\kuiivusg.sys [X]
S1 mvqjszvp; \??\C:\Windows\system32\drivers\mvqjszvp.sys [X]
S1 phbqursp; \??\C:\Windows\system32\drivers\phbqursp.sys [X]
S1 wpnfd_1_10_0_5; system32\drivers\wpnfd_1_10_0_5.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 17:13 - 2015-05-02 17:17 - 00040486 _____ () C:\Users\Mitey Fresh\Desktop\FRST.txt
2015-05-02 17:12 - 2015-05-02 17:15 - 00000000 ____D () C:\FRST
2015-05-02 17:11 - 2015-05-02 17:11 - 00002838 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2015-05-02 17:11 - 2015-05-02 17:11 - 00001045 _____ () C:\Users\Mitey Fresh\Desktop\AnyProtect.lnk
2015-05-02 17:11 - 2015-05-02 17:11 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-05-02 17:10 - 2015-05-02 17:10 - 02101248 _____ (Farbar) C:\Users\Mitey Fresh\Desktop\FRST64.exe
2015-05-02 17:09 - 2015-05-02 17:10 - 02101248 _____ (Farbar) C:\Users\Mitey Fresh\Downloads\FRST64.exe
2015-05-02 17:02 - 2015-05-02 17:11 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-05-02 17:02 - 2015-05-02 17:02 - 00613255 _____ (CMI Limited) C:\Users\Mitey Fresh\AppData\Local\nstA834.tmp
2015-05-02 15:23 - 2015-05-02 17:17 - 00000112 _____ () C:\ProgramData\YG2KU1.dat
2015-05-02 15:22 - 2015-05-02 15:22 - 00003116 _____ () C:\Windows\System32\Tasks\BlockAndSurf Update
2015-05-02 15:22 - 2015-05-02 15:22 - 00002286 _____ () C:\Windows\patsearch.bin
2015-05-02 15:22 - 2015-05-02 15:22 - 00000456 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2015-05-02 15:22 - 2015-05-02 15:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-05-02 15:22 - 2015-05-02 15:21 - 00050216 _____ () C:\Windows\system32\Drivers\webTinstMKTN84.sys
2015-05-02 15:21 - 2015-05-02 15:21 - 00004098 _____ () C:\Windows\System32\Tasks\Crossbrowse
2015-05-02 15:21 - 2015-05-02 15:21 - 00001068 _____ () C:\Windows\Tasks\Crossbrowse.job
2015-05-02 15:21 - 2015-05-02 15:21 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Crossbrowse
2015-05-02 15:21 - 2015-05-02 15:21 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Local\Crossbrowse
2015-05-02 15:21 - 2015-05-02 15:21 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Crossbrowse
2015-05-02 15:21 - 2015-05-02 15:21 - 00000000 ____D () C:\Users\Guest\AppData\Local\Crossbrowse
2015-05-02 15:21 - 2015-05-02 15:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Crossbrowse
2015-05-02 15:21 - 2015-05-02 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-05-02 15:21 - 2015-05-02 15:21 - 00000000 ____D () C:\Program Files (x86)\version64BlockAndSurf
2015-05-02 15:19 - 2015-05-02 15:19 - 00000000 ____D () C:\Program Files (x86)\Crossbrowse
2015-05-02 15:18 - 2015-05-02 15:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-02 15:17 - 2015-05-02 15:22 - 00000000 ____D () C:\Program Files\Coupoon
2015-05-02 15:17 - 2015-05-02 15:21 - 00000000 ____D () C:\Program Files (x86)\Coupoon
2015-05-02 15:17 - 2015-05-02 15:17 - 00000005 _____ () C:\end
2015-05-02 15:16 - 2015-05-02 15:52 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Local\gmsd_au_257
2015-05-02 15:16 - 2015-05-02 15:16 - 00004072 _____ () C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-05-02 15:16 - 2015-05-02 15:16 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Local\SmartWeb
2015-05-02 15:16 - 2015-05-02 15:16 - 00000000 ____D () C:\Program Files (x86)\gmsd_au_257
2015-05-02 15:15 - 2015-05-02 15:15 - 00000000 ____D () C:\Program Files (x86)\Infonaut_1.10.0.14
2015-05-02 11:46 - 2015-05-02 16:21 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\00000000-1430531197-0000-0000-1C6F65D74BC8
2015-04-23 19:27 - 2015-04-30 04:50 - 00000000 ____D () C:\ProgramData\{04f41e6c-2a9d-2153-04f4-41e6c2a979b0}
2015-04-15 22:29 - 2015-04-15 22:29 - 00597304 _____ () C:\Users\Mitey Fresh\Downloads\flux-setup.exe
2015-04-15 22:29 - 2015-04-15 22:29 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-04-15 22:29 - 2015-04-15 22:29 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Local\FluxSoftware
2015-04-15 05:08 - 2015-03-25 13:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 05:08 - 2015-03-25 13:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 05:08 - 2015-03-25 13:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 05:08 - 2015-03-25 13:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 05:08 - 2015-03-25 13:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 05:08 - 2015-03-25 13:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 05:08 - 2015-03-25 13:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 05:08 - 2015-03-25 13:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 05:08 - 2015-03-25 13:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 05:08 - 2015-03-25 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 05:08 - 2015-03-25 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 05:08 - 2015-03-25 13:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 05:08 - 2015-03-25 13:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 05:08 - 2015-03-25 13:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 05:08 - 2015-03-25 13:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 05:08 - 2015-03-25 13:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 05:08 - 2015-03-23 13:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 05:08 - 2015-03-23 13:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 05:08 - 2015-03-23 13:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 05:08 - 2015-03-23 13:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 05:08 - 2015-03-23 13:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 05:08 - 2015-03-23 13:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 05:08 - 2015-03-23 13:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 05:08 - 2015-03-23 13:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 05:08 - 2015-03-17 15:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 05:08 - 2015-03-17 15:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 05:08 - 2015-03-17 15:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 05:08 - 2015-03-17 15:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 05:08 - 2015-03-17 15:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 05:08 - 2015-03-17 15:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 05:08 - 2015-03-17 15:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 05:08 - 2015-03-17 15:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 05:08 - 2015-03-17 15:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 05:08 - 2015-03-17 15:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 05:08 - 2015-03-17 15:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 05:08 - 2015-03-17 15:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 05:08 - 2015-03-17 15:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 05:08 - 2015-03-17 15:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 15:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 05:08 - 2015-03-17 15:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 05:08 - 2015-03-17 14:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 05:08 - 2015-03-17 14:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 05:08 - 2015-03-17 14:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 05:08 - 2015-03-17 14:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 05:08 - 2015-03-17 14:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 05:08 - 2015-03-17 14:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 05:08 - 2015-03-17 14:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 05:08 - 2015-03-17 14:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 05:08 - 2015-03-17 14:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 05:08 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 05:08 - 2015-03-10 13:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 05:08 - 2015-03-10 13:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 05:08 - 2015-03-10 13:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 05:08 - 2015-03-10 13:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 05:08 - 2015-03-05 15:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 05:08 - 2015-03-05 14:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 05:07 - 2015-03-17 15:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 05:07 - 2015-03-17 15:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 05:07 - 2015-03-17 15:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 05:07 - 2015-03-17 15:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 05:07 - 2015-03-17 15:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 15:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 14:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 05:07 - 2015-03-17 14:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 05:07 - 2015-03-17 14:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 05:07 - 2015-03-17 14:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 05:07 - 2015-03-17 14:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 14:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 14:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 13:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 05:07 - 2015-03-17 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 05:07 - 2015-03-17 13:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 13:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 13:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 05:07 - 2015-03-17 13:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 05:07 - 2015-03-10 10:31 - 17882112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 05:07 - 2015-03-10 10:19 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 05:07 - 2015-03-10 10:19 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 05:07 - 2015-03-10 10:18 - 10931200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 05:07 - 2015-03-10 10:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 05:07 - 2015-03-10 10:14 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 05:07 - 2015-03-10 10:13 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 05:07 - 2015-03-10 10:13 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 05:07 - 2015-03-10 10:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 05:07 - 2015-03-10 10:13 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 05:07 - 2015-03-10 10:13 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 05:07 - 2015-03-10 10:13 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 05:07 - 2015-03-10 10:13 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 05:07 - 2015-03-10 10:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 05:07 - 2015-03-10 10:12 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 05:07 - 2015-03-10 10:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 05:07 - 2015-03-10 10:12 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 05:07 - 2015-03-10 10:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 05:07 - 2015-03-10 10:12 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 05:07 - 2015-03-10 10:12 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 05:07 - 2015-03-10 10:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 05:07 - 2015-03-10 10:12 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-15 05:07 - 2015-03-10 09:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 05:07 - 2015-03-10 09:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 05:07 - 2015-03-10 09:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 05:07 - 2015-03-10 09:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 05:07 - 2015-03-10 08:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 05:07 - 2015-03-10 08:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 05:07 - 2015-03-10 08:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 05:07 - 2015-03-10 08:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 05:07 - 2015-03-10 08:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 05:07 - 2015-03-10 08:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 05:07 - 2015-03-10 08:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-15 05:07 - 2015-03-10 08:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 05:07 - 2015-03-10 08:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 05:07 - 2015-03-10 08:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 05:07 - 2015-03-10 08:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 05:07 - 2015-03-10 08:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 05:07 - 2015-03-10 08:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 05:07 - 2015-03-10 08:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 05:07 - 2015-03-10 08:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 05:07 - 2015-03-10 08:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-15 05:07 - 2015-03-10 08:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-15 05:07 - 2015-03-10 08:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-15 05:07 - 2015-03-04 14:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 05:07 - 2015-03-04 14:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 05:07 - 2015-03-04 14:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 05:07 - 2015-02-25 13:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-13 08:32 - 2015-04-13 08:32 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\AUSkey
2015-04-11 05:56 - 2015-04-11 05:56 - 00058224 _____ (Infonaut) C:\Windows\system32\Drivers\innfd_1_10_0_14.sys
2015-04-08 08:42 - 2015-04-08 08:42 - 00000000 ____D () C:\Program Files (x86)\System-Checker
2015-04-06 08:47 - 2015-04-06 08:47 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 08:47 - 2015-04-06 08:47 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-03 18:36 - 2015-04-03 18:36 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\Unity
2015-04-03 08:22 - 2015-04-03 08:22 - 00046376 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter64.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 17:13 - 2009-07-14 14:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 17:13 - 2009-07-14 14:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 17:11 - 2014-12-23 14:21 - 00002840 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2015-05-02 17:11 - 2014-12-23 14:21 - 00002838 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2015-05-02 17:11 - 2014-12-23 14:21 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-05-02 17:11 - 2014-12-23 14:21 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-05-02 17:11 - 2014-12-23 14:21 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-05-02 16:47 - 2012-11-29 11:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 16:31 - 2011-06-16 18:25 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 15:22 - 2014-04-02 22:04 - 01399040 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 15:21 - 2014-10-06 14:46 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-05-02 15:21 - 2009-07-14 14:51 - 49480723 _____ () C:\Windows\setupact.log
2015-05-02 15:19 - 2014-04-18 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-02 14:36 - 2013-07-01 17:52 - 00000714 ____H () C:\Windows\Tasks\Norton Product InstallerIdle.job
2015-05-02 11:45 - 2014-12-23 13:08 - 00000000 ___HD () C:\Users\Public\Temp
2015-05-02 09:30 - 2011-06-16 18:25 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 06:07 - 2013-11-29 16:50 - 00000000 ___RD () C:\Users\Mitey Fresh\Dropbox
2015-05-02 06:07 - 2013-11-29 16:44 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\Dropbox
2015-05-02 06:03 - 2014-10-06 14:47 - 00000488 ____H () C:\Windows\Tasks\GS_Booster-S-576482620.job
2015-05-02 06:03 - 2014-04-02 22:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-02 06:03 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-01 16:44 - 2012-09-26 16:04 - 00009285 ____H () C:\Users\Mitey Fresh\Documents\maxdesk.ini
2015-05-01 16:44 - 2012-09-26 15:55 - 06547360 ____H () C:\Users\Mitey Fresh\Documents\PPThumbs.ptn
2015-04-30 18:09 - 2011-06-06 06:52 - 00000000 ____D () C:\Users\Mitey Fresh\Documents\Tasman
2015-04-28 18:35 - 2012-02-09 11:10 - 00000000 ____D () C:\Users\Mitey Fresh\Documents\`Staff Computer
2015-04-28 15:23 - 2009-07-14 15:13 - 00785366 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-26 10:10 - 2013-11-29 16:45 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-23 18:46 - 2012-02-09 11:27 - 01220096 ___SH () C:\Users\Mitey Fresh\Documents\Thumbs.db
2015-04-23 18:18 - 2010-11-21 13:47 - 00019056 _____ () C:\Windows\PFRO.log
2015-04-23 11:49 - 2011-08-23 17:51 - 00000000 ____D () C:\Users\Mitey Fresh\Documents\Bloggie Library
2015-04-20 11:06 - 2011-06-21 18:53 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\Skype
2015-04-17 15:28 - 2013-10-25 12:24 - 00006101 _____ () C:\Users\Mitey Fresh\Desktop\Carols Note pad.txt
2015-04-16 08:48 - 2012-11-29 11:08 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-16 08:48 - 2012-11-29 11:08 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-16 08:48 - 2012-11-29 11:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-16 06:53 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 05:14 - 2011-05-13 08:20 - 00000000 ____D () C:\Users\Mitey Fresh\Documents\Carol
2015-04-16 05:06 - 2014-12-30 14:38 - 00000000 ____D () C:\Users\Mitey Fresh\Desktop\Round the home projects
2015-04-16 05:02 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 04:59 - 2009-07-14 15:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-16 04:57 - 2014-12-11 03:20 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 04:57 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 04:57 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 22:49 - 2014-04-03 09:36 - 00769348 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 22:48 - 2013-07-15 21:31 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 22:41 - 2014-04-04 08:02 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-07 16:21 - 2011-05-14 20:15 - 00000000 ____D () C:\Users\Mitey Fresh\AppData\Roaming\.minecraft
2015-04-07 14:28 - 2011-05-13 08:20 - 00000000 ____D () C:\Users\Mitey Fresh\Documents\Adina
2015-04-04 15:34 - 2011-06-16 18:16 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
==================== Files in the root of some directories =======
2013-04-23 16:13 - 2013-02-10 07:55 - 0114176 _____ () C:\Users\Mitey Fresh\AppData\Roaming\BabMaint.exe
2012-12-11 20:44 - 2012-12-12 13:49 - 0001719 _____ () C:\Users\Mitey Fresh\AppData\Roaming\bibstats
2014-12-23 13:08 - 2014-12-23 13:08 - 1487840 _____ (HQ VideoV22.12) C:\Users\Mitey Fresh\AppData\Roaming\IW.exe
2014-03-14 08:28 - 2014-11-24 08:00 - 0000165 _____ () C:\Users\Mitey Fresh\AppData\Roaming\Opusbext.dat
2011-05-23 15:03 - 2011-07-23 15:15 - 0001355 _____ () C:\Users\Mitey Fresh\AppData\Roaming\SAS7_000.DAT
2014-12-23 13:07 - 2014-12-23 13:07 - 1815520 _____ (HQ VideoV22.12) C:\Users\Mitey Fresh\AppData\Roaming\SZUL.exe
2014-11-25 13:44 - 2014-11-25 13:44 - 0004096 ____H () C:\Users\Mitey Fresh\AppData\Local\keyfile3.drm
2014-12-23 14:19 - 2014-12-23 14:19 - 0628496 _____ (CMI Limited) C:\Users\Mitey Fresh\AppData\Local\nsq5C9F.tmp
2015-05-02 17:02 - 2015-05-02 17:02 - 0613255 _____ (CMI Limited) C:\Users\Mitey Fresh\AppData\Local\nstA834.tmp
2015-05-02 15:23 - 2015-05-02 17:18 - 0000112 _____ () C:\ProgramData\YG2KU1.dat
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-571144041-3803823455-759090921-1000\$9430fe1d1ff3e329fb03ccb693dbb6d5
Files to move or delete:
====================
C:\ProgramData\YG2KU1.dat
Some content of TEMP:
====================
C:\Users\Mitey Fresh\AppData\Local\Temp\1.tmp.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\1506.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\212C9CF6-2656-23C4-E871-70C9460F6C97.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\3737.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\5624.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\6697.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\7047.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\9C2A3796-3B3C-3BE8-4FA6-937D9CE2362F.dll
C:\Users\Mitey Fresh\AppData\Local\Temp\9C2A3796-3B3C-3BE8-4FA6-937D9CE2362F.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\A1665040-58B7-6739-08C1-52EDA8FAE4B9.dll
C:\Users\Mitey Fresh\AppData\Local\Temp\A1665040-58B7-6739-08C1-52EDA8FAE4B9.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\ba1affD1b82.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\BackupSetup.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\BD091071-59E5-A031-7159-3224E0CFF058.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\bitool.dll
C:\Users\Mitey Fresh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpijkauc.dll
C:\Users\Mitey Fresh\AppData\Local\Temp\jueBF72.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\Launcher__10890.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\optprosetup.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\setup_364.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\setup_644.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\Shop2.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\SpOrder.dll
C:\Users\Mitey Fresh\AppData\Local\Temp\supoptsetup.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\Uninstall.exe
C:\Users\Mitey Fresh\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 02:47
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Mitey Fresh at 2015-05-02 17:19:46
Running from C:\Users\Mitey Fresh\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-571144041-3803823455-759090921-500 - Administrator - Disabled)
Guest (S-1-5-21-571144041-3803823455-759090921-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-571144041-3803823455-759090921-1014 - Limited - Enabled)
Mitey Fresh (S-1-5-21-571144041-3803823455-759090921-1000 - Administrator - Enabled) => C:\Users\Mitey Fresh
UpdatusUser (S-1-5-21-571144041-3803823455-759090921-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
Acoolsoft PPT to Video Pro 3.2.7 (HKLM-x32\...\Acoolsoft PPT to Video Pro_is1) (Version: 3.2.7 - Acoolsoft Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Amazon Kindle) (Version: - Amazon)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BlockAndSurf (HKLM-x32\...\C832807B-BDCF-2F7D-44A3-697848F4D5BB) (Version: - BlockAndSurf-software) <==== ATTENTION
Bloggie Software (HKLM-x32\...\BloggieSoftware) (Version: 3.3.1.73 - Sony)
Bloggie Software (x32 Version: 3.3.1.73 - Sony Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowseToSave 1.74 (HKLM-x32\...\SP_f2a323db) (Version: - ) <==== ATTENTION
Business-in-a-Box (HKLM-x32\...\Business-in-a-Box) (Version: 5.0.4 - Biztree Inc.)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
Comm100 Live Chat (HKLM-x32\...\Com.Comm100.LiveChat.AirVisitorMonitor.En.ED02F0ED4016DF29F52CC2E3BD1ED89CCC440D32.1) (Version: 7.5.2 - Comm100 Network Corporation)
Comm100 Live Chat (x32 Version: 7.5.2 - Comm100 Network Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupoon version 1.0 (HKLM-x32\...\{49F8B4F8-0CD4-4BE4-A9E8-B13A071F7C90}_is1) (Version: 1.0 - Coupoon) <==== ATTENTION
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.5.2171.95 - The Crossbrowse Authors) <==== ATTENTION!
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version: - Visual Tools) <==== ATTENTION
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DomaIQ (HKLM-x32\...\DomaIQ Uninstaller) (Version: - Tuguu SLU) <==== ATTENTION
Dragon NaturallySpeaking 10 (HKLM-x32\...\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}) (Version: 10.10.300 - Nuance Communications Inc.)
Dropbox (HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
f.lux (HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Flux) (Version: - )
GamesDesktop 027.257 (HKLM-x32\...\gmsd_au_257_is1) (Version: - GAMESDESKTOP) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoSAve (HKLM-x32\...\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}) (Version: 1.1.0.1843 - ) <==== ATTENTION
GS_Booster (HKLM-x32\...\S-576482620) (Version: 3.0.0.1446 - PremiumSoft) <==== ATTENTION
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Online Services Sign In (HKLM-x32\...\{A91E3887-5185-4091-AF33-AB0048444055}) (Version: 1.0.1442.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 11.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 11.0 (x86 en-US)) (Version: 11.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Numbers Up!2 V1.1 Baggin' the Dragon (HKLM-x32\...\Numbers_Up2V1.0) (Version: - )
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OLYMPUS Master 2 (HKLM-x32\...\{0815D55A-5EFF-4E1B-8C04-7035E914D90D}) (Version: 1.0.10 - OLYMPUS IMAGING CORP.)
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
PaperPort Image Printer (HKLM\...\{D16193A3-921A-4134-B381-597C8F4B8EBD}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.26.902.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScannerDriver (Version: 1.0.2.0 - Oki Data Corporation) Hidden
ScanSoft PaperPort 10 (HKLM-x32\...\{80911AD4-0255-4467-A6DD-F8BCA1F2F94A}) (Version: 10.4.1000 - Nuance Communications, Inc.)
Search Assistant WebSearch 1.74 (HKLM-x32\...\SP_4e24eecb) (Version: - ) <==== ATTENTION
Searcohy-NewTaeb (HKLM-x32\...\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}) (Version: - NewTab) <==== ATTENTION
Simple Adblock (HKLM-x32\...\{B4920103-09F6-4AD2-B150-CFC4474D2DDC}) (Version: 1.1.5 - Simple Adblock)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
StormWatch (HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\StormWatch) (Version: 1.0.1.36 - StormWatch) <==== ATTENTION!
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.11656 - TeamViewer GmbH)
Torch (HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\Torch) (Version: 23.0.0.2585 - Torch) <==== ATTENTION
TweetDeck (HKLM-x32\...\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1) (Version: 0.38.2 - TweetDeck Inc)
TweetDeck (x32 Version: 0.38.2 - TweetDeck Inc) Hidden
Uni-Stat (HKLM-x32\...\{2C0D5586-B96C-404F-96D7-91BE2A304853}) (Version: 4.0 - Avery Dennsion)
Unity Web Player (HKU\S-1-5-21-571144041-3803823455-759090921-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
VAFPlayer (HKLM-x32\...\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}) (Version: 1.6.8 - Tuguu SL) <==== ATTENTION
Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ATTENTION
VideoDownloadConverter Toolbar (HKLM-x32\...\VideoDownloadConverter_4zbar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 10.20.200 - Nuance Communications Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XAMPP 1.7.7 (HKLM-x32\...\xampp) (Version: - )
Yontoo Layers Runtime (Drop Down Deals) 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - Yontoo LLC) <==== ATTENTION
YouotubeAdBlockae (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 3.3.0.1253 - ) <==== ATTENTION
Zombie Invasion (HKLM-x32\...\ZombieInvasion) (Version: 2.7.50 - Time Lapse Solutions) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-571144041-3803823455-759090921-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
15-04-2015 22:38:35 Windows Update
19-04-2015 14:19:01 Windows Update
22-04-2015 20:56:50 Windows Update
26-04-2015 14:12:59 Windows Update
30-04-2015 08:41:59 Windows Update
02-05-2015 15:17:52 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0604492C-9955-4783-88F5-3F978EF47E38} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-05-02] (AnyProtect.com) <==== ATTENTION
Task: {0C0EACF7-90F8-488E-AE62-C19F8867A232} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {10A5EC84-4916-4CBB-8B7E-B4D2C183BAAC} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-05-02] (AnyProtect.com) <==== ATTENTION
Task: {191E1AEA-3924-4EB6-A3EA-6BE320C2B7C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {26B1E216-FBAE-4216-AA3E-42AE08F22162} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {3266F576-5F96-4668-97F2-2889CBC2C622} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {331EA0D2-7D9E-4DE4-8FE2-1CB4DB046683} - System32\Tasks\{CEBA54D1-BC79-4038-830E-556FB71CB724} => C:\Program Files (x86)\Business-in-a-Box\BIB.exe [2012-12-10] ()
Task: {4B35C1E0-A166-4160-B5C5-63EF7B58F109} - \SidebarExecute No Task File <==== ATTENTION
Task: {62815D3D-B304-4B97-ACFA-77D41D43B853} - System32\Tasks\{3A461120-2CAD-451D-B5D6-FAE23A755319} => pcalua.exe -a "C:\Users\Mitey Fresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CJV7HSA\AdobeAIRInstaller.exe" -d "C:\Users\Mitey Fresh\Desktop"
Task: {736800B8-43EB-4A48-920A-3BC7D1F5841A} - System32\Tasks\{4259D0EF-678B-4D89-9AA2-E89B24075DD0} => pcalua.exe -a "C:\Users\Mitey Fresh\AppData\Roaming\omiga-plus\UninstallManager.exe" -c -ptid=tugs <==== ATTENTION
Task: {768666FA-A884-48ED-BF4B-D4C115AEE6A4} - System32\Tasks\{6C426F02-CD53-4A2D-8DDD-E7A4C660740A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {78AB73D8-A6E1-4639-8EF0-80D78F2CF7A7} - System32\Tasks\{3325C1CE-0580-440A-A860-55E9E7A9E00D} => C:\Program Files (x86)\Business-in-a-Box\BIB.exe [2012-12-10] ()
Task: {84BF7696-9260-4156-BC00-FB91FE4B3EE4} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Mitey Fresh\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {9994FA5E-8310-4D5B-9BFF-70BEC6084E14} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-05-02] (AnyProtect.com) <==== ATTENTION
Task: {A1BEFAB3-E0F6-4875-90D6-61843F8CCA72} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\version64BlockAndSurf\J4BlockAndSurfJ52.exe [2015-05-02] () <==== ATTENTION
Task: {B032A010-1D0A-4CAC-897A-7E6A63828AF6} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-05-02] () <==== ATTENTION
Task: {B4D939E2-212C-4616-9190-AD020910CAB1} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-11-26] (MyPC Backup) <==== ATTENTION
Task: {B8256DD5-8F73-4257-8D8C-557E38E4D56A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C07ED911-5D77-49AD-9795-AABBDB21B086} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe [2012-12-12] (
http://yourfiledownloader.com) <==== ATTENTION
Task: {E302DCDC-D25A-4813-80D9-54A6E57BF1A7} - System32\Tasks\FGRun => C:\Users\Mitey
Task: {EAE686B7-F654-4A70-88A6-4C4799FB0CBE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {EDD1D227-9A64-496C-8A1D-761A8DDF1677} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {F15B7589-946E-4447-B216-935CA6EB50B6} - System32\Tasks\GS_Booster-S-576482620 => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe [2014-10-06] () <==== ATTENTION
Task: {F55BBE6D-0B65-4546-AADD-32D2B3B9DC24} - System32\Tasks\Norton Product InstallerIdle => C:\Users\MITEYF~1\AppData\Local\Temp\Adobe\Shockwave 12\SymInstallStub.exe <==== ATTENTION
Task: {F60AC2B2-E1FD-45AA-937C-EAC3C75ADEA7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\version64BlockAndSurf\J4BlockAndSurfJ52.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exeO/schedule /profile c:\programdata\trusted publisher\gs_booster\576482620.ini <==== ATTENTION
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Users\MITEYF~1\AppData\Local\Temp\Adobe\Shockwave 12\SymInstallStub.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2014-04-02 22:04 - 2013-01-19 01:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-05-16 15:03 - 2010-04-16 16:42 - 00076800 _____ () C:\Windows\System32\TFAXMON.DLL
2011-05-16 15:06 - 2010-04-16 16:42 - 00089600 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TFAXPPR.DLL
2011-05-16 14:55 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-10-06 14:47 - 2014-10-06 14:47 - 00773632 _____ () c:\programdata\trusted publisher\gs_booster\GS_Booster.exe
2014-12-23 13:06 - 2014-11-26 05:29 - 00299008 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2012-12-11 20:42 - 2012-12-10 11:25 - 00912688 _____ () C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
2014-12-23 13:06 - 2014-12-21 18:15 - 04959744 _____ () C:\Windows\rcore.exe
2014-12-23 13:06 - 2014-11-26 05:37 - 00012800 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-11-26 05:47 - 2014-11-26 05:47 - 01465880 _____ () C:\Program Files (x86)\StormWatch\StormWatchApp.exe
2015-05-02 11:47 - 2015-05-02 11:47 - 00198656 _____ () C:\Users\Mitey Fresh\AppData\Roaming\00000000-1430531197-0000-0000-1C6F65D74BC8\jnss5797.tmp
2015-05-02 11:58 - 2015-05-02 11:58 - 00288167 _____ () C:\Users\Mitey Fresh\AppData\Local\Temp\nswF427.tmp
2015-05-02 12:17 - 2015-05-02 12:18 - 00288167 _____ () C:\Users\Mitey Fresh\AppData\Local\Temp\nsj87A0.tmp
2015-05-02 15:16 - 2015-04-30 14:55 - 03982792 _____ () C:\Program Files (x86)\gmsd_au_257\gmsd_au_257.exe
2015-05-02 15:16 - 2015-04-30 14:55 - 03289032 _____ () C:\Users\Mitey Fresh\AppData\Local\gmsd_au_257\upgmsd_au_257.exe
2015-05-02 15:17 - 2015-05-02 15:17 - 00053040 _____ () C:\Program Files (x86)\Coupoon\UpdateCheck.exe
2015-05-02 15:21 - 2015-05-02 15:21 - 00603136 _____ () C:\Program Files (x86)\version64BlockAndSurf\J4BlockAndSurfJ52.exe
2015-05-02 16:21 - 2015-05-02 16:21 - 00148992 _____ () C:\Users\Mitey Fresh\AppData\Roaming\00000000-1430531197-0000-0000-1C6F65D74BC8\nsd457C.tmp
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2015-05-02 06:05 - 2015-05-02 06:05 - 00043008 _____ () c:\Users\Mitey Fresh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpijkauc.dll
2015-03-05 07:45 - 2015-03-05 07:45 - 00750080 _____ () C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 07:45 - 2015-03-05 07:45 - 00047616 _____ () C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 07:45 - 2015-03-05 07:45 - 00865280 _____ () C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 07:45 - 2015-03-05 07:45 - 00200704 _____ () C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-02 11:59 - 2015-05-02 11:59 - 00011264 _____ () C:\Users\Mitey Fresh\AppData\Local\Temp\nsm58C2.tmp\System.dll
2015-05-02 12:18 - 2015-05-02 12:18 - 00011264 _____ () C:\Users\Mitey Fresh\AppData\Local\Temp\nseF224.tmp\System.dll
2015-05-02 12:22 - 2015-05-02 12:22 - 00011264 _____ () C:\Users\Mitey Fresh\AppData\Local\Temp\nsk59AC.tmp\System.dll
2015-05-02 15:10 - 2015-05-02 15:10 - 00011264 _____ () C:\Users\Mitey Fresh\AppData\Local\Temp\nss6708.tmp\System.dll
2015-05-02 15:21 - 2015-03-17 04:13 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\libglesv2.dll
2015-05-02 15:21 - 2015-03-17 04:13 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\libegl.dll
2014-09-25 08:33 - 2014-09-23 14:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 08:33 - 2014-09-23 14:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 08:33 - 2014-09-23 14:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 08:33 - 2014-09-23 14:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 08:33 - 2014-09-23 14:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 08:33 - 2014-09-23 14:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-571144041-3803823455-759090921-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mitey Fresh\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Mitey Fresh^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Comm100 Live Chat.lnk => C:\Windows\pss\Comm100 Live Chat.lnk.Startup
MSCONFIG\startupreg: VX1000 => C:\Windows\vVX1000.exe
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{66585DE7-DDEE-417A-BAE8-E99F0F8B96A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F9248189-A737-4EA6-9583-0F194E50CD4B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{981BF77A-6FA9-44DD-90C5-4A9040ACB150}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9EDBDE3E-AE5C-493B-A788-DB3066630FC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{761C6550-19C3-4861-B809-288E4897C61E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38968044-9026-4431-AC7A-C5C2997B0891}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{EECB2E9A-70A4-45C9-A7F4-EA992AA48B02}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3D943676-2D21-4278-AE51-6D8CB3D82320}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{3BD115D0-9C26-4F3D-84ED-6D028E0499D9}C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe] => (Block) C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe
FirewallRules: [TCP Query User{8DA19591-7410-4785-B89A-E511712B36C6}C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe] => (Block) C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe
FirewallRules: [UDP Query User{A2BD4887-B497-4F98-9DF4-ADB90775B39B}C:\users\mitey fresh\appdata\roaming\tety\fyonb.exe] => (Block) C:\users\mitey fresh\appdata\roaming\tety\fyonb.exe
FirewallRules: [TCP Query User{9635C3A1-73B8-4B61-B42F-E77AC5184C1B}C:\users\mitey fresh\appdata\roaming\tety\fyonb.exe] => (Block) C:\users\mitey fresh\appdata\roaming\tety\fyonb.exe
FirewallRules: [UDP Query User{96F02D91-3746-4DE9-B81F-4DC77237F03D}C:\users\mitey fresh\appdata\roaming\asyre\laiz.exe] => (Block) C:\users\mitey fresh\appdata\roaming\asyre\laiz.exe
FirewallRules: [TCP Query User{30BFECBC-83DD-4115-817F-5655F5151709}C:\users\mitey fresh\appdata\roaming\asyre\laiz.exe] => (Block) C:\users\mitey fresh\appdata\roaming\asyre\laiz.exe
FirewallRules: [UDP Query User{7C06EEF3-2EFC-468D-99C7-6FCA02A41FAF}C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe] => (Block) C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe
FirewallRules: [TCP Query User{A12A6BD5-59BC-4687-8F10-3F3E75D07E8D}C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe] => (Block) C:\users\mitey fresh\appdata\roaming\ocishe\awivi.exe
FirewallRules: [UDP Query User{6A8A151A-F91C-408D-A010-B3FF37E89D32}C:\users\mitey fresh\appdata\roaming\nobut\nyup.exe] => (Block) C:\users\mitey fresh\appdata\roaming\nobut\nyup.exe
FirewallRules: [TCP Query User{CDE38766-FCFA-48EF-BC66-D774BB1EDBAE}C:\users\mitey fresh\appdata\roaming\nobut\nyup.exe] => (Block) C:\users\mitey fresh\appdata\roaming\nobut\nyup.exe
FirewallRules: [UDP Query User{E9BE73ED-F065-462E-A050-D5DDC56BEAF9}C:\users\mitey fresh\appdata\roaming\hozer\odaw.exe] => (Block) C:\users\mitey fresh\appdata\roaming\hozer\odaw.exe
FirewallRules: [TCP Query User{6695E7B1-3C32-4615-AABA-26FBFAB38375}C:\users\mitey fresh\appdata\roaming\hozer\odaw.exe] => (Block) C:\users\mitey fresh\appdata\roaming\hozer\odaw.exe
FirewallRules: [UDP Query User{577C3A95-B8FE-4047-92B5-D50057D746FB}C:\users\mitey fresh\appdata\roaming\ocab\ryzu.exe] => (Block) C:\users\mitey fresh\appdata\roaming\ocab\ryzu.exe
FirewallRules: [TCP Query User{B5FE267C-DC22-4335-8779-7748F779765D}C:\users\mitey fresh\appdata\roaming\ocab\ryzu.exe] => (Block) C:\users\mitey fresh\appdata\roaming\ocab\ryzu.exe
FirewallRules: [{33208BE6-1D20-4616-A1A1-033976678C81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{09C02821-17C1-44D6-B15D-BFDE1EC38766}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{933777C2-59BB-40CA-BCBB-B2C4219DA4FF}] => (Allow) C:\Users\Mitey Fresh\AppData\Local\Torch\Plugins\Torrent\TorchTorrent.exe
FirewallRules: [{9FAB6D5B-1350-464C-9E9A-C74DC863B84C}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{D90E4CBB-4B80-45B4-8876-1628221FA3D7}C:\users\mitey fresh\appdata\roaming\gyne\naciodi.exe] => (Block) C:\users\mitey fresh\appdata\roaming\gyne\naciodi.exe
FirewallRules: [TCP Query User{259275D4-B1AF-4773-BA72-64E624887B07}C:\users\mitey fresh\appdata\roaming\gyne\naciodi.exe] => (Block) C:\users\mitey fresh\appdata\roaming\gyne\naciodi.exe
FirewallRules: [{A18C2C9B-4C96-43CE-9158-93A285142AC0}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{D5CC2A25-FC5A-43EC-9889-6C3FA7FCA3CA}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{6807C93C-B736-4421-B79B-943CEEA46545}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{9B07C0A0-9A66-4CCC-8913-3B4BA6DE1074}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{265A313A-60AD-42B8-BF24-3B0883D5DE83}] => (Allow) C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{FBA3A859-32E0-4368-9AE3-985BABB80183}] => (Allow) C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{BFBD1729-A5AA-4015-B6C6-45068EFABA7B}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [{32FD4396-6622-4F40-8281-4C9BA38B2E2F}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [UDP Query User{1AF22BA1-8384-4EB2-ADCB-26C8523CB3DB}C:\program files (x86)\steam\steamapps\awsometas\team fortress 2\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\awsometas\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{F2ABB2B8-FE31-4BA8-B159-C21EB5361387}C:\program files (x86)\steam\steamapps\awsometas\team fortress 2\hl2.exe] => (Block) C:\program files (x86)\steam\steamapps\awsometas\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{7EC072D3-2C6E-4C4A-B08C-9C75AB1E3B4C}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{FA1B256C-D530-4DA3-BBAE-E96AF9A7308A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{EA8E07AD-5D4E-4E0D-99EE-9FC2506593F4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{2DE3F371-EFFC-4916-B7BD-FF34D39C9EA5}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{DDFD98ED-30FA-438A-AC64-5043820509F8}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [TCP Query User{A437A1B0-0C55-4695-97A8-6884EBD0F866}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [{BD0EF14F-F5C8-415E-92A3-36F811A68E2D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{1A84BD9F-577E-4E0B-B046-8469D89AF328}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{5FE2A8AC-B0A2-496F-8343-E05252FC8B12}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{39A44923-ECC4-4720-B6B3-26C6424ACF0E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [UDP Query User{25ACBB2C-F351-414D-83CB-55E2A3DEA687}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{2CA426BE-580C-4E4F-B3C2-AE2A46E66FC1}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{2BA5071E-D9F6-4EC7-B94A-9FBB57AA9333}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE9CDCD1-314A-4C2E-8735-765A38FAFF6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4D36CC80-CC88-49AC-9FAA-B549BA640CFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86292BED-A23B-4572-9D54-AABA9D160634}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{9487B9B3-8DC1-4E31-A510-3C2A66811D43}C:\program files (x86)\oovoo\oovoo.exe] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [TCP Query User{BF7DB02E-2307-44D3-B67D-AA70B6B7A08F}C:\program files (x86)\oovoo\oovoo.exe] => (Block) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [{A4DE8D38-3B87-4CB8-8210-AA24E5A374D8}] => (Allow) LPort=37675
FirewallRules: [{2FCF1ED3-0042-44B3-9157-28FA60B58E91}] => (Allow) LPort=37674
FirewallRules: [{54306DDD-AC7B-40FB-9D34-A1F8287CA97E}] => (Allow) LPort=37674
FirewallRules: [{BAB501A6-663A-4509-8B1B-3959DF5FAF62}] => (Allow) LPort=443
FirewallRules: [{6AD8FF17-8691-4424-8DB2-ED6865BA0A7E}] => (Allow) LPort=443
FirewallRules: [UDP Query User{952B6D15-967B-4FEF-A519-12D32914D68B}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [TCP Query User{3BB45002-0E10-464B-B32E-358260AB5F9E}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
FirewallRules: [UDP Query User{B4824B08-DF29-45B0-BA29-EFCC7ADC8054}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{E58321B4-D4C6-4E78-9573-AE86970E35E0}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [{48D874D7-A4F2-426C-93C7-BDAD4D9E5094}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{EC22C453-3228-4427-A652-A5A2CB015EA1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{37A3ACC8-BBE6-401B-88C3-154B86EB7074}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{D2DF197D-A9A3-4F24-B94E-8B128AA5D084}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{AAC4885C-DBE0-4E86-8A60-77AE38C1870E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{D65CEAF0-0D3C-443D-B7A5-76E85698BC42}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C8E1D417-DC1D-4D1E-8367-FADAA4B3157F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{4F172F66-528B-4715-99E6-F14BF5849DF1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{E05829A3-657E-493E-BE02-A543F7356158}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C418554A-B085-492A-BE04-950D173E1B7E}] => (Allow) LPort=1900
FirewallRules: [{016B2D8F-785D-47EF-8DBB-9BCA263AB1F0}] => (Allow) LPort=2869
FirewallRules: [{AC1AA734-E246-41F0-946A-2E723934EF2F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FB39DEAC-24DF-4ABB-AD79-3B7317D7D6E1}] => (Allow) C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E5CCBE30-82E0-4BDE-B0D1-55C2A68ADC7B}] => (Allow) C:\Users\Mitey Fresh\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1D069F1-D4C4-4292-B891-F85529C50517}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{208310FD-9B6E-42EA-9EF7-3C140D1C03EC}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{0F6D4627-B445-4D6E-869E-E65109AE7ED8}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
==================== Faulty Device Manager Devices =============
Name: wpnfd_1_10_0_5
Description: wpnfd_1_10_0_5
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: wpnfd_1_10_0_5
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 05:04:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MobileMeServices.exe, version: 1.6.65.0, time stamp: 0x4cafa71a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18798, time stamp: 0x5507b485
Exception code: 0xc06d007e
Fault offset: 0x0000c42d
Faulting process id: 0x2780
Faulting application start time: 0xMobileMeServices.exe0
Faulting application path: MobileMeServices.exe1
Faulting module path: MobileMeServices.exe2
Report Id: MobileMeServices.exe3
Error: (05/02/2015 05:03:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MobileMeServices.exe, version: 1.6.65.0, time stamp: 0x4cafa71a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18798, time stamp: 0x5507b485
Exception code: 0xc06d007e
Fault offset: 0x0000c42d
Faulting process id: 0xd70
Faulting application start time: 0xMobileMeServices.exe0
Faulting application path: MobileMeServices.exe1
Faulting module path: MobileMeServices.exe2
Report Id: MobileMeServices.exe3
Error: (05/02/2015 00:13:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MobileMeServices.exe, version: 1.6.65.0, time stamp: 0x4cafa71a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18798, time stamp: 0x5507b485
Exception code: 0xc06d007e
Fault offset: 0x0000c42d
Faulting process id: 0x11fc
Faulting application start time: 0xMobileMeServices.exe0
Faulting application path: MobileMeServices.exe1
Faulting module path: MobileMeServices.exe2
Report Id: MobileMeServices.exe3
Error: (05/02/2015 00:12:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MobileMeServices.exe, version: 1.6.65.0, time stamp: 0x4cafa71a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18798, time stamp: 0x5507b485
Exception code: 0xc06d007e
Fault offset: 0x0000c42d
Faulting process id: 0x14d4
Faulting application start time: 0xMobileMeServices.exe0
Faulting application path: MobileMeServices.exe1
Faulting module path: MobileMeServices.exe2
Report Id: MobileMeServices.exe3
Error: (05/02/2015 10:19:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7052
Error: (05/02/2015 10:19:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7052
Error: (05/02/2015 10:19:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/02/2015 10:19:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6038
Error: (05/02/2015 10:19:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6038
Error: (05/02/2015 10:19:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (05/02/2015 02:20:35 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002
Error: (05/02/2015 02:20:33 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002
Error: (05/02/2015 00:13:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D3F6D4DB-A482-4648-8DBB-3565EBCB7A6B}
Error: (05/02/2015 11:45:23 AM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002
Error: (05/02/2015 09:17:59 AM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002
Error: (05/02/2015 06:07:21 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
Error: (05/02/2015 06:06:40 AM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002
Error: (05/02/2015 06:06:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Error: (05/02/2015 06:06:23 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (05/02/2015 06:06:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (05/02/2015 05:04:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MobileMeServices.exe1.6.65.04cafa71aKERNELBASE.dll6.1.7601.187985507b485c06d007e0000c42d278001d084a633c03da7C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exeC:\Windows\syswow64\KERNELBASE.dll7179f7c1-f099-11e4-a59f-1c6f65d74bc8
Error: (05/02/2015 05:03:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MobileMeServices.exe1.6.65.04cafa71aKERNELBASE.dll6.1.7601.187985507b485c06d007e0000c42dd7001d084a615939cdbC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exeC:\Windows\syswow64\KERNELBASE.dll54f77258-f099-11e4-a59f-1c6f65d74bc8
Error: (05/02/2015 00:13:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MobileMeServices.exe1.6.65.04cafa71aKERNELBASE.dll6.1.7601.187985507b485c06d007e0000c42d11fc01d0847d90d57481C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exeC:\Windows\syswow64\KERNELBASE.dllce8460c1-f070-11e4-a59f-1c6f65d74bc8
Error: (05/02/2015 00:12:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MobileMeServices.exe1.6.65.04cafa71aKERNELBASE.dll6.1.7601.187985507b485c06d007e0000c42d14d401d0847d778f2326C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exeC:\Windows\syswow64\KERNELBASE.dllb5f5595c-f070-11e4-a59f-1c6f65d74bc8
Error: (05/02/2015 10:19:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7052
Error: (05/02/2015 10:19:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7052
Error: (05/02/2015 10:19:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/02/2015 10:19:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6038
Error: (05/02/2015 10:19:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6038
Error: (05/02/2015 10:19:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2012-11-20 18:06:55.567
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MITEYF~1\AppData\Local\Temp\io02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-11-20 18:06:55.552
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MITEYF~1\AppData\Local\Temp\io02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-11-20 15:34:29.378
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MITEYF~1\AppData\Local\Temp\io02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-11-20 15:34:29.362
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MITEYF~1\AppData\Local\Temp\io02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 84%
Total physical RAM: 4079.24 MB
Available physical RAM: 650.24 MB
Total Pagefile: 8156.68 MB
Available Pagefile: 3469.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:773.3 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C6FEF0A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================