Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

rundll32.exe application error 0x0000022 [Solved]


  • This topic is locked This topic is locked

#1
simon_grylls

simon_grylls

    Member

  • Member
  • PipPip
  • 57 posts

My system is windows 7 32bit
I had a error on startup which shows
rundll32.exe - Application Error
The application was unable to start correctly (0x0000022). Click OK to close the application.
This error pops on startup and it also showsup when I try to open some old games like GTA vice city , GTA SA etc... I think that is because those games need rundll32.exe
It also won't allow me to open browsers like Google chrome and IE.
I've tried antivirus software to scan but it found no virus. I've used Microsoft security essential and malware bytes.
And rundll32.exe has an light blue page icon. And rundll32 is not shown in task manager.
Please help me to solve this problem and thanks in advance.

I attach FRST.txt and Addition. txtAttached File  FRST.txt   79.15KB   95 downloadsAttached File  Addition.txt   100.43KB   101 downloadsAttached File  FRST.txt   79.15KB   95 downloadsAttached File  Addition.txt   100.43KB   101 downloads

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by john (administrator) on JOHN-PC on 12-05-2015 20:05:01
Running from C:\Users\john\Desktop
Loaded Profiles: john (Available profiles: john)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(globalUpdate) C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
() C:\ProgramData\airtel\OnlineUpdate\ouc.exe
(Avid Technology, Inc.) C:\Program Files\Digidesign\Drivers\MMERefresh.exe
() C:\ProgramData\DataCardService\HWDeviceService.exe
(MyWebSearch.com) C:\Program Files\MyWebSearch\bar\7.bin\MWSSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Zbshareware Lab) C:\Program Files\USB Disk Security\USBGuard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe
(Google Inc.) C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
(Speedbit Ltd.) C:\Program Files\DAP\DAP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Users\john\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185896 2010-10-03] (RealNetworks, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
HKLM\...\Run: [MyWebSearch Email Plugin] => C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Digidesign\Drivers\MMERefresh.exe [77824 2010-05-04] (Avid Technology, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM\...\Run: [USB Security] => C:\Program Files\USB Disk Security\USBGuard.exe [687336 2014-05-23] (Zbshareware Lab)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe [3224576 2015-04-23] ()
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/w...syLVNQMSsxLVNVU(the data entry has 65 more characters).
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Run: [Google Update] => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-13] (Google Inc.)
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Run: [DownloadAccelerator] => C:\Program Files\DAP\DAP.EXE [3865232 2014-03-31] (Speedbit Ltd.)
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe [3224576 2015-04-23] ()
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: M - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: N - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {085c031c-0062-11e4-a464-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {0f04ab53-ee13-11e3-ab57-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {101c6e8d-c972-11e3-bae0-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {101c6e9a-c972-11e3-bae0-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {101c6eb3-c972-11e3-bae0-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {143b79cc-73ed-11e0-9bcb-4487fcab4607} - M:\Autorun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {217ab7a2-0127-11e4-b444-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {217ab7c9-0127-11e4-b444-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {2c431d26-965c-11e3-bc38-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {33f9fd63-01ca-11e4-8f2d-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {35c73c50-fc71-11e3-a116-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {35c73c62-fc71-11e3-a116-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {47f4969e-f117-11e3-b731-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {55654451-fb4d-11e3-ae2a-4487fcab4607} - G:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {55654467-fb4d-11e3-ae2a-4487fcab4607} - G:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e115-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e15a-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e16b-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e182-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {640d55cc-746c-11e0-9144-4487fcab4607} - M:\jpn-ts.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6cea7044-d544-11df-9764-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6cea704b-d544-11df-9764-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d58ac29-1df4-11e3-a480-4487fcab4607} - G:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d58ac33-1df4-11e3-a480-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d58ac48-1df4-11e3-a480-001e101f859f} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d8b3b58-f7bc-11e3-b317-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {71d69763-05b7-11e4-b284-4487fcab4607} - I:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {77091d29-fc6c-11e3-9d6a-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {77091d34-fc6c-11e3-9d6a-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {84a7a981-68bb-11e3-ae86-4487fcab4607} - N:\Setup.exe /Auto
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {8bc246a0-ccf7-11e3-8147-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {a0f92105-d273-11e3-bfa5-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {a2834c79-75f7-11e0-9a55-4487fcab4607} - M:\Autorun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {a42cf3a3-0773-11e4-9b81-4487fcab4607} - I:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {aca8c064-8228-11e4-99e2-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {b1df923d-fddf-11e3-9a86-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {b63fee2e-cd4f-11e3-a695-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {b63fee39-cd4f-11e3-a695-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {bdc0b513-015b-11e1-b775-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {bdc0b519-015b-11e1-b775-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {cd22b11d-fd8f-11e3-81f9-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {d5ef6026-e29b-11e4-851d-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {d5ef6043-e29b-11e4-851d-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {d5ef6055-e29b-11e4-851d-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {df614009-2945-11e1-afeb-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {df84c4a6-486a-11e3-ad09-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {ea7d0ca3-046c-11e4-bfe8-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {ea7d0cc9-046c-11e4-bfe8-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {eea14c94-d100-11e3-a250-4487fcab4607} - O:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {eea14ca0-d100-11e3-a250-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {f52afa20-515d-11e4-9969-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {f6c1bd8d-09b1-11e3-83a7-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {fc3528a8-e410-11df-9e32-4487fcab4607} - M:\AutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....m/?aff=115&OSP=
SearchScopes: HKLM -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://home.speedbit...q={searchTerms}
SearchScopes: HKLM -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://home.myplayci...s={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2476351
SearchScopes: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://home.speedbit...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://home.speedbit...q={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: SaveSense -> {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} -> C:\Program Files\SaveSense\SaveSenseIE.dll [2013-12-06] (SaveSense)
BHO: Conduit Engine  -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll [2015-04-23] (Goobzo Ltd.)
BHO: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files\TEXTware\QUICKfind\PlugIns\IEHelp.dll [2001-08-10] ()
BHO: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files\DAP\LinkVerifier.dll [2014-03-31] (Speedbit Ltd.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-30] (Sun Microsystems, Inc.)
Toolbar: HKLM - Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKLM - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} -  No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-12] (Microsoft Corporation)
Handler: textwareilluminatorbase - {CE5CD329-1650-414A-8DB0-4CBF72FAED87} - C:\Windows\system32\textwareilluminatorbaseProtocol.dll [2002-09-27] ()

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-04] (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-04-13] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2010-10-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.46 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2010-10-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-10-03] (RealNetworks, Inc.)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-03] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-03] (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2280821914-3189600555-3011743376-1000: @tools.google.com/Google Update;version=3 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2280821914-3189600555-3011743376-1000: @tools.google.com/Google Update;version=9 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2280821914-3189600555-3011743376-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-04-13] (Pando Networks)
FF HKLM\...\Firefox\Extensions: [[email protected]] -
FF HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files\DAP\DAPFireFox [2014-03-31]
FF HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\TheSage\extensions\firefox
FF Extension: TheSage one-click lookup - C:\Program Files\TheSage\extensions\firefox [2015-05-10]

Chrome:
=======
CHR HomePage: Default -> hxxp://start.mysearchdial.com/?f=1&a=adk_14_18&cd=2XzuyEtN2Y1L1QzuyEyEzzyB0F0C0A0ByEyCtDyByDzy0E0AtN0D0Tzu0SzytCtBtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu1T1Q1J1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StAtC0CyDyB0B0D0AtG0F0FtCyBtGtCyD0ByBtG0CzzyB0BtGyC0Azz0DzyyE0B0FyB0E0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDtDzzyD0C0C0FtG0DyBtDtDtG0CzzyCyDtGtD0E0AtCtGyEtBzytD0D0A0EyEtDtC0B0D2Q&cr=206597108&ir=
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=7&a=adk_14_18&cd=2XzuyEtN2Y1L1QzuyEyEzzyB0F0C0A0ByEyCtDyByDzy0E0AtN0D0Tzu0SzytCtBtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu1T1Q1J1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StAtC0CyDyB0B0D0AtG0F0FtCyBtGtCyD0ByBtG0CzzyB0BtGyC0Azz0DzyyE0B0FyB0E0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDtDzzyD0C0C0FtG0DyBtDtDtG0CzzyCyDtGtD0E0AtCtGyEtBzytD0D0A0EyEtDtC0B0D2Q&cr=206597108&ir=", "https://www.google.co.in/"
CHR DefaultSearchKeyword: Default -> speedbit.com
CHR DefaultSearchURL: Default -> http://home.speedbit...q={searchTerms}
CHR DefaultSuggestURL: Default -> http://api.searchpre...d={searchTerms}
CHR Profile: C:\Users\john\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2014-03-31]
CHR Extension: (Bookmark Manager) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-26]
CHR Extension: (AT_WesCravenV2) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahooofggegjbnodalhoibemeabkapop [2011-05-30]
CHR Extension: (Google Wallet) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12]
CHR Extension: (APK Downloader) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhlfmheblhjhkmacldlhdnbgbaiigba [2014-07-10]
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx [2014-03-31]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files\TheSage\TheSage\extensions\chrome\ [Not Found]
CHR HKLM\...\Chrome\Extension: [ojhagnahfpegocdhlopgljpaafeogmcc] - No Path Or update_url value
StartMenuInternet: Google Chrome - C:\Users\john\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 airtel. RunOuc; C:\Program Files\airtel\UpdateDog\ouc.exe [650096 2013-12-09] () [File not signed]
R2 DigiRefresh; C:\Program Files\Digidesign\Drivers\MMERefresh.exe [77824 2010-05-04] (Avid Technology, Inc.) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-03] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-03] (globalUpdate) [File not signed] <==== ATTENTION
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2013-10-28] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 MyWebSearchService; C:\Program Files\MyWebSearch\bar\7.bin\MWSSVC.EXE [28762 2011-03-20] (MyWebSearch.com) [File not signed]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [1813504 2015-04-23] (ShopperPro) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
S3 SuperProServer; spnsrvnt.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 athsgt; C:\Windows\System32\DRIVERS\athsgt.sys [164992 2013-03-29] () [File not signed]
S3 BTCAMDRV; C:\Windows\System32\DRIVERS\BTCamDrv.sys [219136 2006-01-11] (Windows ® 2000 DDK provider) [File not signed]
S3 hid7906; C:\Windows\System32\drivers\hid7906.sys [53793 2006-06-28] (Compuware Corporation) [File not signed]
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [101248 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27776 2013-03-04] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [208384 2013-06-29] (Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [108032 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [316544 2013-11-01] (Huawei Technologies Co., Ltd.)
R2 limsgt; C:\Windows\System32\DRIVERS\limsgt.sys [12544 2013-03-29] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsl4d0d9b04; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{93A6CF27-DCC8-41DD-A855-20E67C8A27D2}\MpKsl4d0d9b04.sys [39464 2015-05-12] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [File not signed]
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [19968 2005-08-10] (Protection Technology) [File not signed]
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed]
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [26112 2015-04-23] () [File not signed]
R2 SPDRIVER_1.42.0.1791; C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.sys [41112 2015-04-23] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-03-25] () [File not signed]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-06-28] (CyberLink Corp.)
U3 a1benesc; C:\Windows\system32\Drivers\a1benesc.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ztemtusbser; system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 20:05 - 2015-05-12 20:05 - 00029416 _____ () C:\Users\john\Desktop\FRST.txt
2015-05-12 20:04 - 2015-05-12 20:05 - 00000000 ____D () C:\FRST
2015-05-12 20:03 - 2015-05-12 19:52 - 01141248 _____ (Farbar) C:\Users\john\Desktop\FRST.exe
2015-05-12 16:39 - 2015-05-12 16:39 - 00029692 _____ () C:\Users\john\Desktop\Result.txt
2015-05-12 16:30 - 2015-05-12 16:23 - 00403456 _____ (Farbar) C:\Users\john\Desktop\MiniToolBox.exe
2015-05-12 15:49 - 2004-12-10 09:06 - 00327680 _____ (On2.com Inc.) C:\Windows\system32\vp6dec.ax
2015-05-10 15:04 - 2015-05-10 15:05 - 00000000 ____D () C:\Users\john\AppData\Roaming\TheSage
2015-05-10 15:04 - 2015-05-10 15:04 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TheSage
2015-05-10 15:03 - 2015-05-10 15:04 - 00000000 ____D () C:\Program Files\TheSage
2015-05-03 11:53 - 2015-05-03 11:53 - 00001102 _____ () C:\Users\Public\Desktop\Cambridge Advanced Learner's Dictionary.lnk
2015-05-03 11:53 - 2015-05-03 11:53 - 00000000 ____D () C:\Users\john\AppData\Roaming\Cambridge
2015-05-03 11:53 - 2015-05-03 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEXTware
2015-05-03 11:53 - 2015-05-03 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cambridge
2015-05-03 11:53 - 2003-02-18 16:01 - 00047104 _____ () C:\Windows\system32\PolyHot.ILX
2015-05-03 11:53 - 2003-01-27 15:26 - 00142848 _____ (TEXTware A/S) C:\Windows\system32\Textv.ILX
2015-05-03 11:53 - 2002-11-15 15:24 - 00059392 _____ () C:\Windows\system32\Bass.ILX
2015-05-03 11:53 - 2002-11-14 15:16 - 00091648 _____ () C:\Windows\system32\IEBrowser.ILX
2015-05-03 11:53 - 2002-11-13 17:18 - 00202752 _____ (TEXTware A/S) C:\Windows\system32\Illprs.dll
2015-05-03 11:53 - 2002-11-11 10:01 - 00059904 _____ (TEXTware A/S) C:\Windows\system32\ListBox.ILX
2015-05-03 11:53 - 2002-11-01 13:15 - 00147456 _____ () C:\Windows\system32\Twavbx32.dll
2015-05-03 11:53 - 2002-10-15 14:15 - 00075264 _____ (TEXTware A/S) C:\Windows\system32\TreeView.ILX
2015-05-03 11:53 - 2002-09-27 15:57 - 00321024 _____ () C:\Windows\system32\textwareilluminatorbaseProtocol.dll
2015-05-03 11:53 - 2002-08-01 15:44 - 00160768 _____ (TEXTware A/S) C:\Windows\system32\ILLKRN.DLL
2015-05-03 11:53 - 2002-06-28 12:03 - 00113288 _____ () C:\Windows\system32\bass.dll
2015-05-03 11:53 - 2002-05-23 16:10 - 00360500 _____ () C:\Windows\system32\TWATBS32.VBX
2015-05-03 11:53 - 2002-01-25 10:29 - 00258048 _____ () C:\Windows\system32\TWABTE32.TBM
2015-05-03 11:53 - 2002-01-21 12:20 - 00048128 _____ () C:\Windows\system32\QFClient.ILX
2015-05-03 11:53 - 2002-01-07 10:19 - 00069632 _____ (TEXTware A/S) C:\Windows\system32\TwaBcu01.dll
2015-05-03 11:53 - 2001-12-21 13:18 - 00028672 _____ () C:\Windows\system32\TwaBcu.ILX
2015-05-03 11:53 - 2001-09-10 16:52 - 00434688 _____ (TEXTware A/S) C:\Windows\system32\HTML.ILX
2015-05-03 11:53 - 2001-08-24 13:14 - 00018432 _____ () C:\Windows\system32\TWAIED02.DLL
2015-05-03 11:53 - 2001-01-19 13:55 - 00056320 _____ (TEXTware A/S) C:\Windows\system32\AlphaPic.ILX
2015-05-03 11:53 - 2000-09-11 16:00 - 00305152 _____ () C:\Windows\system32\ASpell.ILX
2015-05-03 11:53 - 2000-06-15 14:49 - 00030720 _____ () C:\Windows\system32\BroadCast.ILX
2015-05-03 11:53 - 2000-05-22 17:17 - 00162304 _____ (TEXTware A/S) C:\Windows\system32\MPegPlay.ILX
2015-05-03 11:53 - 2000-04-25 18:11 - 00017408 _____ () C:\Windows\system32\WavRecpk4.bpl
2015-05-03 11:53 - 1999-11-10 11:04 - 00062464 _____ (TEXTware A/S) C:\Windows\system32\TWATBS.ILX
2015-05-03 11:53 - 1999-07-13 13:26 - 00070656 _____ (Polar) C:\Windows\system32\polspell.dll
2015-05-03 11:53 - 1999-07-01 15:29 - 00036352 _____ (TEXTware A/S) C:\Windows\system32\Whelp.ILX
2015-05-03 11:53 - 1998-12-03 12:07 - 00103424 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltfil10N.DLL
2015-05-03 11:53 - 1998-12-01 14:00 - 00266752 _____ (LEAD Technologies, Inc.) C:\Windows\system32\LFCMP10N.DLL
2015-05-03 11:53 - 1998-12-01 14:00 - 00134144 _____ (LEAD Technologies, Inc.) C:\Windows\system32\lfpng10N.dll
2015-05-03 11:53 - 1998-12-01 13:59 - 00034304 _____ (LEAD Technologies, Inc.) C:\Windows\system32\lfbmp10N.dll
2015-05-03 11:53 - 1998-12-01 13:58 - 00297472 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltkrn10N.dll
2015-05-03 11:53 - 1998-12-01 13:58 - 00231424 _____ (LEAD Technologies, Inc.) C:\Windows\system32\LTDIS10N.dll
2015-05-03 11:53 - 1998-11-30 13:09 - 00114176 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltimg10N.dll
2015-05-03 11:53 - 1998-10-22 04:01 - 01888744 _____ (Inprise Corporation) C:\Windows\system32\VCL40.BPL
2015-05-03 11:53 - 1998-10-21 12:46 - 00143360 _____ () C:\Windows\system32\ILXTBS.DLL
2015-05-03 11:52 - 2003-01-23 19:41 - 00066614 _____ () C:\Windows\system\TWADIB04.BMP
2015-04-26 07:17 - 2015-04-26 07:17 - 00000000 ____D () C:\Users\john\AppData\Roaming\KSafe
2015-04-26 07:17 - 2015-04-26 07:17 - 00000000 ____D () C:\ProgramData\KSafe
2015-04-26 07:16 - 2015-04-26 07:16 - 00001003 _____ () C:\Users\john\Desktop\DllTool.lnk
2015-04-26 07:16 - 2015-04-26 07:16 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DllTool
2015-04-26 07:16 - 2015-04-26 07:16 - 00000000 ____D () C:\Program Files\DllTool
2015-04-25 20:01 - 2015-04-25 20:01 - 00000867 _____ () C:\Users\Public\Desktop\Just Cause 2.lnk
2015-04-25 20:01 - 2015-04-25 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX - Eidos Interactive
2015-04-24 10:03 - 2015-04-24 10:03 - 00001759 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-04-22 12:25 - 2015-04-22 12:25 - 00001088 _____ () C:\Users\john\Desktop\Left 4 Dead By blaze69.lnk
2015-04-21 14:43 - 2015-04-21 14:43 - 00000841 _____ () C:\Users\Public\Desktop\Contract JACK Singleplayer Demo.lnk
2015-04-21 14:42 - 2015-04-21 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-04-16 17:48 - 2015-04-16 17:48 - 00000000 ____D () C:\Users\john\AppData\Roaming\GRETECH
2015-04-15 07:11 - 2014-10-18 07:03 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-15 07:11 - 2014-07-07 07:10 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-15 07:11 - 2014-07-07 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-15 07:11 - 2014-07-07 07:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-15 07:11 - 2014-07-07 07:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-15 06:57 - 2012-07-26 08:51 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-04-15 06:57 - 2012-07-26 08:50 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-04-15 06:57 - 2012-07-26 08:50 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-04-15 06:57 - 2012-07-26 08:50 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-04-15 06:57 - 2012-07-26 08:50 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-04-15 06:57 - 2012-07-26 08:03 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-04-15 06:57 - 2012-07-26 08:02 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-04-15 06:57 - 2012-06-02 20:27 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-04-15 05:27 - 2015-04-15 05:27 - 00033535 _____ () C:\Users\john\Downloads\ATH - Enter The Matrix - Full PC Game.torrent
2015-04-15 03:28 - 2014-07-01 03:44 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-15 03:28 - 2014-06-06 11:46 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-15 03:28 - 2014-03-10 03:17 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-15 03:28 - 2014-03-10 03:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-15 03:27 - 2012-03-01 11:16 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-04-15 03:27 - 2012-03-01 10:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-04-15 03:16 - 2013-05-10 10:26 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-15 03:16 - 2013-05-10 10:26 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-15 02:27 - 2015-04-15 02:27 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d076f59cac145b.job
2015-04-15 02:27 - 2015-04-15 02:27 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d076f59f224db5.job
2015-04-15 02:26 - 2014-10-03 07:15 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-15 02:26 - 2014-10-03 07:15 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-15 02:26 - 2014-10-03 07:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-15 02:26 - 2014-10-03 07:15 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-15 02:26 - 2014-10-03 07:14 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-15 02:26 - 2013-02-27 10:19 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-04-15 02:24 - 2013-12-04 07:33 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-15 02:24 - 2013-12-04 07:33 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-15 02:24 - 2013-12-04 07:33 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-15 02:24 - 2013-12-04 07:33 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-15 02:24 - 2013-12-04 07:32 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-15 02:24 - 2013-12-04 07:24 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-15 02:24 - 2013-12-04 07:24 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-15 02:24 - 2013-12-04 07:24 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-15 02:24 - 2013-12-04 07:24 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-15 02:23 - 2014-10-18 07:03 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-15 02:23 - 2013-10-04 07:28 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-15 02:23 - 2013-10-04 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-04-15 02:23 - 2013-09-08 07:33 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-04-15 02:23 - 2013-07-09 10:22 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-15 02:23 - 2013-07-04 17:20 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-04-15 02:23 - 2013-07-03 09:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-04-15 02:23 - 2013-07-03 09:06 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-04-15 02:23 - 2012-08-22 22:46 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-04-15 02:23 - 2012-07-05 01:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-04-15 02:22 - 2014-11-11 07:02 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-15 02:22 - 2013-10-30 07:49 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-15 02:22 - 2013-02-12 09:02 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-04-15 02:22 - 2012-11-02 10:41 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-04-15 02:21 - 2014-11-11 08:14 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-15 02:21 - 2014-07-14 07:12 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-15 02:20 - 2014-11-11 08:14 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 02:20 - 2014-11-11 08:14 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 02:20 - 2014-10-14 07:20 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-15 02:20 - 2014-08-12 07:06 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-15 02:20 - 2014-06-16 07:14 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-15 02:20 - 2014-06-16 07:14 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-04-15 02:20 - 2014-06-16 07:10 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-04-15 02:20 - 2014-03-26 19:57 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-15 02:20 - 2014-03-26 19:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-15 02:20 - 2014-03-04 14:50 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 02:20 - 2014-03-04 14:50 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 02:20 - 2014-03-04 14:47 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-15 02:20 - 2014-03-04 14:47 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 02:20 - 2014-03-04 14:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-15 02:20 - 2014-03-04 14:47 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-15 02:20 - 2014-03-04 14:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-15 02:20 - 2014-03-04 14:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-15 02:20 - 2014-03-04 14:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-15 02:20 - 2014-03-04 14:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-15 02:20 - 2014-01-01 04:35 - 00420008 _____ () C:\Windows\system32\locale.nls
2015-04-15 02:20 - 2013-10-19 07:06 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-15 02:20 - 2013-10-12 07:34 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-15 02:20 - 2013-10-12 07:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-15 02:20 - 2013-10-12 06:45 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-15 02:20 - 2013-10-12 06:45 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-15 02:20 - 2013-08-29 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2015-04-15 02:20 - 2013-08-27 13:51 - 01077760 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-15 02:20 - 2013-08-27 13:51 - 00808448 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-04-15 02:20 - 2013-01-24 10:17 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-04-15 02:19 - 2014-09-04 10:34 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-15 02:19 - 2014-08-23 07:16 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 02:19 - 2014-08-21 11:56 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 02:19 - 2014-08-21 11:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 02:19 - 2013-05-10 08:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-04-15 02:19 - 2012-08-22 01:42 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-04-15 02:19 - 2011-12-30 10:57 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-04-15 02:19 - 2011-08-27 09:56 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-04-15 02:19 - 2011-08-17 09:54 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-04-15 02:19 - 2011-08-17 09:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-04-15 02:18 - 2014-10-10 06:15 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-15 02:18 - 2014-10-03 07:14 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-15 02:18 - 2014-10-03 07:14 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-15 02:18 - 2014-10-03 07:14 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-15 02:18 - 2014-10-03 07:14 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-15 02:18 - 2014-10-03 07:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-15 02:18 - 2014-01-28 07:37 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-15 02:18 - 2013-08-29 07:20 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 02:18 - 2013-08-29 07:20 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 02:18 - 2013-08-29 07:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-15 02:18 - 2013-08-28 06:27 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-04-15 02:18 - 2013-07-20 16:03 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-15 02:18 - 2013-06-06 10:22 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-15 02:18 - 2013-06-06 10:21 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-15 02:18 - 2013-06-06 10:20 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-15 02:18 - 2013-06-06 08:31 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-15 02:18 - 2013-06-06 08:31 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-15 02:18 - 2013-05-13 08:38 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-04-15 02:18 - 2013-05-13 08:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-04-15 02:18 - 2013-04-26 10:25 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-15 02:18 - 2013-03-19 10:18 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 02:18 - 2013-03-19 09:03 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-04-15 02:18 - 2013-03-19 08:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 02:17 - 2014-09-19 14:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 02:17 - 2014-09-19 14:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 02:17 - 2014-09-19 14:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 02:17 - 2014-09-19 14:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 02:17 - 2014-09-19 14:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 02:17 - 2014-09-19 14:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 02:17 - 2014-02-04 07:37 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-15 02:17 - 2014-02-04 07:37 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-15 02:17 - 2014-02-04 07:37 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-15 02:17 - 2014-02-04 07:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-15 02:17 - 2012-10-03 22:12 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-15 02:17 - 2012-10-03 22:12 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-04-15 02:17 - 2012-10-03 22:12 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-04-15 02:17 - 2012-10-03 22:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-04-15 02:17 - 2012-10-03 22:12 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-04-15 02:17 - 2012-10-03 22:10 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-04-15 02:17 - 2012-10-03 20:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-04-15 02:17 - 2012-06-06 10:33 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-04-15 02:16 - 2014-11-08 08:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-15 02:16 - 2014-09-25 07:10 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-15 02:16 - 2014-08-01 17:05 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-15 02:16 - 2014-06-18 07:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-15 02:16 - 2014-06-06 15:14 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-15 02:16 - 2014-06-03 15:00 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-15 02:16 - 2014-06-03 14:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-15 02:16 - 2014-06-03 14:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-15 02:16 - 2014-05-30 12:06 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-15 02:16 - 2014-04-05 07:55 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-15 02:16 - 2014-04-05 07:54 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-15 02:16 - 2014-01-24 07:48 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-15 02:16 - 2013-11-26 16:41 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-15 02:16 - 2013-10-04 07:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-15 02:16 - 2013-10-04 06:47 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-15 02:16 - 2013-07-25 14:27 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-04-15 02:16 - 2012-07-05 02:46 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-04-15 02:16 - 2012-07-05 02:44 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-04-15 02:16 - 2012-07-05 02:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-04-15 02:16 - 2012-05-05 13:16 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 02:16 - 2011-10-26 10:02 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-15 02:16 - 2011-10-15 11:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-04-15 02:15 - 2014-11-25 02:14 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 02:15 - 2014-11-25 02:11 - 12369920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 02:15 - 2014-11-25 02:10 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 02:15 - 2014-11-25 02:07 - 09740800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 02:15 - 2014-11-25 02:05 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 02:15 - 2014-11-25 02:05 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 02:15 - 2014-11-25 02:04 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 02:15 - 2014-11-25 02:04 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 02:15 - 2014-11-25 02:03 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 02:15 - 2014-11-25 02:03 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 02:15 - 2014-11-25 02:03 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 02:15 - 2014-11-25 02:03 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 02:15 - 2014-11-25 02:03 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 02:15 - 2014-11-25 02:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 02:15 - 2014-11-25 02:03 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 02:15 - 2014-11-25 02:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 02:15 - 2014-11-25 02:02 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 02:15 - 2014-11-25 02:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 02:15 - 2014-11-25 02:02 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 02:15 - 2014-11-25 02:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 02:15 - 2014-11-25 02:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 02:15 - 2014-11-25 02:02 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-15 02:15 - 2014-06-19 03:53 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-15 02:15 - 2014-06-19 03:53 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-15 02:15 - 2014-06-19 03:53 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-15 02:15 - 2012-12-07 17:56 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-04-15 02:15 - 2012-12-07 17:50 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-04-15 02:15 - 2012-12-07 16:16 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-04-15 02:15 - 2012-12-07 16:16 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-04-15 02:12 - 2014-10-30 07:15 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-15 02:12 - 2014-10-25 07:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-15 02:12 - 2013-10-12 07:31 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-15 02:12 - 2013-10-12 07:31 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-04-15 02:12 - 2013-08-05 07:26 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-04-15 02:12 - 2013-07-26 07:25 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-04-15 02:12 - 2013-07-04 17:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-04-15 02:12 - 2013-07-04 17:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-04-15 02:12 - 2013-07-04 15:18 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-15 02:12 - 2012-09-26 04:17 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-04-15 02:12 - 2012-05-01 10:14 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-15 02:12 - 2012-03-17 12:57 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-04-15 02:12 - 2011-12-16 13:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-04-15 02:12 - 2011-11-17 11:05 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-04-15 02:11 - 2014-10-14 07:26 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 02:11 - 2014-10-14 07:20 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 02:11 - 2014-10-14 07:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-15 02:11 - 2014-10-14 07:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 02:11 - 2014-10-14 07:16 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 02:11 - 2014-07-17 07:10 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-15 02:11 - 2014-07-17 07:09 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-15 02:11 - 2014-07-17 07:09 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-15 02:11 - 2014-07-17 07:09 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-04-15 02:11 - 2014-07-17 07:09 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-15 02:11 - 2014-07-17 07:09 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-04-15 02:11 - 2014-07-17 07:09 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-15 02:11 - 2014-07-17 06:33 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-15 02:11 - 2014-07-17 06:32 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-15 02:11 - 2014-04-12 07:45 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 02:11 - 2014-04-12 07:42 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 02:11 - 2014-04-12 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 02:11 - 2014-04-12 07:42 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 02:11 - 2014-04-12 07:41 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 02:11 - 2013-10-12 07:33 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-04-15 02:11 - 2013-07-04 17:46 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-15 02:11 - 2013-02-15 08:55 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-15 02:11 - 2012-11-23 08:18 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-04-15 02:11 - 2012-05-14 10:03 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-04-15 02:11 - 2012-04-26 10:15 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-04-15 02:11 - 2012-04-26 10:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-04-15 02:11 - 2012-01-04 14:28 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-04-15 02:10 - 2014-03-04 14:47 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 02:10 - 2014-01-29 07:36 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-15 02:10 - 2013-10-06 01:27 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-15 02:10 - 2013-08-02 07:20 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 06:22 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 02:10 - 2013-08-02 06:13 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 06:13 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 06:13 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 02:10 - 2013-08-02 06:13 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 02:10 - 2013-07-12 15:38 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-04-15 02:10 - 2013-07-12 15:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-04-15 02:10 - 2013-07-09 10:16 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-15 02:10 - 2013-07-09 10:16 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-15 02:10 - 2012-10-09 23:10 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-04-15 02:10 - 2012-10-09 23:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-04-15 02:01 - 2014-06-25 07:11 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-15 02:01 - 2014-04-25 07:36 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-15 02:01 - 2013-11-27 06:44 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-15 02:01 - 2013-11-27 06:43 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-15 02:01 - 2013-11-27 06:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-15 02:01 - 2013-11-27 06:43 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-15 02:01 - 2013-11-27 06:43 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-15 02:01 - 2013-11-27 06:43 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-15 02:01 - 2013-11-27 06:43 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-15 02:01 - 2013-06-26 04:26 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-04-15 02:01 - 2012-11-29 04:27 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-04-15 02:01 - 2012-11-29 04:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-04-15 02:01 - 2012-11-29 04:27 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-04-15 00:16 - 2012-02-17 11:04 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-04-15 00:16 - 2012-02-17 09:43 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 20:06 - 2014-07-03 17:06 - 00001694 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-7.job
2015-05-12 20:06 - 2014-07-02 18:06 - 00001718 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-7.job
2015-05-12 20:06 - 2013-06-03 16:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-12 20:03 - 2014-03-31 21:58 - 00000000 ____D () C:\Users\john\AppData\Roaming\EQATEC Analytics
2015-05-12 20:03 - 2011-03-07 20:03 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-12 20:03 - 2010-10-04 05:59 - 01635615 _____ () C:\Windows\WindowsUpdate.log
2015-05-12 20:02 - 2014-07-03 17:08 - 00002082 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5_user.job
2015-05-12 20:02 - 2014-07-03 17:08 - 00002082 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00003792 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00002402 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5_user.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00002402 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00002152 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001762 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-1.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001560 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001526 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-6.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001524 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-1.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001456 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-7.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001290 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.job
2015-05-12 20:02 - 2014-07-03 17:06 - 00004120 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.job
2015-05-12 20:02 - 2014-07-03 17:06 - 00002354 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.job
2015-05-12 20:02 - 2014-07-03 17:06 - 00001764 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-6.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00002400 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5_user.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00002400 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00002366 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-4.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00001772 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-1.job
2015-05-12 20:02 - 2014-07-02 18:06 - 00004112 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-11.job
2015-05-12 20:02 - 2014-07-02 18:06 - 00001780 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-6.job
2015-05-12 20:02 - 2014-07-02 18:06 - 00000938 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-12 20:02 - 2012-07-08 19:59 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-12 20:02 - 2011-07-15 17:45 - 00000302 ___SH () C:\Windows\Tasks\khdshrsrf.job
2015-05-12 20:02 - 2011-05-08 07:12 - 00511038 _____ () C:\Windows\setupact.log
2015-05-12 20:02 - 2011-01-30 14:36 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-12 20:02 - 2009-07-14 10:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 17:27 - 2014-02-16 20:26 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2015-05-12 17:27 - 2009-07-14 10:04 - 00017360 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-12 17:27 - 2009-07-14 10:04 - 00017360 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-12 17:22 - 2011-01-30 14:36 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-12 16:43 - 2010-10-03 17:36 - 00006648 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-12 15:57 - 2014-07-01 14:57 - 00000288 _____ () C:\Windows\Tasks\MySearchDial.job
2015-05-12 15:49 - 2010-10-03 17:43 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-05-12 15:19 - 2010-11-05 09:46 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000UA.job
2015-05-12 11:23 - 2014-12-04 12:32 - 00000000 ____D () C:\Users\john\AppData\Local\CrashDumps
2015-05-12 11:12 - 2014-07-02 18:06 - 00000942 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-03 18:04 - 2010-10-03 17:57 - 00224072 _____ () C:\Users\john\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-03 18:04 - 2009-07-14 10:03 - 01957160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-03 11:53 - 2013-12-10 21:48 - 00000045 _____ () C:\Windows\TEXTware.ini
2015-05-03 11:52 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system
2015-04-29 15:44 - 2011-07-06 16:48 - 00000348 _____ () C:\Windows\Tasks\At1.job
2015-04-28 09:30 - 2014-01-24 15:24 - 00000000 ____D () C:\Program Files\Recuva
2015-04-28 09:17 - 2013-03-16 12:16 - 00000000 ____D () C:\ProgramData\Beroowse22suavee
2015-04-26 07:15 - 2011-03-28 21:22 - 00000000 ____D () C:\Users\john\Documents\WORD
2015-04-26 06:31 - 2014-07-01 14:59 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-04-26 05:51 - 2014-07-02 18:06 - 00000000 ____D () C:\Program Files\Sense
2015-04-26 04:41 - 2013-08-21 20:26 - 00000178 _____ () C:\Users\john\AppData\Roaming\WB.CFG
2015-04-26 03:32 - 2014-12-25 13:25 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-04-26 03:32 - 2014-07-01 14:59 - 00000000 ____D () C:\Program Files\ShopperPro
2015-04-22 19:26 - 2009-07-14 10:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-19 19:03 - 2011-11-09 14:15 - 00000000 ____D () C:\Program Files\UBISOFT
2015-04-19 18:39 - 2013-06-30 19:54 - 00000000 _____ () C:\adorage-protocol.txt
2015-04-19 18:24 - 2011-05-28 11:51 - 00474326 _____ () C:\Windows\PFRO.log
2015-04-19 18:21 - 2013-06-06 10:22 - 00000000 ____D () C:\Users\john\AppData\Roaming\Opera
2015-04-19 18:21 - 2013-06-06 10:22 - 00000000 ____D () C:\Users\john\AppData\Local\Opera
2015-04-19 18:21 - 2013-06-06 10:22 - 00000000 ____D () C:\Program Files\Opera
2015-04-19 18:21 - 2011-02-02 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo!
2015-04-19 18:21 - 2011-02-02 16:31 - 00000000 ____D () C:\Program Files\Photo!
2015-04-19 18:19 - 2011-07-01 16:39 - 00000000 ____D () C:\Users\john\AppData\Local\Unity
2015-04-16 17:56 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 07:21 - 2011-05-04 08:31 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-04-15 07:21 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-15 07:21 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-04-15 07:21 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-04-15 07:21 - 2009-07-14 08:07 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-15 07:15 - 2010-10-03 17:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 06:50 - 2009-07-14 10:22 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-15 06:48 - 2011-05-04 08:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-15 03:20 - 2011-05-04 08:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-15 03:06 - 2011-09-10 12:37 - 00000452 _____ () C:\Windows\win.ini
2015-04-15 02:27 - 2014-12-13 02:42 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d016506776cf4c.job
2015-04-15 02:27 - 2014-12-13 01:35 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d01646fee86a63.job
2015-04-12 14:37 - 2011-05-10 13:49 - 00465496 _____ () C:\Windows\DirectX.log

==================== Files in the root of some directories =======

2012-06-27 21:24 - 2012-06-27 21:24 - 0000288 _____ () C:\Users\john\AppData\Roaming\.backup.dm
2011-12-27 20:15 - 2014-02-05 18:22 - 0000132 _____ () C:\Users\john\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-06-26 18:38 - 2012-02-11 08:59 - 0000132 _____ () C:\Users\john\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-12-27 20:16 - 2015-03-05 15:34 - 0000132 _____ () C:\Users\john\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-03 21:15 - 2015-03-03 21:17 - 0000132 _____ () C:\Users\john\AppData\Roaming\Adobe Targa Format CS5 Prefs
2013-09-28 17:40 - 2013-09-28 17:40 - 0022328 _____ () C:\Users\john\AppData\Roaming\PnkBstrK.sys
2011-05-12 18:05 - 2011-05-12 18:05 - 0000057 _____ () C:\Users\john\AppData\Roaming\temp.bat
2010-10-03 18:07 - 2011-02-25 19:32 - 5046202 _____ () C:\Users\john\AppData\Roaming\UserTile.png
2013-08-21 20:26 - 2015-04-26 04:41 - 0000178 _____ () C:\Users\john\AppData\Roaming\WB.CFG
2013-08-21 20:26 - 2014-01-16 14:09 - 0000005 _____ () C:\Users\john\AppData\Roaming\WBPU-TTL.DAT
2013-06-02 13:07 - 2013-06-02 13:07 - 0000037 ___SH () C:\Users\john\AppData\Local\20986331705021ca58edc424.96250074
2010-10-08 18:36 - 2013-07-07 18:55 - 0069120 _____ () C:\Users\john\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-05-09 20:50 - 2012-05-09 20:50 - 0000092 _____ () C:\Users\john\AppData\Local\fusioncache.dat
2014-01-13 18:44 - 2014-01-13 18:45 - 0007599 _____ () C:\Users\john\AppData\Local\resmon.resmoncfg
2013-08-02 16:49 - 2013-08-17 12:03 - 0000080 _____ () C:\Users\john\AppData\Local\X-Plane Installer.prf
2011-05-05 21:11 - 2011-05-06 08:38 - 0000000 _____ () C:\ProgramData\CLDShowX.ini
2010-10-03 17:50 - 2013-06-01 10:14 - 0015008 _____ () C:\ProgramData\hpzinstall.log

ZeroAccess:
C:\Users\john\AppData\Local\NFS Underground 2
C:\Users\john\AppData\Local\NFS Underground 2\Simon Magazine 5\Simon Magazine 5
C:\Users\john\AppData\Local\NFS Underground 2\Simon Magazine 4\Simon Magazine 4
C:\Users\john\AppData\Local\NFS Underground 2\Simon Magazine 3\Simon Magazine 3
C:\Users\john\AppData\Local\NFS Underground 2\Simon Magazine 2\Simon Magazine 2
C:\Users\john\AppData\Local\NFS Underground 2\Simon Magazine 1\Simon Magazine 1
C:\Users\john\AppData\Local\NFS Underground 2\Simon DVD 3\Simon DVD 3
C:\Users\john\AppData\Local\NFS Underground 2\Simon DVD 2\Simon DVD 2
C:\Users\john\AppData\Local\NFS Underground 2\Simon DVD 1\Simon DVD 1
C:\Users\john\AppData\Local\NFS Underground 2\Simon\Simon
C:\Users\john\AppData\Local\NFS Underground 2\N\N

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job


Some content of TEMP:
====================
C:\Users\john\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\john\AppData\Local\Temp\AutoRun.exe
C:\Users\john\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\john\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\john\AppData\Local\Temp\ShopperProJSINJFull.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 13:55

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by john at 2015-05-12 20:06:32
Running from C:\Users\john\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

323A7CE5D4B04CFABF56 (S-1-5-21-2280821914-3189600555-3011743376-1007 - Limited - Enabled)
Administrator (S-1-5-21-2280821914-3189600555-3011743376-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2280821914-3189600555-3011743376-1002 - Limited - Enabled)
Guest (S-1-5-21-2280821914-3189600555-3011743376-501 - Limited - Disabled)
john (S-1-5-21-2280821914-3189600555-3011743376-1000 - Administrator - Enabled) => C:\Users\john

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.8.800.149 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
airtel (HKLM\...\airtel) (Version: 23.015.02.00.284 - Huawei Technologies Co.,Ltd)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aurora 3D Animation Maker version 11.05.27 (HKLM\...\{4F6B6582-B9F6-42B2-AAFC-48G097D07837}_is1) (Version: 11.05.27 - Aurora3D Software)
Avid Audio Drivers (x86) (HKLM\...\{2F227ACA-204C-4529-BA33-D095C42C72DB}) (Version: 8.0.4 - Avid)
Bandicam (HKLM\...\Bandicam) (Version: 1.9.2.454 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
BrowseToSave 1.74 (HKLM\...\SP_48c708f2) (Version:  - ) <==== ATTENTION
Cambridge Advanced Learner's Dictionary (HKLM\...\Cambridge Advanced Learner's Dictionary) (Version:  - )
Conduit Engine  (HKLM\...\conduitEngine) (Version: 6.3.3.3 - Conduit Ltd.) <==== ATTENTION
Contract Jack (SP Demo) (HKLM\...\{5B43C237-443E-4CCF-9813-07A450B079DE}) (Version:  - )
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1830 - CyberLink Corp.)
DllTool 1.0 (HKLM\...\{8C36FC6F-3576-447C-B15D-FF1504C91104}_is1) (Version:  - )
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10053 (Build 2558) - Speedbit Ltd.)
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
FPS Creator Free (HKLM\...\{800218C2-2E07-461C-85D6-8FDB4F9161D9}) (Version:  - )
FPS Creator Model Pack - 10 (HKLM\...\{24EB39DB-B958-413D-818E-C0875101C96B}) (Version:  - )
FPS Creator Model Pack - 11 (HKLM\...\{15014839-85AF-439E-9C3C-A93BB74957B1}) (Version:  - )
FPS Creator Model Pack - 13 (HKLM\...\{09847DC5-6C6D-45CD-AE31-CD27CE1FE48F}) (Version:  - )
FPS Creator Model Pack - 16 (HKLM\...\{BDB48672-B567-4A4B-989E-0A7C2E220B6F}) (Version:  - )
FPS Creator Model Pack - 2 (HKLM\...\{3B78E403-D116-4C56-9D1E-4C245AFC82D9}) (Version:  - )
FPS Creator Model Pack - 21 (HKLM\...\{BB9C6299-5713-4428-B8D0-0C0B2F5C9A0E}) (Version:  - )
FPS Creator Model Pack - 28 (HKLM\...\{A9802493-BA56-4304-A2F3-EDF7D35FBA5D}) (Version:  - )
FPS Creator Model Pack - 6 (HKLM\...\{F964E0BB-3AD6-4188-B985-453037BE8FFD}) (Version:  - )
FPS Creator Model Pack - 9 (HKLM\...\{444E3FAE-DC6D-498B-BF98-6B6B61CA46D9}) (Version:  - )
FPS Creator Model Pack 53 (HKLM\...\{B76BB8C6-EE9B-49CC-9141-862856BC5EE5}) (Version:  - )
FPS Creator Model Pack 55 (HKLM\...\{884AC351-768E-4F23-8DC1-06E9E47CF36F}) (Version:  - )
FPS Creator Model Pack 57 (HKLM\...\{BCA7929A-91E9-4580-8523-6F2010599874}) (Version:  - )
Frame Maker Pro 3.87 (HKLM\...\Frame Maker Pro_is1) (Version:  - AMS Software)
GameMaker 8.1 (HKLM\...\GameMaker81) (Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
God of War 2 version 1.5 (HKLM\...\{08FEB3D0-DD7C-4D41-9000-FA645B74D5C5}_is1) (Version: 1.5 - Filiex Game Inc.)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.53.5169 - Gretech Corporation)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 8.6.9.9 - Siber Systems)
Google Chrome (HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
Grand Theft Auto Vice City (HKLM\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
High-Definition Video Playback 10 (Version: 7.0.11400.29.0 - Nero AG) Hidden
IM Sarah (HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\IM Sarah) (Version:  - )
inFamous v1.0 (HKLM\...\{422D8C2B-80E4-4698-8EEC-ADD5EFCEF1AD}_is1) (Version:  - Nowstat.com)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Internet TV for Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Iron Man (HKLM\...\{6E737AC4-C430-4698-8790-C7D55F7107A4}) (Version: 1.00.0000 - SEGA)
Java™ 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.260 - Oracle)
JavaPK for Desktop 2.1 (HKLM\...\JavaPK for Desktop) (Version:  - )
Just Cause 2 (HKLM\...\Just Cause 2_is1) (Version:  - )
K-Lite Codec Pack 6.7.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.7.0 - )
L&H TTS3000 British English (HKLM\...\LHTTSENG) (Version:  - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Macro Vibration Joystick (HKLM\...\{36177F72-8181-45D7-95D1-EA5B008A4DC9}) (Version: 2006.05.30 - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Interface Pack 2007 - தமிழ் (HKLM\...\{95120000-00FF-0449-0000-0000000FF1CE}) (Version: 12.0.4518.1086 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker 6.0 for Windows 7 (32-bit) (HKLM\...\{59A385E2-3454-4CDF-B3E6-C9CF9D099F1B}) (Version: 6.0.0 - Microsoft Corporation)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mysearchdial (HKLM\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Nero BackItUp 10 (HKLM\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscCopy Gadget 10 (HKLM\...\{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}) (Version: 3.0.10700.9.100 - Nero AG)
Nero DiscSpeed 10 (HKLM\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
NTI Backup Now Standard (Version: 5.0.101.0 - NewTech Infosystems) Hidden
NTI Media Maker 8 (Version: 8.0.2.61 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision PowerPack - Batman Arkham Asylum (HKLM\...\NVIDIA 3D Vision PowerPack - Batman Arkham Asylum_is1) (Version:  - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.6 - Pando Networks Inc.)
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version:  - www.PerfectUninstaller.com)
Photo! 3D Album and Photo! 3D ScreenSaver 1.2 (HKLM\...\My Pictures Editor_is1) (Version:  - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Prince of Persia T2T (HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version:  - )
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RAD Video Tools (HKLM\...\RADVideo) (Version:  - )
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SaveSense (remove only) (HKLM\...\SaveSense) (Version: 5.3.0.7 - SaveSense) <==== ATTENTION
Sense (HKLM\...\Sense) (Version: 1.34.7.1 - Object Browser) <==== ATTENTION
Sentinel Protection Installer 7.4.0 (HKLM\...\{5A180ED5-0AC1-410A-B790-5E0319CD0A93}) (Version: 7.4.0 - SafeNet, Inc.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Shopper-Pro (HKLM\...\ShopperPro) (Version:  - ) <==== ATTENTION
ShopSpezial (HKLM\...\ST6UNST #2) (Version:  - )
Software Informer 1.1 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Speakonia (HKLM\...\Speakonia_is1) (Version: 1.0.3.5 - CFS-Technologies)
Speccy (HKLM\...\Speccy) (Version: 1.17 - Piriform)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TheSage (HKLM\...\TheSage) (Version: 6.2.1802 - Sequence Publishing)
TurboC++ 3.0.7.7c (HKLM\...\TurboC++) (Version: 3.0.7.7c - NeutroNVegetOStrikeR.DbZ)
TypingMaster TypingTest (HKLM\...\{98B6FB8A-8638-4037-AD44-CF7D0EEAB874}_is1) (Version: 6.30 - TypingMaster Inc)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
USB Disk Security (HKLM\...\USB Disk Security_is1) (Version:  - Zbshareware Lab)
VideoLAN VLC media player 0.8.6c (HKLM\...\VLC media player) (Version: 0.8.6c - VideoLAN Team)
VirtualDJ Home FREE (HKLM\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPump (HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\WinPump) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip (HKLM\...\WinZip) (Version:  8.1  (4331) - WinZip Computing, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\john\AppData\Local\Google\Chrome\Application\42.0.2311.90\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{5F63E8CB-8F57-490A-97FE-62BC2F2A5EA4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> %ProgramFiles%\NewTech Infosystems\NTI Media Maker 8\Media Maker\msxml4.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\john\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\john\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\john\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2009-06-11 03:09 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {005776C8-86D8-4402-AD17-59C0578E23B1} - System32\Tasks\{D0EBE590-B6F1-4214-BB08-FF545DCB3688} => pcalua.exe -a "E:\SOFTWARE INSTALER\My Disc\ADOBE photo e4rPHOTOSHOP_7\_ISDEL.EXE" -d "E:\SOFTWARE INSTALER\My Disc\ADOBE photo e4rPHOTOSHOP_7"
Task: {006C15ED-5465-4111-9C65-A960A5302918} - System32\Tasks\{CC573B76-0ADE-4291-9322-8DE6D8D3F521} => pcalua.exe -a "F:\SOFTWARE\GAMES\Top Flash Games.exe" -d F:\SOFTWARE\GAMES
Task: {00E14294-39D0-4D77-A30D-9C4F27EC6212} - System32\Tasks\{E2E6F04F-8332-47A7-9C3C-277E917D850C} => msiexec.exe /package "F:\SOFTWARE\GAMES\3rdp_beta\3rdp_beta.msi"
Task: {0101E141-7531-4607-8700-2CFC5C7C5E74} - System32\Tasks\{3DA55CC3-F90D-4F19-9245-9F9E5657A775} => pcalua.exe -a C:\Users\john\INSTALER\AlienShooterDemo.exe -d C:\Users\john\INSTALER
Task: {032DC4AE-8791-47C0-BA36-C1AC2D328CC7} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.exe <==== ATTENTION
Task: {042F7F3A-CAF9-4F93-B06D-BDB3A7192136} - System32\Tasks\UNELEVATE_16481 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {0527640A-BEB9-405E-AB8A-F7031F5A69FB} - System32\Tasks\{373596EF-6BEB-4A59-9893-7BADC5DE471A} => F:\SOFTWARE\GAMES\Mac Monster Truks (fullypcgames.blogspot.com)\MonsterTruckFury.exe
Task: {068D3BAB-69ED-42EA-9176-B5F957D39DBE} - System32\Tasks\{05D5DD12-79CD-432E-AA7B-CA1AF787D643} => pcalua.exe -a "C:\Users\john\Downloads\17_Great_Swimming_\Auto Install\Install.exe" -d "C:\Users\john\Downloads\17_Great_Swimming_\Auto Install"
Task: {0DBA95FA-8263-4F91-B4C2-32D71AF101C3} - System32\Tasks\{D8803875-2248-4E4D-9F79-241B1CC9C237} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\25 To Life Portable\TTL.exe
Task: {0DC0EF6E-751C-4350-B6F7-3E3A3BB87FD1} - System32\Tasks\GoogleUpdateTaskMachineCore1d076f59cac145b => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {0E242664-FBC9-486F-A50D-67464DA8D8A9} - System32\Tasks\{CEED2990-1686-4541-94BC-A4FC1A09C2CA} => pcalua.exe -a "C:\Users\john\Downloads\Portable.Full.Speed.Internet.Booster.v3.3.with.Performance.Test(1)\Full Speed.exe" -d C:\Users\john\Downloads\Portable.Full.Speed.Internet.Booster.v3.3.with.Performance.Test(1)
Task: {0E7411F5-6348-49AD-B4C3-064804543514} - System32\Tasks\{C7DDDF30-0E92-4CFF-8B94-0183370E4CDA} => pcalua.exe -a "F:\SOFTWARE\GAMES\Alien vs Predator 2\AVP2 (2).exe" -d "F:\SOFTWARE\GAMES\Alien vs Predator 2"
Task: {0EDEEB1D-A897-402D-8113-DE00B7582B3A} - System32\Tasks\{6D145217-0AF0-45CF-8A3F-02E3D682FB61} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\X-Men.The.Official.Game.RIP\XMen-TheOfficialGame\xmen.exe
Task: {0FE3B72A-2A67-4746-A9E2-2044DDEA7384} - System32\Tasks\ShopperProJSUpd => C:\Program Files\ShopperPro\updater.exe [2015-04-23] (Goobzo) <==== ATTENTION
Task: {11850158-E530-4D46-8CF5-3FD620CC04E6} - System32\Tasks\{3BD5A81C-357C-4313-9BF3-2B5B30392DC7} => pcalua.exe -a F:\SOFTWARE\Dc_vs_Marvel_Mugen_Edition.exe -d F:\SOFTWARE
Task: {12F14CDD-7764-4432-B786-3BF41EC51C30} - System32\Tasks\UNELEVATE_11092 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {16E0068D-B96B-4FFF-BB24-40518C548DC3} - System32\Tasks\{D6B4C2A5-E948-4792-8870-5A45FE470DAA} => F:\SOFTWARE INSTALER\MY GAMES INSTALLER\GUN HOLDER\GUN HOLDER\GUN HOLDER.exe
Task: {16FC3DA4-7AA6-47BF-A52F-DE7FABF54C64} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {18A673E8-792B-438C-B42A-D81544D4A460} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5_user => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.exe <==== ATTENTION
Task: {1AA50F3A-A2F0-4F6C-A9A0-28F98330373C} - System32\Tasks\{13827CAE-AD2F-41FB-B0B9-73801A749CDD} => pcalua.exe -a "F:\SOFTWARE\GAMES\FPS GAMES\FPS CREATOR\FPSCreatorModelPack13\FPS Creator - Model Pack 13.exe" -d "F:\SOFTWARE\GAMES\FPS GAMES\FPS CREATOR\FPSCreatorModelPack13"
Task: {1DE7E31A-E479-431B-BE5F-D00F615E51AA} - System32\Tasks\{84A38175-6D8F-41F6-941C-767A737E64B0} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\New folder\Games\Project IGI\SETUP.EXE
Task: {1FB24A46-2B22-44C7-9967-7C384FDF3CFC} - System32\Tasks\SPDriver => C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe [2015-04-23] () <==== ATTENTION
Task: {2002CAF6-27DC-4566-B648-62D92372C776} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.exe <==== ATTENTION
Task: {21EC3D89-9E69-4AA2-8551-D72B46950F98} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5_user => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {22893088-13B9-4C76-91D8-6ACE60CE1810} - System32\Tasks\{F20F6670-957C-4BEC-ADCB-F5B5891DDBB9} => pcalua.exe -a "C:\Users\john\Downloads\Hitman 1, kkabod\Hitman 1\Setup.exe" -d "C:\Users\john\Downloads\Hitman 1, kkabod\Hitman 1"
Task: {25A39273-B62B-4F27-8107-F0222902D64B} - System32\Tasks\UNELEVATE_13338 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {263A009A-071C-4114-BC3F-52D95875C556} - System32\Tasks\{6BCA7F0B-3951-44A3-92A1-53D2A1930128} => pcalua.exe -a C:\Users\john\Downloads\drz-vc6t\drz-vc6t\DARKNeZZ.exe -d C:\Users\john\Downloads\drz-vc6t\drz-vc6t
Task: {2684E7FE-60BB-4184-8F8F-569C806D0B79} - System32\Tasks\{C9E2F816-9295-4429-A9B2-B80E75445146} => pcalua.exe -a "F:\SOFTWARE\GAMES\GTA COLL\Grand Theft Auto3_LC\SETUP.exe" -d "F:\SOFTWARE\GAMES\GTA COLL\Grand Theft Auto3_LC"
Task: {299149E4-FDBF-4FD9-8BEF-879AA99AB250} - System32\Tasks\{B1FDACF6-148E-4DCA-842A-3D10CEABDD9B} => pcalua.exe -a "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\New folder\Games\BONUS\HIDDEN OBJECT GAMES\Mystery of Cleopatra\Mystery of Cleopatra.exe" -d "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\New folder\Games\BONUS\HIDDEN OBJECT GAMES\Mystery of Cleopatra"
Task: {2A7A9E72-A77F-4F17-81C8-38E10FCF147F} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5 => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {2C5CDC33-BD87-401B-811B-B5A3CA6F6DC6} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-03] (globalUpdate) <==== ATTENTION
Task: {2CFDA930-6F43-4B1F-B84E-3FDEF3C44E98} - System32\Tasks\{BC31B78F-1547-46B1-889F-913727111AA1} => pcalua.exe -a "C:\Program Files\EA Games\Need for Speed Undercover\setup.exe" -d "C:\Program Files\EA Games\Need for Speed Undercover"
Task: {2E22A60F-F154-41D1-B401-A4772885ADBF} - System32\Tasks\{4E96D605-1490-4D48-B729-E3B23EA7EC25} => pcalua.exe -a "C:\Program Files\Smart File Advisor\sfa.exe" -d F:\SOFTWARE\GAMES\3rdp_beta -c /unknown "F:\SOFTWARE\GAMES\3rdp_beta\3rdp_beta.msi"
Task: {313CB86D-C90C-4F39-889E-C4BAC0ABD0E8} - System32\Tasks\{A925D1FB-B4EA-4396-9C17-7B1EDD5745F3} => pcalua.exe -a C:\Users\john\Downloads\ultimatevicecity2.exe -d C:\Users\john\Downloads
Task: {330ACDB0-7493-47B2-9AAB-E654DF779E17} - System32\Tasks\{48D7B5B3-1279-4B5C-8504-AEA7C8E2B17F} => pcalua.exe -a C:\Users\john\INSTALER\FlashGamesSetup.exe -d C:\Users\john\INSTALER
Task: {33719816-1064-43FD-A8CF-4227682A2712} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {340D07C2-FE8C-4B49-8D0F-549983812E97} - System32\Tasks\{E8B3B7CB-4E71-404A-AC85-772E8BDB0525} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\Program Files\CarReplacer\ST6UNST.LOG"
Task: {34ADF4C8-6D8B-4059-8953-B52EB9342567} - System32\Tasks\At1 => C:\Windows\system32\whhoami.exe <==== ATTENTION
Task: {356C0B60-F2A8-456A-BA40-61EC26EF124F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {37673D8C-2F02-47B9-A5BD-145CD49249BF} - System32\Tasks\{E67EDB00-4570-4AE0-B4BF-E405965C34B5} => pcalua.exe -a "F:\SOFTWARE\GAMES\Installer\Spider-Man Friend or Foe\SMFOF\Setup.exe" -d "F:\SOFTWARE\GAMES\Installer\Spider-Man Friend or Foe\SMFOF"
Task: {386B26C3-08D6-4567-8886-D178396B50F3} - \YTDownloader No Task File <==== ATTENTION
Task: {393C1257-649D-47F0-A101-BD834985DA72} - System32\Tasks\{41C103E3-1011-4BE6-A9F7-5C53F3F1AF54} => pcalua.exe -a "E:\GAMES INSTALER\(pc game) alien shooter [full]\(pc game) alien shooter [full].exe" -d "E:\GAMES INSTALER\(pc game) alien shooter [full]"
Task: {3A875C8A-B833-41C3-827F-FFACD85EE7A6} - System32\Tasks\{1D9255C1-19D5-449D-96CF-2E811CEC2D96} => pcalua.exe -a "F:\SOFTWARE\Cricket Revolution Setup.exe" -d F:\SOFTWARE
Task: {3B2CE8AF-CC08-4ECB-8B58-13EE971609A2} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.exe <==== ATTENTION
Task: {3BE08B96-D6C1-45CA-8DE5-F8D63D49FE3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {3C0207C6-DAF3-4B7E-A9D7-13DA6B7079D7} - System32\Tasks\{2B87E4CF-D890-4B2A-BB55-5A09775410CC} => pcalua.exe -a F:\SOFTWARE\GAMES\RE4\launcher.exe -d C:\Users\john\Desktop
Task: {3CF733B1-5013-4C61-AD00-12865E97D105} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-7 => C:\Program Files\Sense\Sense-nova.exe <==== ATTENTION
Task: {3D76DDC2-A193-495F-A217-75D8D11B2843} - System32\Tasks\GoogleUpdateTaskMachineCore1d016506776cf4c => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {48E8EE20-94F4-4226-810F-7B700DC7BDA1} - System32\Tasks\{4AAB42F5-0303-4CA6-BEC8-25641736BCB7} => pcalua.exe -a F:\SOFTWARE\PC_Game_Captain_Claw\Captain_Claw.exe -d F:\SOFTWARE\PC_Game_Captain_Claw
Task: {4DDFF272-8611-46A7-9721-6B96DC475391} - System32\Tasks\UNELEVATE_29191 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {4FC85321-2501-4B6E-822F-F333092043E7} - System32\Tasks\{B9390F74-AB50-463C-9DAD-5545C019B0E6} => pcalua.exe -a F:\SOFTWARE\GAMES\FPSCreatorFree\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English.exe -d F:\SOFTWARE\GAMES\FPSCreatorFree\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English
Task: {50687F36-9E0D-4053-B406-EF08E7A5E39C} - System32\Tasks\{87CDCB4B-4029-4D9C-9C3D-972DAA004789} => pcalua.exe -a F:\SOFTWARE\GAMES\FPSCreatorFree\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\Disk1\Setup.exe -d F:\SOFTWARE\GAMES\FPSCreatorFree\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\Disk1
Task: {50D4DA95-8F52-47A4-9074-18A075E40CAA} - System32\Tasks\{9BA04DE8-B0FC-4F41-9AFB-1485887D2008} => F:\SOFTWARE\GAMES\Disk1\GTA IV\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe
Task: {51D9C856-80AD-4DD6-BCB4-F0B2DF42BA82} - System32\Tasks\{E4CEFB91-901F-4D67-8087-2A0F05E7E8A9} => pcalua.exe -a C:\WINDOWS\ISUNINST.EXE -c -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Task: {5439314F-414D-4017-846E-459C9C32E25A} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-7 => C:\Program Files\iWebar\iWebar-nova.exe <==== ATTENTION
Task: {5A722E8C-EE69-4E49-A9A8-211D9C2F5E1E} - System32\Tasks\{AD75DD0E-0F23-4A9D-BDFC-376FE827900E} => pcalua.exe -a "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\activision_-_spiderman_full_pc_game\Spiderman\SetupReg.exe" -d "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\activision_-_spiderman_full_pc_game\Spiderman"
Task: {5B43CF1C-5ACD-41EC-A7A4-BC53A5B0FE26} - System32\Tasks\{DE6C0DA1-8738-43F3-82E2-8F2532C4EA11} => pcalua.exe -a "F:\SOFTWARE\3D\3DSFMM2\3D Sci-Fi Movie Maker 2.04.exe" -d F:\SOFTWARE\3D\3DSFMM2
Task: {5B915FC5-FD9C-461E-802F-4D7B3F448819} - System32\Tasks\{9EEE59D8-FA14-4C0D-AE3C-84899D3340DD} => pcalua.exe -a "F:\SOFTWARE\GAMES\Tony Hawk Coll\Matt Hoffman's Pro BMX\MHProBMX\Setup.exe" -d "F:\SOFTWARE\GAMES\Tony Hawk Coll\Matt Hoffman's Pro BMX\MHProBMX"
Task: {5B994750-FADD-4D7D-A88C-96F6D0E56D71} - System32\Tasks\{7811BBC2-C3D6-4573-89FD-38C5D1CF1D23} => F:\SOFTWARE INSTALER\MY GAMES INSTALLER\GUN HOLDER\GUN HOLDER\GUN HOLDER.exe
Task: {5CF9D825-9E21-477F-9C6C-8B13C57AB826} - System32\Tasks\{F787B258-F7A2-492C-9B1A-EE079A63746A} => pcalua.exe -a "C:\Users\john\Downloads\IPL in cricket 2002\IPL in cricket 2002\IPL in Ea cricket 2002 Installation file.exe" -d "C:\Users\john\Downloads\IPL in cricket 2002\IPL in cricket 2002"
Task: {5D4BC896-EEF8-40FD-B06F-F1BC2B20EA46} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-6 => C:\Program Files\iWebar\iWebar-novainstaller.exe <==== ATTENTION
Task: {5E697795-A94B-43CC-B165-1BD7769E27A3} - System32\Tasks\DSite => C:\Users\john\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {5F49A61C-4AD8-41D7-B67B-E6E9481AFCF9} - System32\Tasks\{0A8ED3A7-5BF6-4E16-B0A0-C5A814B2A28F} => pcalua.exe -a "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe" -d "C:\Program Files\Common Files\Adobe AIR\Versions\1.0"
Task: {5F861DA7-F030-45E2-A80E-9F484F6A4F29} - System32\Tasks\At2 => cmd.exe /c del /F /Q "C:\Users\john\Downloads\house of the dead 2 game free download.exe" <==== ATTENTION
Task: {610C0BD0-3E76-432A-93BA-C5D929B8FC97} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {64B2EC05-9B10-4780-A7CE-DB558A232BEE} - System32\Tasks\UNELEVATE_469 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {653BDD9B-F475-4AF9-A239-81F69C2AADE0} - System32\Tasks\{4B9296DC-2C21-4F02-870E-533BAD323EFB} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\X-Men.The.Official.Game.RIP\XMen-TheOfficialGame\xmen.exe
Task: {65B84EA0-7112-47D8-9D51-8D32804AEB32} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-11 => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-11.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {694352AA-CCC6-4CC7-9BAD-3AC803BAE9F5} - \YTDownloaderUpd No Task File <==== ATTENTION
Task: {697EE54C-EC8A-4CC5-A320-7373D20F2EFE} - System32\Tasks\{B6F5E290-AAFA-4131-ABBD-21B068468C16} => pcalua.exe -a "C:\Program Files\uTorrent\uTorrent.exe" -c /UNINSTALL
Task: {6A016004-30E6-479D-B965-C05D68B4F4F0} - System32\Tasks\{C08D028F-306F-4FEF-B493-75EFB1B248F1} => pcalua.exe -a "C:\Users\john\Downloads\Portable.Full.Speed.Internet.Booster.v3.3.with.Performance.Test(1)\Full Speed.exe" -d C:\Users\john\Downloads\Portable.Full.Speed.Internet.Booster.v3.3.with.Performance.Test(1)
Task: {6AE757DF-16ED-4C89-91E2-59AC8BD09DFA} - System32\Tasks\{FCC4046C-6A2F-4E69-B31C-88F431F6201A} => pcalua.exe -a F:\SOFTWARE\GAMES\ironman{www.grandpcgames.com}\IronMan{www.grandpcgames.com}\setup.exe -d F:\SOFTWARE\GAMES\ironman{www.grandpcgames.com}\IronMan{www.grandpcgames.com}
Task: {6B91C427-D62E-430E-B9DF-1F1A2104D0D3} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-03] (globalUpdate) <==== ATTENTION
Task: {6EFE6006-D8CB-49CF-8A48-405AFA513EE0} - System32\Tasks\{EAA11498-8659-4E9F-BF73-B0524C1EBD79} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\LeeGTs Games\Mystery of Cleopatra\MysteryOfCleopatra.exe"
Task: {7705FFD8-7267-4A55-806E-AB0CC33DA287} - System32\Tasks\{5D69DFCF-CAE7-4CCF-AD57-173C3D2EA726} => pcalua.exe -a "F:\SOFTWARE\GAMES\HITMAN\Hitman - Codename 47\Setup.exe" -d "F:\SOFTWARE\GAMES\HITMAN\Hitman - Codename 47"
Task: {778E0453-3AA9-4253-83E7-CE6154D54EB0} - System32\Tasks\{BF73481C-4937-48A7-95B2-55535FEA0395} => pcalua.exe -a C:\Users\john\Downloads\MilkShape.3D.1.8.4.Incl.KeyGen-F4CG\f4ms01\f4cg\ms3d184setup.exe -d C:\Users\john\Downloads\MilkShape.3D.1.8.4.Incl.KeyGen-F4CG\f4ms01\f4cg
Task: {783ADF75-CD6B-43F8-ACB0-438A87AE7442} - System32\Tasks\UNELEVATE_747 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {78BEF784-5951-402F-BD1D-9E3AFD0C3483} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-1 => C:\Program Files\Object Browser\Object Browser-codedownloader.exe <==== ATTENTION
Task: {7991C177-76AF-4320-B748-851D4FEA7F01} - System32\Tasks\u7qjU5OAaShI => C:\Program Files\globalUpdate\Update\Install\{6DBD6248-1143-4C48-BC1D-22C52EECB49B}\setup.exe
Task: {7ACEF580-8086-481B-AAC2-32E14983A041} - System32\Tasks\{BC2F6DCB-D3CD-462F-85A5-B7DCFF6BB9F0} => C:\Program Files\Microsoft Office\Office12\MSACCESS.EXE [2010-05-20] (Microsoft Corporation)
Task: {7BD19103-2629-4D2C-8733-B29C9CA1BBD4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2280821914-3189600555-3011743376-1000
Task: {7C705DEA-A205-45A4-A8AC-AE2D19CD642D} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-2 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.exe <==== ATTENTION
Task: {7F611482-7545-4AE9-8D91-77FE8E5194FC} - System32\Tasks\{E243BE9A-BDBE-4BDB-927B-685141552FC2} => pcalua.exe -a "C:\Users\john\Downloads\25 To Life Portable\codecs\wmp6cdcs.exe" -d "C:\Users\john\Downloads\25 To Life Portable\codecs"
Task: {7F8C3F00-13C8-4B55-A228-D60FEDF5A064} - System32\Tasks\{9F2B977A-15F0-4499-B779-0AE415BF5A25} => pcalua.exe -a C:\Users\john\Integrated_BrotherSoft_TB.exe -d C:\Users\john
Task: {82625720-BDF6-44CF-8239-FAC5C42090EA} - System32\Tasks\{D1B18347-3DE3-4D5C-9458-A26D9ECE85BA} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe" -c -runfromtemp -l0x0409
Task: {8510B158-E384-4EEE-AF3A-80B0C63BD1CC} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5_user => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: {861A8795-00BA-474A-A3EF-FD828E8A9541} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-1 => C:\Program Files\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: {875EFB9C-B2E5-4138-AD19-02A72912BC9E} - System32\Tasks\{AD5DF03F-212A-4BF5-8B1C-AA67E22153BC} => pcalua.exe -a "C:\Program Files\RADVideo\radvideo.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bink and Smacker"
Task: {88F3C954-FEF0-4DD0-AAED-4C78083AA355} - System32\Tasks\{D0BF31D6-9696-4788-B8CA-FB96F133558D} => F:\SOFTWARE\GAMES\sof\sof3.exe
Task: {89DD8A2F-484B-4FB8-A2B8-396FC66DAB0A} - System32\Tasks\{99CFE9FF-DC70-4E12-8019-8CB5C9486A18} => pcalua.exe -a "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\New folder\Grand Theft Auto4_VC\GTA Vice City.exe" -d "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\New folder\Grand Theft Auto4_VC"
Task: {8A52E0A4-9FCA-445D-8AF9-6FA7BCC9E744} - System32\Tasks\{6AD0D404-D0FB-447E-A66D-4E53923F121A} => pcalua.exe -a "F:\SOFTWARE\GTA San Andreas Highly Compressed.exe" -d F:\SOFTWARE
Task: {8C19DBD5-0ADF-43A7-80FA-467FE51A9C5D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000UA => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {8D65B8CA-27D4-4CEE-8F3E-6073E32A93DB} - System32\Tasks\{FC62F8A9-2EAE-4C02-BFDD-1F06ACB4D7BE} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\X-Men.The.Official.Game.RIP\XMen-TheOfficialGame\xmen.exe
Task: {8DDAC4EE-B9F0-4BF2-AD7E-9CAEE5DF329A} - System32\Tasks\{64387EF1-1483-4973-A063-7BD1DC13BE6E} => pcalua.exe -a C:\Users\john\Documents\Downloads\hod3_trial.exe -d C:\Users\john\Documents\Downloads
Task: {8ED2F185-4683-4ABC-8E58-6600A7E2CFE7} - System32\Tasks\{C25418E4-7379-4422-B616-7B5E8BE09387} => pcalua.exe -a C:\Users\john\Downloads\SetupFaceControl.exe -d C:\Users\john\Downloads
Task: {91B4FC65-4DCD-4D89-94D2-C7E9B012091D} - System32\Tasks\{3BD714A8-4720-4475-9005-7705D3E1FBA4} => pcalua.exe -a "F:\SOFTWARE\COMMANDO2\Commandos 2\SETUP.EXE" -d "F:\SOFTWARE\COMMANDO2\Commandos 2"
Task: {95ACEB18-2D26-48D8-8FE1-186B0CB350C1} - System32\Tasks\{22ED1228-0A82-4435-9253-B422E15D164C} => F:\SOFTWARE\GAMES\Mac Monster Truks (fullypcgames.blogspot.com)\MonsterTruckFury.exe
Task: {962BC3F1-0946-45B8-B623-733D0DAC0DE5} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-6 => C:\Program Files\Object Browser\Object Browser-novainstaller.exe <==== ATTENTION
Task: {982293B8-BFAB-43FD-BE95-31EF91957537} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.exe <==== ATTENTION
Task: {983D0185-9ED3-40CA-98AA-31E8AC71A2B7} - System32\Tasks\{7DFB5AF2-1452-43DF-8B0C-4B2E145C6C59} => pcalua.exe -a "F:\SOFTWARE INSTALER\ultimatevicecity2.exe" -d "F:\SOFTWARE INSTALER"
Task: {9AA8D228-E6B9-4458-8273-116D1B59809F} - System32\Tasks\{4164A57F-CCCA-4190-873C-DAE8DA3E9EA7} => pcalua.exe -a "F:\SOFTWARE INSTALER\install_animoids_dl\Windows\install_animoids.exe" -d "F:\SOFTWARE INSTALER\install_animoids_dl\Windows"
Task: {9B3D424E-6D55-4716-A5CD-A6C19084DD60} - System32\Tasks\{12D56BBA-AD8C-4251-B3D0-9462E83996AC} => pcalua.exe -a "F:\SOFTWARE\New folder (2)\bike fly\bike fly.exe" -d "F:\SOFTWARE\New folder (2)\bike fly"
Task: {9DAE06E0-03A2-42A3-95E4-D6DCD0A83EAA} - System32\Tasks\{59B0097C-25FA-4072-A677-F83829C7AC74} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\25 To Life Portable\TTL.exe
Task: {9F09DD2A-52E8-43FF-BDDB-5D0DDF73E685} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-4 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.exe <==== ATTENTION
Task: {A05B0E66-6BC5-472C-9E5F-5CF7ECAB0740} - System32\Tasks\{2CEE4132-7BE5-4A3F-BF34-0A444A78AF54} => pcalua.exe -a F:\SOFTWARE\GAMES\setUP347.exe -d F:\SOFTWARE\GAMES
Task: {A194253E-BECC-4783-9E3A-CB07C952096D} - System32\Tasks\UNELEVATE_18114 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {A4F811F3-A417-4006-9457-DACF05966BFB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {A6B894B9-3F26-49A9-89C6-400F533F6DC1} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-7 => C:\Program Files\Object Browser\Object Browser-nova.exe <==== ATTENTION
Task: {A999E4E8-113F-43F9-AAFA-31113CF588CF} - System32\Tasks\{1D2EFDE2-9AF3-4732-BE8A-CA0B72377F37} => C:\Program Files\Gam-A-Guru\Fire Jolts\Game\Game.exe
Task: {A9B83501-26C4-432E-AA40-E3689E96C28B} - System32\Tasks\RunAsStdUser Task => C:\Program Files\nCube\Windows 8 Transformation Pack\win8.exe
Task: {AF2CEA20-DE8B-4940-AFDC-69FC33C5A3BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {B1A5C201-A835-49FD-8A5E-AF7AE9E8A8C3} - System32\Tasks\{C02B878B-D6A2-4771-9534-C8CF2858CB7B} => F:\SOFTWARE\GAMES\Mac Monster Truks (fullypcgames.blogspot.com)\MonsterTruckFury.exe
Task: {B6DF9F87-E3FD-4E6D-B89A-CE005031C676} - System32\Tasks\{6DCCD64F-3652-4104-B41A-B72A7CC5FA02} => pcalua.exe -a "C:\Program Files\YTDownloader\YTDUninstall.exe"
Task: {B70643A6-FB18-4F4F-9B3E-E0591C17921D} - System32\Tasks\{44AE25A9-6E17-47A5-B2EE-675FCC306744} => pcalua.exe -a "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\Hitman 1, kkabod\Hitman 1\Setup.exe" -d "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\Hitman 1, kkabod\Hitman 1"
Task: {B78ABD30-C545-476A-94E5-C31BE8FF86DC} - System32\Tasks\{FB436C00-19C0-4B3A-B5F9-94EFC6756C5C} => pcalua.exe -a "F:\Gamez\Counterstrike Condition Zero\AUTORUN.EXE" -d "F:\Gamez\Counterstrike Condition Zero"
Task: {B92A95A9-8862-4DEA-AC4F-B8F640744AB6} - System32\Tasks\CrackTracker => C:\Program Files\zabkat\crack tracker\craktrak.exe
Task: {C3FD7101-86EB-4AB6-B4E8-6BABF9165C55} - System32\Tasks\ShopperPro => C:\Program Files\ShopperPro\ShopperPro.exe [2015-04-23] (Goobzo LTD) <==== ATTENTION
Task: {C750C08B-E07E-405E-BAA8-D1D976413156} - System32\Tasks\{E8FC51EB-116B-49CF-B0E3-BE51C98FEB93} => pcalua.exe -a "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\activision_-_spiderman_full_pc_game\Spiderman\Spider-Man Setup.exe" -d "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\activision_-_spiderman_full_pc_game\Spiderman"
Task: {C8EC5BFF-E243-40F4-B075-12767BDD921B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-26] (Adobe Systems Incorporated)
Task: {CCDBA163-5050-4AF9-AB46-6A90680BD2F1} - System32\Tasks\{FAC50A4D-C0C3-4032-81CD-C835BB16F3A7} => pcalua.exe -a "F:\SOFTWARE\GAMES\FPS GAMES\FPS CREATOR\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English.exe" -d "F:\SOFTWARE\GAMES\FPS GAMES\FPS CREATOR\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English"
Task: {CE9BF9C4-A1CE-4D3F-B464-B3DE67A9BCDF} - System32\Tasks\{D0E9313E-14CB-4D11-859B-26360006C739} => pcalua.exe -a "F:\SOFTWARE INSTALER\MilkShape.3D.1.8.4.Incl.KeyGen-F4CG\f4ms01\f4cg\ms3d184setup.exe" -d "F:\SOFTWARE INSTALER\MilkShape.3D.1.8.4.Incl.KeyGen-F4CG\f4ms01\f4cg"
Task: {CF21B205-E5F7-45DA-9AA7-B07E8B30CE66} - System32\Tasks\{23763B24-4ED4-4A02-8746-0DB3BBDED29F} => pcalua.exe -a "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\25 To Life Portable\codecs\wmp6cdcs.exe" -d "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\25 To Life Portable\codecs"
Task: {D1662E1C-A699-431F-9DAD-8DBCEEDFF103} - System32\Tasks\{2E8EE9A6-0EF2-43A2-AEDC-BAD8E25AD0D8} => pcalua.exe -a F:\RGSC_1_1_3_0\RGSC_1_1_3_0.exe -d F:\RGSC_1_1_3_0
Task: {D26C1033-9887-4268-BC03-DCC312F82E42} - System32\Tasks\{48A3F74B-102F-42F7-97D8-CC7D7B81C29D} => msiexec.exe /package "F:\SOFTWARE\GAMES\3rdp_beta\3rdp_beta.msi"
Task: {D464D01C-2912-4D97-8FFC-D0C4C2855065} - System32\Tasks\Regwork => C:\Program Files\RegWork\RegWork.exe
Task: {D970D3BF-EEE7-4493-9700-46D0BC06F355} - \Microsoft\Microsoft Antimalware\MpIdleTask No Task File <==== ATTENTION
Task: {DA6618C5-255A-4AAF-8D9E-35EB3FD219B2} - System32\Tasks\Start Registry Reviver for [email protected](logon) => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe
Task: {DDB3BB30-F173-4DC2-AAD2-8F6FB66C88A2} - System32\Tasks\SPBIW_UpdateTask_Time_343236343837383034362d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {DF3340BE-A461-442C-8F25-81F5A32B6972} - System32\Tasks\MySearchDial => C:\Users\john\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E01432E6-1625-4F0E-90FD-39D7382A21F3} - System32\Tasks\UNELEVATE_2141 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {E03EFFE5-EAC0-4E82-86B7-4AE31C00E1B8} - System32\Tasks\{B71F23FA-279B-4DDD-89E1-B629B3C9E70F} => pcalua.exe -a C:\Users\john\Downloads\Swf2Avi_Setup.exe -d C:\Users\john\Downloads
Task: {E0CA9A06-23AC-4C38-9F26-D847E5F6FE20} - \khdshrsrf No Task File <==== ATTENTION
Task: {E1654A0A-5473-486D-9CC2-8F33C532CB13} - System32\Tasks\{C423D519-1269-4114-9565-FE6BB13F42A2} => pcalua.exe -a C:\Users\john\Downloads\imgtool20\imgtool20\IMGTool.exe -d C:\Users\john\Downloads\imgtool20\imgtool20
Task: {E41F925A-A840-4EE4-AEFE-5EB757E30EF7} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-1 => C:\Program Files\Sense\Sense-codedownloader.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {E9F9BA78-C1AB-4C4B-8E1D-6D0B3290F399} - System32\Tasks\{C14DF91E-1B95-4968-84F3-6B22DBEA3B4E} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\New folder\Games\Project IGI\SETUP.EXE
Task: {EA533AB2-F067-42D6-99FD-1A428E3FE556} - System32\Tasks\UNELEVATE_12805 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {EA6644CC-BB77-4F9A-8EAA-903909465CB0} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: {EA84C26C-7C9A-4B20-A9B6-2076B9ACA8A9} - System32\Tasks\{DFA8041A-9F86-4F54-A626-B0E2529C9667} => F:\SOFTWARE\GAMES\Disk1\GTA IV\Grand Theft Auto IV\Grand Theft Auto IV\GTAIV.exe
Task: {EB2B426F-8C47-44ED-A8FC-D11CC1EE11AB} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-6 => C:\Program Files\Sense\Sense-novainstaller.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {ECFA2B6A-644C-4718-ABC5-FBC7FE54F5A6} - System32\Tasks\{B2A7C95D-0780-440D-BE9E-62A26BF656B1} => pcalua.exe -a F:\SOFTWARE\GAMES\UnInstall.exe -d F:\SOFTWARE\GAMES
Task: {ED67A7DB-DA0C-4727-AA8D-27A1E9AD5969} - System32\Tasks\{884FD653-1594-4CC3-8FA0-1F1A5C894517} => pcalua.exe -a "E:\GAMES INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\Adobe Photoshop Cs3 Extended Full Version\A__d__Lite\Adobe_Photoshop_CS3_Lite\Adobe Photoshop CS3 Lite.exe" -d "E:\GAMES INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\Adobe Photoshop Cs3 Extended Full Version\A__d__Lite\Adobe_Photoshop_CS3_Lite"
Task: {EE9D350B-C1DD-4690-A98B-51D5BB2DCE15} - System32\Tasks\Digital Sites => C:\Users\john\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {F32C8DC4-64BD-472F-9DCC-21C2B044BC72} - System32\Tasks\{0B9CA604-9E4D-4784-B38C-787DD935EB3E} => F:\SOFTWARE\New folder (2)\Fairyland\Land.exe
Task: {F40C808D-36A9-4DE0-A586-D54E5C3AFB30} - System32\Tasks\{5111BAEF-4EF8-4CAE-9FC7-7A37828E0DFC} => pcalua.exe -a "F:\SOFTWARE\GAMES\Spiderman Coll\Spider-Man Friend or Foe\SMFOF\Setup.exe" -d "F:\SOFTWARE\GAMES\Spiderman Coll\Spider-Man Friend or Foe\SMFOF"
Task: {F52FF28B-C246-4C13-9786-9DA92F73ECE8} - System32\Tasks\{12F6E446-1F06-493A-ADAC-ABD7836C2E91} => pcalua.exe -a "F:\SOFTWARE\GAMES\FPS GAMES\FPS CREATOR\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\Disk1\Setup.exe" -d "F:\SOFTWARE\GAMES\FPS GAMES\FPS CREATOR\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\FPS_Creator_Model_Pack_6_English\Disk1"
Task: {F6FDBA5C-40A9-488A-8340-92A3D68497D8} - System32\Tasks\{0B0145C4-2A6E-4832-A24E-20E661A8D27D} => pcalua.exe -a "C:\Program Files\Activision\Spider-Man Demo\Spider-Man Setup.exe" -d "C:\Program Files\Activision\Spider-Man Demo"
Task: {F7549BBE-5FA4-44B2-927F-2DCF14DF87BD} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-4 => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-4.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {F76176A0-A130-4752-BC71-A54355D7AA46} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-11 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.exe <==== ATTENTION
Task: {F7A51897-0E26-499B-9BE6-A92A0B254281} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d01646fee86a63 => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {F7B3EB7D-A397-476D-BC2A-A16EC5C82A7E} - System32\Tasks\{DC35C43B-190F-4888-BF7E-5CE76D7720E6} => F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\GAMES INSTALLER\X-Men.The.Official.Game.RIP\XMen-TheOfficialGame\xmen.exe
Task: {F7D0648D-E0B9-4E4C-8B06-996565236C16} - System32\Tasks\{62630B4C-B940-4640-A711-87A96794C270} => pcalua.exe -a "F:\Iron.Man.PC.Game.Only.150.MB\Iron.Man.PC Game Only 150MB.www.KosovaDC.com\Iron.Man.by.GranD.MasteR.BeraatZ - www.KosovaDC.com\SetupReg.exe" -d "F:\Iron.Man.PC.Game.Only.150.MB\Iron.Man.PC Game Only 150MB.www.KosovaDC.com\Iron.Man.by.GranD.MasteR.BeraatZ - www.KosovaDC.com"
Task: {FA091FAE-704D-4C77-AA48-819D09E56681} - System32\Tasks\{23D25206-8089-4E41-8B27-3891DCCB9B71} => pcalua.exe -a "F:\SOFTWARE\GAMES\Mario\MarioForever V4.4.exe" -d F:\SOFTWARE\GAMES\Mario
Task: {FB86A1A3-1F41-4516-B051-403C85BBCD97} - System32\Tasks\{CC04E13D-5DB7-4301-B1A8-6B9DDD5FB2B6} => pcalua.exe -a "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\WWE Raw Portable\WWE Raw Portable\RegSetup.exe" -d "F:\SOFTWARE INSTALER\Adobe Photoshop Cs3 Extended Full Version (1)\WWE Raw Portable\WWE Raw Portable"
Task: {FB96B27A-5426-4299-9C3C-941A6418064B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d076f59f224db5 => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-13] (Google Inc.)
Task: {FC210E5F-1BE7-44A0-9E2F-A4601C51FB54} - System32\Tasks\{8C25F203-A8B8-453C-9391-140E765C6235} => pcalua.exe -a "F:\SOFTWARE INSTALER\kgb_arch_win_gui_v1.2.1.24.exe" -d "F:\SOFTWARE INSTALER"
Task: {FCEDF998-D787-48FB-9FAB-12513A91FBF8} - System32\Tasks\{3D0E3FA7-8948-44DD-84C8-BBFB32787949} => pcalua.exe -a "C:\Program Files\AdorageI-SAL\uninstall.exe" -d "C:\Program Files\AdorageI-SAL"
Task: {FE17B942-EEE0-4071-BDA8-A12F1C05231B} - System32\Tasks\{75D45EB0-620A-4A45-89CB-202EF1054DB6} => pcalua.exe -a "C:\Users\john\Downloads\Portable.Full.Speed.Internet.Booster.v3.3.with.Performance.Test(1)\Full Speed.exe" -d C:\Users\john\Downloads\Portable.Full.Speed.Internet.Booster.v3.3.with.Performance.Test(1)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-1.job => C:\Program Files\iWebar\iWebar-codedownloader.exeÛ/cMKcOID /sxRBSOW=task /MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /MhzSH='iWebar' /hzIOssz=http:/js.clientdemocloud.com /rSAHtbrkM /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.exee/PPwUR /MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /ujwprE=11111111-1111-1111-1111-110311551110 /fLJQNfhW=ch /rSAHtbrkM /AlATN='http:/update.demogensrv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.exeò/FyBKcmwc /MuhzWW='iWebar' /RxNndz C:\Program Files\iWebar\35510.xpi' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /HeagdcHq=300 /[email protected]ab87-73f2d1973314.com /xWXhTLUK=0.94 /WiKIXMUs=a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510 /bGPIPgMB=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/35510.rdf /KijCfbu='iWebar' /JrUxJjKhv='iWebar' /dCYdb='iWebar' /fLJQNfhW=ch /IUEvrY='{asw:[67108865, 75497796, 0]}' /rSAHtbrkM /LKNfUuaxm /vaSjFRJMW /AlATN='http:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5_user.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-6.job => C:\Program Files\iWebar\iWebar-novainstaller.exeÝ/veiZmdehn /MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=iWebar /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /sxRBSOW=task /AlATN='http:/update.demogensrv.com/novacode/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-7.job => C:\Program Files\iWebar\iWebar-nova.exeÃ/MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=iWebar /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/novarun/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-1.job => C:\Program Files\Sense\Sense-codedownloader.exeâ/zigXwvlU /ueHWb=task /HrAWZn='Sense' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /fvKPgdm=http:/js.democlientnet.com /hwrOTohn=ch /uIzbGn='Sense' /HUmUMbf=http:/js.clientdemocloud.com /SdwxUC /IghQfo='{asw:[67108865, 67109188, 0]}' /hpnvwI='http:/update.democlientnet.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-11.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-4.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-4.exeù/OeylnCz /HrAWZn='Sense' /XNKaQah C:\Program Files\Sense\48292.xpi' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /AtASe=300 /[email protected]-8d8e-fc48e28131a8.com /TgbRDhpDG=0.94 /ogbHecbjv=a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 /tfUuUrB=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/48292.rdf /uwHbIW='Sense' /SNhnToP='.' /iyvRcbHwP='Object Browser' /hwrOTohn=ch /IghQfo='{asw:[67108865, 67109188, 0]}' /SdwxUC /MDpWmdncI /OJPwHTgS /hpnvwI='http:/update.democlientnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5_user.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-6.job => C:\Program Files\Sense\Sense-novainstaller.exeç/cHsTSwO /HrAWZn='Sense' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /fvKPgdm=http:/js.democlientnet.com /hwrOTohn=ch /YPOgrxFtO /uIzbGn=Sense /jETuHOGYQ='nova' /HUmUMbf=http:/js.clientdemocloud.com /IghQfo='{asw:[67108865, 67109188, 0]}' /ueHWb=task /hpnvwI='http:/update.democlientnet.com/novacode/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-7.job => C:\Program Files\Sense\Sense-nova.exeÑ/HrAWZn='Sense' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /fvKPgdm=http:/js.democlientnet.com /hwrOTohn=ch /YPOgrxFtO /uIzbGn=Sense /jETuHOGYQ='nova' /HUmUMbf=http:/js.clientdemocloud.com /IghQfo='{asw:[67108865, 67109188, 0]}' /hpnvwI='http:/update.democlientnet.com/novarun/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-1.job => C:\Program Files\Object Browser\Object Browser-codedownloader.exeT/cMKcOID /sxRBSOW=task /MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /MhzSH='Object Browser' /hzIOssz=http:/js.clientdemocloud.com /rSAHtbrkM /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.exeÖ/PPwUR /MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /ujwprE=11111111-1111-1111-1111-110311281150 /fLJQNfhW=ch /rSAHtbrkM /AlATN='http:/update.demogensrv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.exe…/FyBKcmwc /MuhzWW='Object Browser' /RxNndz C:\Program Files\Object Browser\32850.xpi' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /HeagdcHq=300 /[email protected]a0b2-52e936311db9.com /xWXhTLUK=0.94 /WiKIXMUs=a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850 /bGPIPgMB=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/32850.rdf /KijCfbu='Object Browser' /JrUxJjKhv='Browser enhancer' /dCYdb='Object Browser' /fLJQNfhW=ch /IUEvrY='{asw:[67108865, 75497796, 0]}' /rSAHtbrkM /LKNfUuaxm /vaSjFRJMW /AlATN='http:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5_user.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-6.job => C:\Program Files\Object Browser\Object Browser-novainstaller.exeV/veiZmdehn /MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=Object Browser /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /sxRBSOW=task /AlATN='http:/update.demogensrv.com/novacode/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-7.job => C:\Program Files\Object Browser\Object Browser-nova.exe</MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=Object Browser /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/novarun/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Windows\system32\whhoami.exe
Task: C:\Windows\Tasks\At2.job => C:\Windows\system32\cmd.exeR/c del /F /Q C:\Users\john\Downloads\house of the dead 2 game free download.exe
Task: C:\Windows\Tasks\CrackTracker.job => C:\Program Files\zabkat\crack tracker\craktrak.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\john\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\john\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d016506776cf4c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d076f59cac145b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d01646fee86a63.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d076f59f224db5.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000UA.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\khdshrsrf.job =>
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\john\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Regwork.job => C:\Program Files\RegWork\RegWork.exe-shed C:\Program Files\RegWork\RegWork.exe

==================== Loaded Modules (whitelisted) ==============

2012-07-08 19:58 - 2013-11-11 19:56 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2010-10-03 17:38 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-01 13:53 - 2013-12-09 13:19 - 00650096 _____ () C:\ProgramData\airtel\OnlineUpdate\ouc.exe
2014-05-01 13:53 - 2013-12-09 13:16 - 02422128 _____ () C:\ProgramData\airtel\OnlineUpdate\QtCore4.dll
2014-05-01 13:53 - 2013-12-09 13:16 - 00016344 _____ () C:\ProgramData\airtel\OnlineUpdate\mingwm10.dll
2014-05-01 13:53 - 2013-12-09 13:15 - 00047984 _____ () C:\ProgramData\airtel\OnlineUpdate\libgcc_s_dw2-1.dll
2014-05-01 13:53 - 2013-12-09 19:33 - 01153392 _____ () C:\ProgramData\airtel\OnlineUpdate\QtNetwork4.dll
2013-10-28 07:32 - 2013-10-28 07:32 - 00276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2015-04-26 03:32 - 2015-04-23 10:42 - 03224576 _____ () C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe
2014-03-31 21:59 - 2014-03-31 21:59 - 00011776 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
2014-03-31 21:59 - 2014-03-31 21:59 - 00010240 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
2014-03-31 21:59 - 2014-03-31 21:59 - 00012800 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
2014-03-31 21:59 - 2014-03-31 21:59 - 00012800 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
2014-03-31 21:59 - 2014-03-31 21:59 - 00010752 _____ () C:\ProgramData\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\CLDShowX.ini:Update.CL
AlternateDataStreams: C:\ProgramData\TEMP:1CB4A530
AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:6152D44C
AlternateDataStreams: C:\ProgramData\TEMP:77FB1B64
AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A
AlternateDataStreams: C:\ProgramData\TEMP:9D1B94FD
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\john\AppData\Local\F6iwgVhInOEPR:kS5FBhShtwVnhCcS
AlternateDataStreams: C:\Users\john\AppData\Local\Temp:CombVUb7UTCt2bAKTdIzI7xOgtep3
AlternateDataStreams: C:\Users\john\AppData\Local\Temporary Internet Files:1zTcQognA0ENzQJ1VlX1f0z2BdT

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\john\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{BD208951-D6D3-4AD3-A462-3BF6BD6629F6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{805382CC-791E-4BDC-9D53-684A043C9B30}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9A82C693-21F8-4289-8EAB-F4038D68BD2F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{9C26EB85-FC42-40CD-B8FE-74948669EE11}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{7632C838-4DC7-42FB-8B22-2D2B0042CB64}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B2E9C2BA-4E2A-46D1-82BF-2816C81343B4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7B7B017F-979B-4495-BDCE-32E0D88AA58B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{2C2B18A1-4675-4A06-94D6-6DAB14E30093}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{49F93C81-A66C-46B7-817C-BD1F57398346}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{562F61A7-6139-4884-868A-2DB6DC88F18A}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{8C874A2F-CA97-4D3A-8F2C-31D97492B64A}] => (Allow) C:\Users\john\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XUWE9Y9U\3gp_converter_setup[1].exe
FirewallRules: [{DAB78BD9-7047-49D8-9FDE-AAF14C9FC46D}] => (Allow) C:\Users\john\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XUWE9Y9U\3gp_converter_setup[1].exe
FirewallRules: [{3AA3AC56-71AF-404F-B738-D9E3D9E20D37}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{A00558CC-07C8-4AD4-B3E9-1DCF4CE89BA1}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{6D2C986A-4E83-41C6-BEF4-F9D103DA4D64}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F8683C89-C4F4-4726-96D6-56C52257AE93}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{03E9C97B-5968-44B2-8C0A-658BAA068498}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{C8161644-4988-42BC-A966-D9893EBE3F5A}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{2D57EDFB-734C-45C2-AB5B-0F3C4A15AECB}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{F947ED74-F4CE-4543-94E2-E6EEAB635707}] => (Allow) LPort=57307
FirewallRules: [{C5B8F535-3EAC-4F94-8710-FD0D4D719AFF}] => (Allow) LPort=57307
FirewallRules: [{7A1B3E0C-560A-4487-900B-83FDD92AC929}] => (Allow) LPort=57307
FirewallRules: [{BBCFC9EF-7E86-446E-99AA-DF3D453E19C3}] => (Allow) LPort=57307
FirewallRules: [{D249B11C-117E-445D-9851-A3B29551AC56}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{4186C3BB-122A-44D4-80D1-D444D7E07611}] => (Allow) C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{AA9AB694-8D3D-4641-BED7-3E6B53B6E776}] => (Allow) C:\Program Files\CyberLink\PowerDVD10\PowerDVD9.EXE
FirewallRules: [{F9D01EAA-24CA-4F1C-993F-3B2B01D13F3B}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{67D96168-5C7B-425C-9424-8FA55509FB76}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{F6503DC8-5B47-407A-9796-CB07B6A1463B}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{F95DFFD1-9014-4AFA-9F6A-EAF26E6195B4}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{385AD21A-F132-45AC-8544-8A7E618D12E6}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{1CD3EA23-5D80-4621-A9E0-3D12B6DD768B}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{5C49803C-0BDF-4BDD-8D4E-B60F6227A086}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4FB6448D-9AF3-4AB0-BE47-2943E30DD62A}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{2EEB6DE8-3B1A-4C20-ACF0-E7309EC97FEA}] => (Allow) C:\Users\john\AppData\Local\Temp\nvvscv.exe
FirewallRules: [{991618EB-3AFB-49D9-97F0-4766B12C2BB7}] => (Allow) C:\Users\john\AppData\Local\Temp\nvvscv.exe
FirewallRules: [{7EA2A7B9-FB6F-406F-A61D-A94BC28A065A}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{7377B330-65EE-4451-A6E9-83E26E42F825}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{86DD76C4-864F-40F8-95B5-439C8EEB1EC6}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{13F2B96F-2E8A-44D3-8646-D15E54A65FC4}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{FB0ED665-A7A2-484F-8131-B84226DC9B4C}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{52CD3BCF-484A-4718-856A-8EF4F6CFDE53}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{3F1370A8-CF01-4540-9DDE-28D71BE5C41A}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{F24861FB-9FBD-4881-9419-B6A4C49FBB44}] => (Allow) C:\Program Files\Cracked Steam\steam.exe
FirewallRules: [{EBBD3A03-A295-4A83-A84C-C2B43027EF74}] => (Allow) C:\Program Files\Cracked Steam\steam.exe
FirewallRules: [{1E7DDBDC-C7C1-4D0F-B418-8A85859B6FCE}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{F0BE8C10-EC34-4DC1-9015-B8A33B174D14}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{B75A7912-6B33-4B04-86F6-348CDEEF5BC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4FB14D76-D1DB-4C67-9D31-9240A0D1925D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4999C55C-5084-4290-9CF4-70E7A364FE7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{574F185E-DC8A-47B4-B225-FE8C42EDB903}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{43F50D67-0155-4169-8AB2-556851B7309A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A19223BE-BC0F-441E-9B1A-59B004D78639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6D6CC08-AF37-4946-A61B-F23D82420AB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{49ECDDD3-6C41-48BA-9495-90FEAAF2A5CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3FF7D624-AE71-4169-AEB6-2BDE52DD9ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B15EFE2A-FE3F-4D63-8E90-96057C375C3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{36A5151B-71A9-4885-8904-41A79D83F3F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{716EC873-9241-40A8-AA81-E7BADE0B7727}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B0299999-73F8-40B3-8A5B-8915BB180577}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{548884B1-DBEF-45A7-9E1B-7DFDAE36339B}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [TCP Query User{EF4F797E-AAD8-42FB-A115-2CFCD481246B}C:\users\john\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\john\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2FC3D9CE-7DA0-4E38-987D-8BCB30B4911E}C:\users\john\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\john\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{6FE83A36-ECD4-4367-ADA8-A8ACA84C9CE8}F:\software\games\outlast\outlast\binaries\win32\olgame.exe] => (Allow) F:\software\games\outlast\outlast\binaries\win32\olgame.exe
FirewallRules: [UDP Query User{3CF11FF7-6330-4AA4-94C8-68CD6FFE69DC}F:\software\games\outlast\outlast\binaries\win32\olgame.exe] => (Allow) F:\software\games\outlast\outlast\binaries\win32\olgame.exe
FirewallRules: [TCP Query User{3FC28EC0-480C-4CD9-902A-149A1016AD67}F:\software\games\batman\batman arkham city\binaries\win32\batmanac.exe] => (Allow) F:\software\games\batman\batman arkham city\binaries\win32\batmanac.exe
FirewallRules: [UDP Query User{4A29C4B7-02B4-40E5-B72C-0A6C4D1FB960}F:\software\games\batman\batman arkham city\binaries\win32\batmanac.exe] => (Allow) F:\software\games\batman\batman arkham city\binaries\win32\batmanac.exe
FirewallRules: [TCP Query User{9B2EA20F-4BD1-45E4-A3A7-CA18FDC4843D}C:\users\john\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\john\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D54C77CB-8767-4ED9-925B-69B40F49F783}C:\users\john\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\john\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{2BF0FF7C-B718-43A0-A65A-2B8C2FC2A670}F:\software\games\inversion\inversion\bin\inversion.exe] => (Allow) F:\software\games\inversion\inversion\bin\inversion.exe
FirewallRules: [UDP Query User{3892AD08-9252-4970-9285-B5456D6BD87D}F:\software\games\inversion\inversion\bin\inversion.exe] => (Allow) F:\software\games\inversion\inversion\bin\inversion.exe
FirewallRules: [TCP Query User{5E4446D8-8C36-467B-A043-8E1128080AC4}F:\software\fps creator\mygames\multi\multi.exe] => (Allow) F:\software\fps creator\mygames\multi\multi.exe
FirewallRules: [UDP Query User{EDC76523-411F-40D0-9882-D9B15EDF7914}F:\software\fps creator\mygames\multi\multi.exe] => (Allow) F:\software\fps creator\mygames\multi\multi.exe
FirewallRules: [TCP Query User{C808BB3A-8BE5-4BE8-83AF-CA9CB7D10070}F:\software\games\l4d\valve\left 4 dead\left4dead.exe] => (Allow) F:\software\games\l4d\valve\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{5FE6531B-BE96-4F98-BA50-3407D1C3640A}F:\software\games\l4d\valve\left 4 dead\left4dead.exe] => (Allow) F:\software\games\l4d\valve\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{7B8E204C-0BAA-4616-9362-AF86F993BFA8}C:\tally.erp9\tally.exe] => (Block) C:\tally.erp9\tally.exe
FirewallRules: [UDP Query User{DED8E593-B6D6-4DF3-8896-7D25B23EB0DB}C:\tally.erp9\tally.exe] => (Block) C:\tally.erp9\tally.exe
FirewallRules: [TCP Query User{58D5C7AB-7BD1-48F7-A32C-E2DBBE11B1B4}F:\software\games\graw2\ghost recon advanced warfighter 2\graw2.exe] => (Block) F:\software\games\graw2\ghost recon advanced warfighter 2\graw2.exe
FirewallRules: [UDP Query User{996A66C8-F5BD-46B3-8E71-47BE3CCF023C}F:\software\games\graw2\ghost recon advanced warfighter 2\graw2.exe] => (Block) F:\software\games\graw2\ghost recon advanced warfighter 2\graw2.exe
FirewallRules: [TCP Query User{5CC9786E-6C43-4BB2-824F-8D5F261745C9}F:\software\games\installer\ironman{www.grandpcgames.com}\ironman{www.grandpcgames.com}\ironman.exe] => (Block) F:\software\games\installer\ironman{www.grandpcgames.com}\ironman{www.grandpcgames.com}\ironman.exe
FirewallRules: [UDP Query User{C2883FFF-CA97-40EB-9192-059670ED6AC9}F:\software\games\installer\ironman{www.grandpcgames.com}\ironman{www.grandpcgames.com}\ironman.exe] => (Block) F:\software\games\installer\ironman{www.grandpcgames.com}\ironman{www.grandpcgames.com}\ironman.exe
FirewallRules: [TCP Query User{E4BEA821-55D6-4300-8F0C-45FC5F24F607}F:\software\games\cs\counter-strike\hlds.exe] => (Allow) F:\software\games\cs\counter-strike\hlds.exe
FirewallRules: [UDP Query User{6AC359BA-FC30-400F-969F-90B6B3F2DB1C}F:\software\games\cs\counter-strike\hlds.exe] => (Allow) F:\software\games\cs\counter-strike\hlds.exe
FirewallRules: [TCP Query User{DB3D288F-1AC9-4B33-84A7-491865EF870E}F:\software\games\cs\counter-strike\hltv.exe] => (Block) F:\software\games\cs\counter-strike\hltv.exe
FirewallRules: [UDP Query User{993B0D3F-D8FF-4550-8411-CA52B55CD046}F:\software\games\cs\counter-strike\hltv.exe] => (Block) F:\software\games\cs\counter-strike\hltv.exe
FirewallRules: [TCP Query User{228D00B1-3D5B-4ADB-A198-1A54EB4978A6}F:\software\games\csa\hl2.exe] => (Allow) F:\software\games\csa\hl2.exe
FirewallRules: [UDP Query User{A3FC845D-2E89-4166-96E3-1F0876894980}F:\software\games\csa\hl2.exe] => (Allow) F:\software\games\csa\hl2.exe
FirewallRules: [TCP Query User{00937CA0-11B2-415F-968E-0F45324B418A}F:\software\games\halo\halo.exe] => (Allow) F:\software\games\halo\halo.exe
FirewallRules: [UDP Query User{F9C77468-AA11-48D4-BE44-EF3BFA18DEC8}F:\software\games\halo\halo.exe] => (Allow) F:\software\games\halo\halo.exe
FirewallRules: [{651CCCC5-7083-44AE-A118-F6C904C6D9D5}] => (Block) F:\software\games\halo\halo.exe
FirewallRules: [{F6194FB2-0546-4921-930D-DFB85FE92A27}] => (Block) F:\software\games\halo\halo.exe
FirewallRules: [TCP Query User{7DB40A78-48E4-4521-AC2D-7F7C7666D779}F:\software\games\l4d online\valve\valve\left 4 dead\left4dead.exe] => (Allow) F:\software\games\l4d online\valve\valve\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{803086C4-391E-4367-ACDC-9CF6FB2DAE61}F:\software\games\l4d online\valve\valve\left 4 dead\left4dead.exe] => (Allow) F:\software\games\l4d online\valve\valve\left 4 dead\left4dead.exe
FirewallRules: [{787E4387-D205-47CA-88AC-523BCF327D6D}] => (Block) F:\software\games\l4d online\valve\valve\left 4 dead\left4dead.exe
FirewallRules: [{6BFEC658-CA52-4B90-AEAD-F7690EEA3601}] => (Block) F:\software\games\l4d online\valve\valve\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{22FABB12-EF37-43D1-AC27-0ABFA11326C5}F:\software\games\wolf\return to castle wolfenstein\wolfmp.exe] => (Block) F:\software\games\wolf\return to castle wolfenstein\wolfmp.exe
FirewallRules: [UDP Query User{27051BF1-8371-4BEE-A707-F3CEFDC5DF75}F:\software\games\wolf\return to castle wolfenstein\wolfmp.exe] => (Block) F:\software\games\wolf\return to castle wolfenstein\wolfmp.exe
FirewallRules: [TCP Query User{F54C901D-2F6A-477D-9F91-5E72358D3AC7}F:\software\games\installer\day.of.the.zombie_bycheaterneverdie\oneddl.com-a-dotzen\system\zombie.exe] => (Allow) F:\software\games\installer\day.of.the.zombie_bycheaterneverdie\oneddl.com-a-dotzen\system\zombie.exe
FirewallRules: [UDP Query User{8C72DFD8-CD06-4A33-A297-B5085D56AA97}F:\software\games\installer\day.of.the.zombie_bycheaterneverdie\oneddl.com-a-dotzen\system\zombie.exe] => (Allow) F:\software\games\installer\day.of.the.zombie_bycheaterneverdie\oneddl.com-a-dotzen\system\zombie.exe
FirewallRules: [TCP Query User{1555ADC4-B314-401E-912E-8027AA4A87EF}F:\software\games\valve\valve\left 4 dead\left4dead.exe] => (Allow) F:\software\games\valve\valve\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{9FE455C7-D350-434F-A67D-5A9500A8FF75}F:\software\games\valve\valve\left 4 dead\left4dead.exe] => (Allow) F:\software\games\valve\valve\left 4 dead\left4dead.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2015 04:45:58 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (05/12/2015 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (05/12/2015 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/12/2015 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/12/2015 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/12/2015 04:26:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (05/12/2015 04:26:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/12/2015 04:26:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/12/2015 04:26:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/12/2015 11:25:42 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (05/12/2015 08:03:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/12/2015 08:02:37 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 114.3.0.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (05/12/2015 08:02:37 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.197.642.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (05/12/2015 08:02:37 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.197.642.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (05/12/2015 08:02:37 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.197.642.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (05/12/2015 08:02:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sfdrv01
sfsync02
sfvfs02

Error: (05/12/2015 08:02:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The airtel. OUC service failed to start due to the following error:
%%1053

Error: (05/12/2015 08:02:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the airtel. OUC service to connect.

Error: (05/12/2015 08:01:55 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Driver sfdrv01.sys has been blocked from loading.

Error: (05/12/2015 08:01:55 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Driver sfvfs02.sys has been blocked from loading.


Microsoft Office Sessions:
=========================
Error: (12/31/2011 08:51:41 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1299 seconds with 1260 seconds of active time.  This session ended with a crash.

Error: (03/10/2011 08:36:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 13, Application Name: Microsoft Office OneNote, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 2047.3 MB
Available physical RAM: 1232.78 MB
Total Pagefile: 4094.61 MB
Available Pagefile: 3141.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.96 GB) (Free:10.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (MOVIES) (Fixed) (Total:83.01 GB) (Free:22.6 GB) NTFS
Drive e: (USER) (Fixed) (Total:83.01 GB) (Free:54.11 GB) NTFS
Drive f: (SOFTWARE) (Fixed) (Total:83.02 GB) (Free:29.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2146DE3F)
Partition 1: (Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=83 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=83 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=83 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, your system is a mess and this can be put down to two things, the use of torrents and the usage of cracks

I would like you to uninstall all the cracks otherwise my help will stop here

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe [3224576 2015-04-23] ()
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe [3224576 2015-04-23] ()
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: M - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: N - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {085c031c-0062-11e4-a464-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {0f04ab53-ee13-11e3-ab57-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {101c6e8d-c972-11e3-bae0-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {101c6e9a-c972-11e3-bae0-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {101c6eb3-c972-11e3-bae0-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {143b79cc-73ed-11e0-9bcb-4487fcab4607} - M:\Autorun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {217ab7a2-0127-11e4-b444-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {217ab7c9-0127-11e4-b444-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {2c431d26-965c-11e3-bc38-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {33f9fd63-01ca-11e4-8f2d-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {35c73c50-fc71-11e3-a116-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {35c73c62-fc71-11e3-a116-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {47f4969e-f117-11e3-b731-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {55654451-fb4d-11e3-ae2a-4487fcab4607} - G:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {55654467-fb4d-11e3-ae2a-4487fcab4607} - G:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e115-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e15a-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e16b-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {60a6e182-963c-11e3-9191-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {640d55cc-746c-11e0-9144-4487fcab4607} - M:\jpn-ts.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6cea7044-d544-11df-9764-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6cea704b-d544-11df-9764-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d58ac29-1df4-11e3-a480-4487fcab4607} - G:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d58ac33-1df4-11e3-a480-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d58ac48-1df4-11e3-a480-001e101f859f} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {6d8b3b58-f7bc-11e3-b317-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {71d69763-05b7-11e4-b284-4487fcab4607} - I:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {77091d29-fc6c-11e3-9d6a-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {77091d34-fc6c-11e3-9d6a-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {84a7a981-68bb-11e3-ae86-4487fcab4607} - N:\Setup.exe /Auto
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {8bc246a0-ccf7-11e3-8147-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {a0f92105-d273-11e3-bfa5-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {a2834c79-75f7-11e0-9a55-4487fcab4607} - M:\Autorun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {a42cf3a3-0773-11e4-9b81-4487fcab4607} - I:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {aca8c064-8228-11e4-99e2-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {b1df923d-fddf-11e3-9a86-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {b63fee2e-cd4f-11e3-a695-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {b63fee39-cd4f-11e3-a695-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {bdc0b513-015b-11e1-b775-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {bdc0b519-015b-11e1-b775-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {cd22b11d-fd8f-11e3-81f9-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {d5ef6026-e29b-11e4-851d-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {d5ef6043-e29b-11e4-851d-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {d5ef6055-e29b-11e4-851d-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {df614009-2945-11e1-afeb-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {df84c4a6-486a-11e3-ad09-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {ea7d0ca3-046c-11e4-bfe8-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {ea7d0cc9-046c-11e4-bfe8-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {eea14c94-d100-11e3-a250-4487fcab4607} - O:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {eea14ca0-d100-11e3-a250-4487fcab4607} - N:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {f52afa20-515d-11e4-9969-4487fcab4607} - H:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {f6c1bd8d-09b1-11e3-83a7-4487fcab4607} - M:\AutoRun.exe
HKU\S-1-5-21-2280821914-3189600555-3011743376-1000\...\MountPoints2: {fc3528a8-e410-11df-9e32-4487fcab4607} - M:\AutoRun.exe
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2476351
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: SaveSense -> {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} -> C:\Program Files\SaveSense\SaveSenseIE.dll [2013-12-06] (SaveSense)
BHO: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll [2015-04-23] (Goobzo Ltd.)
Toolbar: HKLM - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKLM - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000 -> My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
FF HKLM\...\Firefox\Extensions: [[email protected]] -
CHR HomePage: Default -> hxxp://start.mysearchdial.com/?f=1&a=adk_14_18&cd=2XzuyEtN2Y1L1QzuyEyEzzyB0F0C0A0ByEyCtDyByDzy0E0AtN0D0Tzu0SzytCtBtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu1T1Q1J1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StAtC0CyDyB0B0D0AtG0F0FtCyBtGtCyD0ByBtG0CzzyB0BtGyC0Azz0DzyyE0B0FyB0E0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDtDzzyD0C0C0FtG0DyBtDtDtG0CzzyCyDtGtD0E0AtCtGyEtBzytD0D0A0EyEtDtC0B0D2Q&cr=206597108&ir=
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=7&a=adk_14_18&cd=2XzuyEtN2Y1L1QzuyEyEzzyB0F0C0A0ByEyCtDyByDzy0E0AtN0D0Tzu0SzytCtBtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1Czu1T1Q1J1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StAtC0CyDyB0B0D0AtG0F0FtCyBtGtCyD0ByBtG0CzzyB0BtGyC0Azz0DzyyE0B0FyB0E0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDtDzzyD0C0C0FtG0DyBtDtDtG0CzzyCyDtGtD0E0AtCtGyEtBzytD0D0A0EyEtDtC0B0D2Q&cr=206597108&ir=", "https://www.google.co.in/"
CHR DefaultSearchKeyword: Default -> speedbit.com
CHR DefaultSearchURL: Default -> http://home.speedbit...q={searchTerms}
CHR DefaultSuggestURL: Default -> http://api.searchpre...d={searchTerms}
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [ojhagnahfpegocdhlopgljpaafeogmcc] - No Path Or update_url value
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-03] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-03] (globalUpdate) [File not signed] <==== ATTENTION
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [1813504 2015-04-23] (ShopperPro) [File not signed]
S3 SuperProServer; spnsrvnt.exe [X]
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [26112 2015-04-23] () [File not signed]
R2 SPDRIVER_1.42.0.1791; C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.sys [41112 2015-04-23] ()
U3 a1benesc; C:\Windows\system32\Drivers\a1benesc.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
2015-05-12 20:06 - 2014-07-03 17:06 - 00001694 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-7.job
2015-05-12 20:06 - 2014-07-02 18:06 - 00001718 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-7.job
2015-05-12 20:02 - 2014-07-03 17:08 - 00002082 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5_user.job
2015-05-12 20:02 - 2014-07-03 17:08 - 00002082 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00003792 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00002402 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5_user.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00002402 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00002152 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001762 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-1.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001560 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001526 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-6.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001524 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-1.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001456 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-7.job
2015-05-12 20:02 - 2014-07-03 17:07 - 00001290 _____ () C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.job
2015-05-12 20:02 - 2014-07-03 17:06 - 00004120 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.job
2015-05-12 20:02 - 2014-07-03 17:06 - 00002354 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.job
2015-05-12 20:02 - 2014-07-03 17:06 - 00001764 _____ () C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-6.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00002400 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5_user.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00002400 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00002366 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-4.job
2015-05-12 20:02 - 2014-07-02 18:07 - 00001772 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-1.job
2015-05-12 20:02 - 2014-07-02 18:06 - 00004112 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-11.job
2015-05-12 20:02 - 2014-07-02 18:06 - 00001780 _____ () C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-6.job
2015-05-12 20:02 - 2014-07-02 18:06 - 00000938 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-12 20:02 - 2011-07-15 17:45 - 00000302 ___SH () C:\Windows\Tasks\khdshrsrf.job
2015-05-12 17:27 - 2014-02-16 20:26 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2015-05-12 15:57 - 2014-07-01 14:57 - 00000288 _____ () C:\Windows\Tasks\MySearchDial.job
2015-04-29 15:44 - 2011-07-06 16:48 - 00000348 _____ () C:\Windows\Tasks\At1.job
2015-04-28 09:30 - 2014-01-24 15:24 - 00000000 ____D () C:\Program Files\Recuva
2015-04-28 09:17 - 2013-03-16 12:16 - 00000000 ____D () C:\ProgramData\Beroowse22suavee
2015-04-26 06:31 - 2014-07-01 14:59 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-04-26 03:32 - 2014-12-25 13:25 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-04-26 03:32 - 2014-07-01 14:59 - 00000000 ____D () C:\Program Files\ShopperPro
2013-06-02 13:07 - 2013-06-02 13:07 - 0000037 ___SH () C:\Users\john\AppData\Local\20986331705021ca58edc424.96250074
CustomCLSID: HKU\S-1-5-21-2280821914-3189600555-3011743376-1000_Classes\CLSID\{5F63E8CB-8F57-490A-97FE-62BC2F2A5EA4}\InprocServer32 -> No File Path
Task: {032DC4AE-8791-47C0-BA36-C1AC2D328CC7} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.exe <==== ATTENTION
Task: {042F7F3A-CAF9-4F93-B06D-BDB3A7192136} - System32\Tasks\UNELEVATE_16481 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {0FE3B72A-2A67-4746-A9E2-2044DDEA7384} - System32\Tasks\ShopperProJSUpd => C:\Program Files\ShopperPro\updater.exe [2015-04-23] (Goobzo) <==== ATTENTION
Task: {12F14CDD-7764-4432-B786-3BF41EC51C30} - System32\Tasks\UNELEVATE_11092 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {16FC3DA4-7AA6-47BF-A52F-DE7FABF54C64} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {1FB24A46-2B22-44C7-9967-7C384FDF3CFC} - System32\Tasks\SPDriver => C:\Program Files\ShopperPro\JSDriver\1.42.0.1791\jsdrv.exe [2015-04-23] () <==== ATTENTION
Task: {2002CAF6-27DC-4566-B648-62D92372C776} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.exe <==== ATTENTION
Task: {21EC3D89-9E69-4AA2-8551-D72B46950F98} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5_user => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {25A39273-B62B-4F27-8107-F0222902D64B} - System32\Tasks\UNELEVATE_13338 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {263A009A-071C-4114-BC3F-52D95875C556} - System32\Tasks\{6BCA7F0B-3951-44A3-92A1-53D2A1930128} => pcalua.exe -a C:\Users\john\Downloads\drz-vc6t\drz-vc6t\DARKNeZZ.exe -d C:\Users\john\Downloads\drz-vc6t\drz-vc6t
Task: {2A7A9E72-A77F-4F17-81C8-38E10FCF147F} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5 => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {2C5CDC33-BD87-401B-811B-B5A3CA6F6DC6} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-03] (globalUpdate) <==== ATTENTION
Task: {33719816-1064-43FD-A8CF-4227682A2712} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {34ADF4C8-6D8B-4059-8953-B52EB9342567} - System32\Tasks\At1 => C:\Windows\system32\whhoami.exe <==== ATTENTION
Task: {356C0B60-F2A8-456A-BA40-61EC26EF124F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {386B26C3-08D6-4567-8886-D178396B50F3} - \YTDownloader No Task File <==== ATTENTION
Task: {3B2CE8AF-CC08-4ECB-8B58-13EE971609A2} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.exe <==== ATTENTION
Task: {3CF733B1-5013-4C61-AD00-12865E97D105} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-7 => C:\Program Files\Sense\Sense-nova.exe <==== ATTENTION
Task: {4DDFF272-8611-46A7-9721-6B96DC475391} - System32\Tasks\UNELEVATE_29191 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {5439314F-414D-4017-846E-459C9C32E25A} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-7 => C:\Program Files\iWebar\iWebar-nova.exe <==== ATTENTION
Task: {5D4BC896-EEF8-40FD-B06F-F1BC2B20EA46} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-6 => C:\Program Files\iWebar\iWebar-novainstaller.exe <==== ATTENTION
Task: {5E697795-A94B-43CC-B165-1BD7769E27A3} - System32\Tasks\DSite => C:\Users\john\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {5F861DA7-F030-45E2-A80E-9F484F6A4F29} - System32\Tasks\At2 => cmd.exe /c del /F /Q "C:\Users\john\Downloads\house of the dead 2 game free download.exe" <==== ATTENTION
Task: {64B2EC05-9B10-4780-A7CE-DB558A232BEE} - System32\Tasks\UNELEVATE_469 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {65B84EA0-7112-47D8-9D51-8D32804AEB32} - System32\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-11 => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-11.exe [2014-07-02] (Object Browser) <==== ATTENTION
Task: {694352AA-CCC6-4CC7-9BAD-3AC803BAE9F5} - \YTDownloaderUpd No Task File <==== ATTENTION
Task: {6B91C427-D62E-430E-B9DF-1F1A2104D0D3} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-03] (globalUpdate) <==== ATTENTION
Task: {783ADF75-CD6B-43F8-ACB0-438A87AE7442} - System32\Tasks\UNELEVATE_747 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {78BEF784-5951-402F-BD1D-9E3AFD0C3483} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-1 => C:\Program Files\Object Browser\Object Browser-codedownloader.exe <==== ATTENTION
Task: {7991C177-76AF-4320-B748-851D4FEA7F01} - System32\Tasks\u7qjU5OAaShI => C:\Program Files\globalUpdate\Update\Install\{6DBD6248-1143-4C48-BC1D-22C52EECB49B}\setup.exe
Task: {7C705DEA-A205-45A4-A8AC-AE2D19CD642D} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-2 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.exe <==== ATTENTION
Task: {82625720-BDF6-44CF-8239-FAC5C42090EA} - System32\Tasks\{D1B18347-3DE3-4D5C-9458-A26D9ECE85BA} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe" -c -runfromtemp -l0x0409
Task: {8510B158-E384-4EEE-AF3A-80B0C63BD1CC} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5_user => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: {861A8795-00BA-474A-A3EF-FD828E8A9541} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-1 => C:\Program Files\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: {962BC3F1-0946-45B8-B623-733D0DAC0DE5} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-6 => C:\Program Files\Object Browser\Object Browser-novainstaller.exe <==== ATTENTION
Task: {982293B8-BFAB-43FD-BE95-31EF91957537} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.exe <==== ATTENTION
Task: {9F09DD2A-52E8-43FF-BDDB-5D0DDF73E685} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-4 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.exe <==== ATTENTION
Task: {A194253E-BECC-4783-9E3A-CB07C952096D} - System32\Tasks\UNELEVATE_18114 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {A6B894B9-3F26-49A9-89C6-400F533F6DC1} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-7 => C:\Program Files\Object Browser\Object Browser-nova.exe <==== ATTENTION
Task: {B6DF9F87-E3FD-4E6D-B89A-CE005031C676} - System32\Tasks\{6DCCD64F-3652-4104-B41A-B72A7CC5FA02} => pcalua.exe -a "C:\Program Files\YTDownloader\YTDUninstall.exe"
Task: {C3FD7101-86EB-4AB6-B4E8-6BABF9165C55} - System32\Tasks\ShopperPro => C:\Program Files\ShopperPro\ShopperPro.exe [2015-04-23] (Goobzo LTD) <==== ATTENTION
Task: {D970D3BF-EEE7-4493-9700-46D0BC06F355} - \Microsoft\Microsoft Antimalware\MpIdleTask No Task File <==== ATTENTION
Task: {DDB3BB30-F173-4DC2-AAD2-8F6FB66C88A2} - System32\Tasks\SPBIW_UpdateTask_Time_343236343837383034362d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {DF3340BE-A461-442C-8F25-81F5A32B6972} - System32\Tasks\MySearchDial => C:\Users\john\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E01432E6-1625-4F0E-90FD-39D7382A21F3} - System32\Tasks\UNELEVATE_2141 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {E0CA9A06-23AC-4C38-9F26-D847E5F6FE20} - \khdshrsrf No Task File <==== ATTENTION
Task: {EA533AB2-F067-42D6-99FD-1A428E3FE556} - System32\Tasks\UNELEVATE_12805 => C:\Program Files\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [2014-07-08] () <==== ATTENTION
Task: {EA6644CC-BB77-4F9A-8EAA-903909465CB0} - System32\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5 => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: {EE9D350B-C1DD-4690-A98B-51D5BB2DCE15} - System32\Tasks\Digital Sites => C:\Users\john\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {F76176A0-A130-4752-BC71-A54355D7AA46} - System32\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-11 => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-1.job => C:\Program Files\iWebar\iWebar-codedownloader.exeÛ/cMKcOID /sxRBSOW=task /MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /MhzSH='iWebar' /hzIOssz=http:/js.clientdemocloud.com /rSAHtbrkM /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-2.exee/PPwUR /MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /ujwprE=11111111-1111-1111-1111-110311551110 /fLJQNfhW=ch /rSAHtbrkM /AlATN='http:/update.demogensrv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-4.exeò/FyBKcmwc /MuhzWW='iWebar' /RxNndz C:\Program Files\iWebar\35510.xpi' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /HeagdcHq=300 /[email protected]ab87-73f2d1973314.com /xWXhTLUK=0.94 /WiKIXMUs=a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510 /bGPIPgMB=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/35510.rdf /KijCfbu='iWebar' /JrUxJjKhv='iWebar' /dCYdb='iWebar' /fLJQNfhW=ch /IUEvrY='{asw:[67108865, 75497796, 0]}' /rSAHtbrkM /LKNfUuaxm /vaSjFRJMW /AlATN='http:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-5_user.job => C:\Program Files\iWebar\6e6cd208-0efe-4538-accb-e2ac55bf206c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-6.job => C:\Program Files\iWebar\iWebar-novainstaller.exeÝ/veiZmdehn /MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=iWebar /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /sxRBSOW=task /AlATN='http:/update.demogensrv.com/novacode/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\6e6cd208-0efe-4538-accb-e2ac55bf206c-7.job => C:\Program Files\iWebar\iWebar-nova.exeÃ/MuhzWW='iWebar' /uYHluauTy=35510 /KyQKZd='000170' /UFsaUh='0' /vRYcFttJ='eyJkYXRhIjp7ImRhdGUiOiJFNzN6YWRrY0FnMCxlNTViYWQ1MC0yNDA2LTRlMmUtYjJkZi02MGJiNDEyZDQ2YmQsIiwidW5xIjoiZTU1YmFkNTAtMjQwNi00ZTJlLWIyZGYtNjBiYjQxMmQ0NmJkIn19' /phsSuU=C24D7E9B8F1444C8B07B9C8BE77DEB1EIE /anpSmzJh=de4a2eb02a9c8ba5d99cbb8da43b4a9d /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387352 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=iWebar /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/novarun/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-1.job => C:\Program Files\Sense\Sense-codedownloader.exeâ/zigXwvlU /ueHWb=task /HrAWZn='Sense' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /fvKPgdm=http:/js.democlientnet.com /hwrOTohn=ch /uIzbGn='Sense' /HUmUMbf=http:/js.clientdemocloud.com /SdwxUC /IghQfo='{asw:[67108865, 67109188, 0]}' /hpnvwI='http:/update.democlientnet.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-11.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-4.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-4.exeù/OeylnCz /HrAWZn='Sense' /XNKaQah C:\Program Files\Sense\48292.xpi' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /AtASe=300 /[email protected]-8d8e-fc48e28131a8.com /TgbRDhpDG=0.94 /ogbHecbjv=a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 /tfUuUrB=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/48292.rdf /uwHbIW='Sense' /SNhnToP='.' /iyvRcbHwP='Object Browser' /hwrOTohn=ch /IghQfo='{asw:[67108865, 67109188, 0]}' /SdwxUC /MDpWmdncI /OJPwHTgS /hpnvwI='http:/update.democlientnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-5_user.job => C:\Program Files\Sense\7c50704a-df5b-4d48-82d1-351213e1cf36-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-6.job => C:\Program Files\Sense\Sense-novainstaller.exeç/cHsTSwO /HrAWZn='Sense' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /fvKPgdm=http:/js.democlientnet.com /hwrOTohn=ch /YPOgrxFtO /uIzbGn=Sense /jETuHOGYQ='nova' /HUmUMbf=http:/js.clientdemocloud.com /IghQfo='{asw:[67108865, 67109188, 0]}' /ueHWb=task /hpnvwI='http:/update.democlientnet.com/novacode/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\7c50704a-df5b-4d48-82d1-351213e1cf36-7.job => C:\Program Files\Sense\Sense-nova.exeÑ/HrAWZn='Sense' /uvJwwahMe=48292 /TwVjm='000803' /ppUWRx='0' /OcZPIqwe='eyJkYXRhIjp7ImRhdGUiOiJFNzJ6YWRrYyxlY2NiZDEyOC05Y2FkLTRmOGMtOGU5OC0yMDEwMTg4ODM0NzEsIiwidW5xIjoiZWNjYmQxMjgtOWNhZC00ZjhjLThlOTgtMjAxMDE4ODgzNDcxIn19' /AmnRAmQwp=365A955570B84A58916CCCEF7862666BIE /smfAocSr=34972b9a353098cca72119b327235a69 /QMRjhLBG=1_34_07_01 /vTKDBU=1.34.7.1 /KFNlIRBW=1404304532 /rdQgp=http:/stats.democlientnet.com /pHNcin=http:/errors.democlientnet.com /fvKPgdm=http:/js.democlientnet.com /hwrOTohn=ch /YPOgrxFtO /uIzbGn=Sense /jETuHOGYQ='nova' /HUmUMbf=http:/js.clientdemocloud.com /IghQfo='{asw:[67108865, 67109188, 0]}' /hpnvwI='http:/update.democlientnet.com/novarun/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-1.job => C:\Program Files\Object Browser\Object Browser-codedownloader.exeT/cMKcOID /sxRBSOW=task /MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /MhzSH='Object Browser' /hzIOssz=http:/js.clientdemocloud.com /rSAHtbrkM /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-2.exeÖ/PPwUR /MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /ujwprE=11111111-1111-1111-1111-110311281150 /fLJQNfhW=ch /rSAHtbrkM /AlATN='http:/update.demogensrv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-4.exe/FyBKcmwc /MuhzWW='Object Browser' /RxNndz C:\Program Files\Object Browser\32850.xpi' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /HeagdcHq=300 /[email protected]a0b2-52e936311db9.com /xWXhTLUK=0.94 /WiKIXMUs=a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850 /bGPIPgMB=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/32850.rdf /KijCfbu='Object Browser' /JrUxJjKhv='Browser enhancer' /dCYdb='Object Browser' /fLJQNfhW=ch /IUEvrY='{asw:[67108865, 75497796, 0]}' /rSAHtbrkM /LKNfUuaxm /vaSjFRJMW /AlATN='http:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5_user.job => C:\Program Files\Object Browser\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-6.job => C:\Program Files\Object Browser\Object Browser-novainstaller.exeV/veiZmdehn /MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=Object Browser /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /sxRBSOW=task /AlATN='http:/update.demogensrv.com/novacode/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\a8ae6161-0f96-46cd-b86f-580f1aa2fa9f-7.job => C:\Program Files\Object Browser\Object Browser-nova.exe</MuhzWW='Object Browser' /uYHluauTy=32850 /KyQKZd='000037' /UFsaUh='0' /vRYcFttJ='0' /phsSuU=BD47D7FA7BD749F1AD89CEC52A6CB4ECIE /anpSmzJh=b086e484f39ddcfda4847b8890388d4b /QdVxXN=1_34_07_01 /UKCDI=1.34.7.1 /kIjmA=1404387438 /NEnSdOe=http:/stats.demogensrv.com /KRGlER=http:/errors.demogensrv.com /MhtEytJsy=http:/js.demogensrv.com /fLJQNfhW=ch /BYbALQtXa /MhzSH=Object Browser /HvxLMP='nova' /hzIOssz=http:/js.clientdemocloud.com /IUEvrY='{asw:[67108865, 75497796, 0]}' /AlATN='http:/update.demogensrv.com/novarun/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Windows\system32\whhoami.exe
Task: C:\Windows\Tasks\At2.job => C:\Windows\system32\cmd.exeR/c del /F /Q C:\Users\john\Downloads\house of the dead 2 game free download.exe
Task: C:\Windows\Tasks\CrackTracker.job => C:\Program Files\zabkat\crack tracker\craktrak.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\john\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DSite.job => C:\Users\john\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d016506776cf4c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d076f59cac145b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d01646fee86a63.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000Core1d076f59f224db5.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2280821914-3189600555-3011743376-1000UA.job => C:\Users\john\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\khdshrsrf.job =>
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\john\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
AlternateDataStreams: C:\Users\john\AppData\Local\F6iwgVhInOEPR:kS5FBhShtwVnhCcS
AlternateDataStreams: C:\Users\john\AppData\Local\Temp:CombVUb7UTCt2bAKTdIzI7xOgtep3
AlternateDataStreams: C:\Users\john\AppData\Local\Temporary Internet Files:1zTcQognA0ENzQJ1VlX1f0z2BdT
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Program Files\ShopperPro
C:\Program Files\Object Browser
C:\PROGRA~1\COMMON~1\System\SysMenu.dll
C:\Program Files\Sense
C:\Program Files\iWebar
C:\Program Files\globalUpdate
C:\Windows\system32\whhoami.exe
C:\Users\john\AppData\Roaming\DSite
C:\Program Files\YTDownloader
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
simon_grylls

simon_grylls

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Thanks Essexboy
After fixing with FRST
There is no error of rundll32 and it is shown in task manager.
And browsers are working fine.
And here is the fixlog and adwcleaner[S0]

Attached Files


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
One final check to ensure that all has gone

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#5
simon_grylls

simon_grylls

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Here is the log
Is my problem completely solved?

Attached Files


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

All looks good, any further problems before I tidy up ?


  • 0

#7
simon_grylls

simon_grylls

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
no
all is fine
Thanks for the help
  • 0

#8
simon_grylls

simon_grylls

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Thanks for everything :-)

Edited by simon_grylls, 13 May 2015 - 11:14 AM.

  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP