[Afro Samurai]

Hello, a week ago I attempted to do a full system scan on my computer with Norton, Because I felt as if my computer were going a bit slower than usual, and during the full system scan I went to grab something to eat, which took about 10 minutes, when I came back to check up on it it was busy scanning "Backdoor.Rustock.A" I sat there to wait with the scan, and it took forever, and when it finally finished it did the same with some other very odd name files ("Infostealer.snifula","Infostealer.snifulb", "Rustock.B", "Backdoor.Trojan", among others). It took forever to scan these files so I looked them up and found out it was a virus, but Norton didn't actually do anything about them. I looked up multiple ways on how to remove It, I found the Manual way, which was a bit to complicated and risky so I decided not to do it, Then I found Norton Power Eraser, and I did a rootkit scan on my computer, It didn't find NOTHING, not a single thing. But when I try to do a full system scan, those files still pop up and do the same thing. I'm in desperate need of help, and if you could help me I'd really appreciate it.

 

If you need anymore Information about my system or something, Just ask i'll reply the fastest I can! THANK YOU!

[Advertisements]

Hello and welcome to Geeks To Go! My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• If you are receiving help for this issue at another forum, please let me know so I can close this thread.
• Please download to and run all requested tools from your Desktop.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
• At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
• Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
• Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
• Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?


Hello, let's get a look at your system and see what's going on.


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Place a check in the box marked Addition.txt
  
  
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Step 2: Scan with aswMBR

• Please download aswMBR.exe to your desktop.
• Double click the file to run it.
• If you get windows that pops up saying "Your machine supports Virtualization Technology. Would you like to use it for rootkit detection?" please select Yes.
• It will ask if you want to download the latest Avast! virus definitions, please answer yes.

• Click the Scan button to begin the scan.

• Once the scan has finished, click on Save Log, save it to your desktop as asw.txt, and please post it in your next reply.
• Click Exit

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

aswMBR Log

[pystryker]

Hello and welcome to Geeks To Go! My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• If you are receiving help for this issue at another forum, please let me know so I can close this thread.
• Please download to and run all requested tools from your Desktop.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
• At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
• Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
• Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
• Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?


Hello, let's get a look at your system and see what's going on.


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Place a check in the box marked Addition.txt
  
  
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Step 2: Scan with aswMBR

• Please download aswMBR.exe to your desktop.
• Double click the file to run it.
• If you get windows that pops up saying "Your machine supports Virtualization Technology. Would you like to use it for rootkit detection?" please select Yes.
• It will ask if you want to download the latest Avast! virus definitions, please answer yes.

• Click the Scan button to begin the scan.

• Once the scan has finished, click on Save Log, save it to your desktop as asw.txt, and please post it in your next reply.
• Click Exit

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

aswMBR Log

[Afro Samurai]

Thank you for helping Pystryker! I'm sorry for the late response, I posted this really late and I've been sleeping, also the scans been taking a bit.

 

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by JASON (administrator) on ALPHA on 25-05-2015 07:58:32
Running from C:\Users\JASON\Desktop
Loaded Profiles: JASON (Available Profiles: JOSH & JASON & ERICCA & MIRNA)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(GFI Software) C:\Program Files (x86)\ParetoLogic\XoftSpy AntiVirus Pro\SBAMSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTVersionChecker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\caudiofilteragent64.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Dell) C:\Users\JASON\AppData\Local\Apps\2.0\TKANBZTX.VGD\Z1LJHOON.26N\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
Failed to access process -> n360.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-28] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [fst_us_159] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\Run: [FLV Player] => C:\Users\JASON\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-25] ()
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-08-19] (Raptr, Inc)
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-14] (Valve Corporation)
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\Run: [DellSystemDetect] => C:\Users\JASON\AppData\Local\Apps\2.0\TKANBZTX.VGD\Z1LJHOON.26N\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-08-25] (Dell)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-05-02]
ShortcutTarget: Curse.lnk -> C:\Users\JASON\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk /K:C *
GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1006\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1005\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1001\User: Group Policy Restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:56982;https=127.0.0.1:56982
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.5.0.19
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {ED6B4609-AF6E-4549-B796-D9ADEC187F05} URL =
SearchScopes: HKU\.DEFAULT -> {0693CFE4-B435-4625-B007-9877F52BDADF} URL =
SearchScopes: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> {0693CFE4-B435-4625-B007-9877F52BDADF} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: DownloadTerms -> {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} -> C:\Users\JOSH\AppData\Local\DownloadTerms\temp.dat [2013-03-20] ()
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-12] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> No Name - {739DF940-C5EE-4BAB-9D7E-270894AE687A} -  No File
Toolbar: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefie...r_5.0.203.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.96.0.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll [2013-09-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-11] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-16] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-07-16] (globalUpdate)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1793847376-2489598144-1912129065-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JASON\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-23] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-05-25]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx [2012-11-05]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-05-10] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-16] (globalUpdate) [] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-16] (globalUpdate) [] <==== ATTENTION
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) []
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-04] (Symantec Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-06] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-07-15] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.)
R2 SBAMSvc; C:\Program Files (x86)\ParetoLogic\XoftSpy AntiVirus Pro\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) []

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AE1000; C:\Windows\system32\DRIVERS\ae1000w7.sys [1101600 2010-03-22] (Ralink Technology Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150506.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150522.001\IDSvia64.sys [684248 2015-05-24] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150524.003\ENG64.SYS [129752 2015-04-30] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150524.003\EX64.SYS [2137304 2015-04-30] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SMR430; C:\Windows\System32\drivers\SMR430.SYS [108216 2015-05-25] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1507000.00B\SymELAM.sys [23568 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-01-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) []
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S1 hlnfd; system32\drivers\hlnfd.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 X6va016; \??\C:\WINDOWS\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 07:58 - 2015-05-25 08:03 - 00029928 _____ () C:\Users\JASON\Desktop\FRST.txt
2015-05-25 07:57 - 2015-05-25 07:58 - 00000000 ____D () C:\FRST
2015-05-25 07:55 - 2015-05-25 07:55 - 02108416 _____ (Farbar) C:\Users\JASON\Desktop\FRST64.exe
2015-05-25 07:50 - 2015-05-25 07:50 - 05200384 _____ (AVAST Software) C:\Users\JASON\Desktop\aswmbr.exe
2015-05-25 00:17 - 2015-05-25 00:18 - 00000020 _____ () C:\WINDOWS\system32\Drivers\SMR430.dat
2015-05-25 00:08 - 2015-05-25 00:17 - 00108216 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR430.SYS
2015-05-24 22:33 - 2015-05-24 22:33 - 03060320 ____N (Symantec Corporation) C:\Users\JASON\Desktop\NPE.exe
2015-05-24 18:39 - 2012-09-20 05:11 - 00061216 _____ (GFI Software) C:\WINDOWS\system32\Drivers\sbhips.sys
2015-05-24 18:37 - 2012-09-20 05:11 - 00258848 _____ (GFI Software) C:\WINDOWS\system32\Drivers\SbFw.sys
2015-05-24 18:37 - 2012-09-12 20:19 - 00120064 _____ (GFI Software) C:\WINDOWS\system32\Drivers\SbFwIm.sys
2015-05-24 18:36 - 2015-05-24 18:36 - 00000000 ____D () C:\ProgramData\ParetoLogic
2015-05-24 18:36 - 2015-05-24 18:36 - 00000000 ____D () C:\Program Files (x86)\ParetoLogic
2015-05-24 17:32 - 2015-05-24 17:32 - 00015507 _____ () C:\Users\JASON\Desktop\Untitled.camproj
2015-05-24 17:29 - 2015-05-24 17:30 - 00000000 ____D () C:\Users\JASON\Desktop\Montage clips
2015-05-23 20:26 - 2015-05-23 20:26 - 00000222 _____ () C:\Users\JASON\Desktop\Gotham City Impostors Free To Play.url
2015-05-19 17:27 - 2015-05-24 17:20 - 00000000 ____D () C:\Users\JASON\Desktop\CSGO clips
2015-05-18 14:23 - 2015-05-18 14:24 - 00002155 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-05-18 14:22 - 2015-05-11 19:34 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-05-18 14:18 - 2015-05-12 23:52 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-05-18 14:18 - 2015-05-12 23:52 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 42718864 _____ () C:\WINDOWS\system32\nvcompiler.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 37741712 _____ () C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 30478992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 22945424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 16145176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 15858728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 14455296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 13263568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 11790144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 10972304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-18 14:18 - 2015-05-11 23:27 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 01050256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00878816 _____ () C:\WINDOWS\system32\nvmcumd.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00502896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00407296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-18 14:18 - 2015-05-11 23:27 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-17 22:20 - 2015-05-18 15:19 - 00000000 ____D () C:\Program Files (x86)\ArmA3Sync
2015-05-17 22:20 - 2015-05-17 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArmA3Sync
2015-05-13 20:59 - 2015-04-30 13:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 20:59 - 2015-04-30 13:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:42 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 15:42 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 15:42 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 15:42 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 15:42 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 15:42 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 15:42 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 15:42 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 15:42 - 2015-04-21 09:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 15:42 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 15:42 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 15:42 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 15:42 - 2015-04-21 09:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 15:42 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 15:42 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 15:42 - 2015-04-21 08:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 15:42 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 15:42 - 2015-04-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 15:42 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 15:42 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 15:42 - 2015-04-21 08:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 15:42 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 15:42 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 15:42 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 15:42 - 2015-04-21 08:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 15:42 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 15:42 - 2015-04-21 08:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 15:42 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 15:42 - 2015-04-21 08:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 15:42 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 15:42 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 15:42 - 2015-04-21 08:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 15:42 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 15:42 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 15:42 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 15:42 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 15:42 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 15:42 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 15:42 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 19:13 - 2015-03-17 10:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 19:13 - 2015-03-08 19:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 19:01 - 2015-04-09 17:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 19:01 - 2015-04-09 17:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 19:00 - 2015-04-24 14:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-12 19:00 - 2015-04-08 15:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 19:00 - 2015-04-02 17:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 19:00 - 2015-04-02 17:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 19:00 - 2015-04-01 15:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 19:00 - 2015-04-01 15:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 19:00 - 2015-03-31 20:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 19:00 - 2015-03-31 19:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 19:00 - 2015-03-29 22:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 19:00 - 2015-03-26 20:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 19:00 - 2015-03-26 19:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 19:00 - 2015-03-26 19:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 19:00 - 2015-03-19 18:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 19:00 - 2015-03-12 21:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 19:00 - 2015-03-12 21:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 19:00 - 2015-03-12 19:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 19:00 - 2015-03-12 18:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 19:00 - 2015-03-12 17:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 19:00 - 2015-03-10 18:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 19:00 - 2015-03-10 18:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 19:00 - 2015-03-05 20:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 19:00 - 2015-03-05 19:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 19:00 - 2015-03-05 19:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 19:00 - 2015-03-04 16:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-12 19:00 - 2015-03-03 18:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 19:00 - 2015-03-03 18:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 19:00 - 2015-02-17 16:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 19:00 - 2015-01-29 17:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 19:00 - 2014-11-13 23:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-12 18:56 - 2015-03-12 17:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 18:17 - 2015-05-12 18:42 - 00000159 _____ () C:\Users\JASON\Desktop\nid21fTA8i.cfg
2015-05-12 17:43 - 2015-05-12 17:43 - 00333936 _____ () C:\WINDOWS\Minidump\051215-182546-01.dmp
2015-05-12 17:19 - 2015-04-30 16:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 17:19 - 2015-04-30 15:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 17:18 - 2015-04-13 15:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 17:18 - 2015-04-09 18:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 17:18 - 2015-04-09 17:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 17:18 - 2015-04-09 17:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-11 23:27 - 2015-05-12 02:26 - 00001464 ____N () C:\Users\JASON\Desktop\ldr.cnf
2015-05-10 01:08 - 2015-05-10 01:08 - 00000031 _____ () C:\Users\JASON\Desktop\Teams.txt
2015-05-09 01:04 - 2015-05-09 01:04 - 00000054 _____ () C:\Users\JASON\Desktop\dfs.txt
2015-05-07 21:19 - 2015-05-07 21:19 - 00000222 _____ () C:\Users\JASON\Desktop\Heroes & Generals.url
2015-05-02 22:37 - 2015-05-10 19:26 - 00000000 ____D () C:\Users\JASON\AppData\Roaming\Curse Client
2015-05-02 22:37 - 2015-05-02 22:37 - 00001083 _____ () C:\Users\JASON\Desktop\Curse.lnk
2015-05-02 22:37 - 2015-05-02 22:37 - 00001069 _____ () C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2015-04-29 20:20 - 2015-04-29 20:21 - 00406328 _____ () C:\WINDOWS\Minidump\042915-100484-01.dmp
2015-04-29 20:19 - 2015-05-24 21:15 - 00012872 _____ () C:\WINDOWS\PFRO.log
2015-04-29 15:45 - 2015-04-29 15:45 - 00000000 _____ () C:\autoexec.bat
2015-04-27 20:16 - 2015-04-27 20:16 - 00271096 _____ () C:\WINDOWS\Minidump\042715-142843-01.dmp
2015-04-27 20:14 - 2015-05-12 17:41 - 970264087 _____ () C:\WINDOWS\MEMORY.DMP
2015-04-27 19:52 - 2015-05-24 19:18 - 01265602 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-27 19:51 - 2015-05-25 00:11 - 00011111 _____ () C:\WINDOWS\setupact.log
2015-04-27 19:51 - 2015-04-27 19:51 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-27 16:45 - 2015-04-27 16:45 - 00027998 _____ () C:\Users\JASON\Desktop\cc_20150427_164553.reg
2015-04-25 00:07 - 2015-04-25 00:07 - 00001127 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 08:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-25 07:56 - 2014-07-28 12:26 - 00000294 _____ () C:\WINDOWS\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8}.job
2015-05-25 07:56 - 2013-03-07 18:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1793847376-2489598144-1912129065-1005
2015-05-25 07:47 - 2013-03-28 18:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-25 07:37 - 2015-02-12 05:29 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-05-25 07:37 - 2013-12-07 17:43 - 00000000 __RDO () C:\Users\JASON\SkyDrive
2015-05-25 07:36 - 2013-03-07 17:47 - 00000908 _____ () C:\Users\Public\CAFADEBUG.log
2015-05-25 07:35 - 2014-07-16 17:59 - 00001436 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user.job
2015-05-25 07:35 - 2014-07-16 17:59 - 00001422 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5.job
2015-05-25 07:35 - 2014-07-16 17:59 - 00001338 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2.job
2015-05-25 07:35 - 2014-07-16 17:59 - 00001262 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10.job
2015-05-25 07:35 - 2014-07-16 17:58 - 00003816 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11.job
2015-05-25 07:35 - 2014-07-16 17:58 - 00003134 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3.job
2015-05-25 07:35 - 2014-07-16 17:58 - 00002216 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4.job
2015-05-25 07:35 - 2014-07-16 17:58 - 00001544 _____ () C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1.job
2015-05-25 07:35 - 2014-07-16 17:58 - 00000928 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-25 07:35 - 2014-03-10 14:37 - 00002346 _____ () C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job
2015-05-25 07:35 - 2014-03-10 14:37 - 00001564 _____ () C:\WINDOWS\Tasks\FLV Player Addon-updater.job
2015-05-25 07:35 - 2014-03-10 14:37 - 00001398 _____ () C:\WINDOWS\Tasks\FLV Player Addon-enabler.job
2015-05-25 07:35 - 2013-03-21 18:33 - 00000402 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
2015-05-25 03:37 - 2015-03-27 22:22 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{04C1AEE7-2B3A-48A1-ABDF-C70818747078}
2015-05-25 01:44 - 2013-07-09 22:28 - 00000000 ____D () C:\Users\JASON\AppData\Local\ArmA 2 OA
2015-05-25 01:33 - 2014-06-05 08:18 - 00000400 _____ () C:\WINDOWS\Tasks\update-sys.job
2015-05-25 00:27 - 2014-06-05 08:18 - 00000400 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1005.job
2015-05-25 00:21 - 2014-06-12 20:48 - 00000402 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1006.job
2015-05-25 00:17 - 2014-07-17 06:50 - 00000000 ____D () C:\Users\JASON\AppData\Local\NPE
2015-05-25 00:11 - 2014-11-26 17:48 - 00000000 ____D () C:\NPE
2015-05-25 00:11 - 2013-03-20 12:44 - 00000000 ____D () C:\Users\JASON\AppData\Local\HTC MediaHub
2015-05-25 00:10 - 2014-09-02 11:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-25 00:10 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-25 00:09 - 2013-08-22 06:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-25 00:04 - 2014-07-16 17:58 - 00000932 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-24 23:54 - 2013-03-23 10:21 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2015-05-24 22:12 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-24 18:44 - 2013-08-22 07:44 - 00493392 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-24 18:18 - 2013-04-16 19:50 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-24 18:10 - 2013-04-16 19:50 - 00000000 ____D () C:\Users\JASON\AppData\Local\Google
2015-05-24 18:07 - 2014-12-21 16:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-24 17:55 - 2013-11-19 18:09 - 00000000 ____D () C:\Users\MIRNA
2015-05-24 17:55 - 2013-11-19 18:09 - 00000000 ____D () C:\Users\JOSH
2015-05-24 17:52 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-24 17:29 - 2013-03-28 21:01 - 00007168 _____ () C:\Users\JASON\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-24 17:24 - 2014-09-28 19:33 - 00000000 ____D () C:\Users\JASON\AppData\Roaming\OBS
2015-05-24 14:12 - 2013-03-27 21:53 - 00000000 ____D () C:\Users\JASON\AppData\Roaming\TS3Client
2015-05-24 13:08 - 2013-03-22 19:18 - 00000000 ____D () C:\Users\JASON\AppData\Local\Adobe
2015-05-23 00:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-22 23:46 - 2013-07-09 17:26 - 00007616 _____ () C:\Users\JASON\AppData\Local\resmon.resmoncfg
2015-05-22 23:19 - 2013-11-19 18:08 - 00000000 ____D () C:\Users\JASON
2015-05-19 19:56 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-19 19:55 - 2015-04-04 01:30 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-19 19:55 - 2015-04-04 01:30 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-19 17:40 - 2015-04-06 20:13 - 00000000 ____D () C:\Users\JASON\AppData\Local\Arma 3 Launcher
2015-05-19 17:37 - 2013-09-02 11:06 - 00000000 ____D () C:\Users\JASON\AppData\Local\Arma 3
2015-05-18 15:18 - 2013-03-08 16:20 - 00000000 ____D () C:\Users\JASON\AppData\Local\CrashDumps
2015-05-18 14:24 - 2014-09-02 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-18 14:24 - 2013-01-29 05:30 - 00000000 ____D () C:\Temp
2015-05-18 14:23 - 2014-09-02 11:48 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-17 19:33 - 2014-08-18 21:54 - 00000000 ____D () C:\Users\JASON\Desktop\Games
2015-05-17 19:32 - 2013-03-07 19:48 - 00000000 ____D () C:\Users\JASON\AppData\Roaming\.technic
2015-05-16 19:17 - 2014-12-22 15:07 - 00003654 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 17:55 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-15 15:54 - 2012-07-25 22:26 - 00000222 _____ () C:\WINDOWS\win.ini
2015-05-13 21:24 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-13 21:23 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 20:48 - 2013-09-29 20:51 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 20:31 - 2013-11-19 18:08 - 00000000 ____D () C:\Users\ERICCA
2015-05-12 23:52 - 2015-02-12 05:39 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-05-12 17:43 - 2014-03-09 01:41 - 00000000 ____D () C:\WINDOWS\Minidump
2015-05-12 17:41 - 2013-08-04 19:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-12 17:41 - 2013-08-04 19:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-12 17:21 - 2013-08-05 20:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-12 17:21 - 2013-03-09 13:02 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-12 17:20 - 2013-08-04 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 23:27 - 2015-02-12 05:39 - 00031710 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-05-11 23:27 - 2014-09-02 12:00 - 17540416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-11 23:27 - 2014-09-02 12:00 - 15048816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-11 23:27 - 2014-09-02 12:00 - 12849056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-11 23:27 - 2014-09-02 12:00 - 02971776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-11 23:27 - 2014-03-20 23:02 - 03363224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-11 20:30 - 2014-09-02 11:49 - 06872392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-11 20:30 - 2014-09-02 11:49 - 03490448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-11 20:30 - 2014-09-02 11:49 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-11 20:30 - 2014-09-02 11:49 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-11 20:30 - 2014-09-02 11:49 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-11 20:30 - 2014-09-02 11:49 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-11 10:01 - 2014-09-02 11:49 - 04391871 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-05-07 20:17 - 2013-10-13 21:09 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2015-05-05 10:59 - 2015-04-16 14:47 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 10:59 - 2015-04-16 14:47 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-02 22:40 - 2013-03-09 15:19 - 00000000 ____D () C:\Users\JASON\Documents\My Games
2015-05-02 22:37 - 2015-02-21 00:50 - 00000000 __SHD () C:\AI_RecycleBin
2015-05-02 22:35 - 2014-08-23 07:47 - 00000000 ____D () C:\Users\JASON\AppData\Local\Deployment
2015-04-30 15:10 - 2013-05-25 13:48 - 00000000 ____D () C:\Users\JASON\AppData\Roaming\.minecraft
2015-04-25 00:07 - 2014-02-14 17:34 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-04-25 00:07 - 2014-02-14 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2015-04-25 00:03 - 2014-02-14 17:32 - 00000000 ____D () C:\Users\JASON\AppData\Roaming\SplitMediaLabs

==================== Files in the root of some directories =======

2013-06-24 09:43 - 2013-06-24 09:43 - 0000000 _____ () C:\Users\JASON\AppData\Roaming\aaxdzfkdubx.exe
2014-04-25 23:32 - 2014-04-25 23:36 - 0000318 _____ () C:\Users\JASON\AppData\Roaming\aps.uninstall.scan.results
2013-06-24 09:52 - 2013-06-24 09:52 - 0000000 _____ () C:\Users\JASON\AppData\Roaming\nyqnmcf.exe
2013-06-24 09:44 - 2013-06-24 09:44 - 0000000 _____ () C:\Users\JASON\AppData\Roaming\sejhjhg.exe
2014-01-12 14:32 - 2014-01-12 14:33 - 0007968 _____ () C:\Users\JASON\AppData\Roaming\TheHunterSettings_live.bin
2013-06-24 09:43 - 2013-06-24 09:43 - 0000000 _____ () C:\Users\JASON\AppData\Roaming\wpijgivrvn.exe
2013-09-23 18:27 - 2013-09-23 18:29 - 0000617 _____ () C:\Users\JASON\AppData\Roaming\ZoombiesUniversalLauncher.xml
2013-03-28 21:01 - 2015-05-24 17:29 - 0007168 _____ () C:\Users\JASON\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-02 14:55 - 2014-09-02 17:59 - 1065984 _____ () C:\Users\JASON\AppData\Local\file__0.localstorage
2013-07-09 17:26 - 2015-05-22 23:46 - 0007616 _____ () C:\Users\JASON\AppData\Local\resmon.resmoncfg
2014-06-05 08:18 - 2014-06-05 08:18 - 0000003 _____ () C:\Users\JASON\AppData\Local\updater.log
2014-06-05 08:18 - 2015-04-22 16:28 - 0000424 _____ () C:\Users\JASON\AppData\Local\UserProducts.xml
2014-10-29 15:00 - 2014-10-29 15:00 - 0000232 _____ () C:\ProgramData\HirezPipeError.txt
2013-01-29 05:27 - 2013-01-29 05:27 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-01-29 05:24 - 2013-01-29 05:25 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-01-29 05:25 - 2013-01-29 05:26 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-01-29 05:24 - 2013-01-29 05:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-01-29 05:26 - 2013-01-29 05:27 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Files to move or delete:
====================
C:\Users\ERICCA\siriusxdata_clsiriusx_LIVE.dat
C:\Users\JASON\AlexScape_AlexScape_LIVE.dat
C:\Users\JASON\alotic_preferences.dat
C:\Users\JASON\alotic_preferences2.dat
C:\Users\JASON\animus_cl_Animus_LIVE.dat
C:\Users\JASON\BoomScape_cl_BoomScape_LIVE.dat
C:\Users\JASON\ent_ikov_preferences.dat
C:\Users\JASON\exoria_cl_exoria_LIVE.dat
C:\Users\JASON\Exoria_cl_matrix_LIVE.dat
C:\Users\JASON\fluteotic_fluteotic_preferences.dat
C:\Users\JASON\fluteotic_fluteotic_preferences2.dat
C:\Users\JASON\fluteotic_runescape_preferences.dat
C:\Users\JASON\fluteotic_runescape_preferences2.dat
C:\Users\JASON\fluteotic__preferences3.dat
C:\Users\JASON\infinity_cl_infinity724_LIVE.dat
C:\Users\JASON\infinity_cl_infinity724_LIVE1.dat
C:\Users\JASON\infinity_cl_infinity_LIVE.dat
C:\Users\JASON\jagex_Runescape_preferences.dat
C:\Users\JASON\jagex_Runescape_preferences2.dat
C:\Users\JASON\jagex__preferences3.dat
C:\Users\JASON\keystore.dat
C:\Users\JASON\matrixii_cl_matrix_LIVE.dat
C:\Users\JASON\matrixii_cl_matrix_LIVE1.dat
C:\Users\JASON\matrix_cl_matrix_LIVE.dat
C:\Users\JASON\matrix_cl_matrix_LIVE1.dat
C:\Users\JASON\matrix_cl_mortality 718_LIVE.dat
C:\Users\JASON\matrix_cl_mortality 718_LIVE1.dat
C:\Users\JASON\matrix_cl_Nuclear 747_LIVE.dat
C:\Users\JASON\matrix_cl_project divine_LIVE.dat
C:\Users\JASON\matrix_cl_validus_LIVE.dat
C:\Users\JASON\noregret_cl_noregret_LIVE.dat
C:\Users\JASON\noregret_cl_noregret_LIVE1.dat
C:\Users\JASON\novatier_cl_novatier_LIVE.dat
C:\Users\JASON\nova_noregret_LIVE.dat
C:\Users\JASON\nuclear_cl_Nuclear_LIVE.dat
C:\Users\JASON\prodigyx_cl_Prodigy-X_LIVE.dat
C:\Users\JASON\rune_evo_evolution_cache.dat
C:\Users\JASON\siriusxcacheSiriusX_LIVE.dat
C:\Users\JASON\siriusxdata_clsiriusx_LIVE.dat
C:\Users\JASON\siriusxdata_clsiriusx_LIVE1.dat
C:\Users\JASON\VD_cl_Vitorious Destiny_Core.dat
C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences.dat
C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences2.dat
C:\Users\JASON\ZarporSettings.dat

Some files in TEMP:
====================
C:\Users\JASON\AppData\Local\Temp\jshortcut-1403182676073399823.dll
C:\Users\JASON\AppData\Local\Temp\jshortcut-1970977382148223584.dll
C:\Users\JASON\AppData\Local\Temp\jshortcut-4005152019440398921.dll
C:\Users\JASON\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\JASON\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\JASON\AppData\Local\Temp\nvStInst.exe
C:\Users\JASON\AppData\Local\Temp\sfamcc00001.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-23 00:32

==================== End of log ============================

[Afro Samurai]

Addition.txt Log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by JASON at 2015-05-25 08:06:26
Running from C:\Users\JASON\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1793847376-2489598144-1912129065-500 - Administrator - Disabled)
ERICCA (S-1-5-21-1793847376-2489598144-1912129065-1006 - Limited - Enabled) => C:\Users\ERICCA
Guest (S-1-5-21-1793847376-2489598144-1912129065-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1793847376-2489598144-1912129065-1011 - Limited - Enabled)
JASON (S-1-5-21-1793847376-2489598144-1912129065-1005 - Administrator - Enabled) => C:\Users\JASON
JOSH (S-1-5-21-1793847376-2489598144-1912129065-1001 - Administrator - Enabled) => C:\Users\JOSH
MIRNA (S-1-5-21-1793847376-2489598144-1912129065-1007 - Limited - Enabled) => C:\Users\MIRNA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier Edition (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: ParetoLogic XoftSpy AntiVirus Pro (Disabled - Out of date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ParetoLogic XoftSpy AntiVirus Pro (Disabled - Out of date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
AS: Norton 360 Premier Edition (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: ParetoLogic XoftSpy AntiVirus Pro (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
FW: Norton 360 Premier Edition (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{1CAFFEC6-23B4-484B-B17B-3200BE5C5636}) (Version: 99.9 - Eyeo GmbH)
Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
Arma 3 Beta (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ArmA3Sync 1.4.58 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.4.58 - The [S.o.E] team)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.12.0 - Conexant)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{668B7711-6DAF-465F-9BE2-F3C07C962131}) (Version: 0.92.117 - Dotjosh Studios)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Dell Inc.)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.125 - PC-Doctor, Inc.)
Dell System Detect (HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell)
Depth (HKLM-x32\...\Steam App 274940) (Version:  - Digital Confectioners)
doubleTwist Sync (HKLM-x32\...\doubleTwist) (Version: 4.0.4.19767 - doubleTwist Corporation)
DSC/AA Factory Installer (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
FLV Player (HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\FLV Player) (Version: 1.1.0.0 - Somoto Ltd.) <==== ATTENTION
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GhostMouse (HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gotham City Impostors: Free To Play (HKLM-x32\...\Steam App 206210) (Version:  - Monolith Productions, Inc.)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.8.0.002 - HTC Corporation)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.3.32.0 - HTC)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{08B90A20-95D3-4725-84B9-AF6553E06C4F}) (Version: 5.0.10.2850 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
iVIDI Plugin 1.3 (HKLM-x32\...\iVIDI Plugin) (Version: 1.3 - iVIDI Plugin, Inc.) <==== ATTENTION
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Management (HKLM-x32\...\MCLIENT) (Version: 3.2.2.12 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 352.86 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PlanetSide 2 (2) (HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\SOE-PlanetSide 2 (2)) (Version:  - Sony Online Entertainment)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.6.2742.1 - Hi-Rez Studios)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
Unity Web Player (HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VIO Player version 1.2 (HKLM-x32\...\{2A9009E1-122C-4692-B442-A750C0DE7BA1}_is1) (Version: 1.2 - VIO Player)
Vipre (x32 Version: 6.1.5496 - Vipre) Hidden
War Thunder Launcher 1.0.1.340 (HKLM-x32\...\{abc8eea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
War Thunder Launcher 1.0.1.376 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
WebViewer DVR 1.0.0.128 (HKLM-x32\...\WebViewer DVR) (Version: 1.0.0.128 - Samsung Techwin Co., Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}) (Version: 2.2.1502.1633 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

13-05-2015 20:43:15 Windows Update
18-05-2015 14:24:25 Removed NVIDIA PhysX
24-05-2015 22:54:10 Norton_Power_Eraser_20150524225318656

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00DF4FCE-F3FC-4B9B-8181-3B74525C1CB0} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {01478BA4-ED4C-4179-B14C-32B3824B0C06} - System32\Tasks\Microsoft\Windows\Maintenance\Idle~Crawler Update => %LOCALAPPDATA%\Idle~Crawler\Idle~Crawler.exe <==== ATTENTION
Task: {099C98C3-107E-4396-A711-7CECD48441C4} - System32\Tasks\Idle~Crawler Runner => %LOCALAPPDATA%\Idle~Crawler\Idle~Crawler.exe <==== ATTENTION
Task: {0A88FAEB-4420-4D95-9687-0D4041CD829C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2013-02-05] (PC-Doctor, Inc.)
Task: {0DB62B00-62BD-4289-8AFE-E53CABE528C6} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-18] (Symantec Corporation)
Task: {0F55AF24-005A-4417-BB62-E5E11178974F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {11997B92-060D-459C-8203-1452E79D583D} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {18F1B74F-036A-4E54-8A2E-77D281681327} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-12] (Microsoft Corporation)
Task: {1DB34B60-444D-4882-9E7E-6BB6F7B895F4} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {1F304699-1329-4995-89EA-03121D8D55A3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1793847376-2489598144-1912129065-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {2A9B08FC-BD93-424C-97FB-18739EADE4C2} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {2B9A94B2-BEF0-424C-A955-8BD22EF824D1} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3D0AE508-656C-4A6E-A1F0-D90DA4AFF0A7} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-4.exe <==== ATTENTION
Task: {3F65F137-C88A-4298-A5D2-3C9D82A82ED5} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-2.exe <==== ATTENTION
Task: {484B6C4C-880C-4260-A044-11FE977BC3A6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-06] (Symantec Corporation)
Task: {4B1D53EA-B9FC-478C-A218-B47394A32336} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4E695FE5-010B-4716-B7A1-35E791C77340} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1793847376-2489598144-1912129065-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {50026130-6041-4517-B8AE-96DD0356AE93} - System32\Tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1006 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {52A805B2-CE8F-4CAE-B837-5DB4773D21BC} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5DDFEA49-FE75-47C7-8B36-577F49212864} - System32\Tasks\FLV Player Addon-firefoxinstaller => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-firefoxinstaller.exe
Task: {6B96CAC3-A6EC-402A-85EC-3884086682E1} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-3.exe <==== ATTENTION
Task: {719EBEFE-9256-4BD2-8A49-6F9E2F94DCA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {7578FD8D-29BA-4DEE-AECC-2590D8147607} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {770310A9-BE9E-4ECC-81F3-4A5CFA7574C1} - System32\Tasks\FLV Player Addon-enabler => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-enabler.exe
Task: {779CE9CD-C993-4132-A7BB-21FE45AA67B2} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2013-02-05] (PC-Doctor, Inc.)
Task: {80918470-F1E7-45FD-8924-564C415A5B5E} - System32\Tasks\DMLoaderDaily => C:\Users\JASON\AppData\Roaming\DownloadManager\Loader.exe <==== ATTENTION
Task: {81144F8D-F3E0-4E85-B845-B79480D199FE} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {85237A60-71D2-4439-ADA7-D13B0F61426B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-16] (globalUpdate) <==== ATTENTION
Task: {937148D2-C32A-4134-8299-EA63DA454E66} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-10.exe <==== ATTENTION
Task: {9456C827-35F2-4F13-BB80-0856CE137F1E} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1 => C:\Program Files (x86)\Cinema-DPlus2\Cinema-DPlus2-codedownloader.exe <==== ATTENTION
Task: {98703C90-DE60-4616-829D-5441AE519717} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-18] (Symantec Corporation)
Task: {9C7D846A-8A6B-4316-ADC5-6925A68969AC} - System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 => C:\Program Files\V-bates\startsc.bat <==== ATTENTION
Task: {9CCAE23F-B04A-49FF-A466-701B9DED8048} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {A6672AC9-954C-458C-BB11-7ACBD3C903BA} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe <==== ATTENTION
Task: {ADEC3F45-BAAB-4256-8B23-522EE6A4ADD6} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe <==== ATTENTION
Task: {AFCF8DDD-58D8-4943-AB87-D35520F76955} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {BAB6DBF3-D5D7-4BD2-8505-42DD876AFAEE} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {C0A2BF69-69BF-4F55-899A-AB539DC43B39} - System32\Tasks\DMUpdaterDaily => C:\Users\JASON\AppData\Roaming\DownloadManager\Updater.exe <==== ATTENTION
Task: {C7075C01-6A63-4CA0-AD64-1F501C23BE6B} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C8CBB66C-9928-4A09-95E7-269D016838BD} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {CA213AD2-5981-46FE-B336-4A985DC08A75} - System32\Tasks\{EDF93DE4-63E3-4308-803B-914E1BE5F6A9} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: {CB2D1624-AF64-43F0-BC3E-BD3E34485CBA} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
Task: {CB2EEA2F-7D31-415B-831F-4F65B3542CFF} - System32\Tasks\{EBE0BFC7-79FF-49C2-BB0B-FEC2E6AC8F5A} => pcalua.exe -a "C:\Program Files (x86)\Cinema-DPlus2\Uninstall.exe" -c /fcp=1
Task: {CB81DD16-B479-4CC0-A766-B805C5667873} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: {D0724570-F763-4091-96CD-9C03B94FAE62} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-16] (globalUpdate) <==== ATTENTION
Task: {D7D95C47-2D08-4387-B79C-EDAF69B75DF3} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {DE2068CA-A02F-444C-B227-512EAF6F39B8} - System32\Tasks\FLV Player Addon-updater => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-updater.exe
Task: {E06C92EC-F670-44A5-8402-FE5D78BC2771} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E3ABE309-D622-4AE3-AE4F-1C0FCE1695B1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E7F20CC1-B457-4A1A-BC69-54BC7B177606} - System32\Tasks\{B6908D6F-57FB-4486-A73C-10603FCE85DF} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/17700
Task: {EB851480-28C0-4B8B-B156-E7559D0DE227} - System32\Tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1005 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {F6E9B4CF-C6C2-4067-94A7-386AE40E27A9} - System32\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8} => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: {FF0348B9-9023-41A0-AFF9-C2CB71B5A84C} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1.job => C:\Program Files (x86)\Cinema-DPlus2\Cinema-DPlus2-codedownloader.exeS/mEjIVoB /XXOLGHkv=task /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /BqOZarmQ=1.34.7.1 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /pdfcWf=http:/js.genstatsnet.com /iINtmPeW=ie /MlysTG='Cinema-DPlus2' /UqhgsZOd=http:/js.clientdemocloud.com /XclwYaf /gLkmK='{asw:[0, 33554433, 4096]}' /xcseE='http:/update.genstatsnet.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-10.exe»/gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /JzAARcA='Cinema-DPlus2' /PqAKu=1000 /PNOid=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /boexUPHJ=http:/logs.genstatsnet.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-2.exeâ/iCnJy /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /ucsPOGUmc=11111111-1111-1111-1111-110611051148 /iINtmPeW=ie /IDdLVw /XclwYaf /xcseE='http:/update.genstatsnet.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-4.exe™/rSzNCCaZk /gcqMM='Cinema-DPlus2' /uoVeYM C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e.xpi' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /BqOZarmQ=1.34.7.1 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /dJawdNe=300 /wHPqK=d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com /ONNfwQ=0.95 /cCDvK=ad55cd0d79f24466095b3188599e8e4f86b2faf04e86f4bcfa878632814acf518com60548 /IvgIl=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/60548.rdf /JzAARcA='Cinema-DPlus2' /ZaOFTpgh='Lights out for YouTube' /dIUSYuZz='CinemaD2' /iINtmPeW=ie /gLkmK='{asw:[0, 33554433, 4096]}' /XclwYaf /KIUiFi /mtppVI /xcseE='http:/update.genstatsnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe/dOmCzKO /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /FhPKx=http:/ipgeoapi.com/ /LGnWOxdAW=http:/update.genstatsnet.com /MBYGXavyx=2 /boexUPHJ=http:/logs.genstatsnet.com /xcseE='http:/update.genstatsnet.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe/dOmCzKO /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /FhPKx=http:/ipgeoapi.com/ /LGnWOxdAW=http:/update.genstatsnet.com /MBYGXavyx=2 /boexUPHJ=http:/logs.genstatsnet.com /xcseE='http:/update.genstatsnet.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FLV Player Addon-enabler.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-enabler.exe/enablebho /agentregpath='FLV Player Addon' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511241166 /defbro=ie /allusers /autoupdateulr='http:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso
Task: C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-firefoxinstaller.exeÜ/installxpi /agentregpath='FLV Player Addon' /extensionfilepath C:\Program Files (x86)\FLV Player Addon\52466.xpi' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=dc59fc10-5a26-4311-af8d-bf9b600a7b9c@080e29b9-9bee-4caa-b38c-4958c5aa2376.com /extensionversion=0.94 /prefsbranch=adc59fc105a264311af8dbf9b600a7b9c080e29b99bee4caab38c4958c5aa2376com52466 /updateurl=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/52466.rdf /extensionname='FLV Player Addon' /extensiondesc='I am FLV Player extension' /publishername='Nero' /defbro=ie /allusers /allprofiles /checkfflist /autoupdateulr='http:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso
Task: C:\WINDOWS\Tasks\FLV Player Addon-updater.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-updater.exe^/runupdater /agentregpath='FLV Player Addon' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /geoserviceurl=http:/ipgeoapi.com/ /updatejsondomain=http:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=http:/stats.mstatsserv.com /autoupdateulr='http:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1005.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1006.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (Whitelisted) ==============

2014-06-18 17:18 - 2014-06-18 17:18 - 00209712 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00037168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2013-03-28 00:09 - 2014-07-15 22:56 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-01-29 05:26 - 2012-04-24 19:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-09-02 11:49 - 2015-05-11 20:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-24 14:21 - 2015-01-24 14:21 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\5c9c0b89a558d0e589c254af6b1ca238\Windows.UI.ni.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 17:40 - 2013-10-17 17:40 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-10-17 17:40 - 2013-10-17 17:40 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-10-17 17:40 - 2013-10-17 17:40 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-10-17 17:40 - 2013-10-17 17:40 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-10-17 17:40 - 2013-10-17 17:40 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-10-17 17:42 - 2013-10-17 17:42 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-10-17 17:43 - 2013-10-17 17:43 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-01-13 19:00 - 2015-01-13 19:00 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\c89a3da49bf7bd161745f4228277ea00\PSIClient.ni.dll
2013-01-29 05:19 - 2012-07-18 12:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-04-13 15:13 - 2015-03-27 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-01-29 05:25 - 2012-06-07 20:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-03-25 12:23 - 2015-04-16 10:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 15:12 - 2015-04-22 19:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-21 16:17 - 2015-05-14 18:58 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-19 15:12 - 2015-04-22 19:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 15:12 - 2015-04-22 19:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-28 15:18 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 15:18 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 15:18 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 15:18 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 15:18 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-03-25 19:54 - 2015-05-14 18:57 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 14:16 - 2015-05-11 12:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-13 15:14 - 2015-05-11 12:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\JASON\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\JASON\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\JASON\SkyDrive.old:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\sony.com -> sony.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\JASON\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\182 - 1ej2u2d.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "FLV Player"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "DesktopSlides"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "Raptr"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D06D41C3-15C9-4DF5-B3ED-0C7AF7C3AC0E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{4F3E551A-5C70-4D4C-B365-2EE08200E5ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{81B00DCE-4599-4937-B502-C6CFFA21AB80}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{44D297A8-404F-456E-A788-192BBDF9D350}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{83F80BB8-4BE3-40F3-982D-052D493E703B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{423BDA92-2789-4938-BAF3-7C89C213B89B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{058F116A-4FDB-4BAC-A085-01C4FB375E4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D7F52C2F-70BF-4951-8B1A-285BD3CC306D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CD2D273B-A8C2-49F3-9F74-E9D64A3DCB8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F9FA275F-7C24-4409-8715-A53B4E6C68C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A459B0DE-6306-41B2-833E-9306DB9F4F15}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6DA96F1B-F346-4BF6-9A4E-B61542D3CF4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{505E8D86-913F-4D8D-B65B-ECAC5C75B1A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{CC5F2343-352C-4E81-9CD1-CB19F0997B86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{7E5FCB55-BED9-49A9-933D-E70F6F67B607}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{88361D3D-3346-4FDB-865E-A1D05E2BAD23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{88827424-6D6B-442E-8875-10E3E2A962FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EF4F448B-1343-43B7-85DA-BB0724DC2784}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F925BB39-8FA6-4A3C-9CB9-B11927E35DFA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{28780F17-E7A4-4D02-AFAD-5542FBD3CCCA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{4028F590-773F-4E44-A1BC-CE900ADDD577}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{C87A5D73-D4BE-4FAB-BCA4-191390762BC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{3D36EDF6-4672-477F-AA72-8B8F18703464}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{5E34BE29-412D-4806-A1E2-F76DD1EC5771}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1F47BE0A-12DC-47FE-A8A0-03ED5AE5C287}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D9230EA2-F630-4EB6-97C2-1C2D7EE7313F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{82CB785E-41BB-481A-A7B5-583DBFA0AE26}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E081F157-66B4-4F5D-9BFF-64BE242E6F6F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E10BEEAA-D20F-4236-9BBB-7C0C7A6BE36C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB8AADA7-513D-403B-B1B3-6EBBE72FE8F1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{36AB161E-111E-4E8E-B5FF-DFBD9EEC87C3}] => (Allow) LPort=1900
FirewallRules: [{0CC5DC97-4A0E-4324-9207-7B542227CA0A}] => (Allow) LPort=2869
FirewallRules: [{C28ECC7F-9E9F-48FA-A734-8E6C9704FF8C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B33492FB-37D1-462F-8356-4C95ADB885D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{7FF4EA84-D514-42DD-8373-A63EEEA0552D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{BF1465B3-7185-4DB9-88C4-AFF9592CD244}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{C9A93D3F-6DE5-4AE0-A34E-978923A26BD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{1D227518-408F-4389-A054-FF4E79580202}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{FA7CC992-1E8A-46F3-A921-A88EFAB9546A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{66D62856-58E6-49AF-80C2-A00D0A3DB5C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A7640EE2-948C-4492-ACB6-5B9C361DB134}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{2D8E63B4-136A-408B-9BB9-8E6AA61A4EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{69D767C5-E5D5-4683-8176-879A745079CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{264DA893-C7C8-4103-831B-73801FAD6410}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{9DA403EC-EFAB-4976-A0F8-17E63619D180}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{916FA109-CAAD-4E2D-A53D-73EF700A37D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{C9F0B2A8-A3EF-4429-91CC-2D2A88D4F681}] => (Allow) LPort=8317
FirewallRules: [{E5CC62F0-4D33-4DDB-8504-6E5DD14FBF75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{8C3BA7C0-C2B2-4846-A279-9EE8DA8B0C46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{47164CDF-D1B1-41AC-B49C-43B85087BBE2}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{E65F4F1F-AD74-4A87-95CF-6DE689C590FB}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{F9D809E2-A369-4D7A-B114-8552CA169C38}] => (Allow) C:\Program Files (x86)\WarThunder\aces.exe
FirewallRules: [{6FC8EC13-2272-4515-8895-65D82F4FAB3F}] => (Allow) C:\Program Files (x86)\WarThunder\aces.exe
FirewallRules: [{E56C2284-7115-40C4-801B-CEEC91F14D29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{E3FFF7D3-C53C-427B-B64C-44472E1C2401}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{A2D4DC1F-D2E2-4703-9386-ABBDDE59E8EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{2EE4E56A-9E29-468F-ADA0-21FC5D42DA8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{98BBF1C2-5205-44CE-86F8-F22981D2DA57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{567C9CCC-1D6B-420A-8240-89A2C195E5AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{B81E7A4F-407B-41F0-8497-79006A512B36}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{B7FECC28-E7A3-4037-A354-A6F5C35BD01F}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{56A7E278-1F55-4DCE-98E3-B4C54DF8F63A}] => (Allow) C:\Program Files (x86)\WarThunder\aces.exe
FirewallRules: [{FC47A7F1-D548-41CE-B488-A3F9815DA1E7}] => (Allow) C:\Program Files (x86)\WarThunder\aces.exe
FirewallRules: [{27C2FCC0-0D35-472A-BCEA-08E296D7FC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{7A15B2F3-F7A7-4B1A-A292-FCFF92C7C9A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{CFAE6FB5-4DDE-4D25-8274-C0AC1E480C55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{D9F97E0A-AEA4-4167-9DC6-88C15EBB1D22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{ACBA7CEC-9474-4BAC-9396-7C30A4052C54}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FAAF5216-53CD-4EB9-B784-42B130DE4760}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{04E58FF8-80D5-4AE4-B84A-164FEFFAD43D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2D9007BA-B2A6-4922-9278-61505919E5EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5CF6802E-9957-4732-B471-58F80A4DCF1D}] => (Allow) C:\Users\JASON\AppData\Local\Oxy\Application\bin\oxy-downloader.exe
FirewallRules: [{E40D09CA-55A4-47F1-8200-B701C305900B}] => (Allow) C:\Users\JASON\AppData\Local\Oxy\Application\bin\oxy-downloader.exe
FirewallRules: [{8FD9B529-385C-4F69-A113-4AD93340FF95}] => (Allow) LPort=9091
FirewallRules: [{E0DCA475-AF8A-4D39-898F-32B23496E7CE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9988685A-61FB-44D1-8230-5D07DF21FC57}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0615661-4F14-4A03-A43C-C13619C089D3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3A9F786E-8E64-4F99-B783-CB8CA13F1028}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4D69BBAD-B220-4606-B6C2-0E1E73BB4ECC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D25C4FC1-7977-4C74-B34D-93A568BBF3C1}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{06377BB5-DC8E-405C-AE44-6DBD19ADBA2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E61968D2-535C-4324-97EA-8EC08E61D931}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C1E2E14A-CE62-4D59-8B2D-8F58E4E4BA2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B99F5501-6C9A-47AF-9682-E102ACB649DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AB30F502-C291-4E91-B2F2-C1811B703345}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D78A5DD-2C0E-4232-80AA-23CC4429EEB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{38D185CF-7155-498A-B56E-0A2325B111E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{66824C8E-EE6C-4632-B2EE-9DCE772F6F19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7AD8C5CC-7FA2-486E-A6F2-395F184DF417}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{EF742227-08AE-4090-AA80-8F03BA709EC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{9C8E1886-FBFA-4629-95B6-13B5D2BD6FEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CBD1C6B2-6BAE-4D7E-8939-7C5C858F7C17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BDDC4BD8-3527-4C2F-8AB3-2786B6B31D8B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{AF9D20E7-A05C-41D0-BDB6-A049EB8DDF44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{56441ECF-F198-4EC1-B895-365E63CCD1FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{5ADA688B-AD2A-4D9E-A279-B332026A9FCE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{118EF568-A018-453D-9BEE-0C04853CC527}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{35D4BF24-1C60-4ABC-A261-D0F88912E4B9}] => (Allow) C:\Program Files (x86)\WarThunderDev\launcher.exe
FirewallRules: [{EF640212-66F4-4D47-9A77-837A0F769E7E}] => (Allow) C:\Program Files (x86)\WarThunderDev\launcher.exe
FirewallRules: [TCP Query User{6BA4DD03-E47B-4E87-84CE-B62692EAB6AB}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{C99589D0-D3BB-4C7F-94A5-FC6FC7F15B1A}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{20869459-AFA5-4DC4-AA80-6E55857180A8}] => (Allow) C:\Program Files (x86)\WarThunder\aces.exe
FirewallRules: [{ED2EE751-BAC2-4AB1-A3D3-5F361BFA081B}] => (Allow) C:\Program Files (x86)\WarThunder\aces.exe
FirewallRules: [{8DA4A555-1487-4CA3-B2B9-2CB14773BF93}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{4ABC9B5C-6BC2-491F-9F6F-11AD6FBD2E4A}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{56705356-947E-4B9A-8243-C0E14FD7133D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{851936FB-0953-4513-856B-AD765455B8C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{694D0E3B-A40F-488E-81C7-71C26201A893}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{02DE1F40-61E2-4226-8F40-29EBA8AB9171}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{972AEC7B-6D32-4C99-80CB-0913D9E170AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{98591C1A-892A-4FE9-8D12-7E75049DAA0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{A29C1CBA-0909-4FD1-8E05-B98DB2033886}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{722F6065-096E-4EEE-B20A-141DC65A7E6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gotham City Impostors F2P\Impostors.exe
FirewallRules: [{3F06193A-9F32-4FAD-B2ED-B313767AEBE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{EC000EF6-8008-4983-9E22-D7401E7B334E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 08:00:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7f0

Start Time: 01d096faccb82e12

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: c0da9d51-02ee-11e5-bf64-d05099465c93

Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (05/25/2015 08:00:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d38

Start Time: 01d096faccb82e12

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: c033b2e4-02ee-11e5-bf64-d05099465c93

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/25/2015 07:55:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program N360.exe version 12.11.4.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1630

Start Time: 01d096fa127b4ca5

Termination Time: 12392

Application Path: C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe

Report Id: 132d466d-02ee-11e5-bf64-d05099465c93

Faulting package full name:

Faulting package-relative application ID:

Error: (05/25/2015 07:51:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12b8

Start Time: 01d096f806cf64c0

Termination Time: 15

Application Path: C:\WINDOWS\Explorer.EXE

Report Id: 77a1cda3-02ed-11e5-bf64-d05099465c93

Faulting package full name:

Faulting package-relative application ID:

Error: (05/25/2015 07:49:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program N360.exe version 12.11.4.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1db8

Start Time: 01d096f804afa109

Termination Time: 29863

Application Path: C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe

Report Id: 27199048-02ed-11e5-bf64-d05099465c93

Faulting package full name:

Faulting package-relative application ID:

Error: (05/25/2015 07:41:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b34

Start Time: 01d096f80b7efc1a

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 027ceece-02ec-11e5-bf64-d05099465c93

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/25/2015 00:30:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a60

Start Time: 01d096bbfcd633c2

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: f0a5711e-02af-11e5-bf64-d05099465c93

Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (05/25/2015 00:00:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc000000d
Fault offset: 0x0000000000101e60
Faulting process id: 0x758
Faulting application start time: 0xsvchost.exe_DiagTrack0
Faulting application path: svchost.exe_DiagTrack1
Faulting module path: svchost.exe_DiagTrack2
Report Id: svchost.exe_DiagTrack3
Faulting package full name: svchost.exe_DiagTrack4
Faulting package-relative application ID: svchost.exe_DiagTrack5

Error: (05/24/2015 11:26:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12d8

Start Time: 01d096af08dd844b

Termination Time: 265

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: eec8739f-02a6-11e5-bf62-d05099465c93

Faulting package full name:

Faulting package-relative application ID:

Error: (05/24/2015 10:47:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1458

Start Time: 01d096ad8c5c61a9

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 81c03198-02a1-11e5-bf62-d05099465c93

Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

System errors:
=============
Error: (05/25/2015 00:17:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The XoftSpy AntiVirus Pro service hung on starting.

Error: (05/25/2015 00:09:13 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1069upnphostUnavailable{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (05/25/2015 00:09:13 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x8007042d

Error: (05/25/2015 00:09:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069

Error: (05/25/2015 00:09:12 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (05/25/2015 00:09:00 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (05/25/2015 00:01:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostics Tracking Service service failed to start due to the following error:
%%3

Error: (05/25/2015 00:00:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Diagnostics Tracking Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/24/2015 10:45:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Rapid Storage Technology service hung on starting.

Error: (05/24/2015 10:37:57 PM) (Source: DCOM) (EventID: 10010) (User: ALPHA)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Microsoft Office:
=========================
Error: (05/25/2015 08:00:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.174157f001d096faccb82e124294967295C:\WINDOWS\syswow64\wwahost.exec0da9d51-02ee-11e5-bf64-d05099465c93Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (05/25/2015 08:00:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20856d3801d096faccb82e124294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exec033b2e4-02ee-11e5-bf64-d05099465c93microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/25/2015 07:55:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: N360.exe12.11.4.4163001d096fa127b4ca512392C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe132d466d-02ee-11e5-bf64-d05099465c93

Error: (05/25/2015 07:51:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1766712b801d096f806cf64c015C:\WINDOWS\Explorer.EXE77a1cda3-02ed-11e5-bf64-d05099465c93

Error: (05/25/2015 07:49:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: N360.exe12.11.4.41db801d096f804afa10929863C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe27199048-02ed-11e5-bf64-d05099465c93

Error: (05/25/2015 07:41:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.208561b3401d096f80b7efc1a4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe027ceece-02ec-11e5-bf64-d05099465c93microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/25/2015 00:30:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415a6001d096bbfcd633c24294967295C:\WINDOWS\syswow64\wwahost.exef0a5711e-02af-11e5-bf64-d05099465c93Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (05/25/2015 00:00:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6075801d096ad36bc6d51C:\WINDOWS\System32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllc739c25e-02ab-11e5-bf62-d05099465c93

Error: (05/24/2015 11:26:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1741612d801d096af08dd844b265C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEeec8739f-02a6-11e5-bf62-d05099465c93

Error: (05/24/2015 10:47:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415145801d096ad8c5c61a94294967295C:\WINDOWS\syswow64\wwahost.exe81c03198-02a1-11e5-bf62-d05099465c93Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

CodeIntegrity Errors:
===================================
  Date: 2014-12-22 13:45:04.705
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-22 13:45:04.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i5-3330 CPU @ 3.00GHz
Percentage of memory in use: 35%
Total physical RAM: 8076.78 MB
Available physical RAM: 5243.22 MB
Total Pagefile: 16268.78 MB
Available Pagefile: 13492.73 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.19 GB) (Free:281.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2A2854DA)

Partition: GPT Partition Type.

==================== End of log ============================

[Afro Samurai]

aswMBR Log:

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-05-25 08:41:37
-----------------------------
08:41:37.248    OS Version: Windows x64 6.2.9200
08:41:37.248    Number of processors: 4 586 0x3A09
08:41:37.248    ComputerName: ALPHA  UserName: JASON
08:41:40.545    Initialize success
08:41:40.545    VM: initialized successfully
08:41:40.545    VM: Intel CPU supported
08:41:45.194    VM: disk I/O iaStorA.sys
08:42:09.658    AVAST engine defs: 15052500
08:42:11.409    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000033
08:42:11.409    Disk 0 Vendor: ST31000524AS JC4A Size: 953869MB BusType: 11
08:42:11.925    Disk 0 MBR read successfully
08:42:11.925    Disk 0 MBR scan
08:42:11.925    Disk 0 unknown MBR code
08:42:11.971    Disk 0 Partition 1 00     EE            GPT           2097151 MB offset 1
08:42:12.237    Disk 0 scanning C:\WINDOWS\system32\drivers
08:42:33.932    Service scanning
08:42:36.933    Service BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150506.001\BHDrvx64.sys **LOCKED** 5
08:42:40.887    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
08:42:41.558    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
08:42:45.323    Service IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150522.001\IDSvia64.sys **LOCKED** 5
08:42:49.917    Service NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150524.003\ENG64.SYS **LOCKED** 5
08:42:50.027    Service NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150524.003\EX64.SYS **LOCKED** 5
08:43:09.392    Modules scanning
08:43:09.392    Disk 0 trace - called modules:
08:43:09.407    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
08:43:09.407    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00153fff060]
08:43:09.423    3 CLASSPNP.SYS[fffff80186651170] -> nt!IofCallDriver -> [0xffffe001527fa390]
08:43:09.423    5 ACPI.sys[fffff80185295c21] -> nt!IofCallDriver -> \Device\00000033[0xffffe001527fa7f0]
08:43:11.423    AVAST engine scan C:\WINDOWS
08:43:14.143    AVAST engine scan C:\WINDOWS\system32
08:49:30.889    AVAST engine scan C:\WINDOWS\system32\drivers
08:50:59.637    AVAST engine scan C:\Users\JASON
08:53:58.299    File: C:\Users\JASON\AppData\Local\Idle~Crawler\Modules\WdcMan.dll  **INFECTED** Win32:Clikug-M [Trj]
09:34:56.002    File: C:\Users\JASON\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Uninst000.CA.dll  **INFECTED** Win32:Rootkit-gen [Rtk]
09:52:06.712    AVAST engine scan C:\ProgramData
10:04:18.189    Disk 0 statistics 6146442/0/0 @ 0.73 MB/s
10:04:18.189    Scan finished successfully
13:50:23.588    Disk 0 MBR has been saved successfully to "C:\Users\JASON\Desktop\MBR.dat"
13:50:23.588    The log file has been saved successfully to "C:\Users\JASON\Desktop\aswMBR.txt"

 

[pystryker]

Thank you for helping Pystryker! I'm sorry for the late response, I posted this really late and I've been sleeping, also the scans been taking a bit.

You're quite welcome, and no worries on the time it took. We do this on the schedule that works best for you. I'm analyzing your logs at this time, but wanted to ask a quick question. Are you running a proxy on your machine? A proxy is a server that your computer would go through before getting to the internet. If you are not, or do not know, please let me know.

[Afro Samurai]

No, I don't use a proxy, I don't even know how to get one.

[pystryker]

Ok, thank you. We have much to do here, so let's get started. We'll break it down into a few steps at a time.


Step 1: Multiple Anti-Virus and Punkbuster Warning

Your log indicates you have multiple anti-virus programs installed on your machine. They are Norton, ParetoLogic XoftSpy Antivirus Pro, and Windows Defender

• Research shows that having multiple anti-virus programs installed is not a good idea. This is a case of more is not better. They will often conflict with each, provide false positives, and create additional problems.
• Even though 2 of them are disabled, they will still load the files they need at startup so as to be ready if enabled, thus consuming system resources.
• We need to remove 2 of these from your system. Do you have a preference as to which one? Unless you have paid for Norton's, I'd remove it and the ParetoLogic antivirus software. Windows Defender is so entrenched in the Windows software these days.
• Please let me know which 2 you are removing.

Step 2: Punkbuster and Program Uninstalls


There are some issues with infections in relation to PunkBuster...

Your computer has installed gaming tools. Some of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle.
In the process, they take control of much of your PC, and they actually meet the definition of spyware/malware.
They are sometimes designed to prevent orderly removal or modification, and they have only limited respect for retaining the overall security and integrity of your machine.

My advice would be to download the removal tool from here. Use this to uninstall PunkBuster Services. Then when I give the all clear use it again to reinstall PunkBuster Services if you so wish.

So after you have downloaded the removal tool for PunkBuster Services run it as follows...

• Right-click on pbsvc.exe and select select Run as Administrator.
• Ensure Un-install/Remove PunkBuster Service is selected.
• Click on Next >> Yes >> Finish.
• Reboot(restart) your machine if not prompted to do so.

Program Uninstalls

Please uninstall the following programs from your machine as they are adware/malware related. If one of the programs fails to uninstall, please move on to the next one in the list.

• FLV Player
• iVIDI Plugin 1.3

Once you have completed these steps, please let me know and we'll proceed.

[Afro Samurai]

1) I looked everywhere for ParetoLogic antivirus software, but I couldn't seem find it and I think I remember deleting it a while back.. I cant be sure tho. And for windows defender, it is currently disabled.

 

2) I have successfully removed Punkbuster, and restarted my computer!

 

3) I have also successfully removed both, FLV player, and iVIDI Plugin 1.3

[pystryker]

No worries on that ParetoLogic. Let's proceed.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Fix with FRST

• Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
• Right-click in the open notepad and select Paste).
• Save it on the desktop as fixlist.txt
  
  NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
  
  

  Start
  CreateRestorePoint:
  CloseProcesses:
  HKLM-x32\...\Run: [fst_us_159] => [X]
  HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\Run: [FLV Player] => C:\Users\JASON\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-25] ()
  ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1006\User: Group Policy Restriction detected <======= ATTENTION
  GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1005\User: Group Policy Restriction detected <======= ATTENTION
  GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1001\User: Group Policy Restriction detected <======= ATTENTION
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
  ProxyServer: [.DEFAULT] => http=127.0.0.1:56982;https=127.0.0.1:56982
  SearchScopes: HKLM-x32 -> DefaultScope {ED6B4609-AF6E-4549-B796-D9ADEC187F05} URL =
  BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
  BHO-x32: DownloadTerms -> {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} -> C:\Users\JOSH\AppData\Local\DownloadTerms\temp.dat [2013-03-20] ()
  C:\Users\JOSH\AppData\Local\DownloadTerms
  Toolbar: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
  Toolbar: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> No Name - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - No File
  FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
  FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
  FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
  C:\Program Files\V-bates
  CHR HKLM-x32\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx [2012-11-05]
  C:\Program Files (x86)\iVIDI.org plugin
  S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-16] (globalUpdate) [] <==== ATTENTION
  S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-16] (globalUpdate) [] <==== ATTENTION
  S1 hlnfd; system32\drivers\hlnfd.sys [X]
  S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
  S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
  S3 X6va016; \??\C:\WINDOWS\SysWOW64\Drivers\X6va016 [X]
  2015-05-25 07:35 - 2014-03-10 14:37 - 00002346 _____ () C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job
  2015-05-25 07:35 - 2014-03-10 14:37 - 00001564 _____ () C:\WINDOWS\Tasks\FLV Player Addon-updater.job
  2015-05-25 07:35 - 2014-03-10 14:37 - 00001398 _____ () C:\WINDOWS\Tasks\FLV Player Addon-enabler.job
  2015-05-25 07:35 - 2013-03-21 18:33 - 00000402 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
  Task: {5DDFEA49-FE75-47C7-8B36-577F49212864} - System32\Tasks\FLV Player Addon-firefoxinstaller => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-firefoxinstaller.exe
  Task: {770310A9-BE9E-4ECC-81F3-4A5CFA7574C1} - System32\Tasks\FLV Player Addon-enabler => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-enabler.exe
  Task: {DE2068CA-A02F-444C-B227-512EAF6F39B8} - System32\Tasks\FLV Player Addon-updater => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-updater.exe
  C:\Users\ERICCA\siriusxdata_clsiriusx_LIVE.dat
  C:\Users\JASON\AlexScape_AlexScape_LIVE.dat
  C:\Users\JASON\alotic_preferences.dat
  C:\Users\JASON\alotic_preferences2.dat
  C:\Users\JASON\animus_cl_Animus_LIVE.dat
  C:\Users\JASON\BoomScape_cl_BoomScape_LIVE.dat
  C:\Users\JASON\ent_ikov_preferences.dat
  C:\Users\JASON\exoria_cl_exoria_LIVE.dat
  C:\Users\JASON\Exoria_cl_matrix_LIVE.dat
  C:\Users\JASON\fluteotic_fluteotic_preferences.dat
  C:\Users\JASON\fluteotic_fluteotic_preferences2.dat
  C:\Users\JASON\fluteotic_runescape_preferences.dat
  C:\Users\JASON\fluteotic_runescape_preferences2.dat
  C:\Users\JASON\fluteotic__preferences3.dat
  C:\Users\JASON\infinity_cl_infinity724_LIVE.dat
  C:\Users\JASON\infinity_cl_infinity724_LIVE1.dat
  C:\Users\JASON\infinity_cl_infinity_LIVE.dat
  C:\Users\JASON\jagex_Runescape_preferences.dat
  C:\Users\JASON\jagex_Runescape_preferences2.dat
  C:\Users\JASON\jagex__preferences3.dat
  C:\Users\JASON\keystore.dat
  C:\Users\JASON\matrixii_cl_matrix_LIVE.dat
  C:\Users\JASON\matrixii_cl_matrix_LIVE1.dat
  C:\Users\JASON\matrix_cl_matrix_LIVE.dat
  C:\Users\JASON\matrix_cl_matrix_LIVE1.dat
  C:\Users\JASON\matrix_cl_mortality 718_LIVE.dat
  C:\Users\JASON\matrix_cl_mortality 718_LIVE1.dat
  C:\Users\JASON\matrix_cl_Nuclear 747_LIVE.dat
  C:\Users\JASON\matrix_cl_project divine_LIVE.dat
  C:\Users\JASON\matrix_cl_validus_LIVE.dat
  C:\Users\JASON\noregret_cl_noregret_LIVE.dat
  C:\Users\JASON\noregret_cl_noregret_LIVE1.dat
  C:\Users\JASON\novatier_cl_novatier_LIVE.dat
  C:\Users\JASON\nova_noregret_LIVE.dat
  C:\Users\JASON\nuclear_cl_Nuclear_LIVE.dat
  C:\Users\JASON\prodigyx_cl_Prodigy-X_LIVE.dat
  C:\Users\JASON\rune_evo_evolution_cache.dat
  C:\Users\JASON\siriusxcacheSiriusX_LIVE.dat
  C:\Users\JASON\siriusxdata_clsiriusx_LIVE.dat
  C:\Users\JASON\siriusxdata_clsiriusx_LIVE1.dat
  C:\Users\JASON\VD_cl_Vitorious Destiny_Core.dat
  C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences.dat
  C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences2.dat
  C:\Users\JASON\ZarporSettings.dat
  Task: {85237A60-71D2-4439-ADA7-D13B0F61426B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-16] (globalUpdate) <==== ATTENTION
  Task: {01478BA4-ED4C-4179-B14C-32B3824B0C06} - System32\Tasks\Microsoft\Windows\Maintenance\Idle~Crawler Update => %LOCALAPPDATA%\Idle~Crawler\Idle~Crawler.exe <==== ATTENTION
  Task: {099C98C3-107E-4396-A711-7CECD48441C4} - System32\Tasks\Idle~Crawler Runner => %LOCALAPPDATA%\Idle~Crawler\Idle~Crawler.exe <==== ATTENTION
  Task: {11997B92-060D-459C-8203-1452E79D583D} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
  C:\Program Files (x86)\Pro PC Cleaner
  Task: {1DB34B60-444D-4882-9E7E-6BB6F7B895F4} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
  C:\Program Files (x86)\AnyProtectEx
  Task: {3D0AE508-656C-4A6E-A1F0-D90DA4AFF0A7} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-4.exe <==== ATTENTION
  Task: {3F65F137-C88A-4298-A5D2-3C9D82A82ED5} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-2.exe <==== ATTENTION
  Task: {6B96CAC3-A6EC-402A-85EC-3884086682E1} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-3.exe <==== ATTENTION
  C:\Program Files (x86)\Cinema-DPlus2
  Task: {80918470-F1E7-45FD-8924-564C415A5B5E} - System32\Tasks\DMLoaderDaily => C:\Users\JASON\AppData\Roaming\DownloadManager\Loader.exe <==== ATTENTION
  C:\Users\JASON\AppData\Roaming\DownloadManager
  Task: {937148D2-C32A-4134-8299-EA63DA454E66} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-10.exe <==== ATTENTION
  Task: {9456C827-35F2-4F13-BB80-0856CE137F1E} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1 => C:\Program Files (x86)\Cinema-DPlus2\Cinema-DPlus2-codedownloader.exe <==== ATTENTION
  Task: {9C7D846A-8A6B-4316-ADC5-6925A68969AC} - System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 => C:\Program Files\V-bates\startsc.bat <==== ATTENTION
  Task: {9CCAE23F-B04A-49FF-A466-701B9DED8048} - \Optimizer Pro Schedule No Task File <==== ATTENTION
  Task: {A6672AC9-954C-458C-BB11-7ACBD3C903BA} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe <==== ATTENTION
  Task: {ADEC3F45-BAAB-4256-8B23-522EE6A4ADD6} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe <==== ATTENTION
  Task: {BAB6DBF3-D5D7-4BD2-8505-42DD876AFAEE} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
  Task: {C0A2BF69-69BF-4F55-899A-AB539DC43B39} - System32\Tasks\DMUpdaterDaily => C:\Users\JASON\AppData\Roaming\DownloadManager\Updater.exe <==== ATTENTION
  Task: {CB81DD16-B479-4CC0-A766-B805C5667873} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
  Task: {D7D95C47-2D08-4387-B79C-EDAF69B75DF3} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
  Task: {F6E9B4CF-C6C2-4067-94A7-386AE40E27A9} - System32\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8} => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
  Task: {FF0348B9-9023-41A0-AFF9-C2CB71B5A84C} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
  Task: {D0724570-F763-4091-96CD-9C03B94FAE62} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-16] (globalUpdate) <==== ATTENTION
  C:\Program Files\V-bates
  Task: {FF0348B9-9023-41A0-AFF9-C2CB71B5A84C} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1.job => C:\Program Files (x86)\Cinema-DPlus2\Cinema-DPlus2-codedownloader.exeS/mEjIVoB /XXOLGHkv=task /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /BqOZarmQ=1.34.7.1 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /pdfcWf=http:/js.genstatsnet.com /iINtmPeW=ie /MlysTG='Cinema-DPlus2' /UqhgsZOd=http:/js.clientdemocloud.com /XclwYaf /gLkmK='{asw:[0, 33554433, 4096]}' /xcseE='http:/update.genstatsnet.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-10.exe»/gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /JzAARcA='Cinema-DPlus2' /PqAKu=1000 /PNOid=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /boexUPHJ=http:/logs.genstatsnet.com <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-2.exeâ/iCnJy /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /ucsPOGUmc=11111111-1111-1111-1111-110611051148 /iINtmPeW=ie /IDdLVw /XclwYaf /xcseE='http:/update.genstatsnet.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-3.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-4.exe/rSzNCCaZk /gcqMM='Cinema-DPlus2' /uoVeYM C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e.xpi' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /BqOZarmQ=1.34.7.1 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /dJawdNe=300 /wHPqK=d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com /ONNfwQ=0.95 /cCDvK=ad55cd0d79f24466095b3188599e8e4f86b2faf04e86f4bcfa878632814acf518com60548 /IvgIl=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/60548.rdf /JzAARcA='Cinema-DPlus2' /ZaOFTpgh='Lights out for YouTube' /dIUSYuZz='CinemaD2' /iINtmPeW=ie /gLkmK='{asw:[0, 33554433, 4096]}' /XclwYaf /KIUiFi /mtppVI /xcseE='http:/update.genstatsnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe/dOmCzKO /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /FhPKx=http:/ipgeoapi.com/ /LGnWOxdAW=http:/update.genstatsnet.com /MBYGXavyx=2 /boexUPHJ=http:/logs.genstatsnet.com /xcseE='http:/update.genstatsnet.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
  Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe/dOmCzKO /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /FhPKx=http:/ipgeoapi.com/ /LGnWOxdAW=http:/update.genstatsnet.com /MBYGXavyx=2 /boexUPHJ=http:/logs.genstatsnet.com /xcseE='http:/update.genstatsnet.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
  Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
  C:\Program Files (x86)\AnyProtectEx
  Task: C:\WINDOWS\Tasks\FLV Player Addon-enabler.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-enabler.exe/enablebho /agentregpath='FLV Player Addon' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511241166 /defbro=ie /allusers /autoupdateulr='http:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso
  Task: C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-firefoxinstaller.exeÜ/installxpi /agentregpath='FLV Player Addon' /extensionfilepath C:\Program Files (x86)\FLV Player Addon\52466.xpi' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=dc59fc10-5a26-4311-af8d-bf9b600a7b9c@080e29b9-9bee-4caa-b38c-4958c5aa2376.com /extensionversion=0.94 /prefsbranch=adc59fc105a264311af8dbf9b600a7b9c080e29b99bee4caab38c4958c5aa2376com52466 /updateurl=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/52466.rdf /extensionname='FLV Player Addon' /extensiondesc='I am FLV Player extension' /publishername='Nero' /defbro=ie /allusers /allprofiles /checkfflist /autoupdateulr='http:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso
  Task: C:\WINDOWS\Tasks\FLV Player Addon-updater.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-updater.exe^/runupdater /agentregpath='FLV Player Addon' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /geoserviceurl=http:/ipgeoapi.com/ /updatejsondomain=http:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=http:/stats.mstatsserv.com /autoupdateulr='http:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso
  Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
  Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
  AlternateDataStreams: C:\ProgramData\Temp:373E1720
  IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
  IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
  IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
  IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
  IE trusted site: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\sony.com -> sony.com
  HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "FLV Player"
  HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "Pando Media Booster"
  C:\Users\JASON\AppData\Local\Idle~Crawler
  C:\Users\JASON\AppData\Roaming\Rainmaker Software Group LLC.?
  CMD: bitsadmin /reset /allusers
  CMD: netsh advfirewall reset
  CMD: netsh advfirewall set allprofiles state off
  CMD: ipconfig /flushdns
  Emptytemp:
  Hosts:
  End

  NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.
• Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.
  
  
  Step 2: Scan with AdwCleaner
  
  
  Download ADWcleaner by clicking here. Please save it to your Desktop
  
  
  
  
  
• Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
• Close any open windows or browsers.
• Pause your Anti-Virus program if it is running.
• Once it starts, click on the Scan button.
• Let the scan complete itself. This may take a few minutes.
• Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything.
• Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
  This report is also saved at C:\AdwCleaner[R0].txt
  Things I need to see in your next post:
  
  Please post each of these logs as a separate reply in this thread.
  
  Fixlog.txt Log
  
  AdwCleaner Log
  
  

[Afro Samurai]

Fixlog.txt Log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
Ran by JASON at 2015-05-25 17:37:00 Run:1
Running from C:\Users\JASON\Desktop
Loaded Profiles: JASON (Available Profiles: JOSH & JASON & ERICCA & MIRNA)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [fst_us_159] => [X]
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\Run: [FLV Player] => C:\Users\JASON\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-25] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1006\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1005\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1001\User: Group Policy Restriction detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:56982;https=127.0.0.1:56982
SearchScopes: HKLM-x32 -> DefaultScope {ED6B4609-AF6E-4549-B796-D9ADEC187F05} URL =
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: DownloadTerms -> {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} -> C:\Users\JOSH\AppData\Local\DownloadTerms\temp.dat [2013-03-20] ()
C:\Users\JOSH\AppData\Local\DownloadTerms
Toolbar: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005 -> No Name - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
C:\Program Files\V-bates
CHR HKLM-x32\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx [2012-11-05]
C:\Program Files (x86)\iVIDI.org plugin
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-16] (globalUpdate) [] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-16] (globalUpdate) [] <==== ATTENTION
S1 hlnfd; system32\drivers\hlnfd.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 X6va016; \??\C:\WINDOWS\SysWOW64\Drivers\X6va016 [X]
2015-05-25 07:35 - 2014-03-10 14:37 - 00002346 _____ () C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job
2015-05-25 07:35 - 2014-03-10 14:37 - 00001564 _____ () C:\WINDOWS\Tasks\FLV Player Addon-updater.job
2015-05-25 07:35 - 2014-03-10 14:37 - 00001398 _____ () C:\WINDOWS\Tasks\FLV Player Addon-enabler.job
2015-05-25 07:35 - 2013-03-21 18:33 - 00000402 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
Task: {5DDFEA49-FE75-47C7-8B36-577F49212864} - System32\Tasks\FLV Player Addon-firefoxinstaller => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-firefoxinstaller.exe
Task: {770310A9-BE9E-4ECC-81F3-4A5CFA7574C1} - System32\Tasks\FLV Player Addon-enabler => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-enabler.exe
Task: {DE2068CA-A02F-444C-B227-512EAF6F39B8} - System32\Tasks\FLV Player Addon-updater => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-updater.exe
C:\Users\ERICCA\siriusxdata_clsiriusx_LIVE.dat
C:\Users\JASON\AlexScape_AlexScape_LIVE.dat
C:\Users\JASON\alotic_preferences.dat
C:\Users\JASON\alotic_preferences2.dat
C:\Users\JASON\animus_cl_Animus_LIVE.dat
C:\Users\JASON\BoomScape_cl_BoomScape_LIVE.dat
C:\Users\JASON\ent_ikov_preferences.dat
C:\Users\JASON\exoria_cl_exoria_LIVE.dat
C:\Users\JASON\Exoria_cl_matrix_LIVE.dat
C:\Users\JASON\fluteotic_fluteotic_preferences.dat
C:\Users\JASON\fluteotic_fluteotic_preferences2.dat
C:\Users\JASON\fluteotic_runescape_preferences.dat
C:\Users\JASON\fluteotic_runescape_preferences2.dat
C:\Users\JASON\fluteotic__preferences3.dat
C:\Users\JASON\infinity_cl_infinity724_LIVE.dat
C:\Users\JASON\infinity_cl_infinity724_LIVE1.dat
C:\Users\JASON\infinity_cl_infinity_LIVE.dat
C:\Users\JASON\jagex_Runescape_preferences.dat
C:\Users\JASON\jagex_Runescape_preferences2.dat
C:\Users\JASON\jagex__preferences3.dat
C:\Users\JASON\keystore.dat
C:\Users\JASON\matrixii_cl_matrix_LIVE.dat
C:\Users\JASON\matrixii_cl_matrix_LIVE1.dat
C:\Users\JASON\matrix_cl_matrix_LIVE.dat
C:\Users\JASON\matrix_cl_matrix_LIVE1.dat
C:\Users\JASON\matrix_cl_mortality 718_LIVE.dat
C:\Users\JASON\matrix_cl_mortality 718_LIVE1.dat
C:\Users\JASON\matrix_cl_Nuclear 747_LIVE.dat
C:\Users\JASON\matrix_cl_project divine_LIVE.dat
C:\Users\JASON\matrix_cl_validus_LIVE.dat
C:\Users\JASON\noregret_cl_noregret_LIVE.dat
C:\Users\JASON\noregret_cl_noregret_LIVE1.dat
C:\Users\JASON\novatier_cl_novatier_LIVE.dat
C:\Users\JASON\nova_noregret_LIVE.dat
C:\Users\JASON\nuclear_cl_Nuclear_LIVE.dat
C:\Users\JASON\prodigyx_cl_Prodigy-X_LIVE.dat
C:\Users\JASON\rune_evo_evolution_cache.dat
C:\Users\JASON\siriusxcacheSiriusX_LIVE.dat
C:\Users\JASON\siriusxdata_clsiriusx_LIVE.dat
C:\Users\JASON\siriusxdata_clsiriusx_LIVE1.dat
C:\Users\JASON\VD_cl_Vitorious Destiny_Core.dat
C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences.dat
C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences2.dat
C:\Users\JASON\ZarporSettings.dat
Task: {85237A60-71D2-4439-ADA7-D13B0F61426B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-16] (globalUpdate) <==== ATTENTION
Task: {01478BA4-ED4C-4179-B14C-32B3824B0C06} - System32\Tasks\Microsoft\Windows\Maintenance\Idle~Crawler Update => %LOCALAPPDATA%\Idle~Crawler\Idle~Crawler.exe <==== ATTENTION
Task: {099C98C3-107E-4396-A711-7CECD48441C4} - System32\Tasks\Idle~Crawler Runner => %LOCALAPPDATA%\Idle~Crawler\Idle~Crawler.exe <==== ATTENTION
Task: {11997B92-060D-459C-8203-1452E79D583D} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
C:\Program Files (x86)\Pro PC Cleaner
Task: {1DB34B60-444D-4882-9E7E-6BB6F7B895F4} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
C:\Program Files (x86)\AnyProtectEx
Task: {3D0AE508-656C-4A6E-A1F0-D90DA4AFF0A7} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-4.exe <==== ATTENTION
Task: {3F65F137-C88A-4298-A5D2-3C9D82A82ED5} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-2.exe <==== ATTENTION
Task: {6B96CAC3-A6EC-402A-85EC-3884086682E1} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-3.exe <==== ATTENTION
C:\Program Files (x86)\Cinema-DPlus2
Task: {80918470-F1E7-45FD-8924-564C415A5B5E} - System32\Tasks\DMLoaderDaily => C:\Users\JASON\AppData\Roaming\DownloadManager\Loader.exe <==== ATTENTION
C:\Users\JASON\AppData\Roaming\DownloadManager
Task: {937148D2-C32A-4134-8299-EA63DA454E66} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-10.exe <==== ATTENTION
Task: {9456C827-35F2-4F13-BB80-0856CE137F1E} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1 => C:\Program Files (x86)\Cinema-DPlus2\Cinema-DPlus2-codedownloader.exe <==== ATTENTION
Task: {9C7D846A-8A6B-4316-ADC5-6925A68969AC} - System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 => C:\Program Files\V-bates\startsc.bat <==== ATTENTION
Task: {9CCAE23F-B04A-49FF-A466-701B9DED8048} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {A6672AC9-954C-458C-BB11-7ACBD3C903BA} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe <==== ATTENTION
Task: {ADEC3F45-BAAB-4256-8B23-522EE6A4ADD6} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe <==== ATTENTION
Task: {BAB6DBF3-D5D7-4BD2-8505-42DD876AFAEE} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {C0A2BF69-69BF-4F55-899A-AB539DC43B39} - System32\Tasks\DMUpdaterDaily => C:\Users\JASON\AppData\Roaming\DownloadManager\Updater.exe <==== ATTENTION
Task: {CB81DD16-B479-4CC0-A766-B805C5667873} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: {D7D95C47-2D08-4387-B79C-EDAF69B75DF3} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {F6E9B4CF-C6C2-4067-94A7-386AE40E27A9} - System32\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8} => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: {FF0348B9-9023-41A0-AFF9-C2CB71B5A84C} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
Task: {D0724570-F763-4091-96CD-9C03B94FAE62} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-16] (globalUpdate) <==== ATTENTION
C:\Program Files\V-bates
Task: {FF0348B9-9023-41A0-AFF9-C2CB71B5A84C} - System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11 => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1.job => C:\Program Files (x86)\Cinema-DPlus2\Cinema-DPlus2-codedownloader.exeS/mEjIVoB /XXOLGHkv=task /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /BqOZarmQ=1.34.7.1 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /pdfcWf=http:/js.genstatsnet.com /iINtmPeW=ie /MlysTG='Cinema-DPlus2' /UqhgsZOd=http:/js.clientdemocloud.com /XclwYaf /gLkmK='{asw:[0, 33554433, 4096]}' /xcseE='http:/update.genstatsnet.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-10.exe»/gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /JzAARcA='Cinema-DPlus2' /PqAKu=1000 /PNOid=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /boexUPHJ=http:/logs.genstatsnet.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-2.exeâ/iCnJy /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /ucsPOGUmc=11111111-1111-1111-1111-110611051148 /iINtmPeW=ie /IDdLVw /XclwYaf /xcseE='http:/update.genstatsnet.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-4.exe/rSzNCCaZk /gcqMM='Cinema-DPlus2' /uoVeYM C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e.xpi' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /BqOZarmQ=1.34.7.1 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /dJawdNe=300 /wHPqK=d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com /ONNfwQ=0.95 /cCDvK=ad55cd0d79f24466095b3188599e8e4f86b2faf04e86f4bcfa878632814acf518com60548 /IvgIl=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/60548.rdf /JzAARcA='Cinema-DPlus2' /ZaOFTpgh='Lights out for YouTube' /dIUSYuZz='CinemaD2' /iINtmPeW=ie /gLkmK='{asw:[0, 33554433, 4096]}' /XclwYaf /KIUiFi /mtppVI /xcseE='http:/update.genstatsnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe/dOmCzKO /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /FhPKx=http:/ipgeoapi.com/ /LGnWOxdAW=http:/update.genstatsnet.com /MBYGXavyx=2 /boexUPHJ=http:/logs.genstatsnet.com /xcseE='http:/update.genstatsnet.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user.job => C:\Program Files (x86)\Cinema-DPlus2\1e65abd1-8795-4e31-be22-d86b298e982e-5.exe/dOmCzKO /gcqMM='Cinema-DPlus2' /fJqPb=60548 /YnirmjtT='001780' /ixKcyS='0' /QGFwUn='0' /vZEXbT=C848845A6203407EAD221BB20E7EE459IE /vTYVPfC=3af9b006ee222af7c96ae8b8760c687e /eztPeAlZ=1_34_07_01 /SgiQeb=1405558673 /KXPqJMMq=http:/stats.genstatsnet.com /bHOcZp=http:/errors.genstatsnet.com /FhPKx=http:/ipgeoapi.com/ /LGnWOxdAW=http:/update.genstatsnet.com /MBYGXavyx=2 /boexUPHJ=http:/logs.genstatsnet.com /xcseE='http:/update.genstatsnet.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
C:\Program Files (x86)\AnyProtectEx
Task: C:\WINDOWS\Tasks\FLV Player Addon-enabler.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-enabler.exe/enablebho /agentregpath='FLV Player Addon' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511241166 /defbro=ie /allusers /autoupdateulr='http:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso
Task: C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-firefoxinstaller.exeÜ/installxpi /agentregpath='FLV Player Addon' /extensionfilepath C:\Program Files (x86)\FLV Player Addon\52466.xpi' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=dc59fc10-5a26-4311-af8d-bf9b600a7b9c@080e29b9-9bee-4caa-b38c-4958c5aa2376.com /extensionversion=0.94 /prefsbranch=adc59fc105a264311af8dbf9b600a7b9c080e29b99bee4caab38c4958c5aa2376com52466 /updateurl=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/52466.rdf /extensionname='FLV Player Addon' /extensiondesc='I am FLV Player extension' /publishername='Nero' /defbro=ie /allusers /allprofiles /checkfflist /autoupdateulr='http:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso
Task: C:\WINDOWS\Tasks\FLV Player Addon-updater.job => C:\Program Files (x86)\FLV Player Addon\FLV Player Addon-updater.exe^/runupdater /agentregpath='FLV Player Addon' /appid=52466 /srcid='001188' /subid='0' /zdata='flvplayer' /bic=C848845A6203407EAD221BB20E7EE459IE /verifier=3af9b006ee222af7c96ae8b8760c687e /installerversion=1_34_3_6 /installationtime=1394487407 /statsdomain=http:/stats.srvstatsdata.com /errorsdomain=http:/errors.srvstatsdata.com /geoserviceurl=http:/ipgeoapi.com/ /updatejsondomain=http:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=http:/stats.mstatsserv.com /autoupdateulr='http:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373E1720
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\sony.com -> sony.com
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "FLV Player"
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "Pando Media Booster"
C:\Users\JASON\AppData\Local\Idle~Crawler
C:\Users\JASON\AppData\Roaming\Rainmaker Software Group LLC.?
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state off
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_us_159 => value Removed successfully
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Windows\CurrentVersion\Run\\FLV Player => value Removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key Removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key Removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key Removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key Removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key Removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key Removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1006\User => Moved successfully.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1005\User => Moved successfully.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1793847376-2489598144-1912129065-1001\User => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value Removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value Removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => key Removed successfully
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}" => key Removed successfully
"HKCR\Wow6432Node\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}" => key Removed successfully
C:\Users\JOSH\AppData\Local\DownloadTerms => Moved successfully.
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value Removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{739DF940-C5EE-4BAB-9D7E-270894AE687A} => value Removed successfully
HKCR\CLSID\{739DF940-C5EE-4BAB-9D7E-270894AE687A} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key Removed successfully
HKLM\Software\Mozilla\Firefox\Extensions\\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} => value Removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} => value Removed successfully
C:\Program Files\V-bates => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol => key not found.
"C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx" => File/Folder not found.
"C:\Program Files (x86)\iVIDI.org plugin" => File/Folder not found.
globalUpdate => Service Removed successfully
globalUpdatem => Service Removed successfully
hlnfd => Service Removed successfully
VBoxNetFlt => Service Removed successfully
WinRing0_1_2_0 => Service Removed successfully
X6va016 => Service Removed successfully
C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job => Moved successfully.
C:\WINDOWS\Tasks\FLV Player Addon-updater.job => Moved successfully.
C:\WINDOWS\Tasks\FLV Player Addon-enabler.job => Moved successfully.
C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5DDFEA49-FE75-47C7-8B36-577F49212864}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DDFEA49-FE75-47C7-8B36-577F49212864}" => key Removed successfully
C:\Windows\System32\Tasks\FLV Player Addon-firefoxinstaller => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FLV Player Addon-firefoxinstaller" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{770310A9-BE9E-4ECC-81F3-4A5CFA7574C1}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{770310A9-BE9E-4ECC-81F3-4A5CFA7574C1}" => key Removed successfully
C:\Windows\System32\Tasks\FLV Player Addon-enabler => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FLV Player Addon-enabler" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE2068CA-A02F-444C-B227-512EAF6F39B8}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE2068CA-A02F-444C-B227-512EAF6F39B8}" => key Removed successfully
C:\Windows\System32\Tasks\FLV Player Addon-updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FLV Player Addon-updater" => key Removed successfully
C:\Users\ERICCA\siriusxdata_clsiriusx_LIVE.dat => Moved successfully.
C:\Users\JASON\AlexScape_AlexScape_LIVE.dat => Moved successfully.
C:\Users\JASON\alotic_preferences.dat => Moved successfully.
C:\Users\JASON\alotic_preferences2.dat => Moved successfully.
C:\Users\JASON\animus_cl_Animus_LIVE.dat => Moved successfully.
C:\Users\JASON\BoomScape_cl_BoomScape_LIVE.dat => Moved successfully.
C:\Users\JASON\ent_ikov_preferences.dat => Moved successfully.
C:\Users\JASON\exoria_cl_exoria_LIVE.dat => Moved successfully.
C:\Users\JASON\Exoria_cl_matrix_LIVE.dat => Moved successfully.
C:\Users\JASON\fluteotic_fluteotic_preferences.dat => Moved successfully.
C:\Users\JASON\fluteotic_fluteotic_preferences2.dat => Moved successfully.
C:\Users\JASON\fluteotic_runescape_preferences.dat => Moved successfully.
C:\Users\JASON\fluteotic_runescape_preferences2.dat => Moved successfully.
C:\Users\JASON\fluteotic__preferences3.dat => Moved successfully.
C:\Users\JASON\infinity_cl_infinity724_LIVE.dat => Moved successfully.
C:\Users\JASON\infinity_cl_infinity724_LIVE1.dat => Moved successfully.
C:\Users\JASON\infinity_cl_infinity_LIVE.dat => Moved successfully.
C:\Users\JASON\jagex_Runescape_preferences.dat => Moved successfully.
C:\Users\JASON\jagex_Runescape_preferences2.dat => Moved successfully.
C:\Users\JASON\jagex__preferences3.dat => Moved successfully.
C:\Users\JASON\keystore.dat => Moved successfully.
C:\Users\JASON\matrixii_cl_matrix_LIVE.dat => Moved successfully.
C:\Users\JASON\matrixii_cl_matrix_LIVE1.dat => Moved successfully.
C:\Users\JASON\matrix_cl_matrix_LIVE.dat => Moved successfully.
C:\Users\JASON\matrix_cl_matrix_LIVE1.dat => Moved successfully.
C:\Users\JASON\matrix_cl_mortality 718_LIVE.dat => Moved successfully.
C:\Users\JASON\matrix_cl_mortality 718_LIVE1.dat => Moved successfully.
C:\Users\JASON\matrix_cl_Nuclear 747_LIVE.dat => Moved successfully.
C:\Users\JASON\matrix_cl_project divine_LIVE.dat => Moved successfully.
C:\Users\JASON\matrix_cl_validus_LIVE.dat => Moved successfully.
C:\Users\JASON\noregret_cl_noregret_LIVE.dat => Moved successfully.
C:\Users\JASON\noregret_cl_noregret_LIVE1.dat => Moved successfully.
C:\Users\JASON\novatier_cl_novatier_LIVE.dat => Moved successfully.
C:\Users\JASON\nova_noregret_LIVE.dat => Moved successfully.
C:\Users\JASON\nuclear_cl_Nuclear_LIVE.dat => Moved successfully.
C:\Users\JASON\prodigyx_cl_Prodigy-X_LIVE.dat => Moved successfully.
C:\Users\JASON\rune_evo_evolution_cache.dat => Moved successfully.
C:\Users\JASON\siriusxcacheSiriusX_LIVE.dat => Moved successfully.
C:\Users\JASON\siriusxdata_clsiriusx_LIVE.dat => Moved successfully.
C:\Users\JASON\siriusxdata_clsiriusx_LIVE1.dat => Moved successfully.
C:\Users\JASON\VD_cl_Vitorious Destiny_Core.dat => Moved successfully.
C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences.dat => Moved successfully.
C:\Users\JASON\YOUR CLIENT NAME HERE_runescape_preferences2.dat => Moved successfully.
C:\Users\JASON\ZarporSettings.dat => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85237A60-71D2-4439-ADA7-D13B0F61426B}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85237A60-71D2-4439-ADA7-D13B0F61426B}" => key Removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01478BA4-ED4C-4179-B14C-32B3824B0C06}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01478BA4-ED4C-4179-B14C-32B3824B0C06}" => key Removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\Idle~Crawler Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\Idle~Crawler Update" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{099C98C3-107E-4396-A711-7CECD48441C4}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{099C98C3-107E-4396-A711-7CECD48441C4}" => key Removed successfully
C:\Windows\System32\Tasks\Idle~Crawler Runner => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Idle~Crawler Runner" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11997B92-060D-459C-8203-1452E79D583D}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11997B92-060D-459C-8203-1452E79D583D}" => key Removed successfully
C:\Windows\System32\Tasks\ProPCCleaner_Popup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup" => key Removed successfully
"C:\Program Files (x86)\Pro PC Cleaner" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DB34B60-444D-4882-9E7E-6BB6F7B895F4}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DB34B60-444D-4882-9E7E-6BB6F7B895F4}" => key Removed successfully
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => key Removed successfully
"C:\Program Files (x86)\AnyProtectEx" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D0AE508-656C-4A6E-A1F0-D90DA4AFF0A7}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D0AE508-656C-4A6E-A1F0-D90DA4AFF0A7}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-4" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3F65F137-C88A-4298-A5D2-3C9D82A82ED5}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F65F137-C88A-4298-A5D2-3C9D82A82ED5}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-2" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B96CAC3-A6EC-402A-85EC-3884086682E1}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B96CAC3-A6EC-402A-85EC-3884086682E1}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-3" => key Removed successfully
"C:\Program Files (x86)\Cinema-DPlus2" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80918470-F1E7-45FD-8924-564C415A5B5E}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80918470-F1E7-45FD-8924-564C415A5B5E}" => key Removed successfully
C:\Windows\System32\Tasks\DMLoaderDaily => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DMLoaderDaily" => key Removed successfully
C:\Users\JASON\AppData\Roaming\DownloadManager => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{937148D2-C32A-4134-8299-EA63DA454E66}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{937148D2-C32A-4134-8299-EA63DA454E66}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-10" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9456C827-35F2-4F13-BB80-0856CE137F1E}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9456C827-35F2-4F13-BB80-0856CE137F1E}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-1" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C7D846A-8A6B-4316-ADC5-6925A68969AC}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C7D846A-8A6B-4316-ADC5-6925A68969AC}" => key Removed successfully
C:\Windows\System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9CCAE23F-B04A-49FF-A466-701B9DED8048}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CCAE23F-B04A-49FF-A466-701B9DED8048}" => key Removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimizer Pro Schedule => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6672AC9-954C-458C-BB11-7ACBD3C903BA}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6672AC9-954C-458C-BB11-7ACBD3C903BA}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-5" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ADEC3F45-BAAB-4256-8B23-522EE6A4ADD6}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADEC3F45-BAAB-4256-8B23-522EE6A4ADD6}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-5_user" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAB6DBF3-D5D7-4BD2-8505-42DD876AFAEE}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAB6DBF3-D5D7-4BD2-8505-42DD876AFAEE}" => key Removed successfully
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0A2BF69-69BF-4F55-899A-AB539DC43B39}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0A2BF69-69BF-4F55-899A-AB539DC43B39}" => key Removed successfully
C:\Windows\System32\Tasks\DMUpdaterDaily => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DMUpdaterDaily" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CB81DD16-B479-4CC0-A766-B805C5667873}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB81DD16-B479-4CC0-A766-B805C5667873}" => key Removed successfully
C:\Windows\System32\Tasks\FreeFileViewerUpdateChecker => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeFileViewerUpdateChecker" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7D95C47-2D08-4387-B79C-EDAF69B75DF3}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7D95C47-2D08-4387-B79C-EDAF69B75DF3}" => key Removed successfully
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6E9B4CF-C6C2-4067-94A7-386AE40E27A9}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6E9B4CF-C6C2-4067-94A7-386AE40E27A9}" => key Removed successfully
C:\Windows\System32\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FF0348B9-9023-41A0-AFF9-C2CB71B5A84C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF0348B9-9023-41A0-AFF9-C2CB71B5A84C}" => key Removed successfully
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-11" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0724570-F763-4091-96CD-9C03B94FAE62}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0724570-F763-4091-96CD-9C03B94FAE62}" => key Removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => key Removed successfully
"C:\Program Files\V-bates" => File/Folder not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF0348B9-9023-41A0-AFF9-C2CB71B5A84C} => key not found.
C:\Windows\System32\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1e65abd1-8795-4e31-be22-d86b298e982e-11 => key not found.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-1.job => Moved successfully.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-10.job => Moved successfully.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-11.job => Moved successfully.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-2.job => Moved successfully.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-3.job => Moved successfully.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-4.job => Moved successfully.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5.job => Moved successfully.
C:\WINDOWS\Tasks\1e65abd1-8795-4e31-be22-d86b298e982e-5_user.job => Moved successfully.
C:\WINDOWS\Tasks\APSnotifierPP1.job => Moved successfully.
C:\WINDOWS\Tasks\APSnotifierPP2.job => Moved successfully.
C:\WINDOWS\Tasks\APSnotifierPP3.job => Moved successfully.
C:\WINDOWS\Tasks\FF Watcher {DB876977-F5D0-4A36-B064-5C51414F0BA8}.job => Moved successfully.
"C:\Program Files (x86)\AnyProtectEx" => File/Folder not found.
C:\WINDOWS\Tasks\FLV Player Addon-enabler.job not found.
C:\WINDOWS\Tasks\FLV Player Addon-firefoxinstaller.job not found.
C:\WINDOWS\Tasks\FLV Player Addon-updater.job not found.
C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job not found.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job not found.
C:\ProgramData\Temp => ":373E1720" ADS Removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com" => key Removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com" => key Removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com" => key Removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => key Removed successfully
"HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => key Removed successfully
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "FLV Player" => value not found.
HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-1793847376-2489598144-1912129065-1005\...\StartupApproved\Run: => "Pando Media Booster" => value not found.
C:\Users\JASON\AppData\Local\Idle~Crawler => Moved successfully.

"C:\Users\JASON\AppData\Roaming\Rainmaker Software Group LLC.?" folder move:

Could not move "C:\Users\JASON\AppData\Roaming\Rainmaker Software Group LLC.?" folder => Scheduled to move on reboot.

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{C77F6309-11D4-4082-B2FC-3CD34A6FCA68} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

=========  netsh advfirewall reset =========

Ok.

========= End of CMD: =========

=========  netsh advfirewall set allprofiles state off =========

Ok.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts restored successfully.
EmptyTemp: => Removed 45.7 GB temporary data.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-25 17:49:25)<=

"C:\Users\JASON\AppData\Roaming\Rainmaker Software Group LLC.?" => Could not move

==== End of Fixlog 17:49:26 ====

 

[Afro Samurai]

AdwCleaner Log:

 

# AdwCleaner v4.205 - Logfile created 25/05/2015 at 18:00:56
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : JASON - ALPHA
# Running from : C:\Users\JASON\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\ERICCA\AppData\LocalLow\SkwConfig.bin
File Found : C:\Users\JASON\AppData\LocalLow\SkwConfig.bin
File Found : C:\Users\JASON\AppData\Roaming\aps.uninstall.scan.results
Folder Found : C:\Program Files (x86)\disco savings
Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\IminentToolbar
Folder Found : C:\Program Files (x86)\ParetoLogic
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files\DomaIQ Uninstaller
Folder Found : C:\Program Files\SupraSavings
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\DSearchLink
Folder Found : C:\ProgramData\Online
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\VisualBee
Folder Found : C:\Users\ERICCA\AppData\Local\Conduit
Folder Found : C:\Users\ERICCA\AppData\LocalLow\Conduit
Folder Found : C:\Users\ERICCA\AppData\LocalLow\PriceGong
Folder Found : C:\Users\ERICCA\AppData\Roaming\OpenCandy
Folder Found : C:\Users\JASON\AppData\Local\Browsersafeguard
Folder Found : C:\Users\JASON\AppData\Local\Chromium\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol
Folder Found : C:\Users\JASON\AppData\Local\Chromium\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Found : C:\Users\JASON\AppData\Local\Conduit
Folder Found : C:\Users\JASON\AppData\Local\FileViewPro
Folder Found : C:\Users\JASON\AppData\Local\globalUpdate
Folder Found : C:\Users\JASON\AppData\Local\Oxy
Folder Found : C:\Users\JASON\AppData\Local\SwvUpdater
Folder Found : C:\Users\JASON\AppData\Local\VisualBeeExe
Folder Found : C:\Users\JASON\AppData\Local\webplayer
Folder Found : C:\Users\JASON\AppData\LocalLow\Conduit
Folder Found : C:\Users\JASON\AppData\LocalLow\IminentToolbar
Folder Found : C:\Users\JASON\AppData\LocalLow\ShopAtHome
Folder Found : C:\Users\JASON\AppData\Roaming\Babylon
Folder Found : C:\Users\JASON\AppData\Roaming\IminentToolbar
Folder Found : C:\Users\JASON\AppData\Roaming\serv
Folder Found : C:\Users\JOSH\AppData\Local\Conduit
Folder Found : C:\Users\JOSH\AppData\Local\SwvUpdater
Folder Found : C:\Users\JOSH\AppData\LocalLow\Conduit
Folder Found : C:\Users\JOSH\AppData\LocalLow\PriceGong
Folder Found : C:\WINDOWS\System32\ljkb
Folder Found : C:\WINDOWS\SysWOW64\ARFC
Folder Found : C:\WINDOWS\SysWOW64\jmdp
Folder Found : C:\WINDOWS\SysWOW64\WNLT

***** [ Scheduled tasks ] *****

Task Found : update-sys
Task Found : update-S-1-5-21-1793847376-2489598144-1912129065-1005
Task Found : update-S-1-5-21-1793847376-2489598144-1912129065-1006
Task Found : update-sys
Task Found : update-S-1-5-21-1793847376-2489598144-1912129065-1005
Task Found : update-S-1-5-21-1793847376-2489598144-1912129065-1006
Task Found : update-sys

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:56982;hxxps=127.0.0.1:56982
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Bitberry
Key Found : HKCU\Software\BrowserSafeguardInstalled
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Idle~Crawler
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\iVIDI Plugin
Key Found : HKCU\Software\iVIDI.org
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Super Optimizer
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\TutoTag
Key Found : HKCU\Software\Webplayer
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\WNLT
Key Found : [x64] HKCU\Software\Bitberry
Key Found : [x64] HKCU\Software\BrowserSafeguardInstalled
Key Found : [x64] HKCU\Software\Escolade
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\Idle~Crawler
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\Iminent
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\iVIDI Plugin
Key Found : [x64] HKCU\Software\iVIDI.org
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Super Optimizer
Key Found : [x64] HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\TutoTag
Key Found : [x64] HKCU\Software\Webplayer
Key Found : [x64] HKCU\Software\wecarereminder
Key Found : [x64] HKCU\Software\WNLT
Key Found : HKLM\SOFTWARE\BrowserSafeGuard
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555245566}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566246666}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\CompeteInc
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Idle~Crawler
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\TBID
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKLM\SOFTWARE\V-bates
Key Found : HKLM\SOFTWARE\VBMZ
Key Found : HKLM\SOFTWARE\visualbee
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555245566}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566246666}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}
Key Found : [x64] HKLM\SOFTWARE\suprasavings
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : [x64] HKLM\SOFTWARE\TBID
Key Found : [x64] HKLM\SOFTWARE\V-bates
Key Found : HKU\.DEFAULT\Software\IM
Key Found : HKU\.DEFAULT\Software\ImInstaller
Key Found : HKU\.DEFAULT\Software\SweetIM
Value Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Value Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [21695 bytes] - [25/05/2015 18:00:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21755 bytes] ##########

 

[pystryker]

Looking good thus far, let's continue.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Junkware Removal Tool


Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 2: Re-Run AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop

• Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
• Close any open windows or browsers.
• Pause your Anti-Virus program if it is running.
• Once it starts, click on the Scan button.
• Let the scan complete itself. This may take a few minutes.
• Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
• When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  • Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
  This report is also saved at C:\AdwCleaner[R0].txt

Step 3: Scan with TDSSKiller


Please download TDSSKiller to the desktop.

Alternate download is here.

• Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
• When the main GUI(graphical user interface) window opens, click on Change Parameters
• Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
• Click on Start Scan, the scan will run.
• When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
• A Report will have been created by TDSSKiller in your root directory C:\
• To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
• Post the contents of that log in your next reply please.

Note: Do not have TDSSKiller remove anything if found at this point in time!


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Junkware Removal Tool Log

AdwCleaner Log

TDSSKiller Log

[Afro Samurai]

Junkware Removal Tool Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.0 (05.25.2015:1)
OS: Windows 8.1 x64
Ran by JASON on Mon 05/25/2015 at 18:18:01.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1793847376-2489598144-1912129065-1001
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1793847376-2489598144-1912129065-1005
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1793847376-2489598144-1912129065-1006
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1793847376-2489598144-1912129065-1007
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\PCDoctorBackgroundMonitorTask
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\ProPCCleaner_Start
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1005
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1006
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\update-sys
Successfully deleted: [Task] C:\WINDOWS\tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1005.job
Successfully deleted: [Task] C:\WINDOWS\tasks\update-S-1-5-21-1793847376-2489598144-1912129065-1006.job
Successfully deleted: [Task] C:\WINDOWS\tasks\update-sys.job

 

~~~ Registry Values

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\datamngrcoordinator.exe

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555245566}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655055548}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566246666}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666056648}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544244466}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644054448}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550555245566}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655055548}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660566246666}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666056648}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544244466}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644054448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555245566}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566246666}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544244466}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644054448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550555245566}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655055548}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660566246666}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666056648}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544244466}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644054448}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211621176}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211621176}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update lucky leap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util lucky leap

 

~~~ Files

Successfully deleted: [File] C:\Users\JASON\appdata\locallow\skwconfig.bin
Successfully deleted: [File] C:\WINDOWS\prefetch\SPEEDFAN.EXE-B8534804.pf

 

~~~ Folders

Successfully deleted: [Folder] C:\ai_recyclebin
Successfully deleted: [Folder] C:\Program Files (x86)\free offers from freeze.com
Successfully deleted: [Folder] C:\Program Files (x86)\globalupdate
Successfully deleted: [Folder] C:\Program Files (x86)\predm
Successfully deleted: [Folder] C:\ProgramData\apn
Successfully deleted: [Folder] C:\ProgramData\babylon
Successfully deleted: [Folder] C:\ProgramData\dsearchlink
Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\ProgramData\tarma installer
Successfully deleted: [Folder] C:\ProgramData\visualbee
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\browsersafeguard
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\conduit
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\fileviewpro
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\globalupdate
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\swvupdater
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\visualbeeexe
Successfully deleted: [Folder] C:\Users\JASON\appdata\local\webplayer
Successfully deleted: [Folder] C:\Users\JASON\appdata\locallow\conduit
Successfully deleted: [Folder] C:\Users\JASON\appdata\locallow\shopathome
Successfully deleted: [Folder] C:\Users\JASON\AppData\Roaming\babylon
Successfully deleted: [Folder] C:\Users\JASON\AppData\Roaming\pcdr
Successfully deleted: [Folder] C:\Users\JASON\documents\propccleaner
Successfully deleted: [Folder] C:\WINDOWS\system32\ljkb
Successfully deleted: [Folder] C:\WINDOWS\syswow64\ai_recyclebin
Successfully deleted: [Folder] C:\WINDOWS\syswow64\arfc
Successfully deleted: [Folder] C:\WINDOWS\syswow64\jmdp
Successfully deleted: [Folder] C:\WINDOWS\syswow64\wnlt

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 05/25/2015 at 18:24:57.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Afro Samurai]

AdwCleaner Log:

 

# AdwCleaner v4.205 - Logfile created 25/05/2015 at 18:28:36
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : JASON - ALPHA
# Running from : C:\Users\JASON\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Online
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\Program Files (x86)\IminentToolbar
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Program Files (x86)\disco savings
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Program Files\SupraSavings
Folder Deleted : C:\Users\ERICCA\AppData\Local\Conduit
Folder Deleted : C:\Users\ERICCA\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\ERICCA\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\ERICCA\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\JASON\AppData\Local\Oxy
Folder Deleted : C:\Users\JASON\AppData\LocalLow\IminentToolbar
Folder Deleted : C:\Users\JASON\AppData\Roaming\IminentToolbar
Folder Deleted : C:\Users\JASON\AppData\Roaming\serv
Folder Deleted : C:\Users\JOSH\AppData\Local\Conduit
Folder Deleted : C:\Users\JOSH\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\JOSH\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\JOSH\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\JASON\AppData\Local\Chromium\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\JASON\AppData\Local\Chromium\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol
File Deleted : C:\Users\ERICCA\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\JASON\AppData\Roaming\aps.uninstall.scan.results

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\BrowserSafeguardInstalled
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Idle~Crawler
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\iVIDI Plugin
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\Super Optimizer
Key Deleted : HKCU\Software\iVIDI.org
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\BrowserSafeGuard
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Idle~Crawler
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\TBID
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\V-bates
Key Deleted : HKLM\SOFTWARE\VBMZ
Key Deleted : HKLM\SOFTWARE\visualbee
Key Deleted : HKU\.DEFAULT\Software\IM
Key Deleted : HKU\.DEFAULT\Software\ImInstaller
Key Deleted : HKU\.DEFAULT\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\suprasavings
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\TBID
Key Deleted : [x64] HKLM\SOFTWARE\V-bates
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:56982;hxxps=127.0.0.1:56982
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [22151 bytes] - [25/05/2015 18:00:57]
AdwCleaner[R1].txt - [19890 bytes] - [25/05/2015 18:26:33]
AdwCleaner[S0].txt - [18983 bytes] - [25/05/2015 18:28:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19043  bytes] ##########