Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by [bleep] (administrator) on [bleep]-PC on 03-11-2013 20:51:58
Running from C:\Users\[bleep]\Downloads
Windows Vista Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(WebEx Communications, Inc.) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
(COMPANYVERS_NAME) C:\PROGRA~2\TOTALR~2\bar\1.bin\14barsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
() C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-20] (Microsoft Corporation)
MountPoints2: {1ca3a839-c432-11df-9630-00038a000015} - L:\LaunchU3.exe -a
MountPoints2: {af77258c-66aa-11de-9f2d-00038a000015} - L:\LaunchU3.exe -a
HKLM-x32\...\Run: [TotalRecipeSearch Search Scope Monitor] - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe [42536 2013-03-17] (MindSpark)
HKU\Chezy\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-10-17] (Hewlett-Packard)
HKU\Chezy\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Chezy\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\Chezy\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Chezy\...\Run: [ares] - "C:\Program Files (x86)\Ares\Ares.exe" -h
HKU\Chezy\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-10-17] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-10-17] (Hewlett-Packard)
HKU\Guest\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-10-17] (Hewlett-Packard)
HKU\Guest\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Guest\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe -update activex
AppInit_DLLs-x32: c:\progra~2\bcool\sprote~1.dll [1030144 2013-01-15] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ask.com/?l=dis&o=15866
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...bestbuy&pf=cndt
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://inboxtoolbars...tb_id&%language
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.optimum.net/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...bestbuy&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...bestbuy&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...bestbuy&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...bestbuy&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant =
http://inboxtoolbars...d=80094&tmpl=10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch =
http://inboxtoolbars...aspx?tbid=80094
URLSearchHook: HKLM-x32 - WhiteSmoke US New E1 Toolbar - {72a0f495-ba60-4524-827b-b36b8c18587a} - C:\Program Files (x86)\WhiteSmoke_US_New_E1\prxtbWhit.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKCU - WhiteSmoke US New E1 Toolbar - {72a0f495-ba60-4524-827b-b36b8c18587a} - C:\Program Files (x86)\WhiteSmoke_US_New_E1\prxtbWhit.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {8a7d2060-824d-4b17-b00a-759b1b5f30d9} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (MindSpark)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {1F88DD1E-E4ED-4156-9210-1BBDF7963D57} URL =
http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKLM - {BDAD8FCA-DC44-4E02-9ACA-468C60B8DF3E} URL =
http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {09971cee-01b8-42bc-9d91-456b1faad6be} URL =
http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 - {1F88DD1E-E4ED-4156-9210-1BBDF7963D57} URL =
http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL =
http://search.aol.co...ionType=tb50ie7
SearchScopes: HKLM-x32 - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL =
http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
http://search.condui...&ctid=CT1572363
SearchScopes: HKLM-x32 - {BDAD8FCA-DC44-4E02-9ACA-468C60B8DF3E} URL =
http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - DefaultScope {7D23411B-6EAE-481F-9E50-4C22F36B2528} URL =
http://search.condui...502729571302232
SearchScopes: HKCU - {09971cee-01b8-42bc-9d91-456b1faad6be} URL =
http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
http://search.babylo...00000225f8304a0
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
http://asksearch.ask...={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
http://www.mystart.c...q={searchTerms}
SearchScopes: HKCU - {409DD3B4-D1F8-EC6E-EDBD-2367FDA78762} URL =
http://www.bing.com/...015&form=ZGAIDF
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL =
http://search.aol.co...ionType=tb50ie7
SearchScopes: HKCU - {4D9A2001-C963-48A9-B60D-FB0DC7AC449C} URL =
http://search.yahoo....36,19890,0,18,0
SearchScopes: HKCU - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL =
http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} URL =
http://search.alot.c...rsion=2.5.6.471
SearchScopes: HKCU - {7D23411B-6EAE-481F-9E50-4C22F36B2528} URL =
http://search.condui...502729571302232
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
http://nortonsafe.se...e=en_US&tpr=111
SearchScopes: HKCU - {BDAD8FCA-DC44-4E02-9ACA-468C60B8DF3E} URL =
http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL =
http://www2.inbox.co...&iwk=255&lng=en
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL =
http://toolbar.ask.c...m=1&toolbar=FXT
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.11.10\bh\BabylonToolbar.dll (Babylon BHO)
BHO-x32: FaceSmooch Toolbar - {3c490bf5-4244-4310-b4a7-3361f288dac5} - No File
BHO-x32: Updater For FaceSmooch Toolbar - {41069220-f72a-40ea-a8f3-bcd5e1fbc8f0} - No File
BHO-x32: WhiteSmoke US New E1 Toolbar - {72a0f495-ba60-4524-827b-b36b8c18587a} - C:\Program Files (x86)\WhiteSmoke_US_New_E1\prxtbWhit.dll (Conduit Ltd.)
BHO-x32: Bcool - {86652DB0-9C33-66EC-78A1-A93F43C41A24} - No File
BHO-x32: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
BHO-x32: Toolbar BHO - {ab56dfde-0c14-45b3-9df6-7b0eba617870} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (MindSpark)
BHO-x32: hpBHO Class - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: TheSea.TheSeaPlugin - {C585D593-E7F3-4852-A200-561686EE02E4} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Search Assistant BHO - {df22384f-cf68-4d19-969f-10423715528b} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll (MindSpark)
BHO-x32: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
BHO-x32: Yontoo Layers (Drop Down Deals) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - FaceSmooch Toolbar - {3c490bf5-4244-4310-b4a7-3361f288dac5} - No File
Toolbar: HKLM-x32 - WhiteSmoke US New E1 Toolbar - {72a0f495-ba60-4524-827b-b36b8c18587a} - C:\Program Files (x86)\WhiteSmoke_US_New_E1\prxtbWhit.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.11.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM-x32 - TotalRecipeSearch - {a0154e07-2b48-475c-a82a-80efd84ea33e} - C:\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14bar.dll (MindSpark)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKCU - No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKCU - No Name - {37153479-1976-43C3-A1EE-557513977B64} - No File
Toolbar: HKCU - No Name - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {72A0F495-BA60-4524-827B-B36B8C18587A} - No File
DPF: HKLM-x32 {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab
DPF: HKLM-x32 {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
http://ak.exe.imgfar...etup1.0.1.1.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx...owserPlugin.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {8A94C905-FF9D-43B6-8708-F0F22D22B1CB}
http://www.worldwinn...ed/wwlaunch.cab
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab
DPF: HKLM-x32 {9C23D886-43CB-43DE-B2DB-112A68D7E10A}
http://lads.myspace....ceUploader2.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ent/swflash.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR Extension: (Bcool) - C:\Users\[bleep]\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpbkhdecldpgchmgkignlpcdnpmccoki\1
CHR Extension: (PlayFizz Platinum Content Add-on) - C:\Users\[bleep]\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbjpbhhfkoodogjcbjemoaidadolapp\1.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx
==================== Services (Whitelisted) =================
R2 atashost; C:\Windows\SysWOW64\atashost.exe [20376 2009-03-06] (WebEx Communications, Inc.)
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [118784 2011-03-24] ()
R2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [206120 2010-09-29] (SupportSoft, Inc.)
R2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [185640 2010-09-29] (SupportSoft, Inc.)
R2 TotalRecipeSearch_14Service; C:\PROGRA~2\TOTALR~2\bar\1.bin\14barsvc.exe [42504 2013-03-17] (COMPANYVERS_NAME)
==================== Drivers (Whitelisted) ====================
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-09-02] (Brother Industries Ltd.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [18456 2011-03-07] (HandSet Incorporated)
S3 MREMP50; C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA))
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-07-21] (NVIDIA Corporation)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2009-06-05] ()
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129304 2011-03-07] (ZTE Incorporated)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-26] (Cyberlink Corp.)
U2 ccEvtMgr;
U2 ccSetMgr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
U3 navapsvc;
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [x]
U3 SAVRT;
U1 SAVRTPEL;
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-03 19:53 - 2013-11-03 19:53 - 00000000 ____D C:\FRST
2013-11-03 19:52 - 2013-11-03 19:53 - 01957098 _____ (Farbar) C:\Users\[bleep]\Downloads\FRST64.exe
2013-11-03 18:12 - 2013-11-03 18:12 - 00000000 ____D C:\Users\[bleep]\AppData\Local\TotalRecipeSearch_14
2013-11-03 18:12 - 2013-11-03 18:12 - 00000000 ____D C:\Users\[bleep]\AppData\Local\IAC
2013-11-03 18:11 - 2010-06-05 00:36 - 00759288 _____ (MyWebSearch.com) C:\Program Files (x86)\Uninstall Fun Web Products.dll
2013-11-03 17:46 - 2013-11-03 17:46 - 00000000 _____ C:\install.rdf
2013-10-13 02:00 - 2013-10-13 02:00 - 00000000 ____D C:\Windows\CheckSur
2013-10-12 02:09 - 2013-09-22 10:43 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 02:09 - 2013-09-22 10:01 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 02:09 - 2013-09-22 09:42 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 02:09 - 2013-09-22 09:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 02:09 - 2013-09-22 09:33 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-12 02:09 - 2013-09-22 09:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 02:09 - 2013-09-22 09:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-12 02:09 - 2013-09-22 09:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 02:09 - 2013-09-22 09:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-12 02:09 - 2013-09-22 09:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 02:09 - 2013-09-22 09:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-12 02:09 - 2013-09-22 09:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 02:09 - 2013-09-22 09:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 02:09 - 2013-09-22 09:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-12 02:09 - 2013-09-22 09:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 02:09 - 2013-09-22 09:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 02:09 - 2013-09-22 05:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 02:09 - 2013-09-22 05:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 02:09 - 2013-09-22 05:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 02:09 - 2013-09-22 05:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-12 02:09 - 2013-09-22 05:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 02:09 - 2013-09-22 05:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 02:09 - 2013-09-22 05:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-12 02:09 - 2013-09-22 05:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 02:09 - 2013-09-22 05:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-12 02:09 - 2013-09-22 05:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 02:09 - 2013-09-22 05:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-12 02:09 - 2013-09-22 05:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 02:09 - 2013-09-22 05:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 02:09 - 2013-09-22 05:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 02:09 - 2013-09-22 05:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-12 02:09 - 2013-09-22 04:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 05:35 - 2013-08-29 02:48 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 05:35 - 2013-08-26 22:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-10 05:35 - 2013-08-26 22:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-10 05:35 - 2013-08-26 22:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-10 05:35 - 2013-08-26 22:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-10 05:35 - 2013-08-26 21:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-10-10 05:35 - 2013-08-26 21:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-10-10 05:35 - 2013-08-26 21:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-10-10 05:35 - 2013-08-26 21:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-10-10 05:35 - 2013-08-26 21:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-10 05:35 - 2013-08-26 21:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-10 05:35 - 2013-08-26 21:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-10 05:35 - 2013-08-26 21:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-10 05:35 - 2013-08-26 21:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-10 05:35 - 2013-08-26 20:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-10-10 05:35 - 2013-08-26 20:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-10-10 05:35 - 2013-08-26 20:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-10-10 05:35 - 2013-08-26 20:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-10 05:35 - 2013-07-31 23:10 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 05:35 - 2013-07-31 22:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-10 05:35 - 2013-07-20 05:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 05:35 - 2013-07-20 05:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 05:35 - 2013-07-12 04:19 - 00099200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 05:35 - 2013-07-03 23:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 05:35 - 2013-07-03 23:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 05:35 - 2013-07-02 21:55 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 05:35 - 2013-07-02 21:22 - 00031616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 05:35 - 2013-06-28 21:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 05:35 - 2013-06-28 21:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 05:35 - 2013-06-28 21:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 05:35 - 2013-06-28 21:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 05:35 - 2013-06-26 18:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 05:35 - 2013-06-03 23:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 05:35 - 2013-06-03 23:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 05:35 - 2013-06-03 21:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 05:35 - 2013-06-03 20:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 05:35 - 2011-05-05 09:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 05:35 - 2011-05-05 09:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
==================== One Month Modified Files and Folders =======
2013-11-03 20:51 - 2013-01-19 00:11 - 00000356 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-11-03 20:17 - 2009-05-05 15:10 - 01693846 _____ C:\Windows\WindowsUpdate.log
2013-11-03 20:06 - 2012-12-25 17:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-03 20:01 - 2010-07-09 02:32 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-03 19:56 - 2006-11-02 07:46 - 00005534 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-03 19:53 - 2013-11-03 19:53 - 00000000 ____D C:\FRST
2013-11-03 19:53 - 2013-11-03 19:52 - 01957098 _____ (Farbar) C:\Users\[bleep]\Downloads\FRST64.exe
2013-11-03 19:49 - 2013-01-19 00:09 - 00000392 ____H C:\Windows\Tasks\{2798D3CA-52B3-4015-B1DD-AA17E72877C3}.job
2013-11-03 19:49 - 2010-07-09 02:32 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-03 19:49 - 2009-08-16 00:14 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-11-03 19:49 - 2006-11-02 10:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-03 19:49 - 2006-11-02 10:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-03 19:48 - 2009-08-27 13:23 - 00000000 ____D C:\Program Files\Google
2013-11-03 19:48 - 2009-05-18 15:29 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-03 19:48 - 2008-01-20 22:26 - 01048030 _____ C:\Windows\PFRO.log
2013-11-03 19:48 - 2006-11-02 10:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-03 19:41 - 2006-11-02 10:42 - 00032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-03 18:12 - 2013-11-03 18:12 - 00000000 ____D C:\Users\[bleep]\AppData\Local\TotalRecipeSearch_14
2013-11-03 18:12 - 2013-11-03 18:12 - 00000000 ____D C:\Users\[bleep]\AppData\Local\IAC
2013-11-03 18:11 - 2009-05-18 15:27 - 00000000 ____D C:\Program Files (x86)\ooVoo
2013-11-03 18:10 - 2011-02-04 16:02 - 00000000 ____D C:\Users\[bleep]\AppData\Roaming\MP3Rocket
2013-11-03 18:09 - 2010-03-18 14:43 - 00000000 ____D C:\Program Files (x86)\Ask.com
2013-11-03 18:06 - 2009-05-18 15:30 - 00000000 ____D C:\Users\[bleep]\AppData\Local\Google
2013-11-03 18:06 - 2009-05-18 15:29 - 00000000 ____D C:\ProgramData\Google
2013-11-03 17:53 - 2008-11-07 00:54 - 00000000 ____D C:\ProgramData\Norton
2013-11-03 17:46 - 2013-11-03 17:46 - 00000000 _____ C:\install.rdf
2013-11-03 17:45 - 2009-05-18 20:03 - 00000000 ____D C:\Users\[bleep]\AppData\Local\AOL
2013-11-03 17:45 - 2009-05-18 20:01 - 00000000 ____D C:\ProgramData\AOL
2013-11-03 17:16 - 2009-05-18 15:29 - 00000000 ____D C:\Users\[bleep]\AppData\Roaming\Skype
2013-11-03 17:14 - 2013-02-27 23:40 - 00000000 ____D C:\ProgramData\Babylon
2013-11-03 16:56 - 2006-11-02 08:34 - 00000000 ____D C:\Windows\tracing
2013-10-15 01:16 - 2011-06-20 14:06 - 00000000 ____D C:\Users\[bleep]\Incomplete
2013-10-14 02:57 - 2013-09-13 01:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-13 02:00 - 2013-10-13 02:00 - 00000000 ____D C:\Windows\CheckSur
2013-10-12 02:56 - 2006-11-02 10:21 - 00400368 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-12 02:55 - 2008-11-07 00:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 02:36 - 2009-09-15 15:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 02:16 - 2013-08-15 02:06 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 02:12 - 2006-11-02 07:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-10-11 09:36 - 2012-10-11 23:48 - 00000000 ____D C:\Users\[bleep]\AppData\Local\CrashDumps
2013-10-11 07:56 - 2010-07-09 02:32 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-11 07:56 - 2010-07-09 02:32 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 18:30 - 2010-09-26 11:56 - 00002651 _____ C:\Users\[bleep]\Desktop\Microsoft Office Word 2007.lnk
2013-10-09 17:25 - 2009-06-10 17:46 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-10-09 00:29 - 2012-12-25 17:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 00:29 - 2012-12-25 17:23 - 00003682 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 00:29 - 2011-08-27 18:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-07 18:46 - 2009-05-18 15:39 - 00000456 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
Files to move or delete:
====================
C:\Windows\Tasks\{2798D3CA-52B3-4015-B1DD-AA17E72877C3}.job
Some content of TEMP:
====================
C:\Users\[bleep]\AppData\Local\Temp\-p020ms_.dll
C:\Users\[bleep]\AppData\Local\Temp\.exe
C:\Users\[bleep]\AppData\Local\Temp\2476.exe
C:\Users\[bleep]\AppData\Local\Temp\3123.exe
C:\Users\[bleep]\AppData\Local\Temp\4BCF.exe
C:\Users\[bleep]\AppData\Local\Temp\5121.exe
C:\Users\[bleep]\AppData\Local\Temp\AcsInstall.dll
C:\Users\[bleep]\AppData\Local\Temp\APNSetup.exe
C:\Users\[bleep]\AppData\Local\Temp\ApnStub.exe
C:\Users\[bleep]\AppData\Local\Temp\atstpip.exe
C:\Users\[bleep]\AppData\Local\Temp\B04A.exe
C:\Users\[bleep]\AppData\Local\Temp\Coupons.com.exe
C:\Users\[bleep]\AppData\Local\Temp\deerdrive-111448437-setup.s111448437.c110268333.len.u.dl.exe
C:\Users\[bleep]\AppData\Local\Temp\default.exe
C:\Users\[bleep]\AppData\Local\Temp\DivXInstaller.exe
C:\Users\[bleep]\AppData\Local\Temp\DropDownDealsSetup.exe
C:\Users\[bleep]\AppData\Local\Temp\E16D.exe
C:\Users\[bleep]\AppData\Local\Temp\FAD7.exe
C:\Users\[bleep]\AppData\Local\Temp\ffunzip.exe
C:\Users\[bleep]\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\[bleep]\AppData\Local\Temp\GLF86D5.tmp.ConduitEngineSetup.exe
C:\Users\[bleep]\AppData\Local\Temp\GoogleToolbarInstaller.exe
C:\Users\[bleep]\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\[bleep]\AppData\Local\Temp\GUninstaller.exe
C:\Users\[bleep]\AppData\Local\Temp\homepage-protection4EA1..exe
C:\Users\[bleep]\AppData\Local\Temp\jna58769.dll
C:\Users\[bleep]\AppData\Local\Temp\MP3 Rocket FileBulldog.exe
C:\Users\[bleep]\AppData\Local\Temp\nsisdt.dll
C:\Users\[bleep]\AppData\Local\Temp\ooVooTBC.exe
C:\Users\[bleep]\AppData\Local\Temp\ooVooTBing.exe
C:\Users\[bleep]\AppData\Local\Temp\prxGLF86D5.tmp.tbooVo.dll
C:\Users\[bleep]\AppData\Local\Temp\RegAsm.exe
C:\Users\[bleep]\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\[bleep]\AppData\Local\Temp\setup.exe
C:\Users\[bleep]\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\[bleep]\AppData\Local\Temp\tbCoup.dll
C:\Users\[bleep]\AppData\Local\Temp\tbooVo.dll
C:\Users\[bleep]\AppData\Local\Temp\TB_89F6.exe
C:\Users\[bleep]\AppData\Local\Temp\temp0NikeConnectconnect5pcupdate.exe
C:\Users\[bleep]\AppData\Local\Temp\The_Weather_Channel_Application.exe
C:\Users\[bleep]\AppData\Local\Temp\uninst1.exe
C:\Users\[bleep]\AppData\Local\Temp\uninstalloption.exe
C:\Users\[bleep]\AppData\Local\Temp\uninstbb.exe
C:\Users\[bleep]\AppData\Local\Temp\Updater.exe
C:\Users\[bleep]\AppData\Local\Temp\UpdaterCopy.exe
C:\Users\[bleep]\AppData\Local\Temp\wcdsetup.exe
C:\Users\[bleep]\AppData\Local\Temp\_is2A01.exe
C:\Users\[bleep]\AppData\Local\Temp\_unps.exe
C:\Users\Chezy\AppData\Local\Temp\360D.exe
C:\Users\Chezy\AppData\Local\Temp\BB72.exe
C:\Users\Chezy\AppData\Local\Temp\F2A8.exe
C:\Users\Chezy\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Chezy\AppData\Local\Temp\jna22893.dll
C:\Users\Chezy\AppData\Local\Temp\jna50604.dll
C:\Users\Chezy\AppData\Local\Temp\SearchWithGoogleUpdate.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-03 19:57
==================== End Of Log ============================