Jump to content


Photo

[RESOLVED] I got a program called Super Fast PC


  • You cannot start a new topic
  • Please log in to reply
79 replies to this topic

#1 threeputt

threeputt

    Member

  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 02:45 AM

It has my computer slowed to a crawl. I tried to run the DDS and got an error about cannot run in compatable mode I think is what it said. Anyway here is the malware log

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.12.01

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16518
Fran :: FRANS [administrator]

3/11/2014 8:49:35 PM
mbam-log-2014-03-11 (20-49-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222563
Time elapsed: 6 minute(s), 4 second(s)

Memory Processes Detected: 4
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.Optional.AudioToAudioToolBar.A) -> 1912 -> Delete on reboot.
C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (PUP.Optional.AirInstaller) -> 13632 -> Delete on reboot.
C:\Program Files (x86)\Highlightly\Service\hlsvc.exe (PUP.Optional.Highlightly) -> 1812 -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.Optional.MindSpark) -> 6412 -> Delete on reboot.

Memory Modules Detected: 4
C:\Users\Fran\AppData\LocalLow\Produtools_Manuals_2.1_B2\ldrtbPro0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Users\Fran\AppData\LocalLow\Produtools_Manuals_2.1_B2\tbPro0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Users\Fran\AppData\LocalLow\Produtools_Manuals_2.1_B2\hktbPro0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll (PUP.Optional.Highlightly) -> Delete on reboot.

Registry Keys Detected: 55
HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.Optional.AudioToAudioToolBar.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{33119133-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{13119113-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.SkinLauncher.1 (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.SkinLauncher (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{03119103-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\Interface\{23119123-0854-469D-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.SkinLauncherSettings.1 (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.SkinLauncherSettings (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\TypeLib\{EA3802D2-C00A-4478-9319-34075A31C28F} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\Interface\{483F56D2-1D67-44A5-A4C5-67DBB724F7A0} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Highlightly (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\hlsvc (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BUZZ-IT (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\m (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d2848ed3-4cf3-406a-9962-5c2a5759cbd9 (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.

Registry Values Detected: 9
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Fran\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.Optional.MindSpark) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Buzz-it|ImagePath (PUP.Optional.BuzzIT.A) -> Data: C:\Program Files (x86)\Buzz-it-soft\Buzz-it157.exe -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\hlnfd|DisplayName (PUP.Optional.Highlightly) -> Data: hlnfd -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\hlsvc|DisplayName (PUP.Optional.Highlightly) -> Data: Highlightly Client Service -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearc...r=1365871822=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 39
C:\Users\Fran\AppData\Local\StormAlerts (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838 (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly (PUP.Optional.Highlightly) -> Delete on reboot.
C:\Program Files (x86)\Highlightly\3rd Party Licenses (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\IE (PUP.Optional.Highlightly) -> Delete on reboot.
C:\Program Files (x86)\Highlightly\Service (PUP.Optional.Highlightly) -> Delete on reboot.
C:\Users\Fran\AppData\Roaming\MySearchDial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\MySearchDial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\ct3315828 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE\CT3315828 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\Qwiklinx (PUP.Optional.Qwiklinx.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\Qwiklinx\TestFeeds (PUP.Optional.Qwiklinx.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Qwiklinx (PUP.Optional.Qwiklinx.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.

Files Detected: 224
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.Optional.AudioToAudioToolBar.A) -> Delete on reboot.
C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (PUP.Optional.AirInstaller) -> Delete on reboot.
C:\Users\Fran\AppData\LocalLow\Produtools_Manuals_2.1_B2\ldrtbPro0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Users\Fran\AppData\LocalLow\Produtools_Manuals_2.1_B2\tbPro0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Users\Fran\AppData\LocalLow\Produtools_Manuals_2.1_B2\hktbPro0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39sknlcr.dll (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\IE\HighlightlyClientIE.dll (PUP.Optional.Highlightly) -> Delete on reboot.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\airDE11.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\airDE6D.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\nsq85A8.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\nst8C5E.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\nsw8887.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\nsxC8ED.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\SPSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\is1419591421\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\is877618373\345731816_stp\ConvertFilesforFree_7.12_Ironcore3_release.exe (PUP.Optional.FastFreeConverter.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsbF550.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsc8DAF.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsd35EF.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsf30A9.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nshD091.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsj8A5D.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nslD5F9.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsm3B90.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsm6291.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nst827A.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nstAF7A.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsuEBF3.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Fran\Downloads\iLividSetup-r988-n-bi.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Fran\Downloads\iTunesSetup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\Fran\Downloads\setup (1).exe (PUP.Optional.AirAdInstaller) -> Quarantined and deleted successfully.
C:\Users\Fran\Downloads\setup.exe (PUP.Optional.AirAdInstaller) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Conduit\CT3297955\Produtools_Manuals_2.1_B2AutoUpdateHelper.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\Fran\Local Settings\Temporary Internet Files\IE\B4NE01KI\setup.exe (PUP.Optional.AirAdInstaller) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Buzz-it Update.job (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\StormAlertsU.dat (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\mod.StormAlertsApp0.dat (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\StormAlertsApp0.dat (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\StormAlertsK.dat (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.100.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.101.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.102.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.103.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.104.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.105.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.106.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.107.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.108.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.109.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.110.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.111.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.112.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.113.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.114.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.115.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.116.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.117.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.118.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.119.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.120.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.121.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.122.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.123.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.124.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.125.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.126.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.127.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.65.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.66.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.67.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.68.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.69.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.70.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.71.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.72.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.73.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.74.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.75.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.76.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.77.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.78.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.79.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.80.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.81.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.82.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.83.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.84.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.85.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.86.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.87.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.88.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.89.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.90.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.91.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.92.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.93.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.94.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.95.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.96.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.97.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.98.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\StormAlerts\1214204838\3606.99.tmp (PUP.Optional.StormAlerts.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\PCHealthKit.chm (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\CookiesException.txt (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\file_id.diz (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\HomePage.url (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\scan.gif (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\StartupList.txt (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Health Kit\unins000.dat (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_1390839656790 (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1389828907839 (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1390839655165 (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391018127157 (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391449426800 (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\terms-of-service.rtf (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\Uninstall.exe (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\3rd Party Licenses\buildcrx-license.txt (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\3rd Party Licenses\Info-ZIP-license.txt (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\3rd Party Licenses\nsJSON-license.txt (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\3rd Party Licenses\SimpleSC-license.txt (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\3rd Party Licenses\UAC-license.txt (PUP.Optional.Highlightly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Highlightly\Service\hlsvc.exe (PUP.Optional.Highlightly) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.Optional.MindSpark) -> Delete on reboot.
C:\Users\Fran\AppData\Roaming\MySearchDial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\MySearchDial\UpdateProc\info.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\MySearchDial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\MySearchDial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\MySearchDial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\ct3315828\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Local\Temp\ct3315828\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE\CT3315828\configutaion.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninst.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\Qwiklinx\Test.htm (PUP.Optional.Qwiklinx.A) -> Quarantined and deleted successfully.
C:\Users\Fran\AppData\Roaming\Qwiklinx\TestFeeds\topkeywords.dat (PUP.Optional.Qwiklinx.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Qwiklinx\unins000.dat (PUP.Optional.Qwiklinx.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\157.dat (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\157.xpi (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\a.db (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\b.db (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\Buzz-it157.bin (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\Buzzi.exe (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\Sqlite3.dll (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Buzz-it-soft\Uninstall.exe (PUP.Optional.BuzzIT.A) -> Quarantined and deleted successfully.

(end)

 



#2 SmartestBot Re: [RESOLVED] I got a program called Super Fast PC

SmartestBot

    SmartestBot

  • Moderators
  • 103 posts
  • 0 topics
    • Time Online: 2m 46s
  • Joined December 03, 2013
  • Skin: IP.Board
  • Local time: 07:12 PM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows 8
  • Country:
Offline

Posted 12 March 2014 - 02:45 AM

Welcome threeputt to Virus, Spyware and Malware Removal forum.
 
This is an automated message from Broni, SmartestComputing malware removal specialist.
 
Please be patient.
I'll reply to your post as soon as possible.
Usually I'm around here after 4PM PST (sometimes earlier) and whole days on weekends.
 
If you haven't done so make sure you complete all steps listed here:  BEFORE YOU POST, PLEASE READ THIS!
 
Broni

#3 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 12 March 2014 - 02:47 AM

Please, observe following rules:

  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

===============================

 

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

p22002970.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

p22002970.gif Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.


p22003266.jpg  p22003279.jpgp4279089.jpg


#4 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 03:16 AM

I am not sure this is the right log. The first time I run the ADWCleaner it showed something about pc backup. I put a check and clicked clean and the computer froze. I finally got it back running and again I run adwcleaner. I did not see anything but I went ahead and it rebooted. It took forever to boot but here is a log. The Trojan keeps blocking my screen so maybe I can get all needed here

# AdwCleaner v3.021 - Report created 11/03/2014 at 22:03:12
# Updated 10/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Fran - FRANS
# Running from : C:\Users\Fran\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

*************************

AdwCleaner[R0].txt - [11326 octets] - [11/03/2014 21:57:11]
AdwCleaner[R1].txt - [728 octets] - [11/03/2014 22:02:43]
AdwCleaner[S0].txt - [10675 octets] - [11/03/2014 21:57:50]
AdwCleaner[S1].txt - [650 octets] - [11/03/2014 22:03:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [709 octets] ##########



#5 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 03:29 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by Fran on Tue 03/11/2014 at 22:20:19.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.dynamicbarbutton
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.dynamicbarbutton.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.feedmanager
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.feedmanager.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlmenu
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlmenu.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlpanel
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlpanel.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.multiplebutton
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.multiplebutton.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.pseudotransparentplugin
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.pseudotransparentplugin.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radio
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radio.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radiosettings
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radiosettings.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.scriptbutton
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.scriptbutton.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.settingsplugin
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.settingsplugin.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.thirdpartyinstaller
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.thirdpartyinstaller.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.urlalertbutton
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.urlalertbutton.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.xmlsessionplugin
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.xmlsessionplugin.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{173A5778-34BF-48A2-8A5E-6963CE922FED}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1796EC91-D094-4A5F-B681-E16015D1CEAC}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{26842A09-FFA8-4E2C-AE12-0C80F01C3295}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37ED966D-4D0E-4D66-9633-BEA542C92860}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4F28FA5F-7D15-4753-B4FC-D548A0F02BFB}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5E1BDCF6-DD5F-4DD3-8783-B1454AEF1830}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7D4DFAF7-F2CE-4C91-91A4-514C9612914D}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9B58A6CE-B337-43D5-9C2F-8C6D92FBA094}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A083C35D-61A9-4625-BBB6-FB54E71B8527}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A35FF019-6DBE-4044-B080-6F3FA78A947F}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B70E008C-967B-4104-BC7B-6F7C77DBC38D}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C4A25B73-8EF5-4282-9D21-C8920DD577A1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CAE88E60-CEA5-4FCB-B611-54EA6305D8AB}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DB1384D8-1BDA-4C8D-A743-E9CA671FEB00}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E045DF14-BF1D-405C-A37B-A75C1551AD17}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F3477E9D-D2F6-49F0-9B23-854D7958D07E}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{173A5778-34BF-48A2-8A5E-6963CE922FED}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1796EC91-D094-4A5F-B681-E16015D1CEAC}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{37ED966D-4D0E-4D66-9633-BEA542C92860}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4F28FA5F-7D15-4753-B4FC-D548A0F02BFB}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5E1BDCF6-DD5F-4DD3-8783-B1454AEF1830}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7D4DFAF7-F2CE-4C91-91A4-514C9612914D}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9B58A6CE-B337-43D5-9C2F-8C6D92FBA094}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A083C35D-61A9-4625-BBB6-FB54E71B8527}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A35FF019-6DBE-4044-B080-6F3FA78A947F}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B70E008C-967B-4104-BC7B-6F7C77DBC38D}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C4A25B73-8EF5-4282-9D21-C8920DD577A1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAE88E60-CEA5-4FCB-B611-54EA6305D8AB}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DB1384D8-1BDA-4C8D-A743-E9CA671FEB00}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E045DF14-BF1D-405C-A37B-A75C1551AD17}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F3477E9D-D2F6-49F0-9B23-854D7958D07E}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{173A5778-34BF-48A2-8A5E-6963CE922FED}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1796EC91-D094-4A5F-B681-E16015D1CEAC}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{37ED966D-4D0E-4D66-9633-BEA542C92860}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4F28FA5F-7D15-4753-B4FC-D548A0F02BFB}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{5E1BDCF6-DD5F-4DD3-8783-B1454AEF1830}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7D4DFAF7-F2CE-4C91-91A4-514C9612914D}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9B58A6CE-B337-43D5-9C2F-8C6D92FBA094}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A083C35D-61A9-4625-BBB6-FB54E71B8527}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A35FF019-6DBE-4044-B080-6F3FA78A947F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{B70E008C-967B-4104-BC7B-6F7C77DBC38D}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C4A25B73-8EF5-4282-9D21-C8920DD577A1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{CAE88E60-CEA5-4FCB-B611-54EA6305D8AB}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DB1384D8-1BDA-4C8D-A743-E9CA671FEB00}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E045DF14-BF1D-405C-A37B-A75C1551AD17}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F3477E9D-D2F6-49F0-9B23-854D7958D07E}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{173A5778-34BF-48A2-8A5E-6963CE922FED}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1796EC91-D094-4A5F-B681-E16015D1CEAC}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{37ED966D-4D0E-4D66-9633-BEA542C92860}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4F28FA5F-7D15-4753-B4FC-D548A0F02BFB}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{5E1BDCF6-DD5F-4DD3-8783-B1454AEF1830}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{7D4DFAF7-F2CE-4C91-91A4-514C9612914D}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9B58A6CE-B337-43D5-9C2F-8C6D92FBA094}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A083C35D-61A9-4625-BBB6-FB54E71B8527}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A35FF019-6DBE-4044-B080-6F3FA78A947F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B70E008C-967B-4104-BC7B-6F7C77DBC38D}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C4A25B73-8EF5-4282-9D21-C8920DD577A1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CAE88E60-CEA5-4FCB-B611-54EA6305D8AB}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DB1384D8-1BDA-4C8D-A743-E9CA671FEB00}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E045DF14-BF1D-405C-A37B-A75C1551AD17}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F3477E9D-D2F6-49F0-9B23-854D7958D07E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{00886BDB-B28C-4103-BA3B-4E5B195F5040}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{00886BDB-B28C-4103-BA3B-4E5B195F5040}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{00886BDB-B28C-4103-BA3B-4E5B195F5040}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{00886BDB-B28C-4103-BA3B-4E5B195F5040}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 03/11/2014 at 22:27:40.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#6 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 12 March 2014 - 03:34 AM

You did fine. Go on...


p22003266.jpg  p22003279.jpgp4279089.jpg


#7 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 03:40 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2014
Ran by Fran at 2014-03-11 22:35:14
Running from C:\Users\Fran\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon MF Toolbox 4.9.1.1.mf13 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf13 - CANON INC.)
Canon MF4700 Series (HKLM\...\{47A8DB42-4E21-4d55-9931-D4F44CC3F03B}) (Version: 4.1.0.0 - CANON INC.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Convert Files for Free (HKLM-x32\...\Convert Files for Free) (Version: 7.12 - Convert Files for Free)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Detective (HKLM-x32\...\{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}) (Version: 8.1 - PC Drivers HeadQuarters)
Driver Manager (HKLM-x32\...\{177CD779-4EEC-43C5-8DEA-4E0EC103624B}) (Version: 8.1 - Driver Manager)
DriverNavigator 3.3.2 (HKLM\...\DriverNavigator_is1) (Version: 3.3.2.0 - Easeware)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
LogMeIn (HKLM-x32\...\{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}) (Version: 4.1.3268 - LogMeIn, Inc.)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MapsGalaxy Firefox Toolbar (HKLM-x32\...\MapsGalaxy_39bar Uninstall Firefox) (Version:  - Mindspark Interactive Network)
MapsGalaxy Internet Explorer Toolbar (HKLM-x32\...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mjuice Components (HKLM-x32\...\MJuiceWinamp) (Version:  - )
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
Norton Management (HKLM-x32\...\MCLIENT) (Version: 3.2.2.12 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Software Updater version 1.8.3 (HKLM-x32\...\Software Updater_is1) (Version: 1.8.3 - Air Software) <==== ATTENTION
SuperFast PC (HKLM\...\SuperFast PC) (Version: 1.0 - 383 Media, Inc.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Winamp (Remove Only) (HKLM-x32\...\Winamp) (Version:  - )
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

21-02-2014 00:50:30 Windows Update
01-03-2014 20:09:54 Scheduled Checkpoint
10-03-2014 22:53:42 Scheduled Checkpoint

==================== Hosts content: ==========================

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00798296-67CD-4EF5-BDE2-3A8DC40ABB6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {060F100F-6CA7-411B-B0C6-0404770C4168} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {0AE9739B-86D8-4601-A389-662423B33A79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22429E30-0950-4233-84CA-E95B7620B531} - \MySearchDial No Task File
Task: {272B1A7B-B649-4B39-8428-8F8AAB3FD7A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-16] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3CC1E569-52F1-4D4F-82B9-A9806A2923F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {43188CD4-CC21-4A9B-B7D4-B1671B5D537D} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {4817B624-7F72-4ACA-A915-17FCE0D6F50D} - System32\Tasks\Driver Manager-RTMUpdater => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [2013-09-24] (PC Drivers Headquarters)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A87F161-90C6-477F-8B7C-41CD7E833A6D} - System32\Tasks\Driver Manager-RTMScan => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [2013-09-24] (PC Drivers Headquarters)
Task: {4EB7CFAA-E02C-4933-A3C0-2BBDD10A0D20} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [2014-02-20] (PC Drivers Headquarters)
Task: {50512C6D-B06E-45BB-8A73-A0C800074B5B} - System32\Tasks\Driver Detective-RTMScanRunOnce => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [2014-02-20] (PC Drivers Headquarters)
Task: {533AAE8D-FC3A-4AEF-BA83-82713DE6BC29} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-18] (Symantec Corporation)
Task: {54410CBB-0DC3-4AB8-831B-1494E28E543F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {5BCC9E26-6E66-4AE0-87D6-72F22BD285CF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {63A1EAC6-4C69-4229-B536-2A18D1682321} - System32\Tasks\HPCeeScheduleForFran => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71BA2004-DACB-492F-BD1A-9A227DF09A9E} - System32\Tasks\Driver Manager-RTMRules => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [2013-09-24] (PC Drivers Headquarters)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7FF3AB87-9153-4ABF-B206-F620ADE33317} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-18] (Symantec Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89EA5981-6642-4289-9C61-2F787C901E24} - \BackgroundContainer Startup Task No Task File
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9007AE0E-1F8D-4980-B31A-07D74ECAC395} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [2014-02-20] (PC Drivers Headquarters)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A176F8ED-102B-4ACC-B937-834C207FCB50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {A5C3653C-0C64-4F13-B87C-2F3F503E984C} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [2013-05-10] (Easeware)
Task: {A610C725-832E-44F9-B526-CAE26DA01BCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B4CF08E0-8D55-4A29-84E4-9F76C7455130} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [2014-02-20] (PC Drivers Headquarters)
Task: {B906A80C-2266-4FB9-9249-5759E75DAC6D} - System32\Tasks\SuperFastPC_AutorunOnStartup => C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe [2014-01-28] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E4A69ED3-38FE-469F-916A-848671274A2D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-14] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E729E694-BC96-4820-9144-80A816BA7CA6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForFran.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-01-28 05:21 - 2014-01-28 05:21 - 00252928 _____ () C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe
2013-07-31 18:22 - 2013-10-31 10:07 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-07-31 18:22 - 2013-10-31 10:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-07-31 18:22 - 2013-10-31 10:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-02-13 18:43 - 2014-02-13 18:43 - 00208384 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\XPBurnComponent\73d1e9bfb54ec9cf58d97075d97d16ad\XPBurnComponent.ni.dll
2013-08-28 13:51 - 2013-09-24 00:55 - 00638344 _____ () C:\Program Files (x86)\Driver Manager\Driver Manager\ThemePack.DriverManager.dll
2013-08-28 13:26 - 2013-09-24 00:56 - 00412064 _____ () C:\Program Files (x86)\Driver Manager\Driver Manager\Agent.Communication.XmlSerializers.dll
2014-02-20 11:35 - 2014-02-20 11:35 - 00823168 _____ () C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\ThemePack.Default.dll
2014-02-20 11:35 - 2014-02-20 11:35 - 00428448 _____ () C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Agent.Communication.XmlSerializers.dll
2013-07-07 06:50 - 2013-07-07 06:50 - 00024576 _____ () C:\Program Files (x86)\Winamp\winampa.exe
2014-01-28 12:10 - 2014-01-28 12:10 - 00636024 _____ () C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe
2013-10-26 13:02 - 2013-10-26 13:02 - 00120224 _____ () C:\Users\Fran\AppData\Local\assembly\dl3\PYRD4HBE.KT0\A3M1AWPZ.LZX\00db1144\00ef7209_0886cd01\HPItunesModule.DLL
2014-01-14 18:37 - 2014-01-14 18:37 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-27 10:58 - 2014-02-27 10:58 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-30 18:42 - 2012-05-30 01:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2013-06-30 18:42 - 2012-05-30 01:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Fran\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Fran\SkyDrive (2).old:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/11/2014 10:34:26 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't parse JSON update object

Error: (03/11/2014 10:19:25 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't parse JSON update object

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a value of the remote_log registry value, code: 2

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a value of the remote_log registry value, code: 2

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2

Error: (03/11/2014 09:53:35 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't parse JSON update object

Error: (03/11/2014 09:38:33 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't parse JSON update object

Error: (03/11/2014 09:23:31 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a value of the remote_log registry value, code: 2

Error: (03/11/2014 09:23:31 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2

System errors:
=============
Error: (03/11/2014 10:09:36 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (03/11/2014 10:06:35 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (03/11/2014 10:04:23 PM) (Source: Service Control Manager) (User: )
Description: The HP Registration Service service failed to start due to the following error:
%%1053

Error: (03/11/2014 10:04:23 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Registration Service service to connect.

Error: (03/11/2014 10:03:13 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (03/11/2014 09:57:51 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (03/11/2014 09:28:25 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (03/11/2014 09:25:37 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (03/11/2014 09:23:31 PM) (Source: Service Control Manager) (User: )
Description: The HP Registration Service service failed to start due to the following error:
%%1053

Error: (03/11/2014 09:23:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Registration Service service to connect.

Microsoft Office Sessions:
=========================
Error: (03/11/2014 10:34:26 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't parse JSON update object

Error: (03/11/2014 10:19:25 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't parse JSON update object

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't query a value of the remote_log registry value, code: 2

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't query a value of the remote_log registry value, code: 2

Error: (03/11/2014 10:04:23 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2

Error: (03/11/2014 09:53:35 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't parse JSON update object

Error: (03/11/2014 09:38:33 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't parse JSON update object

Error: (03/11/2014 09:23:31 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't query a value of the remote_log registry value, code: 2

Error: (03/11/2014 09:23:31 PM) (Source: ConvertFilesforFree)(User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2

==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3556.9 MB
Available physical RAM: 1658.52 MB
Total Pagefile: 4196.9 MB
Available Pagefile: 2040.1 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444 GB) (Free:399.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.95 GB) (Free:2.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 93042D6C)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2014
Ran by Fran (administrator) on FRANS on 11-03-2014 22:34:30
Running from C:\Users\Fran\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInRC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
(PC Drivers Headquarters) C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
() C:\Program Files (x86)\Winamp\winampa.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Thisisu) C:\Users\Fran\Desktop\JRT.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.)
HKLM\...\Run: [MapsGalaxy Home Page Guard 64 bit] - "C:\PROGRA~2\MAPSGA~2\bar\1.bin\APPINT~1.EXE"
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\Winampa.exe [24576 2013-07-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\...\Run: [Driver Manager] - C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296 2013-09-24] (PC Drivers Headquarters)
HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\...\Run: [Driver Detective] - C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [4680600 2014-02-20] (PC Drivers Headquarters)
HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\...\MountPoints2: {62b0c6f6-44af-11e3-be8e-7c050725c91f} - "G:\LaunchU3.exe" -a
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\Fran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
URLSearchHook: HKCU - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {00886BDB-B28C-4103-BA3B-4E5B195F5040} URL = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {00886BDB-B28C-4103-BA3B-4E5B195F5040} URL = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKLM-x32 - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = http://search.tb.ask...or={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: ConvertFilesforFree - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFree_x64.dll (Convert Files for Free)
BHO: Highlightly - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll No File
BHO-x32: ConvertFilesforFree - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFree.dll (Convert Files for Free)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

==================== Services (Whitelisted) =================

R2 ConvertFilesforFreeUpdt; C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe [252928 2014-01-28] ()
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
S2 HPRegistrationSvc; c:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe [205216 2012-07-18] (Hewlett-Packard)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-02-04] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-02-04] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
R2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-04] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140309.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140311.001\ENG64.SYS [126040 2014-01-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140311.001\EX64.SYS [2099288 2014-01-30] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-30] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-11 22:34 - 2014-03-11 22:34 - 00016595 _____ () C:\Users\Fran\Desktop\FRST.txt
2014-03-11 22:33 - 2014-03-11 22:34 - 00000000 ____D () C:\FRST
2014-03-11 22:32 - 2014-03-11 22:32 - 02157056 _____ (Farbar) C:\Users\Fran\Desktop\FRST64.exe
2014-03-11 22:27 - 2014-03-11 22:27 - 00013681 _____ () C:\Users\Fran\Desktop\JRT.txt
2014-03-11 22:20 - 2014-03-11 22:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-11 22:17 - 2014-03-11 22:17 - 01037734 _____ (Thisisu) C:\Users\Fran\Desktop\JRT.exe
2014-03-11 21:57 - 2014-03-11 22:03 - 00000000 ____D () C:\AdwCleaner
2014-03-11 21:55 - 2014-03-11 21:55 - 01949184 _____ () C:\Users\Fran\Desktop\adwcleaner.exe
2014-03-11 21:37 - 2014-03-11 21:37 - 00688992 _____ (Swearware) C:\Users\Fran\Desktop\dds.com
2014-03-11 20:47 - 2014-03-11 20:47 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 20:47 - 2014-03-11 20:47 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\Malwarebytes
2014-03-11 20:47 - 2014-03-11 20:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-11 20:47 - 2014-03-11 20:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 20:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-11 20:36 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-11 20:36 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-11 20:36 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-11 20:36 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-11 20:36 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-11 20:36 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-11 20:36 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-11 20:36 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-11 20:36 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-11 20:36 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-11 20:36 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-11 20:36 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-11 20:36 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-11 20:36 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-11 20:36 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-11 20:36 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-11 20:36 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-11 20:36 - 2013-12-20 05:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-11 20:36 - 2013-12-20 05:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-11 20:35 - 2014-01-31 11:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-11 20:35 - 2014-01-31 11:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-11 20:35 - 2014-01-31 11:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-11 20:35 - 2014-01-31 08:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-11 20:35 - 2014-01-31 04:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-11 20:35 - 2014-01-29 04:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-11 20:35 - 2014-01-29 03:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-11 20:35 - 2014-01-29 03:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-11 20:35 - 2014-01-29 03:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-11 20:35 - 2014-01-29 03:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-11 20:35 - 2014-01-29 02:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-11 20:35 - 2014-01-29 02:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-11 20:35 - 2014-01-29 02:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-11 20:35 - 2014-01-29 01:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-11 20:35 - 2014-01-28 19:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-11 20:35 - 2014-01-27 14:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-11 20:35 - 2014-01-27 14:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-11 20:35 - 2014-01-27 14:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-11 20:35 - 2014-01-27 13:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-11 20:35 - 2014-01-27 13:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-11 20:35 - 2014-01-27 13:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-11 20:35 - 2014-01-27 13:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-11 20:35 - 2014-01-27 13:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-11 20:35 - 2014-01-27 12:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-11 20:35 - 2014-01-27 12:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-11 20:35 - 2014-01-27 12:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-11 20:35 - 2014-01-27 10:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-11 20:35 - 2014-01-27 10:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-11 20:35 - 2014-01-27 06:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-11 20:35 - 2014-01-17 18:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-11 20:35 - 2014-01-17 16:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-11 20:35 - 2013-12-21 09:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-11 20:35 - 2013-12-21 03:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-11 20:35 - 2013-10-30 19:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-11 20:35 - 2013-10-30 19:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-11 20:35 - 2013-10-30 19:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-11 20:34 - 2014-02-10 22:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-11 20:34 - 2014-02-10 21:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-11 20:34 - 2014-02-10 21:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-11 01:12 - 2014-03-11 22:14 - 00000440 _____ () C:\WINDOWS\SysWOW64\ff.bin
2014-03-11 01:08 - 2014-03-11 22:10 - 00000536 _____ () C:\WINDOWS\SysWOW64\schtasks.bin
2014-03-10 18:15 - 2014-03-11 22:10 - 00003290 _____ () C:\WINDOWS\System32\Tasks\SuperFastPC_AutorunOnStartup
2014-03-10 18:15 - 2014-03-10 18:18 - 00000000 ____D () C:\Program Files (x86)\SuperFastPC
2014-03-10 18:15 - 2014-03-10 18:15 - 00001071 _____ () C:\Users\Public\Desktop\SuperFast PC.lnk
2014-03-10 18:14 - 2014-03-11 21:49 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\Activeris
2014-03-10 18:13 - 2014-03-10 18:13 - 00001987 _____ () C:\Users\Fran\Desktop\Sync Folder.lnk
2014-03-06 20:18 - 2014-03-06 20:18 - 00003838 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMScan
2014-03-06 20:18 - 2014-03-06 20:18 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMUpdater
2014-03-06 20:18 - 2014-03-06 20:18 - 00003822 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMRules
2014-03-06 20:18 - 2014-03-06 20:18 - 00003522 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMScanRunOnce
2014-03-06 20:18 - 2014-03-06 20:18 - 00002491 _____ () C:\Users\Public\Desktop\Driver Detective.lnk
2014-03-06 20:18 - 2014-03-06 20:18 - 00000000 ____D () C:\Users\Fran\Downloads\PC Drivers HeadQuarters
2014-03-06 20:18 - 2014-03-06 20:18 - 00000000 ____D () C:\Users\Fran\.swt
2014-03-06 20:18 - 2014-03-06 20:18 - 00000000 ____D () C:\ProgramData\PC Drivers HeadQuarters
2014-03-06 20:17 - 2014-03-06 20:24 - 00000000 ____D () C:\Users\Fran\Incomplete
2014-03-06 20:17 - 2014-03-06 20:17 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters
2014-03-06 20:16 - 2014-03-06 20:16 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\InstallX Search Protect for Yahoo
2014-03-06 20:15 - 2014-03-11 21:22 - 00000000 ____D () C:\Program Files (x86)\Software Updater
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\Yahoo!
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-03-06 20:06 - 2014-03-06 20:06 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-06 20:06 - 2014-03-06 20:06 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-06 20:06 - 2014-03-06 20:06 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-03-06 20:06 - 2014-03-06 20:06 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-06 20:06 - 2014-03-06 20:06 - 00000000 ____D () C:\ProgramData\Sun
2014-03-06 20:06 - 2014-03-06 20:06 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-06 19:57 - 2014-03-07 12:57 - 00000091 _____ () C:\Users\Fran\AppData\Roaming\WB.CFG
2014-03-06 19:57 - 2014-03-06 20:37 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\MP3Rocket
2014-03-06 19:57 - 2014-03-06 20:37 - 00000000 ____D () C:\Program Files (x86)\MP3 Rocket
2014-03-06 19:57 - 2014-03-06 20:06 - 29141928 _____ (Oracle Corporation) C:\Users\Fran\Desktop\jre-7u51-windows-i586.exe
2014-03-06 19:57 - 2014-03-06 19:57 - 00000000 ____D () C:\Program Files (x86)\Convert Files for Free
2014-02-15 14:55 - 2013-12-08 19:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-15 14:55 - 2013-12-08 19:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-15 14:55 - 2013-11-27 10:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-15 14:55 - 2013-11-27 10:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-15 14:55 - 2013-11-27 09:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-15 14:55 - 2013-11-27 08:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-15 14:55 - 2013-11-27 07:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-15 14:55 - 2013-11-27 05:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-15 14:55 - 2013-11-27 05:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-15 14:55 - 2013-11-27 05:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-15 14:55 - 2013-11-27 04:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-15 14:55 - 2013-11-27 04:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-15 14:55 - 2013-11-27 04:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-15 14:55 - 2013-11-27 04:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-15 14:55 - 2013-11-27 03:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-15 14:55 - 2013-11-27 03:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-15 14:55 - 2013-11-26 08:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-15 14:55 - 2013-11-26 08:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-15 14:55 - 2013-11-26 06:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-15 14:55 - 2013-11-26 04:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-15 14:55 - 2013-11-26 03:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-15 14:55 - 2013-11-24 20:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-15 14:55 - 2013-11-24 20:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-15 14:55 - 2013-11-24 18:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-15 14:55 - 2013-11-24 18:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-15 14:55 - 2013-11-23 07:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-15 14:55 - 2013-11-23 06:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-15 14:55 - 2013-11-23 03:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-15 14:55 - 2013-11-23 02:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-15 14:55 - 2013-11-23 02:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-15 14:55 - 2013-11-23 02:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-15 14:55 - 2013-11-22 23:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-15 14:55 - 2013-11-22 22:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-15 14:55 - 2013-11-22 22:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-15 14:55 - 2013-11-22 22:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-15 14:55 - 2013-11-22 22:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-15 14:55 - 2013-11-22 22:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-15 14:55 - 2013-11-22 22:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-15 14:55 - 2013-11-21 01:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-15 14:55 - 2013-11-21 01:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-15 14:55 - 2013-11-15 09:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-15 14:55 - 2013-11-15 09:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-15 14:55 - 2013-11-15 09:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-15 14:55 - 2013-11-15 08:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-15 14:55 - 2013-10-30 19:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-15 14:55 - 2013-10-30 18:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-12 17:49 - 2014-01-07 00:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 17:49 - 2014-01-06 23:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 17:49 - 2013-12-08 19:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 17:49 - 2013-12-08 19:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 17:49 - 2013-12-08 18:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 17:49 - 2013-12-08 18:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 17:49 - 2013-11-21 01:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 17:49 - 2013-11-21 00:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 17:48 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 17:48 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 17:48 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 17:48 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 17:48 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 17:48 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 17:48 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 17:48 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 17:48 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 17:48 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 17:48 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 17:48 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 17:48 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 17:48 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 17:48 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 17:48 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 17:48 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 17:48 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 17:48 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 17:48 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 17:45 - 2014-01-04 15:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 17:45 - 2014-01-04 14:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 17:45 - 2014-01-04 09:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 17:45 - 2014-01-04 09:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 17:45 - 2014-01-04 08:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 17:45 - 2014-01-04 08:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 17:45 - 2014-01-04 08:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 17:45 - 2014-01-04 08:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 17:45 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 17:45 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 17:44 - 2014-01-07 02:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 17:44 - 2014-01-07 00:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 17:44 - 2013-12-20 05:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 17:44 - 2013-12-20 01:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 17:44 - 2013-12-08 21:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 17:44 - 2013-12-08 20:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 17:41 - 2014-01-09 03:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 17:41 - 2014-01-09 02:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 17:41 - 2014-01-09 02:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 17:41 - 2014-01-09 02:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 17:41 - 2014-01-09 02:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 17:41 - 2014-01-09 02:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 17:41 - 2014-01-09 02:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 17:41 - 2014-01-09 02:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 17:41 - 2014-01-09 02:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 17:41 - 2014-01-09 02:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-12 12:35 - 2014-02-12 12:35 - 05098698 _____ () C:\Users\Fran\Downloads\Attachments_2014212.zip
2014-02-11 14:00 - 2014-03-10 17:28 - 00000340 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForFran.job
2014-02-11 14:00 - 2014-03-03 18:28 - 00003152 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForFran
2014-02-11 13:59 - 2014-02-11 13:59 - 00002239 _____ () C:\Users\Fran\Desktop\HP Support Assistant.lnk
2014-02-11 13:56 - 2014-02-11 13:56 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-11 13:54 - 2014-02-11 13:54 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\hpqLog

==================== One Month Modified Files and Folders =======

2014-03-11 22:34 - 2014-03-11 22:34 - 00016595 _____ () C:\Users\Fran\Desktop\FRST.txt
2014-03-11 22:34 - 2014-03-11 22:33 - 00000000 ____D () C:\FRST
2014-03-11 22:32 - 2014-03-11 22:32 - 02157056 _____ (Farbar) C:\Users\Fran\Desktop\FRST64.exe
2014-03-11 22:29 - 2013-10-26 10:09 - 01503617 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-11 22:27 - 2014-03-11 22:27 - 00013681 _____ () C:\Users\Fran\Desktop\JRT.txt
2014-03-11 22:26 - 2013-06-29 21:18 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1010789812-1138081517-2076650591-1001
2014-03-11 22:20 - 2014-03-11 22:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-11 22:17 - 2014-03-11 22:17 - 01037734 _____ (Thisisu) C:\Users\Fran\Desktop\JRT.exe
2014-03-11 22:14 - 2014-03-11 01:12 - 00000440 _____ () C:\WINDOWS\SysWOW64\ff.bin
2014-03-11 22:10 - 2014-03-11 01:08 - 00000536 _____ () C:\WINDOWS\SysWOW64\schtasks.bin
2014-03-11 22:10 - 2014-03-10 18:15 - 00003290 _____ () C:\WINDOWS\System32\Tasks\SuperFastPC_AutorunOnStartup
2014-03-11 22:09 - 2014-02-06 15:22 - 00000000 __RDO () C:\Users\Fran\SkyDrive
2014-03-11 22:04 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-11 22:03 - 2014-03-11 21:57 - 00000000 ____D () C:\AdwCleaner
2014-03-11 22:03 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-11 22:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-11 21:58 - 2013-06-29 21:10 - 00000000 ___RD () C:\Users\Fran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-11 21:55 - 2014-03-11 21:55 - 01949184 _____ () C:\Users\Fran\Desktop\adwcleaner.exe
2014-03-11 21:49 - 2014-03-10 18:14 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\Activeris
2014-03-11 21:48 - 2013-06-29 21:10 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7E2F33E3-4E81-492B-9663-B9A7BAC818F6}
2014-03-11 21:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-11 21:37 - 2014-03-11 21:37 - 00688992 _____ (Swearware) C:\Users\Fran\Desktop\dds.com
2014-03-11 21:29 - 2013-09-29 23:04 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-11 21:22 - 2014-03-06 20:15 - 00000000 ____D () C:\Program Files (x86)\Software Updater
2014-03-11 21:22 - 2013-09-29 22:55 - 00076334 _____ () C:\WINDOWS\PFRO.log
2014-03-11 21:22 - 2013-08-22 09:44 - 00484248 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-11 21:19 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-11 21:19 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-11 21:19 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-11 21:19 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-11 20:47 - 2014-03-11 20:47 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 20:47 - 2014-03-11 20:47 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\Malwarebytes
2014-03-11 20:47 - 2014-03-11 20:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-11 20:47 - 2014-03-11 20:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 11:39 - 2013-07-01 22:55 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-03-11 11:39 - 2013-07-01 22:55 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-11 11:37 - 2013-08-10 21:07 - 00000000 ____D () C:\Users\Fran\AppData\Local\CrashDumps
2014-03-11 01:06 - 2013-08-13 14:56 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-03-10 18:18 - 2014-03-10 18:15 - 00000000 ____D () C:\Program Files (x86)\SuperFastPC
2014-03-10 18:15 - 2014-03-10 18:15 - 00001071 _____ () C:\Users\Public\Desktop\SuperFast PC.lnk
2014-03-10 18:13 - 2014-03-10 18:13 - 00001987 _____ () C:\Users\Fran\Desktop\Sync Folder.lnk
2014-03-10 17:28 - 2014-02-11 14:00 - 00000340 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForFran.job
2014-03-07 12:57 - 2014-03-06 19:57 - 00000091 _____ () C:\Users\Fran\AppData\Roaming\WB.CFG
2014-03-06 20:42 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-06 20:37 - 2014-03-06 19:57 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\MP3Rocket
2014-03-06 20:37 - 2014-03-06 19:57 - 00000000 ____D () C:\Program Files (x86)\MP3 Rocket
2014-03-06 20:24 - 2014-03-06 20:17 - 00000000 ____D () C:\Users\Fran\Incomplete
2014-03-06 20:18 - 2014-03-06 20:18 - 00003838 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMScan
2014-03-06 20:18 - 2014-03-06 20:18 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMUpdater
2014-03-06 20:18 - 2014-03-06 20:18 - 00003822 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMRules
2014-03-06 20:18 - 2014-03-06 20:18 - 00003522 _____ () C:\WINDOWS\System32\Tasks\Driver Detective-RTMScanRunOnce
2014-03-06 20:18 - 2014-03-06 20:18 - 00002491 _____ () C:\Users\Public\Desktop\Driver Detective.lnk
2014-03-06 20:18 - 2014-03-06 20:18 - 00000000 ____D () C:\Users\Fran\Downloads\PC Drivers HeadQuarters
2014-03-06 20:18 - 2014-03-06 20:18 - 00000000 ____D () C:\Users\Fran\.swt
2014-03-06 20:18 - 2014-03-06 20:18 - 00000000 ____D () C:\ProgramData\PC Drivers HeadQuarters
2014-03-06 20:18 - 2013-10-26 10:01 - 00000000 ____D () C:\Users\Fran
2014-03-06 20:18 - 2013-09-20 02:50 - 00000000 ____D () C:\Users\Fran\AppData\Local\PC_Drivers_Headquarters
2014-03-06 20:17 - 2014-03-06 20:17 - 00000000 ____D () C:\Program Files (x86)\PC Drivers HeadQuarters
2014-03-06 20:16 - 2014-03-06 20:16 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\InstallX Search Protect for Yahoo
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\Yahoo!
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-03-06 20:15 - 2014-03-06 20:15 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-03-06 20:06 - 2014-03-06 20:06 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-06 20:06 - 2014-03-06 20:06 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-06 20:06 - 2014-03-06 20:06 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-03-06 20:06 - 2014-03-06 20:06 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-06 20:06 - 2014-03-06 20:06 - 00000000 ____D () C:\ProgramData\Sun
2014-03-06 20:06 - 2014-03-06 20:06 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-06 20:06 - 2014-03-06 19:57 - 29141928 _____ (Oracle Corporation) C:\Users\Fran\Desktop\jre-7u51-windows-i586.exe
2014-03-06 19:57 - 2014-03-06 19:57 - 00000000 ____D () C:\Program Files (x86)\Convert Files for Free
2014-03-04 17:53 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 17:53 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-03 18:28 - 2014-02-11 14:00 - 00003152 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForFran
2014-03-01 01:05 - 2014-03-11 20:36 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-28 23:58 - 2014-03-11 20:36 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-28 23:30 - 2014-03-11 20:36 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-28 23:17 - 2014-03-11 20:36 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-28 22:54 - 2014-03-11 20:36 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-28 22:47 - 2014-03-11 20:36 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-28 22:42 - 2014-03-11 20:36 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-28 22:18 - 2014-03-11 20:36 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-28 22:14 - 2014-03-11 20:36 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-28 22:10 - 2014-03-11 20:36 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-28 22:03 - 2014-03-11 20:36 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-28 21:57 - 2014-03-11 20:36 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-28 21:38 - 2014-03-11 20:36 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-28 21:32 - 2014-03-11 20:36 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-28 21:27 - 2014-03-11 20:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-28 21:25 - 2014-03-11 20:36 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-28 21:25 - 2014-03-11 20:36 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-17 22:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-17 18:26 - 2013-04-11 11:02 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-17 18:17 - 2013-06-29 21:10 - 00000000 ___RD () C:\Users\Fran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 18:14 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 18:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 18:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-16 18:54 - 2013-08-14 11:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 18:51 - 2013-07-01 05:06 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-12 19:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-12 19:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-12 19:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-12 12:35 - 2014-02-12 12:35 - 05098698 _____ () C:\Users\Fran\Downloads\Attachments_2014212.zip
2014-02-11 13:59 - 2014-02-11 13:59 - 00002239 _____ () C:\Users\Fran\Desktop\HP Support Assistant.lnk
2014-02-11 13:59 - 2013-04-11 11:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-11 13:58 - 2013-04-11 11:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2014-02-11 13:58 - 2013-04-11 11:00 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-11 13:56 - 2014-02-11 13:56 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-11 13:54 - 2014-02-11 13:54 - 00000000 ____D () C:\Users\Fran\AppData\Roaming\hpqLog
2014-02-11 13:54 - 2012-08-01 22:15 - 00000000 ____D () C:\SWSETUP
2014-02-10 22:04 - 2014-03-11 20:34 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-10 21:43 - 2014-03-11 20:34 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-02-10 21:04 - 2014-03-11 20:34 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

Some content of TEMP:
====================
C:\Users\Fran\AppData\Local\Temp\69D5_SoftwareUpdaterSetupC.exe
C:\Users\Fran\AppData\Local\Temp\air15A7.exe
C:\Users\Fran\AppData\Local\Temp\air1FDB.exe
C:\Users\Fran\AppData\Local\Temp\air2CEB.exe
C:\Users\Fran\AppData\Local\Temp\air3DBA.exe
C:\Users\Fran\AppData\Local\Temp\air3DBD.exe
C:\Users\Fran\AppData\Local\Temp\air69D4.exe
C:\Users\Fran\AppData\Local\Temp\air740C.exe
C:\Users\Fran\AppData\Local\Temp\air77E6.exe
C:\Users\Fran\AppData\Local\Temp\airAE71.exe
C:\Users\Fran\AppData\Local\Temp\airC53D.exe
C:\Users\Fran\AppData\Local\Temp\airE46C.exe
C:\Users\Fran\AppData\Local\Temp\airFB7F.exe
C:\Users\Fran\AppData\Local\Temp\BackupSetup.exe
C:\Users\Fran\AppData\Local\Temp\helper.exe
C:\Users\Fran\AppData\Local\Temp\Quarantine.exe
C:\Users\Fran\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\Fran\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\Fran\AppData\Local\Temp\sp64126.exe
C:\Users\Fran\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Fran\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-11 20:35] - [2014-01-31 11:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02

 

LastRegBack: 2014-03-11 12:36

==================== End Of Log ============================

 



#8 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 12 March 2014 - 03:47 AM

p22002970.gif Uninstall Software Updater.

 

p22002970.gif Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attached Files


p22003266.jpg  p22003279.jpgp4279089.jpg


#9 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 03:59 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2014
Ran by Fran at 2014-03-11 22:57:07 Run:1
Running from C:\Users\Fran\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {22429E30-0950-4233-84CA-E95B7620B531} - \MySearchDial No Task File
Task: {89EA5981-6642-4289-9C61-2F787C901E24} - \BackgroundContainer Startup Task No Task File
Task: {B906A80C-2266-4FB9-9249-5759E75DAC6D} - System32\Tasks\SuperFastPC_AutorunOnStartup => C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe [2014-01-28] ()
2014-01-28 12:10 - 2014-01-28 12:10 - 00636024 _____ () C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe
AlternateDataStreams: C:\Users\Fran\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Fran\SkyDrive (2).old:ms-properties
C:\Program Files (x86)\SuperFastPC
() C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
URLSearchHook: HKCU - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
BHO: Highlightly - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll No File
BHO-x32: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll No File
BHO-x32: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
S4 LMIRfsClientNP; No ImagePath
2014-03-10 18:15 - 2014-03-11 22:10 - 00003290 _____ () C:\WINDOWS\System32\Tasks\SuperFastPC_AutorunOnStartup
2014-03-10 18:15 - 2014-03-10 18:18 - 00000000 ____D () C:\Program Files (x86)\SuperFastPC
2014-03-10 18:15 - 2014-03-10 18:15 - 00001071 _____ () C:\Users\Public\Desktop\SuperFast PC.lnk
C:\Users\Fran\AppData\Local\Temp\69D5_SoftwareUpdaterSetupC.exe
C:\Users\Fran\AppData\Local\Temp\air15A7.exe
C:\Users\Fran\AppData\Local\Temp\air1FDB.exe
C:\Users\Fran\AppData\Local\Temp\air2CEB.exe
C:\Users\Fran\AppData\Local\Temp\air3DBA.exe
C:\Users\Fran\AppData\Local\Temp\air3DBD.exe
C:\Users\Fran\AppData\Local\Temp\air69D4.exe
C:\Users\Fran\AppData\Local\Temp\air740C.exe
C:\Users\Fran\AppData\Local\Temp\air77E6.exe
C:\Users\Fran\AppData\Local\Temp\airAE71.exe
C:\Users\Fran\AppData\Local\Temp\airC53D.exe
C:\Users\Fran\AppData\Local\Temp\airE46C.exe
C:\Users\Fran\AppData\Local\Temp\airFB7F.exe
C:\Users\Fran\AppData\Local\Temp\BackupSetup.exe
C:\Users\Fran\AppData\Local\Temp\helper.exe
C:\Users\Fran\AppData\Local\Temp\Quarantine.exe
C:\Users\Fran\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\Fran\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\Fran\AppData\Local\Temp\sp64126.exe
C:\Users\Fran\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Fran\AppData\Local\Temp\vcredist_x64.exe

*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22429E30-0950-4233-84CA-E95B7620B531} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22429E30-0950-4233-84CA-E95B7620B531} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{89EA5981-6642-4289-9C61-2F787C901E24} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89EA5981-6642-4289-9C61-2F787C901E24} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B906A80C-2266-4FB9-9249-5759E75DAC6D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B906A80C-2266-4FB9-9249-5759E75DAC6D} => Key deleted successfully.
C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SuperFastPC_AutorunOnStartup => Key deleted successfully.
C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe => Moved successfully.
"C:\Users\Fran\SkyDrive" => ":ms-properties" ADS not found.
"C:\Users\Fran\SkyDrive (2).old" => ":ms-properties" ADS not found.
C:\Program Files (x86)\SuperFastPC => Moved successfully.
C:\Program Files (x86)\SuperFastPC\SuperFastPC.exe => No running process found
"C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} => Key deleted successfully.
HKCR\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
LMIRfsClientNP => Service deleted successfully.
"C:\WINDOWS\System32\Tasks\SuperFastPC_AutorunOnStartup" => File/Directory not found.
"C:\Program Files (x86)\SuperFastPC" => File/Directory not found.
C:\Users\Public\Desktop\SuperFast PC.lnk => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\69D5_SoftwareUpdaterSetupC.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air15A7.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air1FDB.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air2CEB.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air3DBA.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air3DBD.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air69D4.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air740C.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\air77E6.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\airAE71.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\airC53D.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\airE46C.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\airFB7F.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\helper.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\SfpcHelper_installFinish.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\SfpcHelper_installStart.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\sp64126.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
C:\Users\Fran\AppData\Local\Temp\vcredist_x64.exe => Moved successfully.

==== End of Fixlog ====



#10 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 12 March 2014 - 04:04 AM

Very good :)

 

p22002970.gif Download RogueKiller from one of the following links and save it to your Desktop:


  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

 

p22002970.gif Create new restore point before proceeding with the next step....
How to: http://www.smartestc...nt-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22003266.jpg  p22003279.jpgp4279089.jpg


#11 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 04:30 AM

RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Fran [Admin rights]
Mode : Remove -- Date : 03/11/2014 23:27:10
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] FRST64.exe -- C:\Users\Fran\Desktop\FRST64.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AAKX-60U6AA0 +++++
--- User ---
[MBR] b177bd8170b11999cf9233d1be876d6f
[BSP] 37ff2531226fa71e0647053768d3235f : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_03112014_232710.txt >>
RKreport[0]_S_03112014_231902.txt



#12 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 05:03 AM

mbar clean<br />Malwarebytes Anti-Rootkit BETA 1.07.0.1009<br />www.malwarebytes.org<br /><br />Database version: v2014.03.12.02<br /><br />Windows 8 x64 NTFS<br />Internet Explorer 11.0.9600.16521<br />Fran :: FRANS [administrator]<br /><br />3/11/2014 11:44:16 PM<br />mbar-log-2014-03-11 (23-44-16).txt<br /><br />Scan type: Quick scan<br />Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken<br />Scan options disabled:<br />Objects scanned: 242498<br />Time elapsed: 12 minute(s), 39 second(s)<br /><br />Memory Processes Detected: 0<br />(No malicious items detected)<br /><br />Memory Modules Detected: 0<br />(No malicious items detected)<br /><br />Registry Keys Detected: 0<br />(No malicious items detected)<br /><br />Registry Values Detected: 0<br />(No malicious items detected)<br /><br />Registry Data Items Detected: 0<br />(No malicious items detected)<br /><br />Folders Detected: 0<br />(No malicious items detected)<br /><br />Files Detected: 0<br />(No malicious items detected)<br /><br />Physical Sectors Detected: 0<br />(No malicious items detected)<br /><br />(end)<br />---------------------------------------<br />Malwarebytes Anti-Rootkit BETA 1.07.0.1009<br /><br />© Malwarebytes Corporation 2011-2012<br /><br />OS version: 6.2.9200 Windows 8 x64<br /><br />Account is Administrative<br /><br />Internet Explorer version: 11.0.9600.16521<br /><br />File system is: NTFS<br />Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED<br />CPU speed: 2.795000 GHz<br />Memory total: 3729682432, free: 1686310912<br /><br />Downloaded database version: v2014.03.12.02<br />Downloaded database version: v2014.02.20.01<br />=======================================<br />Initializing...<br />------------ Kernel report ------------<br />03/11/2014 23:44:10<br />------------ Loaded modules -----------<br />\SystemRoot\system32\ntoskrnl.exe<br />\SystemRoot\system32\hal.dll<br />\SystemRoot\system32\kd.dll<br />\SystemRoot\system32\mcupdate_AuthenticAMD.dll<br />\SystemRoot\System32\drivers\werkernel.sys<br />\SystemRoot\System32\drivers\CLFS.SYS<br />\SystemRoot\System32\drivers\tm.sys<br />\SystemRoot\system32\PSHED.dll<br />\SystemRoot\system32\BOOTVID.dll<br />\SystemRoot\system32\CI.dll<br />\SystemRoot\System32\drivers\msrpc.sys<br />\SystemRoot\system32\drivers\Wdf01000.sys<br />\SystemRoot\system32\drivers\WDFLDR.SYS<br />\SystemRoot\System32\Drivers\acpiex.sys<br />\SystemRoot\System32\Drivers\WppRecorder.sys<br />\SystemRoot\System32\drivers\ACPI.sys<br />\SystemRoot\System32\drivers\WMILIB.SYS<br />\SystemRoot\System32\Drivers\cng.sys<br />\SystemRoot\System32\drivers\msisadrv.sys<br />\SystemRoot\System32\drivers\pci.sys<br />\SystemRoot\System32\drivers\vdrvroot.sys<br />\SystemRoot\system32\drivers\pdc.sys<br />\SystemRoot\System32\drivers\partmgr.sys<br />\SystemRoot\System32\drivers\spaceport.sys<br />\SystemRoot\System32\drivers\volmgr.sys<br />\SystemRoot\System32\drivers\volmgrx.sys<br />\SystemRoot\System32\drivers\mountmgr.sys<br />\SystemRoot\System32\drivers\storahci.sys<br />\SystemRoot\System32\drivers\storport.sys<br />\SystemRoot\system32\drivers\fltmgr.sys<br />\SystemRoot\System32\drivers\fileinfo.sys<br />\SystemRoot\System32\Drivers\Ntfs.sys<br />\SystemRoot\System32\Drivers\ksecdd.sys<br />\SystemRoot\System32\drivers\pcw.sys<br />\SystemRoot\System32\Drivers\Fs_Rec.sys<br />\SystemRoot\system32\drivers\ndis.sys<br />\SystemRoot\system32\drivers\NETIO.SYS<br />\SystemRoot\System32\Drivers\ksecpkg.sys<br />\SystemRoot\System32\drivers\tcpip.sys<br />\SystemRoot\System32\drivers\fwpkclnt.sys<br />\SystemRoot\system32\DRIVERS\wfplwfs.sys<br />\SystemRoot\System32\DRIVERS\fvevol.sys<br />\SystemRoot\System32\drivers\volsnap.sys<br />\SystemRoot\System32\drivers\rdyboost.sys<br />\SystemRoot\System32\Drivers\mup.sys<br />\SystemRoot\System32\drivers\intelpep.sys<br />\SystemRoot\System32\drivers\disk.sys<br />\SystemRoot\System32\drivers\CLASSPNP.SYS<br />\SystemRoot\System32\Drivers\crashdmp.sys<br />\SystemRoot\System32\drivers\cdrom.sys<br />\SystemRoot\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys<br />\SystemRoot\System32\Drivers\Null.SYS<br />\SystemRoot\System32\Drivers\Beep.SYS<br />\SystemRoot\System32\drivers\BasicRender.sys<br />\SystemRoot\System32\drivers\dxgkrnl.sys<br />\SystemRoot\System32\drivers\watchdog.sys<br />\SystemRoot\System32\drivers\dxgmms1.sys<br />\SystemRoot\System32\drivers\BasicDisplay.sys<br />\SystemRoot\system32\DRIVERS\lmimirr.sys<br />\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS<br />\SystemRoot\System32\Drivers\Npfs.SYS<br />\SystemRoot\System32\Drivers\Msfs.SYS<br />\SystemRoot\system32\DRIVERS\tdx.sys<br />\SystemRoot\system32\DRIVERS\TDI.SYS<br />\SystemRoot\System32\DRIVERS\netbt.sys<br />\SystemRoot\system32\drivers\afd.sys<br />\SystemRoot\system32\DRIVERS\pacer.sys<br />\SystemRoot\system32\DRIVERS\netbios.sys<br />\SystemRoot\system32\DRIVERS\rdbss.sys<br />\SystemRoot\system32\DRIVERS\wanarp.sys<br />\SystemRoot\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS<br />\??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS<br />\SystemRoot\system32\drivers\nsiproxy.sys<br />\SystemRoot\System32\drivers\npsvctrig.sys<br />\SystemRoot\System32\drivers\mssmbios.sys<br />\SystemRoot\System32\Drivers\dfsc.sys<br />\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys<br />\SystemRoot\system32\DRIVERS\ahcache.sys<br />\SystemRoot\System32\drivers\CompositeBus.sys<br />\SystemRoot\system32\DRIVERS\kdnic.sys<br />\SystemRoot\System32\drivers\umbus.sys<br />\SystemRoot\system32\DRIVERS\atikmpag.sys<br />\SystemRoot\system32\DRIVERS\atikmdag.sys<br />\SystemRoot\system32\DRIVERS\Rt630x64.sys<br />\SystemRoot\System32\Drivers\fastfat.SYS<br />\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys<br />\SystemRoot\System32\drivers\usbohci.sys<br />\SystemRoot\System32\drivers\USBPORT.SYS<br />\SystemRoot\System32\drivers\usbfilter.sys<br />\SystemRoot\System32\drivers\usbehci.sys<br />\SystemRoot\System32\drivers\HDAudBus.sys<br />\SystemRoot\System32\drivers\sdbus.sys<br />\SystemRoot\System32\drivers\amdppm.sys<br />\SystemRoot\System32\drivers\NdisVirtualBus.sys<br />\SystemRoot\System32\drivers\swenum.sys<br />\SystemRoot\System32\drivers\ks.sys<br />\SystemRoot\System32\drivers\rdpbus.sys<br />\SystemRoot\System32\drivers\usbhub.sys<br />\SystemRoot\System32\drivers\USBD.SYS<br />\SystemRoot\system32\drivers\RTKVHD64.sys<br />\SystemRoot\system32\drivers\portcls.sys<br />\SystemRoot\system32\drivers\drmk.sys<br />\SystemRoot\system32\drivers\ksthunk.sys<br />\SystemRoot\System32\Drivers\dump_diskdump.sys<br />\SystemRoot\System32\Drivers\dump_storahci.sys<br />\SystemRoot\System32\Drivers\dump_dumpfve.sys<br />\SystemRoot\System32\drivers\USBSTOR.SYS<br />\SystemRoot\System32\drivers\usbccgp.sys<br />\SystemRoot\system32\DRIVERS\usbscan.sys<br />\SystemRoot\System32\drivers\usbprint.sys<br />\SystemRoot\System32\drivers\hidusb.sys<br />\SystemRoot\System32\drivers\HIDCLASS.SYS<br />\SystemRoot\System32\drivers\HIDPARSE.SYS<br />\SystemRoot\System32\drivers\mouhid.sys<br />\SystemRoot\System32\drivers\mouclass.sys<br />\SystemRoot\System32\drivers\kbdhid.sys<br />\SystemRoot\System32\drivers\kbdclass.sys<br />\SystemRoot\System32\win32k.sys<br />\SystemRoot\System32\drivers\monitor.sys<br />\SystemRoot\System32\TSDDD.dll<br />\SystemRoot\System32\cdd.dll<br />\SystemRoot\system32\drivers\luafv.sys<br />\SystemRoot\system32\DRIVERS\lltdio.sys<br />\SystemRoot\system32\DRIVERS\rspndr.sys<br />\SystemRoot\system32\drivers\HTTP.sys<br />\SystemRoot\system32\DRIVERS\bowser.sys<br />\SystemRoot\System32\drivers\mpsdrv.sys<br />\SystemRoot\system32\DRIVERS\mrxsmb.sys<br />\SystemRoot\system32\DRIVERS\mrxsmb20.sys<br />\??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys<br />\??\C:\windows\system32\drivers\LMIRfsDriver.sys<br />\SystemRoot\system32\DRIVERS\mrxsmb10.sys<br />\SystemRoot\system32\drivers\Ndu.sys<br />\SystemRoot\system32\drivers\peauth.sys<br />\SystemRoot\System32\Drivers\secdrv.SYS<br />\SystemRoot\System32\DRIVERS\srvnet.sys<br />\SystemRoot\System32\drivers\tcpipreg.sys<br />\SystemRoot\system32\DRIVERS\tunnel.sys<br />\SystemRoot\System32\DRIVERS\srv2.sys<br />\SystemRoot\System32\DRIVERS\srv.sys<br />\SystemRoot\System32\drivers\condrv.sys<br />\SystemRoot\system32\drivers\NISx64\1404000.028\SYMDS64.SYS<br />\SystemRoot\system32\drivers\NISx64\1404000.028\ccSetx64.sys<br />\SystemRoot\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS<br />\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140309.001\IDSvia64.sys<br />\SystemRoot\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS<br />\SystemRoot\system32\drivers\NISx64\1404000.028\Ironx64.SYS<br />\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140214.001\BHDrvx64.sys<br />\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys<br />\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys<br />\SystemRoot\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS<br />\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140311.001\EX64.SYS<br />\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140311.001\ENG64.SYS<br />\SystemRoot\System32\lmimirr.dll<br />\SystemRoot\System32\lmimirr2.dll<br />\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys<br />\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys<br />----------- End -----------<br />Done!<br />&lt;&lt;&lt;1&gt;&gt;&gt;<br />Upper Device Name: \Device\Harddisk1\DR1<br />Upper Device Object: 0xffffe00001822770<br />Upper Device Driver Name: \Driver\disk\<br />Lower Device Name: \Device\00000030\<br />Lower Device Object: 0xffffe00001a9d5c0<br />Lower Device Driver Name: \Driver\USBSTOR\<br />&lt;&lt;&lt;1&gt;&gt;&gt;<br />Upper Device Name: \Device\Harddisk0\DR0<br />Upper Device Object: 0xffffe00000fcd060<br />Upper Device Driver Name: \Driver\disk\<br />Lower Device Name: \Device\00000022\<br />Lower Device Object: 0xffffe00000d6e060<br />Lower Device Driver Name: \Driver\storahci\<br />&lt;&lt;&lt;2&gt;&gt;&gt;<br />Physical Sector Size: 512<br />Drive: 0, DevicePointer: 0xffffe00000fcd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\<br />--------- Disk Stack ------<br />DevicePointer: 0xffffe00000fcda40, DeviceName: Unknown, DriverName: \Driver\partmgr\<br />DevicePointer: 0xffffe00000fcd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\<br />DevicePointer: 0xffffe00000d6e060, DeviceName: \Device\00000022\, DriverName: \Driver\storahci\<br />------------ End ----------<br />Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\<br />Upper DeviceData: 0x0, 0x0, 0x0<br />Lower DeviceData: 0x0, 0x0, 0x0<br />&lt;&lt;&lt;3&gt;&gt;&gt;<br />Volume: C:<br />File system type: NTFS<br />SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<br />&lt;&lt;&lt;2&gt;&gt;&gt;<br />&lt;&lt;&lt;3&gt;&gt;&gt;<br />Volume: C:<br />File system type: NTFS<br />SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<br />Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<br />&lt;&lt;&lt;2&gt;&gt;&gt;<br />&lt;&lt;&lt;3&gt;&gt;&gt;<br />Volume: C:<br />File system type: NTFS<br />SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<br />Read File: File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)<br />Read File: File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)<br />Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)<br />Done!<br />Drive 0<br />Scanning MBR on drive 0...<br />Inspecting partition table:<br />This drive is a GPT Drive.<br />MBR Signature: 55AA<br />Disk Signature: 93042D6C<br /><br />GPT Protective MBR Partition information:<br /><br />Partition 0 type is EFI-GPT (0xee)<br />Partition is NOT ACTIVE.<br />Partition starts at LBA: 1 Numsec = 4294967295<br /><br />Partition 1 type is Empty (0x0)<br />Partition is NOT ACTIVE.<br />Partition starts at LBA: 0 Numsec = 0<br /><br />Partition 2 type is Empty (0x0)<br />Partition is NOT ACTIVE.<br />Partition starts at LBA: 0 Numsec = 0<br /><br />Partition 3 type is Empty (0x0)<br />Partition is NOT ACTIVE.<br />Partition starts at LBA: 0 Numsec = 0<br /><br />GPT Partition information:<br /><br />GPT Header Signature 4546492050415254<br />GPT Header Revision 65536 Size 92 CRC 2065638686<br />GPT Header CurrentLba = 1 BackupLba 976773167<br />GPT Header FirstUsableLba 34 LastUsableLba 976773134<br />GPT Header Guid c7d15431-4a6b-48ff-878f-f3bac0c157af<br />GPT Header Contains 128 partition entries starting at LBA 2<br />GPT Header Partition entry size = 128<br /><br />Backup GPT header Signature 4546492050415254<br />Backup GPT header Revision 65536 Size 92 CRC 2065638686<br />Backup GPT header CurrentLba = 976773167 BackupLba 1<br />Backup GPT header FirstUsableLba 34 LastUsableLba 976773134<br />Backup GPT header Guid c7d15431-4a6b-48ff-878f-f3bac0c157af<br />Backup GPT header Contains 128 partition entries starting at LBA 976773135<br />Backup GPT header Partition entry size = 128<br /><br />Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac<br />Partition ID 4a01ed65-21dc-42c5-bd38-e5dd26a9198a<br />FirstLBA 2048 Last LBA 2097151<br />Attributes 1<br />Partition Name Basic data partition<br /><br />Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b<br />Partition ID 7ce27d1f-4a77-4df3-bc26-8b332f52fb76<br />FirstLBA 2097152 Last LBA 2834431<br />Attributes 0<br />Partition Name EFI system partition<br /><br />GPT Partition 1 is bootable<br />Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae<br />Partition ID edcb6e46-3555-43a8-b72a-afff72ce2f48<br />FirstLBA 2834432 Last LBA 3096575<br />Attributes 0<br />Partition Name Microsoft reserved partition<br /><br />Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7<br />Partition ID b9ea4de6-e6db-48a2-8e28-bfa424382556<br />FirstLBA 3096576 Last LBA 934221823<br />Attributes 0<br />Partition Name Basic data partition<br /><br />Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac<br />Partition ID 6c252c8f-ddeb-410e-a356-8c82f21c18c<br />FirstLBA 934221824 Last LBA 934938623<br />Attributes 1<br />Partition Name<br /><br />Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7<br />Partition ID fdf7630d-f38c-4e00-b7e8-91fbf722cb0<br />FirstLBA 934938624 Last LBA 976773119<br />Attributes 1<br />Partition Name Basic data partition<br /><br />Disk Size: 500107862016 bytes<br />Sector size: 512 bytes<br /><br />Done!<br />Physical Sector Size: 0<br />Drive: 1, DevicePointer: 0xffffe00001822770, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\<br />--------- Disk Stack ------<br />DevicePointer: 0xffffe00001831480, DeviceName: Unknown, DriverName: \Driver\partmgr\<br />DevicePointer: 0xffffe00001822770, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\<br />DevicePointer: 0xffffe00001a9d5c0, DeviceName: \Device\00000030\, DriverName: \Driver\USBSTOR\<br />------------ End ----------<br />Scan finished<br />=======================================<br /><br /><br />Removal queue found; removal started<br />Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...<br />Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...<br />Removal finished<br />

#13 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 12 March 2014 - 05:06 AM

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.


NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingc...ad/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingc...ad/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.


p22003266.jpg  p22003279.jpgp4279089.jpg


#14 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 03:00 PM

I cannot run combofix. I tried Rkill and no go. I  also renamed combo to what you said

rename combofix.exe to your_name.exe

I have disabled Norton Antivirus also

 

 

and It gives me this message.  I was also able to run the other program that was giving me the same messages and I now have the log files  for DDS

Attached Files


Edited by threeputt, 12 March 2014 - 03:24 PM.


#15 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 12 March 2014 - 03:23 PM

I was getting the same message can not be run in compatibility mode when I first tried to run dds. Here are the logs anyway. Not sure you will need this now but thought I would post them in case
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2
Run by Fran at 10:14:33 on 2014-03-12
Microsoft Windows 8.1 6.3.9600.0.1252.1.1033.18.3557.2000 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Windows\System32\skydrive.exe
C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
C:\Windows\System32\SettingSyncHost.exe
C:\WINDOWS\explorer.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInRC.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo.com/
mStart Page = hxxp://www.google.com
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: ConvertFilesforFree: {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFree.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
uRun: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false
uRun: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\Winampa.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Fran\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{FD9050F0-C1E5-4D07-986E-3CD1F583F099} : DHCPNameServer = 10.0.0.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://www.google.com
x64-BHO: ConvertFilesforFree: {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFree_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [MapsGalaxy Home Page Guard 64 bit] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\APPINT~1.EXE"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2013-12-14 39768]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\WINDOWS\System32\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys [2013-9-22 168096]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2013-4-11 92536]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\1404000.028\symnets.sys [2013-6-30 433752]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2013-9-26 239616]
R2 ConvertFilesforFreeUpdt;ConvertFilesforFreeUpdt;C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe [2014-1-28 252928]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-8-29 35232]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2013-6-7 376144]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-4-30 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2013-8-13 72216]
R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe [2013-9-22 143928]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-6-30 144368]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-7-31 1907896]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-2-18 1526488]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\WINDOWS\System32\drivers\NISx64\1404000.028\ccsetx64.sys [2013-6-30 169048]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-29 137648]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140311.001\IDSviA64.sys [2014-3-12 524504]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-8-22 591360]
R3 SymDS;Symantec Data Store;C:\WINDOWS\System32\drivers\NISx64\1404000.028\symds64.sys [2013-6-30 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\drivers\NISx64\1404000.028\symefa64.sys [2013-6-30 1139800]
R3 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\1404000.028\ironx64.sys [2013-6-30 224416]
R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2012-7-16 57000]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\1404000.028\symelam.sys [2013-6-30 23448]
S2 HPRegistrationSvc;HP Registration Service;C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe [2012-7-18 205216]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2014-2-12 111616]
S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-14 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-16 57176]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2013-8-22 37768]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2014-3-11 124760]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2014-3-11 348392]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912]
SUnknown LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2014-03-12 14:30:55 -------- d-sh--w- C:\$RECYCLE.BIN
2014-03-12 04:44:10 119000 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2014-03-12 04:44:10 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-12 04:40:29 91352 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2014-03-12 03:33:25 -------- d-----w- C:\FRST
2014-03-12 03:20:18 -------- d-----w- C:\WINDOWS\ERUNT
2014-03-12 02:57:00 -------- d-----w- C:\AdwCleaner
2014-03-12 01:47:47 -------- d-----w- C:\Users\Fran\AppData\Roaming\Malwarebytes
2014-03-12 01:47:34 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-12 01:47:33 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2014-03-12 01:47:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-12 01:35:38 6640640 ----a-w- C:\WINDOWS\System32\mstscax.dll
2014-03-12 01:34:54 4189184 ----a-w- C:\WINDOWS\System32\win32k.sys
2014-03-12 01:34:53 586240 ----a-w- C:\WINDOWS\System32\qedit.dll
2014-03-12 01:34:53 488448 ----a-w- C:\WINDOWS\SysWow64\qedit.dll
2014-03-11 06:12:07 440 ----a-w- C:\WINDOWS\SysWow64\ff.bin
2014-03-11 06:08:05 536 ----a-w- C:\WINDOWS\SysWow64\schtasks.bin
2014-03-10 23:14:10 -------- d-----w- C:\Users\Fran\AppData\Roaming\Activeris
2014-03-07 01:18:15 -------- d-----w- C:\ProgramData\PC Drivers HeadQuarters
2014-03-07 01:18:02 -------- d-----w- C:\Users\Fran\.swt
2014-03-07 01:17:51 -------- d-----w- C:\Users\Fran\Incomplete
2014-03-07 01:17:37 -------- d-----w- C:\Program Files (x86)\PC Drivers HeadQuarters
2014-03-07 01:16:11 -------- d-----w- C:\Users\Fran\AppData\Roaming\InstallX Search Protect for Yahoo
2014-03-07 01:15:33 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-03-07 01:15:00 -------- d-----w- C:\Users\Fran\AppData\Local\Programs
2014-03-07 01:06:27 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2014-03-07 00:57:52 -------- d-----w- C:\Users\Fran\AppData\Roaming\MP3Rocket
2014-03-07 00:57:48 -------- d-----w- C:\Program Files (x86)\MP3 Rocket
2014-03-07 00:57:42 -------- d-----w- C:\Program Files (x86)\Convert Files for Free
2014-02-12 22:49:26 570880 ----a-w- C:\WINDOWS\System32\msdrm.dll
2014-02-12 22:49:26 444928 ----a-w- C:\WINDOWS\SysWow64\msdrm.dll
2014-02-12 22:49:13 2152448 ----a-w- C:\WINDOWS\System32\msxml3.dll
2014-02-12 22:49:13 1317376 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2014-02-12 22:49:12 4604416 ----a-w- C:\WINDOWS\System32\d2d1.dll
2014-02-12 22:49:12 3936256 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2014-02-12 22:49:12 2397184 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2014-02-12 22:49:11 2071552 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2014-02-12 22:45:06 7416832 ----a-w- C:\WINDOWS\System32\Windows.UI.Search.dll
2014-02-12 22:45:06 13209088 ----a-w- C:\WINDOWS\System32\twinui.dll
2014-02-12 22:45:05 4961792 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
2014-02-12 22:45:05 11702272 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2014-02-12 22:45:04 830976 ----a-w- C:\WINDOWS\SysWow64\SearchFolder.dll
2014-02-12 22:45:04 1462216 ----a-w- C:\WINDOWS\System32\propsys.dll
2014-02-12 22:45:04 1202888 ----a-w- C:\WINDOWS\SysWow64\propsys.dll
2014-02-12 22:45:04 1105408 ----a-w- C:\WINDOWS\System32\SearchFolder.dll
2014-02-12 22:44:27 548864 ----a-w- C:\WINDOWS\System32\vbscript.dll
2014-02-12 22:44:27 454656 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2014-02-12 22:44:13 835584 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2014-02-12 22:44:13 1113040 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2014-02-12 22:44:11 18944 ----a-w- C:\WINDOWS\System32\pcaui.exe
2014-02-12 22:44:11 17408 ----a-w- C:\WINDOWS\SysWow64\pcaui.exe
2014-02-12 22:41:31 4217344 ----a-w- C:\WINDOWS\System32\SyncEngine.dll
2014-02-12 22:41:30 919040 ----a-w- C:\WINDOWS\System32\MrmCoreR.dll
2014-02-12 22:41:30 870912 ----a-w- C:\WINDOWS\System32\SkyDrive.exe
2014-02-12 22:41:30 720384 ----a-w- C:\WINDOWS\System32\SkyDriveTelemetry.dll
2014-02-12 22:41:30 628736 ----a-w- C:\WINDOWS\SysWow64\MrmCoreR.dll
2014-02-12 22:41:30 2804224 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2014-02-12 22:41:29 121344 ----a-w- C:\WINDOWS\System32\SkyDriveShell.dll
2014-02-12 22:41:29 115712 ----a-w- C:\WINDOWS\System32\winbici.dll
2014-02-12 22:41:29 105984 ----a-w- C:\WINDOWS\SysWow64\SkyDriveShell.dll
2014-02-12 22:41:29 1020928 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2014-02-11 18:56:46 -------- d-----w- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-11 18:54:27 -------- d-----w- C:\Users\Fran\AppData\Roaming\hpqLog
.
==================== Find3M ====================
.
2014-03-04 22:53:05 105464 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 22:53:04 693240 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-03-01 03:54:33 5768704 ----a-w- C:\WINDOWS\System32\jscript9.dll
2014-03-01 03:14:15 4244480 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\WINDOWS\System32\wininet.dll
2014-03-01 02:32:16 1820160 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2014-02-12 22:39:53 442880 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2014-02-06 11:30:46 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\WINDOWS\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\WINDOWS\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\WINDOWS\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\WINDOWS\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\WINDOWS\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2014-02-06 10:01:36 61952 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\WINDOWS\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\WINDOWS\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2014-02-05 23:10:32 58256 ----a-w- C:\WINDOWS\System32\drivers\hlnfd.sys
2014-02-04 17:38:28 107368 ----a-w- C:\WINDOWS\System32\LMIRfsClientNP.dll
2014-02-04 17:38:27 92488 ----a-w- C:\WINDOWS\System32\LMIinit.dll
2014-02-04 17:38:27 35656 ----a-w- C:\WINDOWS\System32\LMIport.dll
2014-01-31 16:15:23 311640 -c--a-w- C:\WINDOWS\System32\drivers\volsnap.sys
2014-01-31 16:07:00 233920 ----a-w- C:\WINDOWS\System32\mfps.dll
2014-01-31 16:06:52 2133208 ----a-w- C:\WINDOWS\System32\mfcore.dll
2014-01-31 13:47:35 2143960 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2014-01-31 09:06:05 716288 ----a-w- C:\WINDOWS\System32\swprv.dll
2014-01-29 08:53:43 458616 ----a-w- C:\WINDOWS\System32\WerFault.exe
2014-01-29 08:53:43 407024 ----a-w- C:\WINDOWS\System32\Faultrep.dll
2014-01-29 08:49:19 1928144 ----a-w- C:\WINDOWS\System32\combase.dll
2014-01-29 08:47:44 2543960 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2014-01-29 07:44:15 408480 ----a-w- C:\WINDOWS\SysWow64\WerFault.exe
2014-01-29 07:44:15 369280 ----a-w- C:\WINDOWS\SysWow64\Faultrep.dll
2014-01-29 07:44:10 1371824 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2014-01-29 06:41:41 208896 ----a-w- C:\WINDOWS\SysWow64\rdpencom.dll
2014-01-29 00:36:40 249856 ----a-w- C:\WINDOWS\System32\rdpencom.dll
2014-01-27 19:07:57 4175360 ----a-w- C:\WINDOWS\System32\dbgeng.dll
2014-01-27 19:06:07 64512 ----a-w- C:\WINDOWS\System32\tsgqec.dll
2014-01-27 19:04:17 160256 ----a-w- C:\WINDOWS\System32\DWWIN.EXE
2014-01-27 18:23:33 2873344 ----a-w- C:\WINDOWS\SysWow64\dbgeng.dll
2014-01-27 18:21:36 53248 ----a-w- C:\WINDOWS\SysWow64\tsgqec.dll
2014-01-27 18:20:16 138752 ----a-w- C:\WINDOWS\SysWow64\DWWIN.EXE
2014-01-27 18:15:28 1057280 ----a-w- C:\WINDOWS\System32\rdvidcrl.dll
2014-01-27 17:43:19 855552 ----a-w- C:\WINDOWS\SysWow64\rdvidcrl.dll
2014-01-27 17:18:53 1486848 ----a-w- C:\WINDOWS\System32\dbghelp.dll
2014-01-27 17:00:35 1238016 ----a-w- C:\WINDOWS\SysWow64\dbghelp.dll
2014-01-27 15:58:36 5770752 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
2014-01-17 23:04:14 764864 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2014-01-17 21:54:30 669352 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2014-01-04 14:52:01 2414592 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll
2013-12-23 00:27:18 92488 ----a-w- C:\WINDOWS\System32\LMIinit.dll.000.bak
2013-12-21 14:51:47 6353960 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2013-12-21 08:54:07 447488 ----a-w- C:\WINDOWS\System32\sppcomapi.dll
2013-12-20 10:18:42 1643584 ----a-w- C:\WINDOWS\System32\winload.efi
2013-12-20 10:18:42 1507704 ----a-w- C:\WINDOWS\System32\winload.exe
.
============= FINISH: 10:14:46.02 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8.1
Boot Device: \Device\HarddiskVolume2
Install Date: 10/26/2013 1:01:16 PM
System Uptime: 3/11/2014 10:04:00 PM (12 hours ago)
.
Motherboard: PEGATRON CORPORATION | | 2ACF
Processor: AMD A4-3420 APU with Radeon™ HD Graphics | P0 | 2800/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 444 GiB total, 397.867 GiB free.
D: is FIXED (NTFS) - 20 GiB total, 2.458 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP22: 2/20/2014 6:50:30 PM - Windows Update
RP23: 3/1/2014 2:09:54 PM - Scheduled Checkpoint
RP24: 3/10/2014 5:53:42 PM - Scheduled Checkpoint
RP25: 3/11/2014 11:36:01 PM - before Mbar
.
==== Installed Programs ======================
.
4 Elements II
Adobe Reader XI (11.0.06)
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bejeweled 3
Bonjour
Build-a-lot 4 - Power Source
Canon MF Toolbox 4.9.1.1.mf13
Canon MF4700 Series
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Convert Files for Free
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink PhotoDirector
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD
D3DX10
Driver Detective
Driver Manager
DriverNavigator 3.3.2
Farm Frenzy
FATE: The Cursed King
Final Drive Fury
FlatOut 2
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.2.3
Hoyle Card Games
HP Connected Music (Meridian - installer)
HP Connected Remote
HP Customer Experience Enhancements
HP Games
HP MyRoom
HP Postscript Converter
HP Quick Start
HP Registration Service
HP Support Assistant
HP Support Information
iTunes
Java 7 Update 51
Java Auto Updater
Jewel Match 3
John Deere Drive Green
LogMeIn
Luxor Evolved
Mahjongg Dimensions Deluxe: Tiles in Time
Malwarebytes Anti-Malware version 1.75.0.1300
MapsGalaxy Firefox Toolbar
MapsGalaxy Internet Explorer Toolbar
Microsoft Application Error Reporting
Microsoft Office 365 Home Premium - en-us
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mjuice Components
Mortimer Beckett and the Crimson Thief Premium Edition
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Mystery P.I. - Curious Case of Counterfeit Cove
Norton Internet Security
Norton Management
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Peggle Nights
Penguins!
Photo Common
Photo Gallery
Polar Bowler
Polar Golfer
Realtek High Definition Audio Driver
Recovery Manager
Roads of Rome 3
Tales of Lagoona
Update Installer for WildTangent Games App
Vacation Quest - Australia
WildTangent Games
WildTangent Games App
Winamp (Remove Only)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Yahoo! Toolbar
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
3/8/2014 2:58:53 PM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
3/6/2014 7:19:17 PM, Error: Service Control Manager [7034] - The Buzz-it service terminated unexpectedly. It has done this 1 time(s).
3/12/2014 4:03:33 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{b9ea4de6-e6db-48a2-8e28-bfa424382556}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{C66FF53B-713D-459D-BE03-8E90A681BAFD}' was corrupted and it has been recovered. Some data might have been lost.
3/12/2014 10:00:01 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/11/2014 9:23:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
3/11/2014 9:23:31 PM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/11/2014 3:13:26 PM, Error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 2 time(s).
3/11/2014 3:01:27 PM, Error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
3/11/2014 2:59:52 PM, Error: Microsoft-Windows-HttpEvent [15005] - Unable to bind to the underlying transport for [::]:52000. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
3/11/2014 2:28:05 AM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The service has not been started.
3/11/2014 11:06:06 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{b9ea4de6-e6db-48a2-8e28-bfa424382556}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D9CCDD06-7C63-4E01-9AED-BBC5442882E8}' was corrupted and it has been recovered. Some data might have been lost.
3/11/2014 10:09:36 PM, Error: Schannel [36870] - A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.
3/11/2014 10:04:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Registration Service service to connect.
3/11/2014 10:04:23 PM, Error: Service Control Manager [7000] - The HP Registration Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/11/2014 1:06:22 AM, Error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
3/10/2014 6:07:26 PM, Error: Schannel [36887] - A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 80.
3/10/2014 5:55:58 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{b9ea4de6-e6db-48a2-8e28-bfa424382556}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{457104E2-8998-4A00-95C5-B193A70A7571}' was corrupted and it has been recovered. Some data might have been lost.
.
==== End Of File ===========================


Edited by threeputt, 12 March 2014 - 03:25 PM.


#16 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 13 March 2014 - 12:36 AM

Sorry about that.

Combofix won't run under Windows 8.1.

 

How is computer doing anyway?

 

Download OTL to your Desktop.
Alternate download: http://www.itxassoci...T-Tools/OTL.exe

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.


p22003266.jpg  p22003279.jpgp4279089.jpg


#17 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 13 March 2014 - 01:09 AM

Its running better but I am still getting a window while browsing that wants me to buy or update something. I cannot remember what but I will see and let you know. The website cts.adssend keeps popping up when I try and go to your sire.  Back in a minute with more logs


Edited by threeputt, 13 March 2014 - 01:15 AM.


#18 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 13 March 2014 - 01:26 AM

Which browser is affected?


p22003266.jpg  p22003279.jpgp4279089.jpg


#19 threeputt Re: [RESOLVED] I got a program called Super Fast PC

threeputt

    Member

  • Topic Starter
  • Members
  • 289 posts
  • 16 topics
    • Time Online: 2d 53m 51s
  • Joined July 17, 2011
  • Skin: IP.Board
  • Local time: 03:12 AM
  • Zodiac:Aquarius
  • Gender:Male
  • OS:Windows Vista
  • Country:
Offline

Posted 13 March 2014 - 01:29 AM

OTL logfile created on: 3/12/2014 8:19:10 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Fran\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.47 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 48.55% Memory free
4.10 Gb Paging File | 2.00 Gb Available in Paging File | 48.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.00 Gb Total Space | 397.85 Gb Free Space | 89.61% Space Free | Partition Type: NTFS
Drive D: | 19.95 Gb Total Space | 2.46 Gb Free Space | 12.32% Space Free | Partition Type: NTFS
 
Computer Name: FRANS | User Name: Fran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/03/12 20:18:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fran\Desktop\OTL.exe
PRC - [2014/01/28 05:21:56 | 000,252,928 | ---- | M] () -- C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe
PRC - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/07/07 06:50:36 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
PRC - [2012/12/04 20:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/07/07 06:50:36 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
MOD - [2012/05/30 01:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/02/06 05:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/27 10:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/27 04:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/22 23:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/07 22:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/31 10:08:22 | 001,907,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013/10/30 19:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/10/30 19:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/10/26 12:52:08 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013/10/21 20:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/10/04 03:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/29 23:03:28 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/09/29 23:03:28 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/29 23:03:27 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/26 19:02:26 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 04:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/02/04 12:39:05 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2014/02/04 12:38:27 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/01/28 05:21:56 | 000,252,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFreeUpdt.exe -- (ConvertFilesforFreeUpdt)
SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/26 12:52:10 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/10/26 12:52:08 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/10/26 12:52:07 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/09/29 23:03:26 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013/04/30 10:57:00 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/12/04 20:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe -- (MCLIENT)
SRV - [2012/08/29 12:02:16 | 000,035,232 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -- (HPConnectedRemote)
SRV - [2012/07/18 17:19:16 | 000,205,216 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- c:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe -- (HPRegistrationSvc)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/11/10 21:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/09 06:55:11 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/11/01 06:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/30 19:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/30 19:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/30 19:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/10/30 19:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/25 20:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/12 21:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 10:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/29 23:03:25 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/29 23:03:25 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/29 23:03:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/29 22:51:06 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/29 22:51:01 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/26 19:02:28 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/09/26 19:02:26 | 012,526,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 07:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 07:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/30 18:43:35 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/06/18 09:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/05/23 00:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/21 00:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/16 00:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/04/30 10:57:00 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2013/04/30 10:56:42 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2013/04/24 19:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/04/15 21:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/03/04 20:40:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/03/04 20:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/10/03 12:19:14 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys -- (ccSet_MCLIENT)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/16 21:36:29 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/20 16:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symelam.sys -- (SymELAM)
DRV - [2014/03/06 18:27:31 | 000,524,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140311.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/01/30 11:22:58 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140312.001\ex64.sys -- (NAVEX15)
DRV - [2014/01/30 11:22:58 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140312.001\eng64.sys -- (NAVENG)
DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140214.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/11/21 03:23:02 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/11/21 03:23:02 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/04/30 10:57:00 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{00886BDB-B28C-4103-BA3B-4E5B195F5040}: "URL" = http://www.amazon.co...ds={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{00886BDB-B28C-4103-BA3B-4E5B195F5040}: "URL" = http://www.amazon.co...ds={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.tb.ask...or={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2014/01/31 01:08:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2014/03/11 22:06:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{7fb75f3d-5900-4e86-87e3-e67179512aec}: C:\Program Files (x86)\Buzz-it-soft\157.xpi
 
 
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ConvertFilesforFree) - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFree_x64.dll (Convert Files for Free)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (ConvertFilesforFree) - {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - C:\Program Files (x86)\Convert Files for Free\ConvertFilesforFree.dll (Convert Files for Free)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MapsGalaxy Home Page Guard 64 bit] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\APPINT~1.EXE" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\Winampa.exe ()
O4 - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001..\Run: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-1010789812-1138081517-2076650591-1001..\Run: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe (PC Drivers Headquarters)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Fran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD9050F0-C1E5-4D07-986E-3CD1F583F099}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62b0c6f6-44af-11e3-be8e-7c050725c91f}\Shell - "" = AutoRun
O33 - MountPoints2\{62b0c6f6-44af-11e3-be8e-7c050725c91f}\Shell\AutoRun\command - "" = "G:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/03/12 20:18:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fran\Desktop\OTL.exe
[2014/03/12 09:42:09 | 005,188,693 | R--- | C] (Swearware) -- C:\Users\Fran\Desktop\ComboFix.exe
[2014/03/12 09:30:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/03/12 09:24:59 | 000,000,000 | ---D | C] -- C:\Users\Fran\Desktop\rkill
[2014/03/12 09:24:03 | 001,933,048 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Fran\Desktop\rkill.exe
[2014/03/12 09:20:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014/03/12 09:20:54 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2014/03/11 23:44:10 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/11 23:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/03/11 23:40:29 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/03/11 23:40:27 | 000,000,000 | ---D | C] -- C:\Users\Fran\Desktop\mbar
[2014/03/11 23:39:09 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Fran\Desktop\mbar-1.07.0.1009.exe
[2014/03/11 23:14:03 | 000,000,000 | ---D | C] -- C:\Users\Fran\Desktop\RK_Quarantine
[2014/03/11 22:33:25 | 000,000,000 | ---D | C] -- C:\FRST
[2014/03/11 22:32:41 | 002,157,056 | ---- | C] (Farbar) -- C:\Users\Fran\Desktop\FRST64.exe
[2014/03/11 22:20:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/03/11 22:17:47 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Fran\Desktop\JRT.exe
[2014/03/11 21:57:00 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/11 21:37:34 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Fran\Desktop\dds.com
[2014/03/11 20:47:47 | 000,000,000 | ---D | C] -- C:\Users\Fran\AppData\Roaming\Malwarebytes
[2014/03/11 20:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/11 20:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/11 20:47:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/03/11 20:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/03/10 18:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperFast PC
[2014/03/10 18:14:10 | 000,000,000 | ---D | C] -- C:\Users\Fran\AppData\Roaming\Activeris
[2014/03/06 20:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2014/03/06 20:18:02 | 000,000,000 | ---D | C] -- C:\Users\Fran\.swt
[2014/03/06 20:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2014/03/06 20:17:51 | 000,000,000 | ---D | C] -- C:\Users\Fran\Incomplete
[2014/03/06 20:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2014/03/06 20:16:11 | 000,000,000 | ---D | C] -- C:\Users\Fran\AppData\Roaming\InstallX Search Protect for Yahoo
[2014/03/06 20:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2014/03/06 20:15:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/03/06 20:15:35 | 000,000,000 | ---D | C] -- C:\Users\Fran\AppData\Roaming\Yahoo!
[2014/03/06 20:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2014/03/06 20:15:00 | 000,000,000 | ---D | C] -- C:\Users\Fran\AppData\Local\Programs
[2014/03/06 20:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/03/06 20:06:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/03/06 20:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/03/06 20:06:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/03/06 19:57:52 | 000,000,000 | ---D | C] -- C:\Users\Fran\AppData\Roaming\MP3Rocket
[2014/03/06 19:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3 Rocket
[2014/03/06 19:57:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Convert Files for Free
[2014/02/11 13:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
[2014/02/11 13:54:27 | 000,000,000 | ---D | C] -- C:\Users\Fran\AppData\Roaming\hpqLog
 
========== Files - Modified Within 30 Days ==========
 
[2014/03/12 20:18:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fran\Desktop\OTL.exe
[2014/03/12 09:42:09 | 005,188,693 | R--- | M] (Swearware) -- C:\Users\Fran\Desktop\ComboFix.exe
[2014/03/12 09:24:13 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Fran\Desktop\rkill.exe
[2014/03/11 23:44:10 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/11 23:41:01 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Fran\Desktop\mbar-1.07.0.1009.exe
[2014/03/11 23:40:29 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/03/11 23:28:07 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForFran.job
[2014/03/11 23:13:44 | 003,819,008 | ---- | M] () -- C:\Users\Fran\Desktop\RogueKiller.exe
[2014/03/11 22:32:53 | 002,157,056 | ---- | M] (Farbar) -- C:\Users\Fran\Desktop\FRST64.exe
[2014/03/11 22:17:47 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Fran\Desktop\JRT.exe
[2014/03/11 22:14:34 | 000,000,440 | ---- | M] () -- C:\WINDOWS\SysWow64\ff.bin
[2014/03/11 22:10:29 | 000,000,536 | ---- | M] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014/03/11 22:06:14 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/11 22:04:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/11 22:04:07 | 2983,743,488 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/11 21:55:29 | 001,949,184 | ---- | M] () -- C:\Users\Fran\Desktop\adwcleaner.exe
[2014/03/11 21:37:34 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Fran\Desktop\dds.com
[2014/03/11 21:29:25 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/03/11 21:29:25 | 000,794,884 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/03/11 21:29:25 | 000,161,140 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/03/11 21:22:45 | 000,484,248 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/03/11 20:47:37 | 000,001,127 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/10 18:13:43 | 000,001,987 | ---- | M] () -- C:\Users\Fran\Desktop\Sync Folder.lnk
[2014/03/07 12:57:03 | 000,000,091 | ---- | M] () -- C:\Users\Fran\AppData\Roaming\WB.CFG
[2014/03/06 20:18:01 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2014/02/11 13:59:11 | 000,002,239 | ---- | M] () -- C:\Users\Fran\Desktop\HP Support Assistant.lnk
 
========== Files Created - No Company Name ==========
 
[2014/03/11 23:13:44 | 003,819,008 | ---- | C] () -- C:\Users\Fran\Desktop\RogueKiller.exe
[2014/03/11 21:55:16 | 001,949,184 | ---- | C] () -- C:\Users\Fran\Desktop\adwcleaner.exe
[2014/03/11 20:47:36 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/11 20:35:36 | 000,386,722 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/03/11 01:12:07 | 000,000,440 | ---- | C] () -- C:\WINDOWS\SysWow64\ff.bin
[2014/03/11 01:08:05 | 000,000,536 | ---- | C] () -- C:\WINDOWS\SysWow64\schtasks.bin
[2014/03/10 18:13:43 | 000,001,987 | ---- | C] () -- C:\Users\Fran\Desktop\Sync Folder.lnk
[2014/03/06 20:18:01 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2014/03/06 19:57:52 | 000,000,091 | ---- | C] () -- C:\Users\Fran\AppData\Roaming\WB.CFG
[2014/02/12 17:45:04 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/02/12 17:45:04 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/02/11 14:00:09 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForFran.job
[2014/02/11 13:59:11 | 000,002,239 | ---- | C] () -- C:\Users\Fran\Desktop\HP Support Assistant.lnk
[2014/01/15 11:35:11 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/10/26 09:59:08 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/10/26 09:57:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/09/26 19:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 19:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 19:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 19:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 19:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/26 19:02:12 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/07 06:50:42 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2013/07/07 06:50:40 | 000,088,064 | ---- | C] () -- C:\WINDOWS\SysWow64\AudioExCtl.dll
[2013/04/11 11:38:39 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2012/07/25 15:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 15:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 15:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
 
========== ZeroAccess Check ==========
 
[2013/10/28 18:23:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/23 06:49:06 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/23 03:19:35 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/03/11 21:49:55 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\Activeris
[2013/12/15 21:01:53 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\Cartwheel
[2013/09/20 03:15:21 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\Easeware
[2014/03/06 20:16:16 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\InstallX Search Protect for Yahoo
[2014/03/06 20:37:33 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\MP3Rocket
[2013/12/14 12:50:36 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\TreeCardGames
[2013/07/09 05:30:36 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\WebApp
[2013/06/29 21:16:02 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\WildTangent
[2013/07/31 12:38:35 | 000,000,000 | ---D | M] -- C:\Users\Fran\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Fran\SkyDrive (2).old:ms-properties
@Alternate Data Stream - 162 bytes -> C:\Users\Fran\SkyDrive:ms-properties

< End of report >



#20 Broni Re: [RESOLVED] I got a program called Super Fast PC

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,071 posts
  • 2,023 topics
    • Time Online: 206d 20h 52m 52s
  • Joined October 04, 2004
  • Age: 59
  • Skin: Smartest wide
  • Local time: 08:12 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 13 March 2014 - 01:31 AM

Please answer a question from my previous reply.


p22003266.jpg  p22003279.jpgp4279089.jpg





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users