1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Pre-installed windows programs stop working after startup

Discussion in 'Virus & Other Malware Removal' started by Newbienumbernine, Jun 12, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    Note: I actually "fixed" this problem with a system restore, but seeing as how it keeps recurring every few months I'd like to find out what the root problem is.

    So, the programs my laptop had installed with Windows 7 stop working around 1 - 2 minutes after I start up windows. I can still use Firefox, Google Chrome, Skype etc. but any windows-related programs such as Task manager or cmd.exe stop responding. If I use ctrl+alt+del to get to the menu and then return to windows, the whole screen turns black. If I open Skype or other programs like that, they show up on the black and a snapshot of the window stays if I move the window around.
    Also I can't stop the programs, they just get stuck.
    Shutting down the computer shows that all the stuck programs suddenly start working for those few seconds between windows stopping all processes and shutting down the computer.
    I figured it could've been Explorer.exe messing up, but I tried killing that process in the 2 minute window and the system still got stuck. Tried googling for the problem, but didn't seem like anyone else had anything like this.
     
  2. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    As the recurring problem gets fixed for a while using System Restore that would suggest something is corrupting your Registry.

    Please run this tool and post the log so we can see what is on the system and look at the error logs which may give us some clues.

    Please don't use System Restore again until we are finished as that will cause great confusion in the logs. Is the system actually running ok at the moment? When did you last do a System Restore?

    Please download Farbar Recovery Scan Tool and save it to your desktop. Do not get tempted to download Regclean Pro.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
     
  3. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    Yeah, my system is running alright after the system restore. As I said it fixed it. Will download the program, run it and post the results here.
     
  4. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
  5. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    Ran it with default settings. Gave me two files: FRST.txt and Addition.txt. Should I post the file here, copy-paste the whole text or copy-paste parts? Also, both files or just one?
    EDIT: it would be a veeery long list if I copy-pasted both of them in full.
     
  6. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Yes, please post both the logs, you can do them in separate posts if it is easier for you.
     
  7. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    Here.
     

    Attached Files:

  8. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    I'm just posting the log for convenience. I'll get back to this later today.



    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2013 03
    Ran by Demens (administrator) on 12-06-2013 16:20:56
    Running from C:\Users\Demens\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: 040B
    Internet Explorer Version 9
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
    () C:\ProgramData\MobileBrServ\mbbservice.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Akamai Technologies, Inc.) C:\Users\Demens\AppData\Local\Akamai\netsession_win.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Akamai Technologies, Inc.) C:\Users\Demens\AppData\Local\Akamai\netsession_win.exe
    (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
    HKLM\...\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe [310272 2011-11-09] (Saitek)
    HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
    HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
    HKCU\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    HKCU\...\Run: [SaitekInstall] "C:\Windows\temp\MadCatz\Range_RAT7_SD7_64_Drivers\00000000\setup.exe" -S3 -R -WEB [x]
    HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [4910912 2011-08-02] (DT Soft Ltd)
    HKCU\...\Run: [Google Update] "C:\Users\Demens\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-07] (Google Inc.)
    HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18705664 2013-01-08] (Skype Technologies S.A.)
    HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\Demens\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
    MountPoints2: {4b141d43-c26d-11e0-b01b-e0b9a5c58f63} - F:\SETUP.EXE
    MountPoints2: {8685b6f7-733b-11e1-ba7e-f46d044d53a2} - H:\setup.exe
    MountPoints2: {b2f4072c-bdeb-11e0-bcbc-e0b9a5c58f63} - G:\Setup.exe
    MountPoints2: {e07bcb50-1e8c-11e2-9847-806e6f6e6963} - J:\AutoRun.exe
    MountPoints2: {e07bcba6-1e8c-11e2-9847-f46d044d53a2} - J:\AutoRun.exe
    HKLM-x32\...\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
    BootExecute: autocheck autochk * lsdelete

    ==================== Internet (Whitelisted) ====================

    ProxyServer: 81.209.27.28:80
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fi/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
    URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
    URLSearchHook: (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File
    HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    BHO-x32: Microsoft-tilin kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
    BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\coIEPlg.dll (Symantec Corporation)
    BHO-x32: TBSB00808 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Freecorder 6\tbcore3.dll ()
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM-x32 - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Freecorder 6 - {6B34ACCF-1B63-4E1A-8633-461917C75544} - C:\Program Files (x86)\Freecorder 6\tbcore3.dll ()
    Toolbar: HKCU - No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
    DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 62.241.198.245 62.241.198.246

    FireFox:
    ========
    FF ProfilePath: C:\Users\Demens\AppData\Roaming\Mozilla\Firefox\Profiles\lolksnep.default
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

    Chrome:
    =======
    CHR HomePage: hxxp://asus.msn.com/
    CHR RestoreOnStartup: "hxxp://www.google.fi/"
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\Demens\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Demens\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Users\Demens\AppData\Local\Google\Chrome\Application\27.0.1453.110\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    CHR Plugin: (Google Update) - C:\Users\Demens\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
    CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    CHR Extension: (YouTube) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Google Search) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (YouTube to MP3) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajdnhmdgikmjbcggoihnbmnnkbmljlg\0.0.3_0
    CHR Extension: (Freecorder 6) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhilgpnlmgniclikjhefmadegchepcg\2.1.9_0
    CHR Extension: (One Piece: Monkey D. Luffy (1920x1200)) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\egombopaikoeelblebkkilbmgpdofcio\1.0.1_0
    CHR Extension: (APNG) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehkepjiconegkhpodgoaeamnpckdbblp\2.0.4_0
    CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
    CHR Extension: (Gmail) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

    ==================== Services (Whitelisted) =================

    S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [151552 2010-05-25] (Atheros)
    S4 AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [52896 2010-11-26] (Atheros Commnucations)
    S3 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2152152 2011-09-02] (Lavasoft Limited)
    R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [230240 2012-12-23] ()
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
    R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
    R2 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
    R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-10-11] ()
    S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
    S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    S4 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
    S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.011\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-08-03] (DT Soft Ltd)
    R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
    R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    S3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-08-24] ()
    S3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-08-24] ()
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
    S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
    R3 SaiK0CCB; C:\Windows\System32\DRIVERS\SaiK0CCB.sys [180544 2012-09-20] (Saitek)
    R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24640 2011-11-10] (Saitek)
    R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52160 2011-11-10] (Saitek)
    R3 SaiU0CCB; C:\Windows\System32\DRIVERS\SaiU0CCB.sys [47168 2012-09-20] (Saitek)
    S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-03-21] ()
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15712 2013-04-13] ()
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
    U3 addj110r; C:\Windows\System32\Drivers\addj110r.sys [0 ] (JMicron Technology Corporation)
    S3 ipswuio; System32\DRIVERS\ipswuio.sys [x]
    S1 MpKslac681a06; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DEC2C737-7636-4A84-9FE0-CEA70D8BABBE}\MpKslac681a06.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-06-12 16:20 - 2013-06-12 16:20 - 00000000 ____D C:\FRST
    2013-06-12 16:19 - 2013-06-12 16:19 - 01920250 ____A (Farbar) C:\Users\Demens\Desktop\FRST64.exe
    2013-06-10 17:37 - 2013-06-10 17:37 - 00000000 ____D C:\Program Files (x86)\Nightly
    2013-06-07 16:54 - 2013-06-07 16:54 - 00000052 ____A C:\Users\Demens\Desktop\Whine.txt
    2013-06-03 21:12 - 2013-06-03 21:12 - 00000000 ____D C:\Users\Demens\AppData\Local\NVIDIA
    2013-06-03 21:10 - 2013-06-03 21:10 - 00001345 ____A C:\Users\Public\Desktop\GeForce Experience.lnk
    2013-06-03 21:03 - 2013-05-13 00:42 - 27775776 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 21096736 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 15910736 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 15143904 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 13403168 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 11216160 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
    2013-06-03 21:03 - 2013-05-13 00:42 - 09233688 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 07682960 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02942240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02754336 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432018.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432018.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00550176 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00518944 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00443168 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00421152 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2013-06-03 21:03 - 2013-02-25 08:27 - 00194848 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
    2013-06-03 21:03 - 2013-02-25 08:27 - 00031520 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
    2013-06-03 17:43 - 2013-06-03 17:43 - 00000000 ____D C:\Users\Demens\AppData\Local\SCE
    2013-06-03 17:32 - 2013-06-03 17:32 - 00000659 ____A C:\Users\Demens\Desktop\PlanetSide 2 PSG.lnk
    2013-05-27 20:54 - 2013-05-27 20:55 - 00000000 ____D C:\Windows\rescache
    2013-05-18 20:36 - 2013-05-18 20:36 - 00004687 ____A C:\Users\Demens\.recently-used.xbel
    2013-05-17 01:29 - 2013-05-06 00:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-05-17 01:29 - 2013-05-06 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-05-17 01:29 - 2013-05-05 22:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-05-17 01:29 - 2013-05-05 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-05-17 01:28 - 2013-04-05 04:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-05-17 01:28 - 2013-04-05 04:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-05-17 01:28 - 2013-04-05 04:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-05-17 01:28 - 2013-04-05 04:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-05-17 01:28 - 2013-04-05 03:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-05-17 01:28 - 2013-04-05 03:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-05-17 01:28 - 2013-04-05 03:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-05-17 01:28 - 2013-04-05 03:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-05-17 01:28 - 2013-04-05 03:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-05-17 01:28 - 2013-04-05 03:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-05-17 01:28 - 2013-04-05 03:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-05-17 01:28 - 2013-04-05 03:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-05-17 01:28 - 2013-04-05 03:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-05-17 01:28 - 2013-04-05 03:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-05-17 01:28 - 2013-04-05 01:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-05-17 01:28 - 2013-04-05 01:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-05-17 01:28 - 2013-04-05 01:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-05-17 01:28 - 2013-04-05 01:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-05-17 01:28 - 2013-04-05 01:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-05-17 01:28 - 2013-04-05 01:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-05-17 01:28 - 2013-04-05 00:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-05-17 01:28 - 2013-04-05 00:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-05-17 01:28 - 2013-04-05 00:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-05-17 01:28 - 2013-04-05 00:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-05-17 01:28 - 2013-04-05 00:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-05-17 01:28 - 2013-04-05 00:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-05-17 01:28 - 2013-04-05 00:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-05-17 01:28 - 2013-04-05 00:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-05-17 00:42 - 2013-04-10 09:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
    2013-05-17 00:42 - 2013-04-10 09:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
    2013-05-17 00:42 - 2013-04-10 06:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-05-17 00:42 - 2013-03-19 08:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
    2013-05-17 00:42 - 2013-03-19 08:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
    2013-05-17 00:42 - 2013-02-27 09:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
    2013-05-17 00:42 - 2013-02-27 08:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2013-05-17 00:42 - 2013-02-27 08:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
    2013-05-17 00:42 - 2013-02-27 08:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
    2013-05-17 00:42 - 2013-02-27 08:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
    2013-05-17 00:42 - 2013-02-27 07:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2013-05-17 00:42 - 2013-02-27 07:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2013-05-17 00:42 - 2013-02-27 07:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2013-05-17 00:42 - 2011-02-03 14:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll

    ==================== One Month Modified Files and Folders =======

    2013-06-12 16:21 - 2011-10-07 12:39 - 00001022 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842967881-966451212-12483017-1000UA.job
    2013-06-12 16:20 - 2013-06-12 16:20 - 00000000 ____D C:\FRST
    2013-06-12 16:19 - 2013-06-12 16:19 - 01920250 ____A (Farbar) C:\Users\Demens\Desktop\FRST64.exe
    2013-06-12 16:13 - 2011-07-23 18:34 - 00000000 ____D C:\Users\Demens\AppData\Roaming\Skype
    2013-06-12 15:35 - 2011-07-23 16:24 - 00000000 ____D C:\Users\Demens\AppData\Roaming\.minecraft
    2013-06-12 15:34 - 2011-05-26 16:30 - 00001022 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-06-12 15:32 - 2012-06-08 13:04 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-06-12 15:32 - 2011-10-08 03:48 - 00000000 ____D C:\Users\Demens\AppData\Local\PMB Files
    2013-06-12 15:32 - 2011-10-08 03:48 - 00000000 ____D C:\ProgramData\PMB Files
    2013-06-12 14:00 - 2011-07-26 00:55 - 00000000 ____D C:\Users\Demens\AppData\Local\Windows Live
    2013-06-12 13:37 - 2009-07-14 07:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-06-12 13:37 - 2009-07-14 07:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-06-12 13:35 - 2011-05-26 16:20 - 01241601 ____A C:\Windows\WindowsUpdate.log
    2013-06-12 13:28 - 2011-05-26 16:30 - 00001018 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-06-12 13:28 - 2009-07-14 08:08 - 00032606 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2013-06-12 13:28 - 2009-07-14 08:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-06-12 13:27 - 2012-06-28 10:25 - 00044642 ____A C:\Windows\setupact.log
    2013-06-12 13:27 - 2011-08-24 18:14 - 00240091 ____A C:\aaw7boot.log
    2013-06-12 13:27 - 2011-05-26 16:53 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-06-11 22:21 - 2011-10-07 12:39 - 00000970 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842967881-966451212-12483017-1000Core.job
    2013-06-11 15:41 - 2013-04-20 19:40 - 00000000 ____D C:\Users\Demens\AppData\Local\Warframe
    2013-06-11 14:27 - 2013-04-02 05:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-06-11 04:04 - 2013-03-03 12:19 - 00000000 ____D C:\Users\Demens\AppData\Local\Akamai
    2013-06-11 04:04 - 2012-08-17 18:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2013-06-11 04:04 - 2011-07-23 18:32 - 00000000 ___RD C:\Program Files (x86)\Skype
    2013-06-11 04:04 - 2011-05-26 17:02 - 00000000 ____D C:\ProgramData\P4G
    2013-06-11 04:04 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
    2013-06-11 04:03 - 2011-07-23 18:32 - 00000000 ____D C:\ProgramData\Skype
    2013-06-11 03:43 - 2012-05-17 21:43 - 00000000 ____D C:\Users\Demens\AppData\Roaming\Azureus
    2013-06-10 17:37 - 2013-06-10 17:37 - 00000000 ____D C:\Program Files (x86)\Nightly
    2013-06-10 17:06 - 2011-07-23 16:01 - 00000000 ____D C:\users\Demens
    2013-06-08 03:12 - 2011-07-29 16:56 - 00000000 ____D C:\Users\Demens\AppData\Local\CrashDumps
    2013-06-07 16:54 - 2013-06-07 16:54 - 00000052 ____A C:\Users\Demens\Desktop\Whine.txt
    2013-06-05 13:45 - 2012-05-26 20:47 - 00009186 ____A C:\Windows\PFRO.log
    2013-06-03 21:12 - 2013-06-03 21:12 - 00000000 ____D C:\Users\Demens\AppData\Local\NVIDIA
    2013-06-03 21:10 - 2013-06-03 21:10 - 00001345 ____A C:\Users\Public\Desktop\GeForce Experience.lnk
    2013-06-03 21:10 - 2011-10-28 16:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2013-06-03 21:08 - 2011-05-26 16:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2013-06-03 17:43 - 2013-06-03 17:43 - 00000000 ____D C:\Users\Demens\AppData\Local\SCE
    2013-06-03 17:32 - 2013-06-03 17:32 - 00000659 ____A C:\Users\Demens\Desktop\PlanetSide 2 PSG.lnk
    2013-06-03 13:45 - 2009-08-04 14:04 - 00557682 ____A C:\Windows\System32\perfh00B.dat
    2013-06-03 13:45 - 2009-08-04 14:04 - 00129612 ____A C:\Windows\System32\perfc00B.dat
    2013-06-03 13:45 - 2009-07-14 08:13 - 01567366 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-05-31 11:50 - 2012-08-20 22:52 - 00001846 ____A C:\Users\Public\Desktop\Vuze.lnk
    2013-05-31 11:50 - 2012-05-17 21:42 - 00000000 ____D C:\Program Files (x86)\Vuze
    2013-05-31 11:49 - 2013-04-16 00:23 - 00000000 ____A C:\END
    2013-05-28 16:08 - 2012-08-27 12:24 - 00000000 ____D C:\ProgramData\Adobe
    2013-05-28 16:08 - 2012-06-08 13:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-05-28 16:08 - 2011-08-28 12:31 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-05-28 01:56 - 2013-01-22 17:47 - 00000324 ____A C:\Users\Demens\Desktop\Offense.txt
    2013-05-27 20:55 - 2013-05-27 20:54 - 00000000 ____D C:\Windows\rescache
    2013-05-24 13:03 - 2011-07-23 16:01 - 00059296 ____A C:\Users\Demens\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-05-24 13:02 - 2009-07-14 07:45 - 00269960 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-05-20 14:38 - 2013-05-11 20:26 - 00000000 ____D C:\Users\Demens\AppData\Roaming\Windows Live Writer
    2013-05-18 20:36 - 2013-05-18 20:36 - 00004687 ____A C:\Users\Demens\.recently-used.xbel
    2013-05-18 20:36 - 2011-07-26 17:32 - 00000000 ____D C:\Users\Demens\AppData\Roaming\gtk-2.0
    2013-05-18 20:36 - 2011-07-26 17:29 - 00000000 ____D C:\Users\Demens\.gimp-2.6
    2013-05-18 18:00 - 2012-02-08 01:01 - 00000000 ____D C:\Users\Demens\AppData\Local\Mozilla
    2013-05-17 01:34 - 2011-07-23 23:16 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-05-14 22:40 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\System32\NDF
    2013-05-13 00:42 - 2013-06-03 21:03 - 27775776 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 21096736 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 15910736 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 15143904 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 13403168 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 11216160 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
    2013-05-13 00:42 - 2013-06-03 21:03 - 09233688 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 07682960 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 02942240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 02754336 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432018.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432018.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 00550176 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 00518944 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 00443168 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2013-05-13 00:42 - 2013-06-03 21:03 - 00421152 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2013-05-13 00:42 - 2013-05-11 20:06 - 02597344 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2013-05-13 00:42 - 2012-10-20 01:11 - 00020536 ____A C:\Windows\System32\nvinfo.pb
    2013-05-13 00:42 - 2011-05-26 16:52 - 12426216 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2013-05-13 00:42 - 2011-05-26 16:52 - 02935696 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll

    Files to move or delete:
    ====================
    C:\ProgramData\FullRemove.exe
    C:\Users\Demens\chromeinstall.exe
    C:\Users\Demens\Firefox Setup 20.0.1.exe

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-06-04 05:49

    ==================== End Of Log ============================


    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2013 03
    Ran by Demens at 2013-06-12 16:22:19 Run:
    Running from C:\Users\Demens\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Installed Programs =======================

    3DMark 11 (Version: 1.0.3)
    7-Zip 9.20
    Ad-Aware (Version: 9.0.7)
    Ad-Aware (Version: 9.5.0)
    Adobe Flash Player 10 ActiveX (Version: 10.3.183.7)
    Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
    Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
    Akamai NetSession Interface
    Assassin's Creed Revelations 1.03 (Version: 1.03)
    ASUS AI Recovery (Version: 1.0.13)
    ASUS Data Security Manager (Version: 1.00.0014)
    ASUS LifeFrame3 (Version: 3.0.21)
    ASUS Live Update (Version: 2.5.9)
    ASUS MultiFrame (Version: 1.0.0021)
    ASUS Power4Gear Hybrid (Version: 1.1.42)
    ASUS SmartLogon (Version: 1.0.0008)
    ASUS Splendid Video Enhancement Technology (Version: 1.02.0031)
    ASUS Virtual Camera (Version: 1.0.20)
    AsusVibe2.0 (Version: 2.0.5.103)
    Atheros WLAN and Bluetooth Client Installation Program (Version: 9.0)
    ATK Package (Version: 1.0.0007)
    Battlefield: Bad Company&#8482; 2 (Version: 1.0.0.0)
    Bluetooth Win7 Suite (64) (Version: 7.2.0.45)
    Call of Duty: Modern Warfare 3
    Call of Duty: Modern Warfare 3 - Multiplayer
    CamStudio version 2.7 (Version: 2.7)
    CCleaner (Version: 3.23)
    Conexant HD Audio (Version: 4.127.0.63)
    ControlDeck (Version: 1.0.9)
    CyberLink LabelPrint (Version: 2.5.1908)
    CyberLink Power2Go (Version: 6.1.3602c)
    D3DX10 (Version: 15.4.2368.0902)
    DAEMON Tools Lite (Version: 4.41.3.0173)
    DebugMode Wink
    Diablo II
    Diablo III (Version: 1.0.8.16603)
    Diablo.III.Client.Server.Emulator
    DivX Setup (Version: 2.6.1.8)
    Dxtory version 2.0.117 (Version: 2.0.117)
    Elven Legacy (Version: 1.0.9.0)
    e-Sword (Version: 9.09.0001)
    ETDWare PS/2-x64 7.0.5.10_WHQL (Version: 7.0.5.10)
    Fast Boot (Version: 1.0.8)
    Fotogalleri (Version: 16.4.3505.0912)
    Fotogalleriet (Version: 16.4.3505.0912)
    Free Screen Recorder v2.9 (Version: 2.9)
    Free Screen To Video V 2.0 (Version: 2.0.0.0)
    Freecorder 6 (Version: 2.1.10)
    Freecorder 6 Applications (6.0.0.45) (Version: 6.0.0.45)
    Freecorder 6 extension for Chrome (Version: 2.1.9)
    Futuremark SystemInfo (Version: 4.12.0)
    GameSpy Arcade
    GIMP 2.6.11 (Version: 2.6.11)
    Google Chrome (Version: 14.0.835.187)
    Google Chrome (Version: 27.0.1453.110)
    Google Toolbar for Internet Explorer (Version: 1.0.0)
    Google Update Helper (Version: 1.3.21.69)
    Guild Wars 2
    HD Tach version 3
    Hellgate: London (Version: 1.10.180.3416)
    Heroes of Might and Magic IV
    HyperCam 2 (Version: 2.25.01)
    Intel(R) Control Center (Version: 1.2.1.1007)
    Intel(R) Management Engine Components (Version: 6.0.0.1179)
    Intel(R) Rapid Storage Technology (Version: 10.5.0.1026)
    Intel(R) Turbo Boost Technology Driver (Version: 01.02.00.1002)
    Intel(R) Turbo Boost Technology Monitor (Version: 1.0.400.4)
    Java 7 Update 21 (Version: 7.0.210)
    Java Auto Updater (Version: 2.1.9.5)
    Java(TM) 6 Update 26 (Version: 6.0.260)
    Java(TM) 6 Update 29 (64-bit) (Version: 6.0.290)
    JavaFX 2.1.1 (Version: 2.1.1)
    JMicron Ethernet Adapter NDIS Driver (Version: 6.0.23.4)
    JMicron Flash Media Controller Driver (Version: 1.0.53.5)
    Junk Mail filter update (Version: 16.4.3505.0912)
    K_Series_ScreenSaver_EN
    K-Meleon 1.5.4 en-US (remove only) (Version: 1.5.4)
    League of Legends (Version: 1.3)
    Lightning Warrior Raidy
    Malwarebytes Anti-Malware versio 1.65.1.1000 (Version: 1.65.1.1000)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft .NET Framework 4 Client Profile FIN Language Pack (Version: 4.0.30319)
    Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (Version: 4.0.30319)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
    Microsoft .NET Framework 4 Extended FIN Language Pack (Version: 4.0.30319)
    Microsoft .NET Framework 4 Extendedin suomen kielipaketti (Version: 4.0.30319)
    Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
    Microsoft Application Error Reporting (Version: 12.0.6012.5000)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000)
    Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
    Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
    Microsoft Help Viewer 1.1 (Version: 1.1.40219)
    Microsoft Office 2010 (Version: 14.0.4763.1000)
    Microsoft Office Starter 2010 - suomi (Version: 14.0.4763.1007)
    Microsoft Officen pika-asennus 2010 (Version: 14.0.4763.1007)
    Microsoft Security Client (Version: 4.2.0223.1)
    Microsoft Security Essentials (Version: 4.2.223.1)
    Microsoft Silverlight (Version: 5.1.20125.0)
    Microsoft SkyDrive (Version: 16.4.6013.0910)
    Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
    Microsoft SQL Server 2008 (64-bit)
    Microsoft SQL Server 2008 Browser (Version: 10.3.5500.0)
    Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0)
    Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0)
    Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0)
    Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
    Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
    Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0)
    Microsoft SQL Server 2008 Setup Support Files (Version: 10.3.5500.0)
    Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
    Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
    Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
    Microsoft Windows XP Video Decoder Checkup Utility
    Microsoft Visual C# 2010 Express - ENU (Version: 10.0.40219)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219)
    Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FIN (Version: 10.0.40303)
    Microsoft Visual Studio 2010 Tools for Office Runtimen (x64) kielipaketti - FIN (Version: 10.0.40303)
    Mobile Broadband HL Service (Version: 22.001.10.00.03)
    Movie Maker (Version: 16.4.3505.0912)
    Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
    Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
    Mozilla Maintenance Service (Version: 24.0a1)
    MSVCRT (Version: 15.4.2862.0708)
    MSVCRT_amd64 (Version: 15.4.2862.0708)
    MSVCRT110 (Version: 16.4.1108.0727)
    MSVCRT110_amd64 (Version: 16.4.1109.0912)
    MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
    MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
    MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
    NB Probe
    Net4Switch (Version: 1.00.0020)
    Nightly 24.0a1 (x86 en-US) (Version: 24.0a1)
    Nokia PC Internet Access (Version: 2.0.1.3)
    Norton Safe Web Lite (Version: 2.0.0.17)
    Nuance PDF Reader (Version: 6.00.0041)
    NVIDIA 3D Vision -ohjain 320.18 (Version: 320.18)
    NVIDIA GeForce Experience 1.5 (Version: 1.5)
    NVIDIA Grafiikkaohjain 320.18 (Version: 320.18)
    NVIDIA HD-ääniohjain 1.3.24.2 (Version: 1.3.24.2)
    NVIDIA Install Application (Version: 2.1002.124.810)
    NVIDIA PhysX (Version: 9.12.1031)
    NVIDIA PhysX-järjestelmäohjelmisto 9.12.1031 (Version: 9.12.1031)
    NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2018)
    NVIDIA Update Components (Version: 4.11.9)
    NVIDIA-ohjauspaneeli 320.18 (Version: 320.18)
    NVIDIA-päivitykset 4.11.9 (Version: 4.11.9)
    Oracle VM VirtualBox 4.1.12 (Version: 4.1.12)
    Pando Media Booster (Version: 2.3.6.0)
    Photo Common (Version: 16.4.3505.0912)
    Photo Gallery (Version: 16.4.3505.0912)
    PlanetSide 2 (Version: 1.0.3.183)
    Pokemon Black & White PC [Hyperdrive25]
    ProtectDisc Driver, Version 11 (Version: 11.0.0.14)
    PunkBuster Services (Version: 0.991)
    Racket v5.2.1 (i386) (Version: 5.2.1)
    Revo Uninstaller 1.92 (Version: 1.92)
    RIFT (Version: 1.0.0)
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0)
    Skype Click to Call (Version: 6.2.10687)
    Skype&#8482; 6.1 (Version: 6.1.129)
    Smart Technology Programming Software 7.0.12.11 (Version: 7.0.12.11)
    Speccy (Version: 1.18)
    SpeedFan (remove only)
    Spybot - Search & Destroy (Version: 1.6.2)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0)
    Steam (Version: 1.0.0.0)
    swMSM (Version: 12.0.0.1)
    syncables desktop SE (Version: 5.5.746.11492)
    System Requirements Lab
    System.Data.SQLite v1.0.79.0 (Version: 1.0.79.0)
    The Elder Scrolls V: Skyrim
    Ubisoft Game Launcher (Version: 1.0.0.0)
    Unity Web Player (Version: )
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
    USB 2.0 VGA UVC WebCam
    Valokuvavalikoima (Version: 16.4.3505.0912)
    Warframe (Version: 1.0.0)
    Warsong
    VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
    Ventrilo Client for Windows x64 (Version: 3.0.8.0)
    Veoh Web Player (Version: 1.1.2.0000)
    Windows Live Communications Platform (Version: 16.4.3505.0912)
    Windows Live Device Integrator (Version: 1.0.104.0)
    Windows Live Essentials (Version: 15.4.3502.0922)
    Windows Live Essentials (Version: 16.4.3505.0912)
    Windows Live Family Safety (Version: 15.4.3555.0308)
    Windows Live Family Safety (Version: 16.4.3505.0912)
    Windows Live Fotogalleri (Version: 15.4.3502.0922)
    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
    Windows Live Installer (Version: 16.4.3505.0912)
    Windows Live Mail (Version: 15.4.3502.0922)
    Windows Live Mail (Version: 16.4.3505.0912)
    Windows Live Messenger (Version: 15.4.3538.0513)
    Windows Live Messenger (Version: 16.4.3505.0912)
    Windows Live MIME IFilter (Version: 16.4.3505.0912)
    Windows Live Movie Maker (Version: 15.4.3502.0922)
    Windows Live Photo Common (Version: 15.4.3502.0922)
    Windows Live Photo Common (Version: 16.4.3505.0912)
    Windows Live PIMT Platform (Version: 16.4.3505.0912)
    Windows Live SOXE (Version: 16.4.3505.0912)
    Windows Live SOXE Definitions (Version: 16.4.3505.0912)
    Windows Live UX Platform (Version: 16.4.3505.0912)
    Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
    Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
    Windows Live Writer (Version: 15.4.3502.0922)
    Windows Live Writer (Version: 16.4.3505.0912)
    Windows Live Writer Resources (Version: 15.4.3502.0922)
    Windows Live Writer Resources (Version: 16.4.3505.0912)
    Windows Liven peruspaketti (Version: 16.4.3505.0912)
    Windows Liven sähköposti (Version: 16.4.3505.0912)
    WinFlash (Version: 2.31.1)
    WinPcap 4.1.2 (Version: 4.1.0.2001)
    WinRAR 4.01 (64-bit) (Version: 4.01.0)
    Wireless Console 3 (Version: 3.0.19)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
    VLC media player 1.1.11 (Version: 1.1.11)
    World of Warcraft (Version: 5.3.0.16992)
    Vuze (Version: 5.0.0.0)
    XviD Video Codec (remove only)
    ZD Soft Screen Recorder 4.1.3.0 (Version: 4.1.3.0)

    ==================== Restore Points =========================

    03-06-2013 14:33:27 Installed DirectX
    05-06-2013 20:42:36 Windows Update
    08-06-2013 21:02:44 Windows Update
    10-06-2013 14:16:42 Windows Update

    ==================== Hosts content: ==========================
    # Copyright (c) 1993-2009 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com # source server
    # 38.25.63.10 x.acme.com # x client host

    # localhost name resolution is handled within DNS itself.
    # #
    # Start of entries inserted by Spybot - Search & Destroy
    # This list is Copyright 2000-2008 Safer Networking Limited
    # End of entries inserted by Spybot - Search & Destroy

    # 127.0.0.1 localhost
    127.0.0.1 en.actual.battle.net
    127.0.0.1 us.actual.battle.net
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com

    There are more than 1000 lines starting with "127.0.0.1"


    ==================== Faulty Device Manager Devices =============

    Name: MpKslac681a06
    Description: MpKslac681a06
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: MpKslac681a06
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Bluetooth-laite (henkilökohtainen verkko)
    Description: Bluetooth-laite (henkilökohtainen verkko)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: BthPan
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Norton Safe Web Lite Settings Manager
    Description: Norton Safe Web Lite Settings Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ccSet_NST
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: VirtualBox Host-Only Ethernet Adapter
    Description: VirtualBox Host-Only Ethernet Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Oracle Corporation
    Service: VBoxNetAdp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/12/2013 01:35:27 PM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    (Stream product id=0x0066): Streaming Failed

    Error: (06/12/2013 01:34:10 PM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    Too many failures while downloading ranges: 2

    Error: (06/12/2013 06:54:01 AM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    (Stream product id=0x0066): Streaming Failed

    Error: (06/12/2013 06:52:14 AM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    Too many failures while downloading ranges: 2

    Error: (06/11/2013 10:19:50 PM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    (Stream product id=0x0066): Streaming Failed

    Error: (06/11/2013 10:18:05 PM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    Too many failures while downloading ranges: 2

    Error: (06/11/2013 10:15:30 PM) (Source: MsiInstaller) (User: NT-HALLINTA)
    Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (06/11/2013 02:34:18 PM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    (Stream product id=0x0066): Streaming Failed

    Error: (06/11/2013 02:31:17 PM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    Too many failures while downloading ranges: 2

    Error: (06/10/2013 05:16:26 PM) (Source: CVHSVC) (User: )
    Description: Vain tietoja.
    (Stream product id=0x0066): Streaming Failed


    System errors:
    =============
    Error: (06/12/2013 01:29:44 PM) (Source: Service Control Manager) (User: )
    Description: Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut:
    ccSet_NST

    Error: (06/12/2013 01:29:41 PM) (Source: Service Control Manager) (User: )
    Description: Palvelua SBSD Security Center Service ei voi käynnistää. Virhekoodi on
    %%1053

    Error: (06/12/2013 01:29:41 PM) (Source: Service Control Manager) (User: )
    Description: Aikakatkaisu (30000 millisekuntia) odotettaessa SBSD Security Center Service-palvelun yhteyden muodostusta.

    Error: (06/12/2013 01:27:59 PM) (Source: EventLog) (User: )
    Description: Edellinen järjestelmän sammutus (7:43:11, ?12.?6.?2013) oli odottamaton.

    Error: (06/12/2013 06:49:29 AM) (Source: Service Control Manager) (User: )
    Description: Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut:
    ccSet_NST

    Error: (06/11/2013 10:14:24 PM) (Source: Service Control Manager) (User: )
    Description: Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut:
    ccSet_NST

    Error: (06/11/2013 02:29:21 PM) (Source: Service Control Manager) (User: )
    Description: Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut:
    ccSet_NST

    Error: (06/10/2013 05:07:19 PM) (Source: Service Control Manager) (User: )
    Description: Seuraava käynnistys- tai järjestelmäkäynnistysohjain ei latautunut:
    ccSet_NST

    Error: (06/10/2013 05:07:17 PM) (Source: Service Control Manager) (User: )
    Description: Palvelua SBSD Security Center Service ei voi käynnistää. Virhekoodi on
    %%1053

    Error: (06/10/2013 05:07:17 PM) (Source: Service Control Manager) (User: )
    Description: Aikakatkaisu (30000 millisekuntia) odotettaessa SBSD Security Center Service-palvelun yhteyden muodostusta.


    Microsoft Office Sessions:
    =========================
    Error: (06/12/2013 01:35:27 PM) (Source: CVHSVC)(User: )
    Description: (Stream product id=0x0066): Streaming Failed

    Error: (06/12/2013 01:34:10 PM) (Source: CVHSVC)(User: )
    Description: Too many failures while downloading ranges: 2

    Error: (06/12/2013 06:54:01 AM) (Source: CVHSVC)(User: )
    Description: (Stream product id=0x0066): Streaming Failed

    Error: (06/12/2013 06:52:14 AM) (Source: CVHSVC)(User: )
    Description: Too many failures while downloading ranges: 2

    Error: (06/11/2013 10:19:50 PM) (Source: CVHSVC)(User: )
    Description: (Stream product id=0x0066): Streaming Failed

    Error: (06/11/2013 10:18:05 PM) (Source: CVHSVC)(User: )
    Description: Too many failures while downloading ranges: 2

    Error: (06/11/2013 10:15:30 PM) (Source: MsiInstaller)(User: NT-HALLINTA)
    Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (06/11/2013 02:34:18 PM) (Source: CVHSVC)(User: )
    Description: (Stream product id=0x0066): Streaming Failed

    Error: (06/11/2013 02:31:17 PM) (Source: CVHSVC)(User: )
    Description: Too many failures while downloading ranges: 2

    Error: (06/10/2013 05:16:26 PM) (Source: CVHSVC)(User: )
    Description: (Stream product id=0x0066): Streaming Failed


    ==================== Memory info ===========================

    Percentage of memory in use: 57%
    Total physical RAM: 3948.54 MB
    Available physical RAM: 1682.66 MB
    Total Pagefile: 7895.25 MB
    Available Pagefile: 5143.71 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:6.72 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
    Drive d: (DATA) (Fixed) (Total:327.83 GB) (Free:19.14 GB) NTFS (Disk=0 Partition=3)

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 98B324F9)
    Partition 1: (Not Active) - (Size=21 GB) - (Type=1C)
    Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=328 GB) - (Type=OF Extended)

    ==================== End Of Log ============================
     
  9. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    You have two Ant Virus programs on your system. This is prone to cause conflicts and reduce performance and surprisingly it can also reduce your security levels.

    Lavasoft Adaware is not a recommended program and I would advise you to remove it. Follow this short guide to remove Adaware: How to Uninstall Ad-Aware

    I would also advise you replace Spybot S&D with one of these: Go Here or Here for Anti Spyware.

    You should open Task Manager and stop the Teatimer.exe process from running before uninstalling Spybot S&D

    ==============================================================

    Only after performing the above changes please run the Farbar Recovery Scan Tool again and Copy & Paste the new log into your next reply. It will only produce one log on its second run.

    ==============================================================

    There is a process shown to be causing errors which I am not sure of due to the foreign name. What can you tell me about Vain tietoja

    ==============================================================

    You appear to have a Proxy server set up, I just need to know if you did this yourself as it could be a sign of an infection.

    ==============================================================

    Please run these two scans to check for other possible problems.

    SCAN 1
    Click on this link to download : ADWCleaner and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post. If the log does not appear you should find it on your C: drive, using Windows Explorer, as ADWCleaner[S1].

    [​IMG]



    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.

    • Quit all running programs.
    • Start RogueKiller.exe by double clicking on the icon.
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]
     
  10. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    Vain tietoja = Only information. Might also be "only data".
    Shouldn't have a proxy server. Yeah I did use one for a while, but changed it back to "automatically look for settings".
    Going to get back with the other things in a bit
     
  11. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    # AdwCleaner v2.303 - Logfile created 06/13/2013 at 23:41:09
    # Updated 08/06/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Demens - DEMENS-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Demens\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\END
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
    File Deleted : C:\user.js
    Folder Deleted : C:\ProgramData\Browser Manager
    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\Users\Demens\AppData\LocalLow\boost_interprocess
    Folder Deleted : C:\Users\Demens\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\Demens\AppData\Roaming\registry mechanic

    ***** [Registry] *****

    Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\22565~1.25\{16cdf~1\browse~1.dll
    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKCU\Software\BrowserMngr
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\DataMngr
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKLM\Software\BrowserMngr
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808.3
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808.1
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Key Deleted : HKLM\Software\DataMngr
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_veoh_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_veoh_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
    Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Registry is clean.

    -\\ Mozilla Firefox v20.0.1 (en-US)

    File : C:\Users\Demens\AppData\Roaming\Mozilla\Firefox\Profiles\lolksnep.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v27.0.1453.110

    File : C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [9940 octets] - [13/06/2013 23:41:09]

    ########## EOF - C:\AdwCleaner[S1].txt - [10000 octets] ##########
     
  12. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Demens [Admin rights]
    Mode : Scan -- Date : 06/13/2013 23:51:09
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 5 ¤¤¤
    [RUN][SUSP PATH] HKCU\[...]\Run : SaitekInstall ("C:\Windows\temp\MadCatz\Range_RAT7_SD7_64_Drivers\00000000\setup.exe" -S3 -R -WEB) [x] -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-2842967881-966451212-12483017-1000[...]\Run : SaitekInstall ("C:\Windows\temp\MadCatz\Range_RAT7_SD7_64_Drivers\00000000\setup.exe" -S3 -R -WEB) [x] -> FOUND
    [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (81.209.27.28:80) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 en.actual.battle.net
    127.0.0.1 us.actual.battle.net
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    [...]


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: ST9500325AS +++++
    --- User ---
    [MBR] 98b2113ef826f5b18be4789def9be224
    [BSP] 3d08166b18bfc7a96b227f534e974f6f : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062325 | Size: 119232 Mo
    2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 289251328 | Size: 335703 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1]_S_06132013_02d2351.txt >>
    RKreport[1]_S_06132013_02d2351.txt
     
  13. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    hmmh... that proxy server it detected is the exact same I have in my Internet-Settings, but "use a proxy server" isn't checked. So it shouldn't be in use, as far as I know.
    By the way, that SaitekInstall Madcatz thing one of the scans detected is not a malware. It's a program used to pimp my mouse ^^. Just posting this here to make sure, since sometimes people have suspected it of that.
     
  14. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2013 03
    Ran by Demens (administrator) on 14-06-2013 00:04:13
    Running from C:\Users\Demens\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: 040B
    Internet Explorer Version 9
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    (Akamai Technologies, Inc.) C:\Users\Demens\AppData\Local\Akamai\netsession_win.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    (Google Inc.) C:\Users\Demens\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Akamai Technologies, Inc.) C:\Users\Demens\AppData\Local\Akamai\netsession_win.exe
    (asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
    HKLM\...\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe [310272 2011-11-09] (Saitek)
    HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
    HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
    HKCU\...\Run: [SaitekInstall] "C:\Windows\temp\MadCatz\Range_RAT7_SD7_64_Drivers\00000000\setup.exe" -S3 -R -WEB [x]
    HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [4910912 2011-08-02] (DT Soft Ltd)
    HKCU\...\Run: [Google Update] "C:\Users\Demens\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-07] (Google Inc.)
    HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18705664 2013-01-08] (Skype Technologies S.A.)
    HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\Demens\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
    MountPoints2: {4b141d43-c26d-11e0-b01b-e0b9a5c58f63} - F:\SETUP.EXE
    MountPoints2: {8685b6f7-733b-11e1-ba7e-f46d044d53a2} - H:\setup.exe
    MountPoints2: {b2f4072c-bdeb-11e0-bcbc-e0b9a5c58f63} - G:\Setup.exe
    MountPoints2: {e07bcb50-1e8c-11e2-9847-806e6f6e6963} - J:\AutoRun.exe
    MountPoints2: {e07bcba6-1e8c-11e2-9847-f46d044d53a2} - J:\AutoRun.exe
    HKLM-x32\...\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
    BootExecute: autocheck autochk * lsdelete

    ==================== Internet (Whitelisted) ====================

    ProxyServer: 81.209.27.28:80
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fi/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
    URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    BHO-x32: Microsoft-tilin kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
    BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM-x32 - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Freecorder 6 - {6B34ACCF-1B63-4E1A-8633-461917C75544} - C:\Program Files (x86)\Freecorder 6\tbcore3.dll ()
    Toolbar: HKCU - No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
    DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 62.241.198.245 62.241.198.246

    FireFox:
    ========
    FF ProfilePath: C:\Users\Demens\AppData\Roaming\Mozilla\Firefox\Profiles\lolksnep.default
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

    Chrome:
    =======
    CHR HomePage: hxxp://asus.msn.com/
    CHR RestoreOnStartup: "hxxp://www.google.fi/"
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\Demens\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Demens\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Users\Demens\AppData\Local\Google\Chrome\Application\27.0.1453.110\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    CHR Plugin: (Google Update) - C:\Users\Demens\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
    CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    CHR Extension: (YouTube) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Google Search) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (YouTube to MP3) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajdnhmdgikmjbcggoihnbmnnkbmljlg\0.0.3_0
    CHR Extension: (Freecorder 6) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhilgpnlmgniclikjhefmadegchepcg\2.1.9_0
    CHR Extension: (One Piece: Monkey D. Luffy (1920x1200)) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\egombopaikoeelblebkkilbmgpdofcio\1.0.1_0
    CHR Extension: (APNG) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehkepjiconegkhpodgoaeamnpckdbblp\2.0.4_0
    CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
    CHR Extension: (Gmail) - C:\Users\Demens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

    ==================== Services (Whitelisted) =================

    S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [151552 2010-05-25] (Atheros)
    S4 AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [52896 2010-11-26] (Atheros Commnucations)
    S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [230240 2012-12-23] ()
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
    R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
    R2 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
    R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-10-11] ()
    S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
    S4 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
    S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
    S3 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [x]

    ==================== Drivers (Whitelisted) ====================

    S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.011\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-08-03] (DT Soft Ltd)
    R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
    R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
    S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
    R3 SaiK0CCB; C:\Windows\System32\DRIVERS\SaiK0CCB.sys [180544 2012-09-20] (Saitek)
    R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24640 2011-11-10] (Saitek)
    R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52160 2011-11-10] (Saitek)
    R3 SaiU0CCB; C:\Windows\System32\DRIVERS\SaiU0CCB.sys [47168 2012-09-20] (Saitek)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-03-21] ()
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [15712 2013-04-13] ()
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
    U3 ai92a2hc; C:\Windows\System32\Drivers\ai92a2hc.sys [0 ] (Microsoft Corporation)
    S3 ipswuio; System32\DRIVERS\ipswuio.sys [x]
    S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-06-13 23:51 - 2013-06-13 23:51 - 00002393 ____A C:\Users\Demens\Desktop\RKreport[1]_S_06132013_02d2351.txt
    2013-06-13 23:48 - 2013-06-13 23:51 - 00000000 ____D C:\Users\Demens\Desktop\RK_Quarantine
    2013-06-13 23:41 - 2013-06-13 23:41 - 00010034 ____A C:\AdwCleaner[S1].txt
    2013-06-13 23:38 - 2013-06-13 23:39 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2013-06-13 23:38 - 2013-06-13 23:38 - 00001077 ____A C:\Users\Public\Desktop\SpywareBlaster.lnk
    2013-06-13 23:38 - 2013-06-13 23:38 - 00000000 ____D C:\ProgramData\Licenses
    2013-06-13 23:38 - 2009-03-24 12:52 - 00129872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
    2013-06-13 23:34 - 2013-06-13 23:34 - 04095448 ____A (BrightFort LLC ) C:\Users\Demens\Desktop\spywareblastersetup50.exe
    2013-06-13 23:34 - 2013-06-13 23:34 - 00791040 ____A C:\Users\Demens\Desktop\RogueKillerX64.exe
    2013-06-13 23:31 - 2013-06-13 23:31 - 00648201 ____A C:\Users\Demens\Desktop\adwcleaner.exe
    2013-06-13 00:05 - 2013-05-17 07:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-06-13 00:05 - 2013-05-17 06:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-06-13 00:05 - 2013-05-17 06:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-06-13 00:05 - 2013-05-17 06:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-06-13 00:05 - 2013-05-17 06:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-06-13 00:05 - 2013-05-17 06:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-06-13 00:05 - 2013-05-17 06:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-06-13 00:05 - 2013-05-17 05:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-06-13 00:05 - 2013-05-17 05:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-06-13 00:05 - 2013-05-17 05:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-06-13 00:05 - 2013-05-17 05:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-06-13 00:05 - 2013-05-17 05:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-06-13 00:05 - 2013-05-17 05:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-06-13 00:05 - 2013-05-17 05:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-06-13 00:05 - 2013-05-17 05:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-06-13 00:05 - 2013-05-17 05:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-06-13 00:05 - 2013-05-17 02:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-06-13 00:05 - 2013-05-17 01:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-06-13 00:05 - 2013-05-17 01:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-06-13 00:05 - 2013-05-17 01:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-06-13 00:05 - 2013-05-17 01:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-06-13 00:05 - 2013-05-17 01:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-06-13 00:05 - 2013-05-17 01:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-06-13 00:05 - 2013-05-17 01:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-06-13 00:05 - 2013-05-17 01:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-06-13 00:05 - 2013-05-17 01:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-06-13 00:05 - 2013-05-17 01:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-06-13 00:05 - 2013-05-17 01:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-06-13 00:05 - 2013-05-17 01:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-06-13 00:05 - 2013-05-17 01:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-06-13 00:05 - 2013-05-17 01:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-06-13 00:05 - 2013-05-17 01:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-06-12 16:22 - 2013-06-12 16:22 - 00022362 ____A C:\Users\Demens\Desktop\Addition.txt
    2013-06-12 16:20 - 2013-06-12 16:20 - 00000000 ____D C:\FRST
    2013-06-12 16:19 - 2013-06-12 16:19 - 01920250 ____A (Farbar) C:\Users\Demens\Desktop\FRST64.exe
    2013-06-12 13:39 - 2013-05-13 08:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2013-06-12 13:39 - 2013-05-13 08:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2013-06-12 13:39 - 2013-05-13 08:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
    2013-06-12 13:39 - 2013-05-13 08:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
    2013-06-12 13:39 - 2013-05-13 07:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2013-06-12 13:39 - 2013-05-13 07:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2013-06-12 13:39 - 2013-05-13 07:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2013-06-12 13:39 - 2013-05-13 06:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
    2013-06-12 13:39 - 2013-05-13 06:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
    2013-06-12 13:39 - 2013-05-13 06:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
    2013-06-12 13:39 - 2013-05-10 08:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
    2013-06-12 13:39 - 2013-05-10 06:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
    2013-06-12 13:39 - 2013-05-08 09:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-06-12 13:39 - 2013-04-26 08:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
    2013-06-12 13:39 - 2013-04-26 07:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2013-06-10 17:37 - 2013-06-10 17:37 - 00000000 ____D C:\Program Files (x86)\Nightly
    2013-06-07 16:54 - 2013-06-07 16:54 - 00000052 ____A C:\Users\Demens\Desktop\Whine.txt
    2013-06-03 21:12 - 2013-06-03 21:12 - 00000000 ____D C:\Users\Demens\AppData\Local\NVIDIA
    2013-06-03 21:10 - 2013-06-03 21:10 - 00001345 ____A C:\Users\Public\Desktop\GeForce Experience.lnk
    2013-06-03 21:03 - 2013-05-13 00:42 - 27775776 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 21096736 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 15910736 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 15143904 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 13403168 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 11216160 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
    2013-06-03 21:03 - 2013-05-13 00:42 - 09233688 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 07682960 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02942240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02754336 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432018.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432018.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00550176 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00518944 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00443168 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2013-06-03 21:03 - 2013-05-13 00:42 - 00421152 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2013-06-03 21:03 - 2013-02-25 08:27 - 00194848 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
    2013-06-03 21:03 - 2013-02-25 08:27 - 00031520 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
    2013-06-03 17:43 - 2013-06-03 17:43 - 00000000 ____D C:\Users\Demens\AppData\Local\SCE
    2013-06-03 17:32 - 2013-06-03 17:32 - 00000659 ____A C:\Users\Demens\Desktop\PlanetSide 2 PSG.lnk
    2013-05-27 20:54 - 2013-05-27 20:55 - 00000000 ____D C:\Windows\rescache
    2013-05-18 20:36 - 2013-05-18 20:36 - 00004687 ____A C:\Users\Demens\.recently-used.xbel
    2013-05-17 00:42 - 2013-04-10 09:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
    2013-05-17 00:42 - 2013-04-10 09:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
    2013-05-17 00:42 - 2013-04-10 06:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-05-17 00:42 - 2013-03-19 08:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
    2013-05-17 00:42 - 2013-03-19 08:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
    2013-05-17 00:42 - 2013-02-27 09:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
    2013-05-17 00:42 - 2013-02-27 08:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2013-05-17 00:42 - 2013-02-27 08:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
    2013-05-17 00:42 - 2013-02-27 08:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
    2013-05-17 00:42 - 2013-02-27 08:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
    2013-05-17 00:42 - 2013-02-27 07:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2013-05-17 00:42 - 2013-02-27 07:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2013-05-17 00:42 - 2013-02-27 07:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2013-05-17 00:42 - 2011-02-03 14:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll

    ==================== One Month Modified Files and Folders =======

    2013-06-14 00:00 - 2011-05-26 16:20 - 01496989 ____A C:\Windows\WindowsUpdate.log
    2013-06-13 23:51 - 2013-06-13 23:51 - 00002393 ____A C:\Users\Demens\Desktop\RKreport[1]_S_06132013_02d2351.txt
    2013-06-13 23:51 - 2013-06-13 23:48 - 00000000 ____D C:\Users\Demens\Desktop\RK_Quarantine
    2013-06-13 23:51 - 2009-07-14 07:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-06-13 23:51 - 2009-07-14 07:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-06-13 23:49 - 2011-07-23 18:34 - 00000000 ____D C:\Users\Demens\AppData\Roaming\Skype
    2013-06-13 23:43 - 2012-06-28 10:25 - 00044922 ____A C:\Windows\setupact.log
    2013-06-13 23:43 - 2011-05-26 16:53 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-06-13 23:43 - 2011-05-26 16:30 - 00001018 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-06-13 23:43 - 2009-07-14 08:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-06-13 23:42 - 2011-08-24 18:14 - 00241211 ____A C:\aaw7boot.log
    2013-06-13 23:41 - 2013-06-13 23:41 - 00010034 ____A C:\AdwCleaner[S1].txt
    2013-06-13 23:39 - 2013-06-13 23:38 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2013-06-13 23:38 - 2013-06-13 23:38 - 00001077 ____A C:\Users\Public\Desktop\SpywareBlaster.lnk
    2013-06-13 23:38 - 2013-06-13 23:38 - 00000000 ____D C:\ProgramData\Licenses
    2013-06-13 23:37 - 2012-08-17 18:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2013-06-13 23:37 - 2012-08-17 18:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
    2013-06-13 23:34 - 2013-06-13 23:34 - 04095448 ____A (BrightFort LLC ) C:\Users\Demens\Desktop\spywareblastersetup50.exe
    2013-06-13 23:34 - 2013-06-13 23:34 - 00791040 ____A C:\Users\Demens\Desktop\RogueKillerX64.exe
    2013-06-13 23:34 - 2011-05-26 16:30 - 00001022 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-06-13 23:32 - 2012-06-08 13:04 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-06-13 23:31 - 2013-06-13 23:31 - 00648201 ____A C:\Users\Demens\Desktop\adwcleaner.exe
    2013-06-13 23:30 - 2011-08-24 07:57 - 00000000 ____D C:\ProgramData\Lavasoft
    2013-06-13 23:23 - 2011-07-26 00:55 - 00000000 ____D C:\Users\Demens\AppData\Local\Windows Live
    2013-06-13 23:21 - 2011-10-07 12:39 - 00001022 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842967881-966451212-12483017-1000UA.job
    2013-06-13 22:40 - 2011-10-08 03:48 - 00000000 ____D C:\Users\Demens\AppData\Local\PMB Files
    2013-06-13 22:21 - 2011-10-07 12:39 - 00000970 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2842967881-966451212-12483017-1000Core.job
    2013-06-13 21:50 - 2011-10-08 03:48 - 00000000 ____D C:\ProgramData\PMB Files
    2013-06-13 02:00 - 2013-04-20 19:40 - 00000000 ____D C:\Users\Demens\AppData\Local\Warframe
    2013-06-13 00:02 - 2011-07-23 23:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-06-12 16:22 - 2013-06-12 16:22 - 00022362 ____A C:\Users\Demens\Desktop\Addition.txt
    2013-06-12 16:20 - 2013-06-12 16:20 - 00000000 ____D C:\FRST
    2013-06-12 16:19 - 2013-06-12 16:19 - 01920250 ____A (Farbar) C:\Users\Demens\Desktop\FRST64.exe
    2013-06-12 15:35 - 2011-07-23 16:24 - 00000000 ____D C:\Users\Demens\AppData\Roaming\.minecraft
    2013-06-12 13:28 - 2009-07-14 08:08 - 00032606 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2013-06-11 14:27 - 2013-04-02 05:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-06-11 04:04 - 2013-03-03 12:19 - 00000000 ____D C:\Users\Demens\AppData\Local\Akamai
    2013-06-11 04:04 - 2011-07-23 18:32 - 00000000 ___RD C:\Program Files (x86)\Skype
    2013-06-11 04:04 - 2011-05-26 17:02 - 00000000 ____D C:\ProgramData\P4G
    2013-06-11 04:04 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
    2013-06-11 04:03 - 2011-07-23 18:32 - 00000000 ____D C:\ProgramData\Skype
    2013-06-11 03:43 - 2012-05-17 21:43 - 00000000 ____D C:\Users\Demens\AppData\Roaming\Azureus
    2013-06-10 17:37 - 2013-06-10 17:37 - 00000000 ____D C:\Program Files (x86)\Nightly
    2013-06-10 17:06 - 2011-07-23 16:01 - 00000000 ____D C:\users\Demens
    2013-06-08 03:12 - 2011-07-29 16:56 - 00000000 ____D C:\Users\Demens\AppData\Local\CrashDumps
    2013-06-07 16:54 - 2013-06-07 16:54 - 00000052 ____A C:\Users\Demens\Desktop\Whine.txt
    2013-06-05 13:45 - 2012-05-26 20:47 - 00009186 ____A C:\Windows\PFRO.log
    2013-06-03 21:12 - 2013-06-03 21:12 - 00000000 ____D C:\Users\Demens\AppData\Local\NVIDIA
    2013-06-03 21:10 - 2013-06-03 21:10 - 00001345 ____A C:\Users\Public\Desktop\GeForce Experience.lnk
    2013-06-03 21:10 - 2011-10-28 16:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2013-06-03 21:08 - 2011-05-26 16:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2013-06-03 17:43 - 2013-06-03 17:43 - 00000000 ____D C:\Users\Demens\AppData\Local\SCE
    2013-06-03 17:32 - 2013-06-03 17:32 - 00000659 ____A C:\Users\Demens\Desktop\PlanetSide 2 PSG.lnk
    2013-06-03 13:45 - 2009-08-04 14:04 - 00557682 ____A C:\Windows\System32\perfh00B.dat
    2013-06-03 13:45 - 2009-08-04 14:04 - 00129612 ____A C:\Windows\System32\perfc00B.dat
    2013-06-03 13:45 - 2009-07-14 08:13 - 01567366 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-05-31 11:50 - 2012-08-20 22:52 - 00001846 ____A C:\Users\Public\Desktop\Vuze.lnk
    2013-05-31 11:50 - 2012-05-17 21:42 - 00000000 ____D C:\Program Files (x86)\Vuze
    2013-05-28 16:08 - 2012-08-27 12:24 - 00000000 ____D C:\ProgramData\Adobe
    2013-05-28 16:08 - 2012-06-08 13:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-05-28 16:08 - 2011-08-28 12:31 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-05-28 01:56 - 2013-01-22 17:47 - 00000324 ____A C:\Users\Demens\Desktop\Offense.txt
    2013-05-27 20:55 - 2013-05-27 20:54 - 00000000 ____D C:\Windows\rescache
    2013-05-24 13:03 - 2011-07-23 16:01 - 00059296 ____A C:\Users\Demens\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-05-24 13:02 - 2009-07-14 07:45 - 00269960 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-05-20 14:38 - 2013-05-11 20:26 - 00000000 ____D C:\Users\Demens\AppData\Roaming\Windows Live Writer
    2013-05-18 20:36 - 2013-05-18 20:36 - 00004687 ____A C:\Users\Demens\.recently-used.xbel
    2013-05-18 20:36 - 2011-07-26 17:32 - 00000000 ____D C:\Users\Demens\AppData\Roaming\gtk-2.0
    2013-05-18 20:36 - 2011-07-26 17:29 - 00000000 ____D C:\Users\Demens\.gimp-2.6
    2013-05-18 18:00 - 2012-02-08 01:01 - 00000000 ____D C:\Users\Demens\AppData\Local\Mozilla
    2013-05-17 07:05 - 2013-06-13 00:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-05-17 06:27 - 2013-06-13 00:05 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-05-17 06:09 - 2013-06-13 00:05 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-05-17 06:02 - 2013-06-13 00:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-05-17 06:02 - 2013-06-13 00:05 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-05-17 06:01 - 2013-06-13 00:05 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-05-17 06:00 - 2013-06-13 00:05 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-05-17 05:58 - 2013-06-13 00:05 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-05-17 05:56 - 2013-06-13 00:05 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-05-17 05:56 - 2013-06-13 00:05 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-05-17 05:55 - 2013-06-13 00:05 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-05-17 05:54 - 2013-06-13 00:05 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-05-17 05:53 - 2013-06-13 00:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-05-17 05:51 - 2013-06-13 00:05 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-05-17 05:51 - 2013-06-13 00:05 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-05-17 05:46 - 2013-06-13 00:05 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-05-17 02:08 - 2013-06-13 00:05 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-05-17 01:49 - 2013-06-13 00:05 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-05-17 01:39 - 2013-06-13 00:05 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-05-17 01:28 - 2013-06-13 00:05 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-05-17 01:28 - 2013-06-13 00:05 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-05-17 01:27 - 2013-06-13 00:05 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-05-17 01:26 - 2013-06-13 00:05 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-05-17 01:23 - 2013-06-13 00:05 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-05-17 01:21 - 2013-06-13 00:05 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-05-17 01:21 - 2013-06-13 00:05 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-05-17 01:20 - 2013-06-13 00:05 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-05-17 01:19 - 2013-06-13 00:05 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-05-17 01:17 - 2013-06-13 00:05 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-05-17 01:17 - 2013-06-13 00:05 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-05-17 01:16 - 2013-06-13 00:05 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-05-17 01:12 - 2013-06-13 00:05 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

    Files to move or delete:
    ====================
    C:\ProgramData\FullRemove.exe
    C:\Users\Demens\chromeinstall.exe
    C:\Users\Demens\Firefox Setup 20.0.1.exe

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-06-04 05:49

    ==================== End Of Log ============================
     
  15. Newbienumbernine

    Newbienumbernine Thread Starter

    Joined:
    Jun 12, 2013
    Messages:
    14
    I see it says Lavasoft, Norton and Spybot S&D have some leftover files at C:/Programdata. Would it be safe to remove those (applications have been uninstalled)? Asking since that folder is not visible by default and only reachable by typing "c:\programdata" and enter.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1101058

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice