Solved No program is running but something like radio is playing through my speakers

[Hoori]

When I started my laptop yesterday, some audio started to play without any program running on my computer. I looked to see if I can find a solution on the net and I ended up here. I downloaded the latest version of hijackthis and followed the instructions on this site to save a log. Attached is my HJT logfile. Would you guys please help me find out what's wrong?

Thanks in advance.

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Hoori]

Thank you. I ran MBAM and this is the log-file:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.01.02

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Fujitsu :: FUJITSU-PC [administrator]

Protection: Disabled

1/1/2014 2:14:36 AM
mbam-log-2014-01-01 (02-14-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236997
Time elapsed: 7 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 12
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\IEHelperv250.WeCareReminder.1 (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\IEHelperv250.WeCareReminder (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} (PUP.Optional.InstantSavings) -> Quarantined and deleted successfully.
HKCR\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{6ED0A312-78F5-493C-A90C-5DAF321D0BF8} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{B3201ABA-7CDE-4C8D-A28D-4316427BD6D1} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\Interface\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{B60591CD-AA25-4261-B05A-77826471C0A3} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Search Protection (PUP.Optional.SearchProtection.A) -> Data: C:\ProgramData\Search Protection\SearchProtection.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\ProgramData\WeCareReminder (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.

Files Detected: 13
C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\ReminderHelper.exe (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\WCAutoUpdate.exe (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Users\Fujitsu\AppData\Local\Temp\Setup.exe (Adware.BetterSurf) -> Quarantined and deleted successfully.
C:\Users\Fujitsu\Downloads\7zip_bimo.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Windows\Installer\b8a174.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\MerchantHash.json (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\cleanwateraction.bmp (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\IEHelperv2.5.0PS.dll (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\IEMenuItem.dll (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\IEMenuItemPS.dll (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\IEToolMenuDisable.exe (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\wecarereminderro.crx (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.

(end)

 

[Hoori]

This is the DDS.txt content:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16385
Run by Fujitsu at 2:32:16 on 2014-01-01
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3952.1022 [GMT -8:00]
.
AV: ESET Smart Security 6.0 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe
C:\Program Files (x86)\MyPC Backup\BackupStack.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Surf Canyon\scbhmon.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ooVoo\ooVoo.exe
C:\Users\Fujitsu\AppData\Roaming\SkypEmoticons\SE.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\Surf Canyon\SurfCanyonDesktop.exe
C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20131253,20029,0,85,6944
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Fast Search: {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\ooVoo.exe /minimized
uRun: [se] "C:\Users\Fujitsu\AppData\Roaming\SkypEmoticons\SE.exe" /minimized
mRun: [DeskUpdateNotifier] "C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe"
mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SurfCanyonDesktop] C:\Program Files (x86)\Surf Canyon\SurfCanyonDesktop.exe
mRun: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
StartupFolder: C:\Users\Fujitsu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.1.1 71.242.0.12
TCP: Interfaces\{46CCE01D-EBBA-48C7-A6A0-64483FFB7990} : DHCPNameServer = 192.168.1.1 71.242.0.12
TCP: Interfaces\{46CCE01D-EBBA-48C7-A6A0-64483FFB7990}\24D463332377D2334364836323 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{46CCE01D-EBBA-48C7-A6A0-64483FFB7990}\3597D60786F6E697 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{46CCE01D-EBBA-48C7-A6A0-64483FFB7990}\44D2C496E6B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{46CCE01D-EBBA-48C7-A6A0-64483FFB7990}\8416464696A756C6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{46CCE01D-EBBA-48C7-A6A0-64483FFB7990}\84838364A4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{46CCE01D-EBBA-48C7-A6A0-64483FFB7990}\D616D616E6 : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll c:\progra~3\keepnb~1\keepnb~1.dll IESearchPlugin32.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Instant Savings App BHO: {6EB4A4C0-6036-4D2E-B010-20707C4B62E8} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-Run: [LoadFUJ02E3] "C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe"
x64-Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
x64-Run: [LoadFujitsuQuickTouch] "C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe"
x64-Run: [LoadBtnHnd] "C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe"
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 54.225.95.126 ckdjndgfgjaglgcnllemofeepjeeaofa
Hosts: 54.225.95.126 achhmapmjlcjlomcbmbicbgkihghgnie
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,205,0_0,StartPage,20131253,20031,0,85,0
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20131253,20030,0,85,0
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-11-14 00:30; xz123@ya456.com; C:\Program Files (x86)\BetterSurf\ff
FF - ExtSQL: 2013-11-25 09:18; 12x3q@3244516.com; C:\Program Files (x86)\Better-Surf\ff
FF - ExtSQL: 2013-12-09 19:42; ext@bettersurfplus.com; C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
.
---- FIREFOX POLICIES ----
.
FF - user.js: extentions.webcake.installId - f67053c4-232a-46e4-a60f-0358aa501a27
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 1e6620db0000000000009c4e36a99a05
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15992
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.618:40:25
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=122173&tsp=5035
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2013-2-20 58416]
R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\drivers\FBIOSDRV.sys [2009-6-24 21104]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-6 16152]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-8-3 28992]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-2-20 213416]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2013-1-10 59440]
R2 a6bb4a82;KeepnBrowse;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-1-20 76448]
R2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-7-1 32808]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2013-8-3 225280]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-3-21 1341664]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-1 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-1 701512]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-8-4 1922600]
R2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2011-12-22 2213376]
R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2013-8-3 63856]
R2 scbhmon;Extension Security Monitor Service;C:\Program Files (x86)\Surf Canyon\scbhmon.exe [2013-10-7 25960]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-1-27 381248]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-31 363800]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-1-20 36000]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-8-3 134696]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-1-20 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-1-20 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-1-20 201376]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-1-20 154272]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2013-8-3 620584]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-8-3 39976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-5 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-6 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-6 787736]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-1 25928]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-10-31 215552]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-8-3 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FUJ02E3Service;FUJ02E3Service;C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [2011-11-23 76104]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-1-20 51872]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-1-20 55456]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-1-20 279200]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\System32\drivers\fuj02e3.sys [2006-11-1 7296]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
.
=============== Created Last 30 ================
.
2014-01-01 10:13:31 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-01 10:13:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 10:02:25 -------- d-----w- C:\Users\Fujitsu\AppData\Local\ElevatedDiagnostics
2014-01-01 00:45:36 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\Fighters
2014-01-01 00:45:07 -------- d-----w- C:\ProgramData\Fighters
2014-01-01 00:45:07 -------- d-----w- C:\Program Files\Fighters
2014-01-01 00:45:07 -------- d-----w- C:\Program Files (x86)\Fighters
2014-01-01 00:44:28 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\FileAssociationManager
2014-01-01 00:44:28 -------- d-----w- C:\Program Files (x86)\FileAssociationManager
2014-01-01 00:44:22 835656 ----a-w- C:\Windows\SysWow64\WINCTL5.OCX
2014-01-01 00:44:22 499785 ----a-w- C:\Windows\SysWow64\WINUTIL8.DLL
2014-01-01 00:44:22 425984 ----a-w- C:\Windows\SysWow64\WinCMR.dll
2014-01-01 00:44:22 393216 ----a-w- C:\Windows\SysWow64\WINLCTL6.DLL
2014-01-01 00:44:20 -------- d-----w- C:\Program Files (x86)\Winferno
2014-01-01 00:44:05 -------- d-----w- C:\Users\Fujitsu\AppData\Local\SurfCanyon
2014-01-01 00:44:05 -------- d-----w- C:\Users\Fujitsu\AppData\Local\Surf_Canyon
2014-01-01 00:44:05 -------- d-----w- C:\Program Files (x86)\Surf Canyon
2014-01-01 00:43:39 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\modules
2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\js
2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\images
2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\html
2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\css
2013-12-31 21:18:13 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\LavasoftStatistics
2013-12-31 20:45:39 -------- d-----w- C:\ProgramData\BitDefender
2013-12-31 20:29:34 -------- d-----w- C:\Program Files\Lavasoft
2013-12-31 20:28:27 -------- d-----w- C:\Program Files (x86)\Lavasoft
2013-12-29 16:56:47 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\Malwarebytes
2013-12-29 16:56:44 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-28 20:07:03 -------- d-----w- C:\ProgramData\KeepnBrowse
2013-12-10 07:35:54 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CA5F6B96-B861-4CDA-81BA-574814BF4546}\offreg.dll
.
==================== Find3M ====================
.
2013-12-11 06:59:29 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 06:59:29 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 2:34:44.92 ===============

 

[Hoori]

And this is the attach.txt content:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 10/31/2012 9:52:50 PM
System Uptime: 1/1/2014 2:26:55 AM (0 hours ago)
.
Motherboard: FUJITSU | | FJNBB2D
Processor: Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz | CPU Socket - U3E1 | 2300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 154.641 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: Fujitsu FUJ02E3 Device Driver
Device ID: ACPI\FUJ02E3\2&DABA3FF&1
Manufacturer: Fujitsu Limited
Name: Fujitsu FUJ02E3 Device Driver
PNP Device ID: ACPI\FUJ02E3\2&DABA3FF&1
Service: FUJ02E3
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 10
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Atheros Client Installation Program
Bluetooth Win7 Suite (64)
CWA Reminder by We-Care.com v4.1.24.3
CyberLink YouCam
DeskUpdate 4.11
Dropbox
EasyLife Gadget
ESET Smart Security
File Association Manager
FJ Camera
Fujitsu Hotkey Utility
Fujitsu MobilityCenter Extension Utility
Fujitsu System Extension Utility
Google Chrome
Google Update Helper
IBM SPSS Statistics 19
Intel PROSet Wireless
Intel(R) Management Engine Components
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
KeepnBrowse
KMP Service
LIFEBOOK Application Panel
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MyPC Backup
NextVPN
NVIDIA 3D Vision Driver 290.69
NVIDIA Control Panel 290.69
NVIDIA Graphics Driver 290.69
NVIDIA Install Application
NVIDIA Optimus 1.6.24
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.6.24
NVIDIA Update Components
ooVoo
OptimizerPro Upd
Plugfree NETWORK
Power Saving Utility
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Search Manager Service
Search Protection
Skype Click to Call
SkypEmoticons
Skype™ 6.7
SLOW-PCfighter
Synaptics Pointing Device Driver
SystemDiagnostics
The KMPlayer (remove only)
Web Cake 3.00
WIDCOMM Bluetooth Software
Windows Driver Package - Intel (NETw5s64) net (09/15/2009 13.0.0.107)
Windows Driver Package - Intel (NETw5v64) net (09/15/2009 13.0.0.107)
Winferno Registry Power Cleaner
WinRAR archiver
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
12/31/2013 9:05:46 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.
12/31/2013 8:02:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.
12/31/2013 7:44:36 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BackupStack service.
12/31/2013 5:55:59 PM, Error: Service Control Manager [7038] - The nsi service was unable to log on as NT Authority\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
12/31/2013 5:55:59 PM, Error: Service Control Manager [7038] - The CryptSvc service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
12/31/2013 5:55:59 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not start due to a logon failure.
12/31/2013 5:55:59 PM, Error: Service Control Manager [7000] - The Network Store Interface Service service failed to start due to the following error: The service did not start due to a logon failure.
12/31/2013 5:55:59 PM, Error: Service Control Manager [7000] - The Cryptographic Services service failed to start due to the following error: The service did not start due to a logon failure.
12/31/2013 5:55:48 PM, Error: Service Control Manager [7038] - The eventlog service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
12/31/2013 5:55:48 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Audio service, but this action failed with the following error: Circular service dependency was specified.
12/31/2013 5:55:48 PM, Error: Service Control Manager [7019] - The Windows Audio Endpoint Builder service depends on a service in a group which starts later. Change the order in the service dependency tree to ensure that all services required to start this service are starting before this service is started.
12/31/2013 5:55:48 PM, Error: Service Control Manager [7017] - Detected circular dependencies demand starting Windows Audio. Check the service dependency tree.
12/31/2013 5:55:48 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: Circular service dependency was specified.
12/31/2013 5:55:48 PM, Error: Service Control Manager [7000] - The Windows Event Log service failed to start due to the following error: The service did not start due to a logon failure.
12/31/2013 5:55:48 PM, Error: Service Control Manager [7000] - The Plug and Play service failed to start due to the following error: A system shutdown is in progress.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Audio Endpoint Builder service, but this action failed with the following error: Circular service dependency was specified.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7017] - Detected circular dependencies demand starting Windows Audio Endpoint Builder. Check the service dependency tree.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Superfetch service to connect.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Program Compatibility Assistant Service service to connect.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Portable Device Enumerator Service service to connect.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Human Interface Device Access service to connect.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7000] - The Program Compatibility Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:55:31 PM, Error: Service Control Manager [7000] - The Human Interface Device Access service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:55:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the COM+ Event System service to connect.
12/31/2013 5:55:08 PM, Error: Service Control Manager [7000] - The COM+ Event System service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7031] - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Network Store Interface Service service to connect.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:55:07 PM, Error: Service Control Manager [7000] - The Network Store Interface Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:55:01 PM, Error: Service Control Manager [7031] - The Windows Firewall service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2013 5:55:01 PM, Error: Service Control Manager [7031] - The Diagnostic Policy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2013 5:55:01 PM, Error: Service Control Manager [7031] - The Base Filtering Engine service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2013 5:54:59 PM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2013 5:54:59 PM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
12/31/2013 5:54:59 PM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2013 5:54:59 PM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2013 5:54:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Network Location Awareness service to connect.
12/31/2013 5:54:59 PM, Error: Service Control Manager [7000] - The Network Location Awareness service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:54:48 PM, Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2013 5:54:48 PM, Error: Service Control Manager [7031] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/31/2013 5:54:48 PM, Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
12/31/2013 5:54:48 PM, Error: Service Control Manager [7031] - The Security Center service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2013 5:54:48 PM, Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/31/2013 5:54:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TCP/IP NetBIOS Helper service to connect.
12/31/2013 5:54:48 PM, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/31/2013 5:15:36 PM, Error: Service Control Manager [7023] - The Intel(R) PROSet/Wireless Zero Configuration Service service terminated with the following error: %%-2147196306
12/31/2013 11:33:47 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.9. The computer with the IP address 192.168.1.2 did not allow the name to be claimed by this computer.
1/1/2014 2:28:26 AM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried.
1/1/2014 2:06:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
1/1/2014 2:06:44 AM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/1/2014 2:00:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
1/1/2014 12:57:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Extension Security Monitor Service service to connect.
1/1/2014 12:57:48 AM, Error: Service Control Manager [7000] - The Extension Security Monitor Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/1/2014 12:51:54 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled.
1/1/2014 12:51:46 AM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/1/2014 12:51:46 AM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/1/2014 1:59:09 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
1/1/2014 1:59:04 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
1/1/2014 1:59:04 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
1/1/2014 1:59:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/1/2014 1:58:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/1/2014 1:58:52 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/1/2014 1:58:48 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache eamonm ehdrv spldr Wanarpv6
.
==== End Of File ===========================

 

[Broni]

Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.

• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

• Unzip downloaded file.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

[Hoori]

Thanks. This is the results of RogueKiller (RKreport[0])

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Fujitsu [Admin rights]
Mode : Scan -- Date : 01/01/2014 17:39:48
| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- c:\ProgramData\KeepnBrowse\KeepnBrowseSvc.dll [-] -> rundll32.exe KILLED [TermProc]
[SUSP PATH][DLL] rundll32.exe -- c:\ProgramData\KeepnBrowse\KeepnBrowseSvc.dll [-] -> rundll32.exe KILLED [TermThr]

¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[APPINIT][SUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll c:\windows\system32\nvinitx.dll C:\PROGRA~3\KEEPNB~1\KEEPNB~2.DLL IESearchPlugin64.dll [x][x][-][x]) -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][ROGUE ST] bestLyrics-33-firefoxinstaller : C:\Program Files (x86)\bestLyrics-33\bestLyrics-33-firefoxinstaller.exe - /installxpi /agentregpath='bestLyrics-33' /extensionfilepath='C:\Program Files (x86)\bestLyrics-33\43872.xpi' /appid=43872 /srcid='000538' /subid='1060-5180' /zdata='dex.findci.net' /bic=673DE91E4CB04540BED5F55872505FACIE /verifier=ee2ade236c60f4b34eeca3aa4d9c19aa /installerversion=1_28_153 /installerfullversion=1.28.153.5 /installationtime=1381714765 /statsdomain=hxxp://stats.srvmystats.com /errorsdomain=hxxp://errors.srvmystats.com /waitforbrowser=300 /extensionid=42f5b16b-37cc-4ffd-bfa9-806138eb827f@cc21cac3-775a-4f6f-8277-c3cac686f390.com /extensionversion=0.92 /prefsbranch=a42f5b16b37cc4ffdbfa9806138eb827fcc21cac3775a4f6f8277c3cac686f390com43872 /updateurl=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/43872.rdf /allusers /allprofiles /externallog='' [x][x][x][x][x][x][x][x][x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


54.225.95.126 ckdjndgfgjaglgcnllemofeepjeeaofa
54.225.95.126 achhmapmjlcjlomcbmbicbgkihghgnie


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MQ01ABD050 +++++
--- User ---
[MBR] 658bc9eb07103c21fddd198a23394651
[BSP] 0d1264c9f5019cb1f77b81172ef07c12 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476939 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_01012014_173948.txt >>

 

[Hoori]

Running Malwarebytes Anti-Rootkit, I'm surprisingly notified that there is no malware found thus there's no need for a clean-up. This is the system-log content:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x64

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4144291840, free: 824119296

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x64

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4144291840, free: 799293440

Downloaded database version: v2014.01.01.05
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
01/01/2014 17:42:37
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\Drivers\FBIOSDRV.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\epfwwfp.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
C:\Program Files\ESET\ESET Smart Security\em006_64.dat
C:\Program Files\ESET\ESET Smart Security\em018_64.dat
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\EpfwLWF.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\FUJ02B1.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\FUJ02E3.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\bcbtums.sys
\??\C:\Windows\system32\drivers\btwampfl.sys
\??\C:\Windows\system32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\RtsUStor.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\drivers\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\snp2uvc.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\sncduvc.SYS
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\epfw.sys
C:\Program Files\ESET\ESET Smart Security\em008_64.dat
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\difxapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\sechost.dll
\Windows\System32\wininet.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\msctf.dll
\Windows\System32\gdi32.dll
\Windows\System32\lpk.dll
\Windows\System32\msvcrt.dll
\Windows\System32\setupapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\usp10.dll
\Windows\System32\shlwapi.dll
\Windows\System32\psapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\advapi32.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\user32.dll
\Windows\System32\urlmon.dll
\Windows\System32\oleaut32.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004d3d060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004ae5050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d3d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d3db90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d3d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003ce2c40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004ae5050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: AE56DA55

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 976771072
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[Hoori]

This is my ComboFix.txt content:

ComboFix 14-01-01.01 - Fujitsu 01/01/2014 21:06:59.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3952.440 [GMT -8:00]
Running from: C:\Users\Fujitsu\Downloads\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\END
C:\Install.exe
C:\Program Files (x86)\SaveShare
C:\ProgramData\Roaming
C:\Windows\SysWow64\html
C:\Windows\SysWow64\images
C:\Windows\SysWow64\setting.ini


((((((((((((((((((((((((( Files Created from 2013-12-02 to 2014-01-02 )))))))))))))))))))))))))))))))


2014-01-02 05:13:00 . 2014-01-02 05:13:00 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2014-01-02 05:13:00 . 2014-01-02 05:13:00 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-01-02 01:42:37 . 2014-01-02 01:58:46 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-02 01:42:37 . 2014-01-02 01:42:37 117464 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-01-02 01:41:57 . 2014-01-02 01:41:57 89304 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys
2014-01-02 01:38:56 . 2014-01-02 01:38:59 1898576 ----a-w- C:\Windows\system32\drivers\tcpip.sys.bak
2014-01-02 01:37:58 . 2014-01-02 01:37:58 6144 ----a-w- C:\Windows\system32\drivers\null.sys.bak
2014-01-02 01:36:59 . 2014-01-02 01:36:59 55456 ----a-w- C:\Windows\system32\drivers\btath_lwflt.sys.bak
2014-01-02 01:25:46 . 2014-01-02 01:25:46 -------- d-----w- C:\found.000
2014-01-01 10:13:31 . 2014-01-01 10:13:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 10:13:31 . 2013-04-04 22:50:32 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys
2014-01-01 10:02:25 . 2014-01-01 10:02:25 -------- d-----w- C:\Users\Fujitsu\AppData\Local\ElevatedDiagnostics
2014-01-01 00:49:10 . 2014-01-01 00:49:10 -------- d-----w- C:\ProgramData\Winferno
2014-01-01 00:45:36 . 2014-01-01 00:45:36 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\Fighters
2014-01-01 00:45:07 . 2014-01-02 03:33:20 -------- d-----w- C:\ProgramData\Fighters
2014-01-01 00:45:07 . 2014-01-01 00:45:07 -------- d-----w- C:\Program Files\Fighters
2014-01-01 00:45:07 . 2014-01-01 00:45:07 -------- d-----w- C:\Program Files (x86)\Fighters
2014-01-01 00:44:28 . 2014-01-01 00:44:59 -------- d-----w- C:\Program Files (x86)\FileAssociationManager
2014-01-01 00:44:28 . 2014-01-01 00:44:28 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\FileAssociationManager
2014-01-01 00:44:22 . 2010-10-26 19:07:18 499785 ----a-w- C:\Windows\SysWow64\WINUTIL8.DLL
2014-01-01 00:44:22 . 2010-09-01 23:59:10 835656 ----a-w- C:\Windows\SysWow64\WINCTL5.OCX
2014-01-01 00:44:22 . 2010-01-14 18:31:22 425984 ----a-w- C:\Windows\SysWow64\WinCMR.dll
2014-01-01 00:44:22 . 2009-06-05 19:04:04 393216 ----a-w- C:\Windows\SysWow64\WINLCTL6.DLL
2014-01-01 00:44:20 . 2014-01-01 00:44:20 -------- d-----w- C:\Program Files (x86)\Winferno
2014-01-01 00:44:05 . 2014-01-01 00:44:45 -------- d-----w- C:\Users\Fujitsu\AppData\Local\Surf_Canyon
2014-01-01 00:44:05 . 2014-01-01 00:44:39 -------- d-----w- C:\Program Files (x86)\Surf Canyon
2014-01-01 00:44:05 . 2014-01-01 00:44:05 -------- d-----w- C:\Users\Fujitsu\AppData\Local\SurfCanyon
2014-01-01 00:44:01 . 2014-01-01 00:44:01 -------- d-----w- C:\ProgramData\Yahoo! Companion
2014-01-01 00:43:50 . 2014-01-01 00:43:50 -------- d-----w- C:\ProgramData\Yahoo!
2014-01-01 00:43:48 . 2014-01-01 00:43:48 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\Yahoo!
2014-01-01 00:43:39 . 2014-01-01 00:43:50 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-01-01 00:43:28 . 2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\modules
2014-01-01 00:43:28 . 2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\js
2014-01-01 00:43:28 . 2014-01-01 00:43:28 -------- d-----w- C:\Windows\SysWow64\css
2013-12-31 21:18:13 . 2013-12-31 21:18:13 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\LavasoftStatistics
2013-12-31 20:45:39 . 2013-12-31 20:45:39 -------- d-----w- C:\ProgramData\BitDefender
2013-12-31 20:29:34 . 2013-12-31 20:29:34 -------- d-----w- C:\Program Files\Lavasoft
2013-12-31 20:28:27 . 2013-12-31 20:28:27 -------- d-----w- C:\Program Files (x86)\Lavasoft
2013-12-31 20:26:43 . 2013-12-31 20:26:43 -------- d-----w- C:\ProgramData\Lavasoft
2013-12-29 16:56:47 . 2013-12-29 16:56:47 -------- d-----w- C:\Users\Fujitsu\AppData\Roaming\Malwarebytes
2013-12-29 16:56:44 . 2013-12-29 16:56:44 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-29 16:45:10 . 2013-12-29 16:45:56 -------- d-----w- C:\Program Files (x86)\Google
2013-12-28 20:07:03 . 2013-12-28 20:07:04 -------- d-----w- C:\ProgramData\KeepnBrowse
2013-12-10 07:35:54 . 2013-12-15 13:18:43 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CA5F6B96-B861-4CDA-81BA-574814BF4546}\offreg.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-12-11 06:59:29 . 2013-08-17 15:40:53 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-11 06:59:29 . 2013-08-04 21:50:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[7] 2009-07-14 01:41:53 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[-] 2009-07-14 01:41:53 . 3C6018A5BFDA89FB3BE0BBB2E0DD234A . 509952 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\system32\rpcss.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 130736 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 130736 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 130736 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 130736 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2013-07-25 16:45:40 20686704]
"ooVoo.exe"="C:\Program Files (x86)\ooVoo\ooVoo.exe" [2013-08-05 01:19:28 35253824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DeskUpdateNotifier"="C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe" [2010-10-13 20:04:22 97560]
"UCam_Menu"="C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 22:55:34 222504]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-06 09:18:28 291608]
"IndicatorUtility"="C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 01:05:32 48752]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 14:03:58 958576]
"SurfCanyonDesktop"="C:\Program Files (x86)\Surf Canyon\SurfCanyonDesktop.exe" [2013-10-07 21:27:48 86528]
"CommonToolkitTray"="C:\Program Files (x86)\Fighters\Tray\FightersTray.exe" [2013-07-08 19:33:36 1497120]

C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-11-22 1338656]
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

R2 a6bb4a82;KeepnBrowse;C:\Windows\system32\rundll32.exe;C:\Windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys;C:\Windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 mbamchameleon;mbamchameleon;C:\Windows\system32\drivers\mbamchameleon.sys;C:\Windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys;C:\Windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RtsUIR;Realtek IR Driver;C:\Windows\system32\DRIVERS\Rts516xIR.sys;C:\Windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
S0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys;C:\Windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\Drivers\FBIOSDRV.sys;C:\Windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys;C:\Windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys;C:\Windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;C:\Windows\system32\DRIVERS\ehdrv.sys;C:\Windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys;C:\Windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe;C:\Program Files (x86)\MyPC Backup\BackupStack.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 FUJ02E3Service;FUJ02E3Service;C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe;C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe;C:\Program Files\Intel\iCLS Client\HeciServer.exe [x]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [x]
S2 scbhmon;Extension Security Monitor Service;C:\Program Files (x86)\Surf Canyon\scbhmon.exe;C:\Program Files (x86)\Surf Canyon\scbhmon.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\system32\drivers\bcbtums.sys;C:\Windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys;C:\Windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\system32\drivers\btwampfl.sys;C:\Windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys;C:\Windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\system32\DRIVERS\FUJ02E3.sys;C:\Windows\SYSNATIVE\DRIVERS\FUJ02E3.sys [x]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys;C:\Windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-29 16:45:56 1210320 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe

Contents of the 'Scheduled Tasks' folder

2014-01-02 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-17 15:40:53 . 2013-12-11 06:59:29]

2014-01-02 C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29 16:45:10 . 2013-12-29 16:45:06]

2014-01-02 C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29 16:45:10 . 2013-12-29 16:45:06]

2014-01-02 C:\Windows\Tasks\RegPowerClean.job
- C:\Program Files (x86)\Winferno\RegistryPowerCleaner\RegPowerClean.exe [2014-01-01 00:44:21 . 2012-02-08 23:30:40]

2014-01-02 C:\Windows\Tasks\RPCReminder.job
- C:\Program Files (x86)\Winferno\RegistryPowerCleaner\RPCReminder.exe [2014-01-01 00:44:22 . 2012-02-08 23:34:18]

2014-01-02 C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Notification.job
- C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe [2013-08-08 20:28:12 . 2013-08-08 20:28:12]

2014-01-02 C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Startup.job
- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe [2013-08-08 20:28:16 . 2013-08-08 20:28:16]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 164016 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 164016 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 164016 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17:30 164016 ----a-w- C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 15:58:20 13374568]
"AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-21 01:23:36 615584]
"AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-21 01:23:26 379552]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-03-25 22:44:34 170264]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-03-25 22:44:24 398616]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2012-03-25 22:44:30 439064]
"RtHDVBg_DTS"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 18:18:26 2277992]
"LoadFUJ02E3"="C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe" [2011-11-23 23:38:10 76104]
"PSUTility"="C:\Program Files\Fujitsu\PSUtility\TrayManager.exe" [2011-10-03 17:50:36 205168]
"LoadFujitsuQuickTouch"="C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe" [2011-09-30 23:09:02 158024]
"LoadBtnHnd"="C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe" [2011-09-30 23:09:02 23368]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2013-03-21 22:19:42 6330568]

 

[Broni]

Looks good.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[Hoori]

AdwCleaner log content:

# AdwCleaner v3.016 - Report created 01/01/2014 at 22:38:10
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Fujitsu - FUJITSU-PC
# Running from : C:\Users\Fujitsu\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BackupStack

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\apn
[!] Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\BetterSoft
[!] Folder Deleted : C:\ProgramData\DSearchLink
[!] Folder Deleted : C:\ProgramData\Tarma Installer
[!] Folder Deleted : C:\ProgramData\SavvEnSShare
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
[!] Folder Deleted : C:\Program Files (x86)\Bench
[!] Folder Deleted : C:\Program Files (x86)\Betcat
[!] Folder Deleted : C:\Program Files (x86)\Conduit
[!] Folder Deleted : C:\Program Files (x86)\EasyLife
[!] Folder Deleted : C:\Program Files (x86)\Movdap
[!] Folder Deleted : C:\Program Files (x86)\MyPC Backup
[!] Folder Deleted : C:\Program Files (x86)\Surf Canyon
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\Conduit
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\NativeMessaging
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\Surf_Canyon
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\SwvUpdater
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\WhiteListing
[!] Folder Deleted : C:\Users\Fujitsu\AppData\LocalLow\Conduit
[!] Folder Deleted : C:\Users\Fujitsu\AppData\LocalLow\Delta
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Movdap
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Search Protection
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\SkypEmoticons
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Web Cake
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\Extensions\wecarereminder@bryan
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\Extensions\aa.2li@ugoxikkiir.edu
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\Extensions\wecarereminder@bryan
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\Extensions\zpmgxkcj@zyuyoe.co.uk
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\Extensions\{2A39D365-6906-B62D-BB4C-E544F9440E50}
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
[!] Folder Deleted : C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
File Deleted : C:\Users\Fujitsu\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\adawaretb.xml
File Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\searchplugins\EasyLife.xml
File Deleted : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{75623D5D-4683-402A-B610-AC4BAB767C86}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Key Deleted : HKCU\Software\5a53d8dfb63cb813
Key Deleted : HKLM\SOFTWARE\5a53d8dfb63cb813
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Surf Canyon
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Surf Canyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("extensions.crossrider.bic", "141b4d1e43af2477e4c51e0a8bcbc353");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "1e6620db0000000000009c4e36a99a05");
Line Deleted : user_pref("extensions.delta.instlDay", "15992");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.618:40:25");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=122173&tsp=5035");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "f67053c4-232a-46e4-a60f-0358aa501a27");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "EasyLife");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "EasyLife");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://searchy.easylifeapp.com/?pid=1250&src=ff1&r=2013/09/06&hid=17327736777079737959&lg=EN&cc=US");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://searchy.easylifeapp.com/?pid=1250&src=ff2&r=2013/09/06&hid=17327736777079737959&lg=EN&cc=US&l=1&q=");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [16195 octets] - [01/01/2014 22:35:30]
AdwCleaner[S0].txt - [15954 octets] - [01/01/2014 22:38:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16015 octets] ##########

 

[Hoori]

JRT log content:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Ultimate x64
Ran by Fujitsu on Wed 01/01/2014 at 22:45:43.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\commontoolkittray
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1756631343-4251923923-2478469469-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289847
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bestlyrics-33-bg_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bestlyrics-33-bg_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bestLyrics-33-chromeinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bestLyrics-33-chromeinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bestLyrics-33-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bestLyrics-33-codedownloader_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bestlyrics-33-bg_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bestlyrics-33-bg_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bestLyrics-33-chromeinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bestLyrics-33-chromeinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bestLyrics-33-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bestLyrics-33-codedownloader_RASMANCS



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\regpowerclean.job
Successfully deleted: [File] C:\Windows\Tasks\rpcreminder.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\Fujitsu\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Users\Fujitsu\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Fujitsu\appdata\local\surfcanyon"
Successfully deleted: [Folder] "C:\Users\Fujitsu\appdata\locallow\surfcanyon"
Successfully deleted: [Folder] "C:\Program Files (x86)\fighters"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\winferno\registrypowercleaner"



~~~ FireFox

Successfully deleted the following from C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\d4gsali1.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,205,0_0,StartPage,20131253,20031,0,85,0");
user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1and1Internet\":{\"name\
Emptied folder: C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\d4gsali1.default\minidumps [44 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Fujitsu\appdata\local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/01/2014 at 22:57:39.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[Hoori]

I'm running OTL at the moment. It scans through the system fast until it starts scanning firefox setting then it seems it's stuck and it stops responding. I redid the process but same thing happened.

 

[Broni]

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

 

[Hoori]

Thank you. Addition.txt content:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2014 01
Ran by Fujitsu at 2014-01-02 00:12:27
Running from C:\Users\Fujitsu\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 6.0 (Enabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

Adobe Flash Player 10 (x32 Version: - Parand ® Software Group)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Atheros Client Installation Program (x32 Version: 7.0 - Atheros)
Bluetooth Win7 Suite (64) (Version: 7.2.0.56 - Atheros Communications)
CWA Reminder by We-Care.com v4.1.24.3 (x32 Version: 4.1.24.3 - We-Care.com)
CyberLink YouCam (x32 Version: 2.0.1707 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.1707 - CyberLink Corp.) Hidden
DeskUpdate 4.11 (x32 Version: 4.11.0074 - Fujitsu Technology Solutions)
Dropbox (HKCU Version: 2.0.26 - Dropbox, Inc.)
EasyLife Gadget (Version: 1.0 - EasyLife Gadget)
ESET Smart Security (Version: 6.0.316.0 - ESET, spol s r. o.)
File Association Manager (x32 Version: 0.5 - Amnis Technology Ltd)
FJ Camera (x32 Version: 5.8.52032.0_WHQL - Sonix)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (x32 Version: 3.01.00.002 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (x32 Version: 3.4.4.0 - FUJITSU LIMITED)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
IBM SPSS Statistics 19 (x32 Version: 19.0.0 - SPSS Inc., an IBM Company)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (x32 Version: 8.0.1.1399 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (x32 Version: - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2696 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.219.2 - Intel Corporation)
KeepnBrowse (x32 Version: - Intellitech)
KMP Service (x32 Version: - KMP)
LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden
LIFEBOOK Application Panel (x32 Version: 8.3.2.0 - FUJITSU LIMITED)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
NextVPN (x32 Version: 2.1.1 - )
NVIDIA 3D Vision Driver 290.69 (Version: 290.69 - NVIDIA Corporation)
NVIDIA Control Panel 290.69 (Version: 290.69 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 290.69 (Version: 290.69 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.48.259 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.6.24 (Version: 1.6.24 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.9069 - NVIDIA Corporation) Hidden
NVIDIA Update 1.6.24 (Version: 1.6.24 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.6.24 - NVIDIA Corporation) Hidden
ooVoo (x32 Version: 3.5.9056 - ooVoo LLC.)
OptimizerPro Upd (Version: 1.0 - BetterSoft) <==== ATTENTION
Plugfree NETWORK (Version: 6.2.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (x32 Version: 32.01.10.038 - FUJITSU LIMITED)
Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
Search Protection (HKCU Version: 7.5.0.1 - Spigot, Inc.)
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
SLOW-PCfighter (Version: 1.7.68 - SPAMfighter ApS) Hidden
SLOW-PCfighter (Version: 1.7.68 - SPAMfighter ApS.)
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated)
SystemDiagnostics (x32 Version: 3.02.0010 - Fujitsu Technology Solutions)
The KMPlayer (remove only) (x32 Version: 3.6.0.87 - KMP Media co., Ltd)
WIDCOMM Bluetooth Software (Version: 6.5.0.3100 - Broadcom Corporation)
Windows Driver Package - Intel (NETw5s64) net (09/15/2009 13.0.0.107) (Version: 09/15/2009 13.0.0.107 - Intel)
Windows Driver Package - Intel (NETw5v64) net (09/15/2009 13.0.0.107) (Version: 09/15/2009 13.0.0.107 - Intel)
Winferno Registry Power Cleaner (x32 Version: 2012 - Winferno.com)
WinRAR archiver (x32 Version: - )
Yahoo! Toolbar (x32 Version: - Yahoo! Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-13 18:34 - 2014-01-01 21:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1320C1DB-82B7-484B-B100-938623C97405} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {406D13B5-D67D-4CF4-8CB7-686F7A8BB661} - System32\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29] (Google Inc.)
Task: {5A348E42-2EF0-411F-8690-71A1A9532AA9} - System32\Tasks\Fujitsu\DeskUpdateRetry => C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe [2010-10-13] (Fujitsu Technology Solutions)
Task: {66625CFF-B5EF-4930-B9B5-AB959A16DA4F} - System32\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29] (Google Inc.)
Task: {6E26F554-4074-49E6-AC73-5126B2AB094E} - System32\Tasks\{D3B0207E-0794-4545-B765-A7EAE8832335} => Chrome.exe http://ui.skype.com/ui/0/6.7.59.102/en/abandoninstall?page=tsMain
Task: {751CB664-7262-4C48-83C7-7A6DDB7D8B84} - System32\Tasks\SLOW-PCfighter64-Fujitsu-Startup => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe [2013-08-08] (SPAMfighter ApS)
Task: {96E43A6F-D562-426A-A409-6FE1EE14F668} - System32\Tasks\SLOW-PCfighter64-Fujitsu-Notification => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe [2013-08-08] (SPAMfighter ApS)
Task: {B93DFB3C-7EA9-4397-B548-AB141D993DBC} - System32\Tasks\Fujitsu\DeskUpdate => C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe [2010-10-13] (Fujitsu Technology Solutions)
Task: {BA20C422-4305-4913-A60C-DBB0583F7466} - System32\Tasks\bestLyrics-33-enabler => C:\Program Files (x86)\bestLyrics-33\bestLyrics-33-enabler.exe <==== ATTENTION
Task: {BFD4E2A4-ABA4-41B9-B3CE-FD9458647DD4} - System32\Tasks\bestLyrics-33-codedownloader => C:\Program Files (x86)\bestLyrics-33\bestLyrics-33-codedownloader.exe <==== ATTENTION
Task: {FABCEFDA-FF45-425A-BE4B-A41B11C778EE} - System32\Tasks\bestLyrics-33-updater => C:\Program Files (x86)\bestLyrics-33\bestLyrics-33-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Notification.job => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe <==== ATTENTION
Task: C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Startup.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-04-10 09:40 - 2011-04-10 09:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-28 12:07 - 2013-12-28 12:07 - 00179536 _____ () C:\ProgramData\KeepnBrowse\KeepnBrowseSvc.dll
2013-12-28 12:07 - 2013-12-28 12:07 - 04511744 _____ () C:\ProgramData\KeepnBrowse\KeepnBrowse.dll
2013-08-04 12:07 - 2012-10-22 10:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2013-08-04 12:07 - 2012-07-09 16:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2013-08-04 12:07 - 2011-12-06 15:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2013-08-04 12:07 - 2012-03-23 09:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-03-13 12:48 - 2013-03-13 12:48 - 24978944 _____ () C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\libcef.dll
2012-10-31 21:44 - 2012-01-21 02:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-20 09:51 - 2013-12-20 09:52 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-01-27 13:09 - 2012-01-27 13:09 - 00350016 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2013-12-10 22:59 - 2013-12-10 22:59 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/01/2014 11:54:25 PM) (Source: Application Hang) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 189c

Start Time: 01cf078d547c0267

Termination Time: 28

Application Path: C:\Users\Fujitsu\Downloads\OTL.exe

Report Id: 1692d56f-7383-11e3-9d8b-c01885ae12ca

Error: (01/01/2014 11:28:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: KMPProcess.exe, version: 1.0.1.2, time stamp: 0x51d50ca2
Faulting module name: PanStreamer.dll, version: 2.0.7.38, time stamp: 0x509c8e1f
Exception code: 0xc0000005
Fault offset: 0x0001dc74
Faulting process id: 0xe80
Faulting application start time: 0xKMPProcess.exe0
Faulting application path: KMPProcess.exe1
Faulting module path: KMPProcess.exe2
Report Id: KMPProcess.exe3

Error: (01/01/2014 11:27:23 PM) (Source: Application Hang) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fd8

Start Time: 01cf078ae3dd8023

Termination Time: 6

Application Path: C:\Users\Fujitsu\Downloads\OTL.exe

Report Id: 4f5fb0e6-737f-11e3-8fb3-c01885ae12ca

Error: (01/01/2014 11:18:28 PM) (Source: Application Hang) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1998

Start Time: 01cf07883a3dbdbc

Termination Time: 9

Application Path: C:\Users\Fujitsu\Downloads\OTL.exe

Report Id: 11308814-737e-11e3-8fb3-c01885ae12ca


System errors:
=============
Error: (01/01/2014 11:30:06 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) PROSet/Wireless Zero Configuration Service service terminated with the following error:
%%-2147196306

Error: (01/01/2014 11:29:52 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (01/01/2014 11:29:51 PM) (Source: Service Control Manager) (User: )
Description: The Extension Security Monitor Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (01/01/2014 11:54:25 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0189c01cf078d547c026728C:\Users\Fujitsu\Downloads\OTL.exe1692d56f-7383-11e3-9d8b-c01885ae12ca

Error: (01/01/2014 11:28:33 PM) (Source: Application Error)(User: )
Description: KMPProcess.exe1.0.1.251d50ca2PanStreamer.dll2.0.7.38509c8e1fc00000050001dc74e8001cf0785c3bb244dC:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exeC:\Program Files (x86)\PANDORA.TV\PanService\PanStreamer.dll7b80e060-737f-11e3-8fb3-c01885ae12ca

Error: (01/01/2014 11:27:23 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0fd801cf078ae3dd80236C:\Users\Fujitsu\Downloads\OTL.exe4f5fb0e6-737f-11e3-8fb3-c01885ae12ca

Error: (01/01/2014 11:18:28 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0199801cf07883a3dbdbc9C:\Users\Fujitsu\Downloads\OTL.exe11308814-737e-11e3-8fb3-c01885ae12ca


CodeIntegrity Errors:
===================================
Date: 2014-01-01 23:30:35.614
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-01 22:41:58.167
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-01 22:13:21.150
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-01 21:25:51.224
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-01 21:15:54.939
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-01 21:12:26.884
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-01-01 21:12:26.880
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-01-01 19:40:21.161
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-01 19:31:21.526
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-01 17:28:03.011
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 88%
Total physical RAM: 3952.3 MB
Available physical RAM: 438.77 MB
Total Pagefile: 7902.76 MB
Available Pagefile: 2981.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:157.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AE56DA55)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[Hoori]

FRST.txt content (more than 50000 character so I split it):
Part 1:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014 01
Ran by Fujitsu (administrator) on FUJITSU-PC on 02-01-2014 00:11:05
Running from C:\Users\Fujitsu\Downloads
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Farbar) C:\Users\Fujitsu\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-20] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-01-20] (Atheros Commnucations)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [DeskUpdateNotifier] - C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [97560 2010-10-13] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SurfCanyonDesktop] - C:\Program Files (x86)\Surf Canyon\SurfCanyonDesktop.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20686704 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [ooVoo.exe] - C:\Program Files (x86)\ooVoo\ooVoo.exe [35253824 2013-08-04] (ooVoo LLC)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Fujitsu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.242.0.12

 

[Hoori]

Part 2:

FireFox:
========
FF ProfilePath: C:\Users\Fujitsu\AppData\Roaming\Mozilla\Firefox\Profiles\d4gsali1.default
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SearchEngineOrder.user_pref("browser.search.order.2", "");: user_pref("browser.search.order.2", "");
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20131253,20030,0,85,0
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha292.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha292\ff
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Instant Savings App) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa\1.0_0
CHR Extension: (Google Search) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.0.317_0
CHR Extension: (Skype Click to Call) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [iekdpffghahikncifpidkhadjhhlagjl] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha292\ch\WebexpEnhancedV1alpha292.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 a6bb4a82; C:\Windows\system32\rundll32.exe [45568 2009-07-13] (Microsoft Corporation)
R2 a6bb4a82; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-13] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
S3 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe [384792 2010-09-24] (Fujitsu Technology Solutions)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S2 scbhmon; "C:\Program Files (x86)\Surf Canyon\scbhmon.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-11-23] (Broadcom Corporation.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-20] (ESET)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [89304 2014-01-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-27] ()
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================

 

[Hoori]

Part 3:

==================== One Month Created Files and Folders ========

2014-01-02 00:11 - 2014-01-02 00:11 - 00017469 _____ C:\Users\Fujitsu\Downloads\FRST.txt
2014-01-02 00:10 - 2014-01-02 00:10 - 00000000 ____D C:\FRST
2014-01-02 00:09 - 2014-01-02 00:09 - 01931426 _____ (Farbar) C:\Users\Fujitsu\Downloads\FRST64(1).exe
2014-01-02 00:08 - 2014-01-02 00:08 - 01931426 _____ (Farbar) C:\Users\Fujitsu\Downloads\FRST64.exe
2014-01-02 00:07 - 2014-01-02 00:07 - 01064481 _____ (Farbar) C:\Users\Fujitsu\Downloads\FRST.exe
2014-01-01 23:32 - 2014-01-01 23:32 - 00000000 ____D C:\ProgramData\Fighters
2014-01-01 23:30 - 2014-01-01 23:30 - 00000000 ___RD C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-01 22:59 - 2014-01-01 22:59 - 00602112 _____ (OldTimer Tools) C:\Users\Fujitsu\Downloads\OTL.exe
2014-01-01 22:57 - 2014-01-01 22:57 - 00005038 _____ C:\Users\Fujitsu\Desktop\JRT.txt
2014-01-01 22:45 - 2014-01-01 22:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 22:44 - 2014-01-01 22:44 - 01036305 _____ (Thisisu) C:\Users\Fujitsu\Downloads\JRT.exe
2014-01-01 22:35 - 2014-01-01 22:38 - 00000000 ____D C:\AdwCleaner
2014-01-01 22:34 - 2014-01-01 22:34 - 01233962 _____ C:\Users\Fujitsu\Downloads\adwcleaner.exe
2014-01-01 21:04 - 2014-01-01 21:14 - 00000000 ____D C:\ComboFix
2014-01-01 21:04 - 2011-06-25 22:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-01 21:04 - 2010-11-07 09:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-01 21:04 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-01 21:04 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-01 21:04 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-01 21:04 - 2000-08-30 16:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-01 21:04 - 2000-08-30 16:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-01 21:04 - 2000-08-30 16:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-01 21:03 - 2014-01-01 21:04 - 00000000 ____D C:\Qoobox
2014-01-01 21:02 - 2014-01-01 21:13 - 00000000 ____D C:\Windows\erdnt
2014-01-01 19:42 - 2014-01-01 20:51 - 05160282 ____R (Swearware) C:\Users\Fujitsu\Downloads\ComboFix.exe
2014-01-01 17:42 - 2014-01-01 17:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-01 17:41 - 2014-01-01 17:41 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-01 17:40 - 2014-01-01 17:41 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Fujitsu\Downloads\mbar-1.07.0.1008.exe
2014-01-01 17:39 - 2014-01-01 17:39 - 00654928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00294992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00200272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00184576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00052304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00046672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00042064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys.bak
2014-01-01 17:38 - 2014-01-01 17:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 14020416 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 04718952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 01898576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 01812608 _____ () C:\Windows\system32\Drivers\snp2uvc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00646248 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00293936 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00215552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00185936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00167488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00149056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00075840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00035456 _____ C:\Windows\system32\Drivers\sncduvc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00034896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00028992 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 14745600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 11417088 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwNs64.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 01659984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00787736 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00620584 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00568600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00460504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00410688 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00374864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00356120 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00331264 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00288336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00279200 _____ (Atheros) C:\Windows\system32\Drivers\btfilter.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00223448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00213416 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00190232 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00178728 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00167976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00153152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00150616 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00095312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00060184 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00059440 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00058416 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00030272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00027216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00023104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00021104 _____ (FUJITSU LIMITED) C:\Windows\system32\Drivers\FBIOSDRV.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00016152 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00007808 _____ (FUJITSU LIMITED) C:\Windows\system32\Drivers\fuj02b1.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00007296 _____ (FUJITSU LIMITED) C:\Windows\system32\Drivers\fuj02e3.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-01 17:36 - 2014-01-01 17:37 - 00154272 _____ (Atheros) C:\Windows\system32\Drivers\btath_rcp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 02712064 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00298144 _____ (Atheros) C:\Windows\system32\Drivers\btath_a2dp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00201376 _____ (Atheros) C:\Windows\system32\Drivers\btath_hcrp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00134696 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00106576 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00055456 _____ (Atheros) C:\Windows\system32\Drivers\btath_lwflt.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00051872 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\AthDfu.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00036000 _____ (Atheros) C:\Windows\system32\Drivers\btath_flt.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00028832 _____ (Atheros) C:\Windows\system32\Drivers\btath_bus.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00028752 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-01 17:26 - 2014-01-01 17:26 - 00003416 ____N C:\bootsqm.dat
2014-01-01 17:25 - 2014-01-01 17:25 - 00000000 ____D C:\found.000
2014-01-01 15:53 - 2014-01-01 15:54 - 03810304 _____ C:\Users\Fujitsu\Downloads\RogueKiller.exe
2014-01-01 11:43 - 2014-01-01 11:43 - 00000000 _____ C:\Users\Fujitsu\Desktop\New Bitmap Image.bmp
2014-01-01 02:31 - 2014-01-01 02:31 - 00688992 ____R (Swearware) C:\Users\Fujitsu\Downloads\dds.com
2014-01-01 02:13 - 2014-01-01 02:13 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-01 02:13 - 2014-01-01 02:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 02:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-01 02:12 - 2014-01-01 02:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Fujitsu\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-31 21:14 - 2014-01-01 11:39 - 00020215 ____H C:\Users\Fujitsu\Documents\~WRL0128.tmp
2013-12-31 16:49 - 2013-12-31 16:49 - 00000000 ____D C:\ProgramData\Winferno
2013-12-31 16:45 - 2014-01-01 23:35 - 00000386 _____ C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Startup.job
2013-12-31 16:45 - 2014-01-01 23:29 - 00000388 _____ C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Notification.job
2013-12-31 16:45 - 2013-12-31 16:45 - 00003460 _____ C:\Windows\System32\Tasks\SLOW-PCfighter64-Fujitsu-Notification
2013-12-31 16:45 - 2013-12-31 16:45 - 00002774 _____ C:\Windows\System32\Tasks\SLOW-PCfighter64-Fujitsu-Startup
2013-12-31 16:45 - 2013-12-31 16:45 - 00002048 _____ C:\Users\Public\Desktop\SLOW-PCfighter.lnk
2013-12-31 16:45 - 2013-12-31 16:45 - 00000000 ____D C:\Program Files\Fighters
2013-12-31 16:44 - 2014-01-01 22:51 - 00000000 ____D C:\Program Files (x86)\Winferno
2013-12-31 16:44 - 2013-12-31 16:44 - 00001375 _____ C:\Users\Public\Desktop\Check PC for Errors.lnk
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Association Manager
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\FileAssociationManager
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\Program Files (x86)\FileAssociationManager
2013-12-31 16:44 - 2010-10-26 11:07 - 00499785 _____ (Capital Intellect Inc) C:\Windows\SysWOW64\WINUTIL8.DLL
2013-12-31 16:44 - 2010-09-01 15:59 - 00835656 _____ (Capital Intellect Inc) C:\Windows\SysWOW64\WINCTL5.OCX
2013-12-31 16:44 - 2010-01-14 10:31 - 00425984 _____ C:\Windows\SysWOW64\WinCMR.dll
2013-12-31 16:44 - 2009-06-05 11:06 - 00516832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CapiCom.dll
2013-12-31 16:44 - 2009-06-05 11:04 - 00393216 _____ (Capital Intellect Inc) C:\Windows\SysWOW64\WINLCTL6.DLL
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Windows\SysWOW64\modules
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Windows\SysWOW64\js
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Windows\SysWOW64\css
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Yahoo!
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-12-31 13:18 - 2013-12-31 13:18 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\LavasoftStatistics
2013-12-31 12:53 - 2013-12-31 12:51 - 00015073 _____ C:\Users\Fujitsu\Documents\hijackthis.log
2013-12-31 12:45 - 2013-12-31 12:45 - 00000000 ____D C:\ProgramData\BitDefender
2013-12-31 12:33 - 2013-12-31 12:48 - 00015073 _____ C:\Users\Fujitsu\Downloads\hijackthis.log
2013-12-31 12:33 - 2013-12-31 12:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Fujitsu\Downloads\Crusty.exe
2013-12-31 12:29 - 2013-12-31 12:29 - 00000000 ____D C:\Program Files\Lavasoft
2013-12-31 12:28 - 2013-12-31 12:28 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-12-31 12:26 - 2013-12-31 12:26 - 01725064 _____ C:\Users\Fujitsu\Downloads\Adaware_Installer.exe
2013-12-31 12:26 - 2013-12-31 12:26 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-30 12:05 - 2013-12-30 12:05 - 00037376 _____ C:\Windows\system32\dmawc.luc
2013-12-30 11:55 - 2014-01-02 00:10 - 00000081 _____ C:\Windows\system32\vtjfsu.sjm
2013-12-30 11:54 - 2013-12-30 12:05 - 00000097 _____ C:\Windows\system32\icxuy.xhf
2013-12-30 11:54 - 2013-12-30 11:54 - 00000064 _____ C:\Windows\system32\fvoxv.hov
2013-12-30 11:38 - 2013-12-30 11:38 - 00219314 ____S C:\Windows\system32\nsza.qwf
2013-12-29 10:05 - 2013-12-29 10:17 - 147136153 _____ C:\Users\Fujitsu\Downloads\FRIENDS SEASON-1-EPISODE-4 (THE ONE WITH GEORGE STEPHANOPOULOS).mkv
2013-12-29 08:56 - 2013-12-29 08:56 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Fujitsu\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-29 08:56 - 2013-12-29 08:56 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Malwarebytes
2013-12-29 08:56 - 2013-12-29 08:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-29 08:53 - 2013-12-29 08:53 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Fujitsu\Downloads\iExplore.exe
2013-12-29 08:51 - 2014-01-01 23:56 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc.job
2013-12-29 08:51 - 2014-01-01 23:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44.job
2013-12-29 08:51 - 2013-12-29 08:51 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc
2013-12-29 08:51 - 2013-12-29 08:51 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44
2013-12-29 08:49 - 2013-12-29 08:49 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Fujitsu\Downloads\iexplore.exe.exe
2013-12-29 08:46 - 2013-12-29 08:46 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-29 08:45 - 2013-12-29 08:45 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-29 08:44 - 2013-12-29 08:44 - 00819176 _____ (Google Inc.) C:\Users\Fujitsu\Downloads\ChromeSetup.exe
2013-12-28 12:07 - 2013-12-28 12:07 - 00000000 ____D C:\ProgramData\KeepnBrowse
2013-12-21 17:14 - 2013-12-21 17:14 - 00000000 ____D C:\Users\Fujitsu\Documents\Textbooks
2013-12-21 17:11 - 2013-12-21 17:21 - 00000000 ____D C:\Users\Fujitsu\Documents\Marketing Papers
2013-12-21 17:10 - 2013-12-21 17:19 - 00000000 ____D C:\Users\Fujitsu\Documents\R
2013-12-21 17:09 - 2013-12-21 17:22 - 00000000 ____D C:\Users\Fujitsu\Documents\Novels
2013-12-20 15:49 - 2013-12-31 11:36 - 00000640 __RSH C:\ProgramData\ntuser.pol
2013-12-20 09:51 - 2013-12-20 09:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 22:55 - 2013-12-19 22:55 - 31412160 _____ (Spotify Ltd) C:\Users\Fujitsu\Downloads\Spotify Installer.exe
2013-12-04 19:38 - 2013-12-04 22:33 - 00097161 _____ C:\Users\Fujitsu\Downloads\Kantian inquiring system(1).pptx

 

[Hoori]

Part 4:

==================== One Month Modified Files and Folders =======

2014-01-02 00:11 - 2014-01-02 00:11 - 00017469 _____ C:\Users\Fujitsu\Downloads\FRST.txt
2014-01-02 00:10 - 2014-01-02 00:10 - 00000000 ____D C:\FRST
2014-01-02 00:10 - 2013-12-30 11:55 - 00000081 _____ C:\Windows\system32\vtjfsu.sjm
2014-01-02 00:09 - 2014-01-02 00:09 - 01931426 _____ (Farbar) C:\Users\Fujitsu\Downloads\FRST64(1).exe
2014-01-02 00:08 - 2014-01-02 00:08 - 01931426 _____ (Farbar) C:\Users\Fujitsu\Downloads\FRST64.exe
2014-01-02 00:07 - 2014-01-02 00:07 - 01064481 _____ (Farbar) C:\Users\Fujitsu\Downloads\FRST.exe
2014-01-02 00:01 - 2012-10-31 20:50 - 01244989 _____ C:\Windows\WindowsUpdate.log
2014-01-01 23:59 - 2013-08-17 07:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-01 23:56 - 2013-12-29 08:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc.job
2014-01-01 23:37 - 2009-07-13 20:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-01 23:37 - 2009-07-13 20:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-01 23:35 - 2013-12-31 16:45 - 00000386 _____ C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Startup.job
2014-01-01 23:32 - 2014-01-01 23:32 - 00000000 ____D C:\ProgramData\Fighters
2014-01-01 23:30 - 2014-01-01 23:30 - 00000000 ___RD C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-01 23:30 - 2013-09-06 09:21 - 00000000 ___RD C:\Users\Fujitsu\Dropbox
2014-01-01 23:30 - 2013-09-06 09:19 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Dropbox
2014-01-01 23:30 - 2012-10-31 22:02 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-01-01 23:29 - 2013-12-31 16:45 - 00000388 _____ C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Notification.job
2014-01-01 23:29 - 2013-12-29 08:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44.job
2014-01-01 23:29 - 2013-08-03 13:50 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-01 23:29 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-01 23:29 - 2009-07-13 20:51 - 00047169 _____ C:\Windows\setupact.log
2014-01-01 22:59 - 2014-01-01 22:59 - 00602112 _____ (OldTimer Tools) C:\Users\Fujitsu\Downloads\OTL.exe
2014-01-01 22:57 - 2014-01-01 22:57 - 00005038 _____ C:\Users\Fujitsu\Desktop\JRT.txt
2014-01-01 22:51 - 2013-12-31 16:44 - 00000000 ____D C:\Program Files (x86)\Winferno
2014-01-01 22:45 - 2014-01-01 22:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 22:44 - 2014-01-01 22:44 - 01036305 _____ (Thisisu) C:\Users\Fujitsu\Downloads\JRT.exe
2014-01-01 22:40 - 2013-08-03 13:34 - 00383008 _____ C:\Windows\PFRO.log
2014-01-01 22:38 - 2014-01-01 22:35 - 00000000 ____D C:\AdwCleaner
2014-01-01 22:34 - 2014-01-01 22:34 - 01233962 _____ C:\Users\Fujitsu\Downloads\adwcleaner.exe
2014-01-01 21:59 - 2012-10-31 20:58 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2014-01-01 21:14 - 2014-01-01 21:04 - 00000000 ____D C:\ComboFix
2014-01-01 21:13 - 2014-01-01 21:02 - 00000000 ____D C:\Windows\erdnt
2014-01-01 21:13 - 2009-07-13 18:34 - 00000215 _____ C:\Windows\system.ini
2014-01-01 21:04 - 2014-01-01 21:03 - 00000000 ____D C:\Qoobox
2014-01-01 20:51 - 2014-01-01 19:42 - 05160282 ____R (Swearware) C:\Users\Fujitsu\Downloads\ComboFix.exe
2014-01-01 17:58 - 2014-01-01 17:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-01 17:41 - 2014-01-01 17:41 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-01 17:41 - 2014-01-01 17:40 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Fujitsu\Downloads\mbar-1.07.0.1008.exe
2014-01-01 17:39 - 2014-01-01 17:39 - 00654928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00294992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00200272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00184576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00052304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00046672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00042064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-01 17:39 - 2014-01-01 17:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys.bak
2014-01-01 17:39 - 2014-01-01 17:38 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 14020416 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 04718952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 01898576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 01812608 _____ () C:\Windows\system32\Drivers\snp2uvc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00646248 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00293936 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00215552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00185936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00167488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00149056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00075840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00035456 _____ C:\Windows\system32\Drivers\sncduvc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00034896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00028992 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-01 17:38 - 2014-01-01 17:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 14745600 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 11417088 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwNs64.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 01659984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00787736 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00620584 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00568600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00460504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00410688 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00374864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00356120 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00331264 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00288336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00279200 _____ (Atheros) C:\Windows\system32\Drivers\btfilter.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00223448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00213416 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00190232 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00178728 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00167976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00153152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00150616 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00095312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00060184 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00059440 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00058416 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00030272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00027216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00023104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00021104 _____ (FUJITSU LIMITED) C:\Windows\system32\Drivers\FBIOSDRV.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00016152 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00007808 _____ (FUJITSU LIMITED) C:\Windows\system32\Drivers\fuj02b1.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00007296 _____ (FUJITSU LIMITED) C:\Windows\system32\Drivers\fuj02e3.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-01 17:37 - 2014-01-01 17:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-01 17:37 - 2014-01-01 17:36 - 00154272 _____ (Atheros) C:\Windows\system32\Drivers\btath_rcp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 02712064 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00298144 _____ (Atheros) C:\Windows\system32\Drivers\btath_a2dp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00201376 _____ (Atheros) C:\Windows\system32\Drivers\btath_hcrp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00134696 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00106576 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00055456 _____ (Atheros) C:\Windows\system32\Drivers\btath_lwflt.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00051872 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\AthDfu.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00036000 _____ (Atheros) C:\Windows\system32\Drivers\btath_flt.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00028832 _____ (Atheros) C:\Windows\system32\Drivers\btath_bus.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00028752 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-01 17:36 - 2014-01-01 17:36 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-01 17:26 - 2014-01-01 17:26 - 00003416 ____N C:\bootsqm.dat
2014-01-01 17:25 - 2014-01-01 17:25 - 00000000 ____D C:\found.000
2014-01-01 15:54 - 2014-01-01 15:53 - 03810304 _____ C:\Users\Fujitsu\Downloads\RogueKiller.exe
2014-01-01 14:25 - 2013-09-02 16:02 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Skype
2014-01-01 11:43 - 2014-01-01 11:43 - 00000000 _____ C:\Users\Fujitsu\Desktop\New Bitmap Image.bmp
2014-01-01 11:39 - 2013-12-31 21:14 - 00020215 ____H C:\Users\Fujitsu\Documents\~WRL0128.tmp
2014-01-01 02:34 - 2009-07-13 21:13 - 00782154 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 02:31 - 2014-01-01 02:31 - 00688992 ____R (Swearware) C:\Users\Fujitsu\Downloads\dds.com
2014-01-01 02:13 - 2014-01-01 02:13 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-01 02:13 - 2014-01-01 02:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 02:13 - 2014-01-01 02:12 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Fujitsu\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-12-31 18:36 - 2013-08-03 18:43 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
2013-12-31 16:49 - 2013-12-31 16:49 - 00000000 ____D C:\ProgramData\Winferno
2013-12-31 16:45 - 2013-12-31 16:45 - 00003460 _____ C:\Windows\System32\Tasks\SLOW-PCfighter64-Fujitsu-Notification
2013-12-31 16:45 - 2013-12-31 16:45 - 00002774 _____ C:\Windows\System32\Tasks\SLOW-PCfighter64-Fujitsu-Startup
2013-12-31 16:45 - 2013-12-31 16:45 - 00002048 _____ C:\Users\Public\Desktop\SLOW-PCfighter.lnk
2013-12-31 16:45 - 2013-12-31 16:45 - 00000000 ____D C:\Program Files\Fighters
2013-12-31 16:44 - 2013-12-31 16:44 - 00001375 _____ C:\Users\Public\Desktop\Check PC for Errors.lnk
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Association Manager
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\FileAssociationManager
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-12-31 16:44 - 2013-12-31 16:44 - 00000000 ____D C:\Program Files (x86)\FileAssociationManager
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Windows\SysWOW64\modules
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Windows\SysWOW64\js
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Windows\SysWOW64\css
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Yahoo!
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-31 16:43 - 2013-12-31 16:43 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-12-31 14:55 - 2013-09-02 16:25 - 00000000 ____D C:\Users\Fujitsu\Documents\Youcam
2013-12-31 13:18 - 2013-12-31 13:18 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\LavasoftStatistics
2013-12-31 12:58 - 2013-09-02 16:24 - 00000026 _____ C:\Users\Fujitsu\Desktop\New Text Document.txt
2013-12-31 12:51 - 2013-12-31 12:53 - 00015073 _____ C:\Users\Fujitsu\Documents\hijackthis.log
2013-12-31 12:48 - 2013-12-31 12:33 - 00015073 _____ C:\Users\Fujitsu\Downloads\hijackthis.log
2013-12-31 12:45 - 2013-12-31 12:45 - 00000000 ____D C:\ProgramData\BitDefender
2013-12-31 12:33 - 2013-12-31 12:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Fujitsu\Downloads\Crusty.exe
2013-12-31 12:29 - 2013-12-31 12:29 - 00000000 ____D C:\Program Files\Lavasoft
2013-12-31 12:28 - 2013-12-31 12:28 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-12-31 12:26 - 2013-12-31 12:26 - 01725064 _____ C:\Users\Fujitsu\Downloads\Adaware_Installer.exe
2013-12-31 12:26 - 2013-12-31 12:26 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-31 11:36 - 2013-12-20 15:49 - 00000640 __RSH C:\ProgramData\ntuser.pol
2013-12-30 12:50 - 2013-08-03 13:52 - 00000000 ____D C:\Program Files\Apoint2K
2013-12-30 12:05 - 2013-12-30 12:05 - 00037376 _____ C:\Windows\system32\dmawc.luc
2013-12-30 12:05 - 2013-12-30 11:54 - 00000097 _____ C:\Windows\system32\icxuy.xhf
2013-12-30 11:54 - 2013-12-30 11:54 - 00000064 _____ C:\Windows\system32\fvoxv.hov
2013-12-30 11:38 - 2013-12-30 11:38 - 00219314 ____S C:\Windows\system32\nsza.qwf
2013-12-29 10:17 - 2013-12-29 10:05 - 147136153 _____ C:\Users\Fujitsu\Downloads\FRIENDS SEASON-1-EPISODE-4 (THE ONE WITH GEORGE STEPHANOPOULOS).mkv
2013-12-29 08:56 - 2013-12-29 08:56 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Fujitsu\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-29 08:56 - 2013-12-29 08:56 - 00000000 ____D C:\Users\Fujitsu\AppData\Roaming\Malwarebytes
2013-12-29 08:56 - 2013-12-29 08:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-29 08:53 - 2013-12-29 08:53 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Fujitsu\Downloads\iExplore.exe
2013-12-29 08:51 - 2013-12-29 08:51 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc
2013-12-29 08:51 - 2013-12-29 08:51 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44
2013-12-29 08:49 - 2013-12-29 08:49 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Fujitsu\Downloads\iexplore.exe.exe
2013-12-29 08:46 - 2013-12-29 08:46 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-29 08:45 - 2013-12-29 08:45 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-29 08:44 - 2013-12-29 08:44 - 00819176 _____ (Google Inc.) C:\Users\Fujitsu\Downloads\ChromeSetup.exe
2013-12-29 08:43 - 2013-08-03 18:37 - 00000000 ____D C:\Users\Fujitsu\AppData\Local\Google
2013-12-28 12:07 - 2013-12-28 12:07 - 00000000 ____D C:\ProgramData\KeepnBrowse
2013-12-21 17:22 - 2013-12-21 17:09 - 00000000 ____D C:\Users\Fujitsu\Documents\Novels
2013-12-21 17:21 - 2013-12-21 17:11 - 00000000 ____D C:\Users\Fujitsu\Documents\Marketing Papers
2013-12-21 17:19 - 2013-12-21 17:10 - 00000000 ____D C:\Users\Fujitsu\Documents\R
2013-12-21 17:14 - 2013-12-21 17:14 - 00000000 ____D C:\Users\Fujitsu\Documents\Textbooks
2013-12-21 08:18 - 2013-08-04 00:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 15:49 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-12-20 15:49 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-12-20 09:52 - 2013-12-20 09:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 22:55 - 2013-12-19 22:55 - 31412160 _____ (Spotify Ltd) C:\Users\Fujitsu\Downloads\Spotify Installer.exe
2013-12-13 23:25 - 2013-09-02 15:52 - 00000000 ____D C:\Users\Fujitsu\AppData\Local\CrashDumps
2013-12-10 22:59 - 2013-08-17 07:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 22:59 - 2013-08-17 07:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 22:59 - 2013-08-04 13:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-04 22:33 - 2013-12-04 19:38 - 00097161 _____ C:\Users\Fujitsu\Downloads\Kantian inquiring system(1).pptx

Some content of TEMP:
====================
C:\Users\Fujitsu\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 10:58

==================== End Of Log ============================

 

[Hoori]

One more thing. I don't know if it matters at all but right from the day I spotted the problem on my laptop (the weird audio being started whenever I turn on the laptop), my laptop loses power in almost half an hour (it would usually take up to 4 hours to be out of charge and it's a 5 month old laptop). I don't know if the two problems are correlated but I just thought I'd share it here with you. Also, ever since the day I noticed the problem, the system is automatically being shut down every few hours because "plug and play service terminated unexpectedly".

 

[Broni]

Uninstall SLOW-PCfighter.
Registry cleaners/optimizers are not recommended for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.
  
  The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  
• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  
• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  
• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  
• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

• Ed Bott's Webog: Why I don't use registry cleaners
• Do I need a Registry Cleaner?

Uninstall McAfee Security Scan, typical foistware.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[Hoori]

This is the fix log content:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-01-2014
Ran by Fujitsu at 2014-01-02 20:45:14 Run:1
Running from C:\Users\Fujitsu\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
OptimizerPro Upd (Version: 1.0 - BetterSoft) <==== ATTENTION
Task: {751CB664-7262-4C48-83C7-7A6DDB7D8B84} - System32\Tasks\SLOW-PCfighter64-Fujitsu-Startup => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe [2013-08-08] (SPAMfighter ApS)
Task: {96E43A6F-D562-426A-A409-6FE1EE14F668} - System32\Tasks\SLOW-PCfighter64-Fujitsu-Notification => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe [2013-08-08] (SPAMfighter ApS)
Task: {BA20C422-4305-4913-A60C-DBB0583F7466} - System32\Tasks\bestLyrics-33-enabler => C:\Program Files (x86)\bestLyrics-33\bestLyrics-33-enabler.exe <==== ATTENTION
Task: {BFD4E2A4-ABA4-41B9-B3CE-FD9458647DD4} - System32\Tasks\bestLyrics-33-codedownloader => C:\Program Files (x86)\bestLyrics-33\bestLyrics-33-codedownloader.exe <==== ATTENTION
Task: {FABCEFDA-FF45-425A-BE4B-A41B11C778EE} - System32\Tasks\bestLyrics-33-updater => C:\Program Files (x86)\bestLyrics-33\bestLyrics-33-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Notification.job => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe <==== ATTENTION
Task: C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Startup.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Fujitsu\AppData\Local\Temp\Quarantine.exe


*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{751CB664-7262-4C48-83C7-7A6DDB7D8B84} => Key not found.
C:\Windows\System32\Tasks\SLOW-PCfighter64-Fujitsu-Startup not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SLOW-PCfighter64-Fujitsu-Startup => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96E43A6F-D562-426A-A409-6FE1EE14F668} => Key not found.
C:\Windows\System32\Tasks\SLOW-PCfighter64-Fujitsu-Notification not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SLOW-PCfighter64-Fujitsu-Notification => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA20C422-4305-4913-A60C-DBB0583F7466} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA20C422-4305-4913-A60C-DBB0583F7466} => Key deleted successfully.
C:\Windows\System32\Tasks\bestLyrics-33-enabler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bestLyrics-33-enabler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFD4E2A4-ABA4-41B9-B3CE-FD9458647DD4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFD4E2A4-ABA4-41B9-B3CE-FD9458647DD4} => Key deleted successfully.
C:\Windows\System32\Tasks\bestLyrics-33-codedownloader => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bestLyrics-33-codedownloader => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FABCEFDA-FF45-425A-BE4B-A41B11C778EE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FABCEFDA-FF45-425A-BE4B-A41B11C778EE} => Key deleted successfully.
C:\Windows\System32\Tasks\bestLyrics-33-updater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bestLyrics-33-updater => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf04b63df5fa44.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf04b63e1198fc.job => Moved successfully.
C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Notification.job not found.
C:\Windows\Tasks\SLOW-PCfighter64-Fujitsu-Startup.job not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Users\Fujitsu\AppData\Local\Temp\Quarantine.exe => Moved successfully.

==== End of Fixlog ====

 

[Broni]

How are things now?
Did you uninstall Slow-PCFighter and McAfee Security Scan?

 

[Hoori]

Yup, both. The voices are gone. Thank you so so much. Is there any additional thing I need to do now? Also, is this possible that the system shutdown was in somehow connected to this problem? (one thing I noticed was that when the laptop is disconnected from internet, there's no voice anymore and also the battery works just as fine as before but whenever I'm connected to internet, the computer loses power in half an hour).

Thanks again. I really appreciate your time, patience and effort.