Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by Dans PC (administrator) on DANSPC-PC on 22-01-2015 18:19:50
Running from C:\Users\Dans PC\Desktop
Loaded Profiles: IUSR_NMPR & Dans PC (Available profiles: IUSR_NMPR & Dans PC)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\Dans PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Dans PC\AppData\Local\Blackboard\Blackboard Collaborate Launcher\Temp\eLiveBrowser0.tmp\eLiveBrowser.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4706304 2007-11-14] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2720690080-437301121-4103053817-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/search?q={sea...&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKU\S-1-5-21-2720690080-437301121-4103053817-1002\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2720690080-437301121-4103053817-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2720690080-437301121-4103053817-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2720690080-437301121-4103053817-1002 -> URL
http://www.google.com/search?q={sea...&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
SearchScopes: HKU\S-1-5-21-2720690080-437301121-4103053817-1002 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2720690080-437301121-4103053817-1002 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKU\S-1-5-21-2720690080-437301121-4103053817-1002 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKU\S-1-5-21-2720690080-437301121-4103053817-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2720690080-437301121-4103053817-1002 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147}
http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-gb.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Dans PC\AppData\Roaming\Mozilla\Firefox\Profiles\nqftp1a3.default
FF NewTab: about:blank
FF Homepage:
https://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.46 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin:
yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-2720690080-437301121-4103053817-1002: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Dans PC\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: No Name - C:\Users\Dans PC\AppData\Roaming\Mozilla\Firefox\Profiles\nqftp1a3.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}-trash [2011-01-30]
FF Extension: DownloadHelper - C:\Users\Dans PC\AppData\Roaming\Mozilla\Firefox\Profiles\nqftp1a3.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-20]
FF Extension: Wiktionary and Google Translate - C:\Users\Dans PC\AppData\Roaming\Mozilla\Firefox\Profiles\nqftp1a3.default\Extensions\
googledictionary@toptip.ca.xpi [2012-10-23]
FF Extension: CS Browser Assistant 2.0 - C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2720690080-437301121-4103053817-1002\FireFox\Extensions\
f642a7a0-3e89-45d2-875f-8394cf2f7196@2c30b4c2-9e83-4875-a4ca-6acd1e9923b2.com [2013-10-29]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-08-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-09]
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-29]
FF HKLM\...\Firefox\Extensions: [
url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
url_advisor@kaspersky.com [2013-10-29]
FF HKLM\...\Firefox\Extensions: [
virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
virtual_keyboard@kaspersky.com [2013-10-29]
FF HKLM\...\Firefox\Extensions: [
content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
content_blocker@kaspersky.com [2013-10-29]
FF HKLM\...\Firefox\Extensions: [
anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
anti_banner@kaspersky.com [2013-10-29]
FF HKLM\...\Firefox\Extensions: [
online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\
online_banking@kaspersky.com [2013-10-29]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] -
https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-09] (Kaspersky Lab ZAO)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (
www.BitComet.com)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2310544 2012-02-16] (WIBU-SYSTEMS AG)
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
S4 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [File not signed]
R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-18] (Microsoft Corporation)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1302368 2008-01-08] (NXP Semiconductors Germany GmbH)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32408 2010-10-18] (Google Inc)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [82960 2011-10-17] (Advanced Micro Devices)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2007-11-08] (Intel Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [576608 2014-03-29] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25184 2014-02-19] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2013-12-19] (Kaspersky Lab ZAO)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [42752 2009-05-08] (Motorola Inc)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [File not signed]
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [569344 2007-11-21] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
R3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [8913920 2011-11-10] (Advanced Micro Devices, Inc.)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
R1 WMDrive; C:\Windows\system32\drivers\WMDrive.sys [65856 2013-09-28] (WinMount International Inc) [File not signed]
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2008-10-28] (X10 Wireless Technology, Inc.)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [106752 2011-01-13] (ZTE Incorporated)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\DANSPC~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2014-03-29] (Kaspersky Lab ZAO)
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-22 18:19 - 2015-01-22 18:20 - 00028649 _____ () C:\Users\Dans PC\Desktop\FRST.txt
2015-01-22 18:19 - 2015-01-22 18:19 - 00000000 ____D () C:\FRST
2015-01-22 18:10 - 2015-01-22 18:10 - 01118208 _____ (Farbar) C:\Users\Dans PC\Desktop\FRST.exe
2015-01-22 08:42 - 2015-01-22 08:42 - 00002449 _____ () C:\Users\Dans PC\Desktop\JRT.txt
2015-01-22 08:39 - 2015-01-22 08:39 - 00000000 ____D () C:\Windows\ERUNT
2015-01-22 08:17 - 2015-01-22 08:17 - 01707939 _____ (Thisisu) C:\Users\Dans PC\Desktop\JRT.exe
2015-01-22 07:56 - 2015-01-22 08:02 - 00000000 ____D () C:\AdwCleaner
2015-01-22 07:54 - 2015-01-22 07:54 - 02186752 _____ () C:\Users\Dans PC\Desktop\adwcleaner_4.108.exe
2015-01-22 02:03 - 2015-01-22 02:03 - 00015694 _____ () C:\ComboFix.txt
2015-01-22 01:37 - 2015-01-22 02:03 - 00000000 ____D () C:\Qoobox
2015-01-22 01:37 - 2011-06-26 06:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-22 01:37 - 2010-11-07 17:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-22 01:37 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-22 01:37 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-22 01:37 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-22 01:37 - 2000-08-31 00:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-22 01:37 - 2000-08-31 00:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-22 01:37 - 2000-08-31 00:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-22 01:36 - 2015-01-22 01:55 - 00000000 ____D () C:\Windows\erdnt
2015-01-22 01:34 - 2015-01-22 01:34 - 05608785 ____R (Swearware) C:\Users\Dans PC\Desktop\ComboFix.exe
2015-01-22 00:29 - 2015-01-22 01:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-22 00:09 - 2015-01-22 01:07 - 00000000 ____D () C:\Users\Dans PC\Desktop\mbar
2015-01-22 00:07 - 2015-01-22 00:08 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Dans PC\Desktop\mbar-1.08.3.1004.exe
2015-01-21 23:57 - 2015-01-21 23:57 - 00006481 _____ () C:\Users\Dans PC\Desktop\RKreport_DEL_01212015_235725.log
2015-01-21 23:43 - 2015-01-21 23:43 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-21 23:43 - 2015-01-21 23:43 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-01-21 23:39 - 2015-01-21 23:39 - 15431256 _____ () C:\Users\Dans PC\Desktop\RogueKiller.exe
2015-01-21 22:32 - 2015-01-21 22:32 - 00021058 _____ () C:\Users\Dans PC\Desktop\dds.txt
2015-01-21 22:32 - 2015-01-21 22:32 - 00013077 _____ () C:\Users\Dans PC\Desktop\attach.txt
2015-01-21 14:16 - 2015-01-21 14:16 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-21 14:12 - 2015-01-21 14:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Dans PC\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-21 13:11 - 2015-01-21 13:11 - 00001730 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-01-21 13:11 - 2015-01-21 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-21 13:10 - 2015-01-21 13:12 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-21 13:08 - 2015-01-21 13:08 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-21 13:08 - 2015-01-21 13:08 - 00000850 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-21 13:08 - 2015-01-21 13:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-21 13:03 - 2015-01-21 13:03 - 00243504 _____ () C:\Users\Dans PC\Downloads\Firefox Setup Stub 35.0.exe
2015-01-21 13:00 - 2015-01-21 13:01 - 13827960 _____ (Adobe Systems Inc.) C:\Users\Dans PC\Downloads\Shockwave_Installer_Full.exe
2015-01-21 12:48 - 2015-01-21 12:52 - 42096984 _____ (Apple Inc.) C:\Users\Dans PC\Downloads\QuickTimeInstaller.exe
2015-01-21 12:45 - 2015-01-21 12:45 - 00000000 _____ () C:\Users\Dans PC\Downloads\QuickTimeInstaller_exe.0pzpv1o.partial
2015-01-21 10:54 - 2014-11-04 00:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-21 09:46 - 2015-01-22 08:26 - 00002974 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-21 09:45 - 2015-01-21 09:46 - 00167592 _____ () C:\Windows\Minidump\Mini012115-01.dmp
2015-01-21 09:42 - 2015-01-21 09:42 - 352194340 _____ () C:\Windows\MEMORY.DMP
2015-01-20 23:05 - 2015-01-20 23:05 - 00000000 _____ () C:\Users\Dans PC\Downloads\Firefox Setup Stub 35_0_exe (2).9n1u24f.partial
2015-01-20 23:02 - 2015-01-20 23:02 - 00000000 _____ () C:\Users\Dans PC\Downloads\Firefox Setup Stub 35_0_exe (1).79b9h7w.partial
2015-01-20 23:02 - 2015-01-20 23:02 - 00000000 _____ () C:\Users\Dans PC\Downloads\Firefox Setup 35_0_exe.nbj5ysh.partial
2015-01-20 23:02 - 2015-01-20 23:02 - 00000000 _____ () C:\Users\Dans PC\Downloads\Firefox Setup 35_0_exe (3).bphlxy0.partial
2015-01-20 23:02 - 2015-01-20 23:02 - 00000000 _____ () C:\Users\Dans PC\Downloads\Firefox Setup 35_0_exe (2).4z9e4ya.partial
2015-01-20 23:02 - 2015-01-20 23:02 - 00000000 _____ () C:\Users\Dans PC\Downloads\Firefox Setup 35_0_exe (1).uehe39u.partial
2015-01-20 23:01 - 2015-01-20 23:01 - 00000000 _____ () C:\Users\Dans PC\Downloads\Firefox Setup Stub 35_0_exe.jrjm7gs.partial
2015-01-20 22:55 - 2014-12-19 00:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-20 22:27 - 2015-01-20 22:49 - 37046976 _____ (Microsoft Corporation) C:\Users\Dans PC\Downloads\Windows-KB890830-V5.20.exe
2015-01-20 21:35 - 2014-12-06 03:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-20 21:35 - 2014-12-06 03:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-20 21:35 - 2014-12-06 03:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-20 21:34 - 2014-12-06 03:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-12-26 11:38 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-12-26 11:37 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-12-26 11:37 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-12-26 11:37 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-12-26 11:36 - 2014-12-26 11:37 - 00004613 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-25 18:36 - 2014-11-07 01:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-25 18:25 - 2014-12-03 02:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-25 10:25 - 2015-01-22 00:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-25 10:24 - 2015-01-22 00:29 - 00082648 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-25 10:24 - 2015-01-21 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-25 10:24 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-22 18:19 - 2014-11-11 01:21 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-22 18:19 - 2013-10-10 17:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-22 18:15 - 2011-11-03 00:28 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-22 18:07 - 2011-11-02 08:55 - 01899826 _____ () C:\Windows\WindowsUpdate.log
2015-01-22 13:03 - 2006-11-02 10:33 - 00763546 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 12:29 - 2006-11-02 12:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-22 12:29 - 2006-11-02 12:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 08:32 - 2014-10-12 09:39 - 00000000 ___RD () C:\Users\Dans PC\OneDrive
2015-01-22 08:29 - 2014-11-11 01:20 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-22 08:29 - 2011-03-13 13:21 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-22 08:29 - 2006-11-02 13:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-22 08:07 - 2012-01-09 06:13 - 00139718 _____ () C:\Windows\PFRO.log
2015-01-22 02:03 - 2006-11-02 11:18 - 00000000 __RHD () C:\Users\Default
2015-01-22 02:03 - 2006-11-02 11:18 - 00000000 ___RD () C:\Users\Public
2015-01-22 01:54 - 2006-11-02 10:23 - 00000215 _____ () C:\Windows\system.ini
2015-01-22 00:26 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\tracing
2015-01-21 14:50 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-21 14:16 - 2011-11-01 20:33 - 00000000 ____D () C:\Program Files\MALWAREBYTES ANTI-MALWARE
2015-01-21 14:03 - 2011-01-30 17:10 - 00000000 ____D () C:\Users\Dans PC\Documents\Speed Tests
2015-01-21 13:32 - 2008-03-01 12:47 - 00000000 ____D () C:\Users\Dans PC\AppData\Local\Adobe
2015-01-21 13:31 - 2012-04-12 16:27 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-21 13:31 - 2011-11-12 22:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-21 13:08 - 2014-08-02 10:38 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-21 13:03 - 2011-02-25 15:42 - 00000000 ____D () C:\Windows\system32\Adobe
2015-01-21 11:32 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\rescache
2015-01-21 10:54 - 2009-11-13 15:31 - 00031427 _____ () C:\Windows\system32\lvcoinst.log
2015-01-21 09:45 - 2008-05-06 22:04 - 00000000 ____D () C:\Windows\Minidump
2015-01-20 22:55 - 2013-08-06 22:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-20 21:47 - 2011-06-29 16:16 - 00000000 ____D () C:\Users\Dans PC\Documents\Reg backups
2015-01-20 21:46 - 2006-11-02 10:24 - 110348472 ____N (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-01-20 16:48 - 2014-10-12 10:21 - 00000000 ____D () C:\Users\Dans PC\Desktop\Open University
2015-01-11 12:06 - 2013-10-12 07:38 - 00000000 ____D () C:\ProgramData\TuneUpMedia
2015-01-06 19:17 - 2009-03-17 18:05 - 00000000 ____D () C:\Users\Dans PC\Desktop\desktop junk
2015-01-06 11:27 - 2010-02-07 17:30 - 00126976 _____ () C:\Users\Dans PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 11:21 - 2013-07-22 22:53 - 00000000 ____D () C:\Users\Dans PC\AppData\Roaming\vlc
2015-01-06 04:36 - 2011-06-26 17:33 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-26 12:13 - 2006-11-02 10:23 - 00450856 ____R () C:\Windows\system32\Drivers\etc\hosts.20150120-222219.backup
2014-12-26 11:38 - 2013-10-11 20:00 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-26 11:38 - 2008-04-14 18:09 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-12-26 11:37 - 2008-04-14 18:09 - 00000000 ____D () C:\Program Files\Java
2014-12-25 18:37 - 2007-10-09 00:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-25 10:24 - 2013-06-13 09:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-25 10:24 - 2011-11-01 20:34 - 00000000 ____D () C:\Users\Dans PC\AppData\Roaming\Malwarebytes
2014-12-25 09:59 - 2010-10-16 10:45 - 00000000 ____D () C:\0f9da29227d4d188fc24581ea89b0042
2014-12-24 10:39 - 2011-07-21 13:41 - 00000000 ____D () C:\Program Files\GOOGLE
2014-12-24 10:39 - 2008-03-01 12:15 - 00000000 ____D () C:\Users\Dans PC\AppData\Local\Google
==================== Files in the root of some directories =======
2008-03-01 14:03 - 2011-12-27 15:01 - 0000052 _____ () C:\Users\Dans PC\AppData\Roaming\default.pls
2013-10-29 23:47 - 2013-10-29 23:47 - 0000043 _____ () C:\Users\Dans PC\AppData\Roaming\mbam.context.scan
2011-10-31 16:29 - 2011-11-11 11:20 - 0001189 _____ () C:\Users\Dans PC\AppData\Roaming\vso_ts_preview.xml
2008-04-03 12:44 - 2014-10-17 15:32 - 0003862 _____ () C:\Users\Dans PC\AppData\Roaming\wklnhst.dat
2010-02-01 23:33 - 2014-02-14 17:19 - 0009268 _____ () C:\Users\Dans PC\AppData\Local\d3d9caps.dat
2010-02-07 17:30 - 2015-01-06 11:27 - 0126976 _____ () C:\Users\Dans PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-03 00:32 - 2011-11-03 00:32 - 0017408 _____ () C:\Users\Dans PC\AppData\Local\WebpageIcons.db
2009-09-30 08:48 - 2009-09-30 08:48 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Files to move or delete:
====================
C:\Users\Dans PC\CDBIDXL.DAT
C:\Users\Dans PC\NECDB.DAT
C:\Users\Dans PC\NETRKDB.DAT
C:\Users\Dans PC\TDBIDXL.DAT
Some content of TEMP:
====================
C:\Users\Dans PC\AppData\Local\temp\Quarantine.exe
C:\Users\Dans PC\AppData\Local\temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-22 08:36
==================== End Of Log ============================