Solved "Windows has encountered a critical error and will restart..."

H

hi2001

Posts: 21   +0
Please help me and thank you in advance. I suddenly got a pop-up that said "windows has encountered a critical error and will restart in 1 minute." (Or something like that I can't remember exact words because it happened so fast)

I have a Toshiba Satellite. It's a few years old, running Windows 7.
 
I'm sorry I don't know how to edit my first post so I will update here. I did a scan with free AVG and it said I had 4 infections.
eBvb5sX.jpg
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

How did you actually scan with AVG if the computer shuts down under 1 minute?
 
Hello and thank you for your response. That message popped up and then my computer did restart by itself. But after that one restart, it's behaving normally which was when I ran AVG.
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.16.06

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
MH :: M6 [administrator]

8/16/2013 5:49:00 PM
mbam-log-2013-08-16 (17-49-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216022
Time elapsed: 16 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCR\CLSID\{072039AB-2117-4ED5-A85F-9B9EB903E021} (Adware.CWS) -> Quarantined and deleted successfully.
HKCR\TypeLib\{0409743C-E5E3-4BDD-9EC7-EFF622530282} (Adware.CWS) -> Quarantined and deleted successfully.
HKCR\Interface\{40722371-E24C-4B36-8E76-010BB6C7185B} (Adware.CWS) -> Quarantined and deleted successfully.
HKCR\NOWSTARTER.NowStarterCtrl.1 (Adware.CWS) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 17
C:\Users\MH\AppData\Local\Smartbar (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\Configs (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\Configs (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Configs (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Profiles (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\RollBack (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\RollBack\Profiles (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.

Files Detected: 408
C:\Windows\System32\NowStarter.ocx (Adware.CWS) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\JkavZKAV40.exeZoH776cc9dfV0100f070006R1a52466510aT3cbaf4cf201l0409K3a1601fe325 (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\JkavZKAV40.pyZoHbc0a6bf0V0100f070006R84a3f3cd10aTf7d0ea29201l0409K39294e05325 (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\0Extension.crx (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\1Extension.crx (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\IEButton.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\Configs\QueryParameters.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\Configs\XmlSideBySideProtocol.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\install.rdf (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.css (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.xul (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\fb.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\fblike.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\gmail.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\left.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\mgsplusvideo.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\pinit.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\right.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\twitter.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo128.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo16.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo_small.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\ISmartbarFireFoxRemotePlugin.xpt (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\Configs\UserInfo.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00c.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00cPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABE.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827Ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307f.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2C.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Chover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6eba.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8f.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876F.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cd.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212E.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580de.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29B.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7b.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.

C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
 
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00cpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABE.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BC.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BChover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BCpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2C.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Chover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066B.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1.PNG (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1HOVER.PNG (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1PRESS.PNG (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cd.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212E.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29B.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876F.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aef.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefHover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefPress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Configs\IconsSettings.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Configs\LocalMethods.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Configs\ProfileManager.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Configs\PublisherSettings.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Configs\UserSettings.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\MH\AppData\Local\Smartbar\DistributionFiles\Profiles\EB131C3F-02CD-49FE-9B04-016211831712.xml (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.


(end)
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16869 BrowserJavaVersion: 10.25.2
Run by MH at 18:28:12 on 2013-08-16
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2814.1544 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\atiesrxx.exe
C:\windows\system32\atieclxx.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe
C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtlService.exe
C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtWlan.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtWlan.exe
C:\windows\system32\conhost.exe
C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
C:\Program Files\Sophos\Remote Management System\RouterNT.exe
C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\DllHost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\system32\sppsvc.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k HPService
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [MyTOSHIBA] "c:\program files\toshiba\my toshiba\MyToshiba.exe" /AUTO
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Wisdom-soft ScreenHunter 5.1 Free] 0
uRun: [AdobeBridge] <no file>
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Sophos AutoUpdate Monitor] c:\program files\sophos\autoupdate\almon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &U????????? - <no file>
IE: &??115?? 3?? - <no file>
IE: &??115?? 3?????? - <no file>
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll
Trusted Zone: clubbox.co.kr
DPF: {0349EF81-B9C1-4B97-86F7-7B931D0E2532} - hxxp://sticube.clubbox.co.kr/sticubeupdate/cab/NowStarter2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4} - hxxp://www.clubbox.co.kr/neo.fld/MultiUpload.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{88BD8012-3626-43CA-B0E5-D495FD05A524} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{88BD8012-3626-43CA-B0E5-D495FD05A524}\334737566786D6F6F626 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{88BD8012-3626-43CA-B0E5-D495FD05A524}\E69757074616 : DHCPNameServer = 128.122.253.24 128.122.253.46
TCP: Interfaces\{88BD8012-3626-43CA-B0E5-D495FD05A524}\E697577657563747 : DHCPNameServer = 128.122.253.24 128.122.253.46
TCP: Interfaces\{88BD8012-3626-43CA-B0E5-D495FD05A524}\F43405C4 : DHCPNameServer = 10.220.200.10 10.220.200.11
TCP: Interfaces\{C4137034-3661-4912-B1B4-8961E1F0A2E8} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~1\sophos\sophos~1\SOPHOS~1.DLL
SSODL: WebCheck - <orphaned>
mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 SAVOnAccess;SAVOnAccess;c:\windows\system32\drivers\savonaccess.sys [2012-7-26 123680]
R1 SKMScan;SKMScan;c:\windows\system32\drivers\skmscan.sys [2012-7-26 31736]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-5 176128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2012-8-3 352248]
R2 Realtek8185;Realtek8185;c:\program files\realtek\rtl8185 wireless lan utility\RtlService.exe [2013-7-4 40960]
R2 Realtek87B;Realtek87B;c:\program files\realtek\rtl8187b wireless lan utility\RtlService.exe [2013-8-3 40960]
R2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\sophos\sophos anti-virus\SAVAdminService.exe [2012-9-17 216640]
R2 SAVService;Sophos Anti-Virus;c:\program files\sophos\sophos anti-virus\SavService.exe [2012-7-26 139840]
R2 Sophos Agent;Sophos Agent;c:\program files\sophos\remote management system\ManagementAgentNT.exe [2012-9-17 289856]
R2 Sophos Message Router;Sophos Message Router;c:\program files\sophos\remote management system\RouterNT.exe [2012-9-17 818240]
R2 Sophos Web Control Service;Sophos Web Control Service;c:\program files\sophos\sophos anti-virus\web control\swc_service.exe [2012-7-26 357400]
R2 swi_service;Sophos Web Intelligence Service;c:\program files\sophos\sophos anti-virus\web intelligence\swi_service.exe [2012-9-17 2863168]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-11-5 7680]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-11-5 187392]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2009-11-5 376832]
R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-11-5 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-8-3 111960]
S2 swi_update;Sophos Web Intelligence Update;c:\programdata\sophos\web intelligence\swi_update.exe [2012-7-26 1465920]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2011-8-14 16640]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 sdcfilter;sdcfilter;c:\windows\system32\drivers\sdcfilter.sys [2012-7-26 33696]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S4 SophosBootDriver;SophosBootDriver;c:\windows\system32\drivers\SophosBootDriver.sys [2012-7-21 22536]
.
=============== Created Last 30 ================
.
2013-08-16 22:23:26 -------- d-----w- c:\users\MH\appdata\local\{011730D3-3492-4179-A620-D8567E7634CE}
2013-08-16 21:46:25 -------- d-----w- c:\users\MH\appdata\roaming\Malwarebytes
2013-08-16 21:46:09 -------- d-----w- c:\programdata\Malwarebytes
2013-08-16 21:46:07 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-16 21:46:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-14 02:24:12 -------- d-----w- c:\users\MH\appdata\local\{FD16079E-7F88-4CE6-839A-D4E180A9668C}
2013-08-08 22:43:03 -------- d-----w- c:\users\MH\appdata\local\{15B97F17-5AAD-4BC0-9DF8-02D2C8AEB907}
2013-08-08 12:03:29 -------- d-----w- c:\program files\common files\DVDVideoSoft
2013-08-08 12:03:28 -------- d-----w- c:\program files\DVDVideoSoft
2013-08-08 12:01:54 -------- d-----w- c:\users\MH\appdata\local\Programs
2013-08-08 10:43:44 -------- d-----w- c:\users\MH\.android
2013-08-07 02:48:29 -------- d-----w- c:\program files\ClipGrab
2013-08-06 20:00:56 -------- d-----w- c:\users\MH\www.apowersoft.com
2013-08-03 17:00:33 -------- d-----w- c:\users\MH\appdata\local\{E3A60500-BA9E-419A-A8C0-B688D21168F2}
2013-08-03 15:10:59 260 ----a-w- c:\windows\system32\cmdVBS.vbs
2013-08-03 15:10:59 256 ----a-w- c:\windows\system32\MSIevent.bat
2013-08-03 15:09:58 4818944 ----a-w- c:\programdata\IHAMC.msi
2013-08-03 14:39:23 -------- d-----w- c:\users\MH\appdata\local\{2C405ACD-4522-4972-AF60-443BA5CE1BC7}
2013-08-03 03:18:44 -------- d-----w- c:\users\MH\appdata\roaming\Verizon
2013-08-03 03:18:40 -------- d-----w- c:\program files\Verizon
.
==================== Find3M ====================
.
2013-06-19 03:39:52 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-19 03:39:51 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-19 03:39:51 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-15 05:04:54 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-15 05:04:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.

============= FINISH: 18:29:42.49 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/24/2009 8:16:42 PM
System Uptime: 8/16/2013 6:21:37 PM (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: AMD Sempron(tm) SI-42 | Socket M2/S1G1 | 2100/1800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 17.621 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Deskjet F4500 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Deskjet F4500 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Deskjet F4500 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Deskjet F4500 series
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
==== System Restore Points ===================
.
RP134: 7/4/2013 4:16:09 AM - Device Driver Package Install: Microsoft Network adapters
RP135: 7/4/2013 4:32:50 AM - Installed REALTEK RTL8185 Wireless LAN Software
RP136: 7/15/2013 11:47:25 PM - Scheduled Checkpoint
RP137: 8/3/2013 12:52:29 PM - Installed REALTEK RTL8187B Wireless LAN Driver and Utility
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Çǵð¹Ú½º/Ŭ·´¹Ú½º Á¦°Å
Á¦Å¸¹Ìµð¾î ·±Ã³
Ŭ·´¹Ú½º ÆÄÀÏÀü¼Û°ü¸®ÀÚ
32 Bit HP CIO Components Installer
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.3
Advertising Center
AVG 2011
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Click to Call with Skype
ClipGrab 3.2.1.2
Clubbox ÆÄÀÏÀü¼Û°ü¸®ÀÚ
Compatibility Pack for the 2007 Office system
D3DX10
DivX Plus Media Foundation Components
DJ_AIO_06_F4500_SW_MIN
DolbyFiles
ffdshow [rev 1324] [2007-07-01]
Free YouTube Download version 3.2.9.725
Google Chrome
HijackThis 2.0.2
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6
IHA_MessageCenter
ImagXpress
Java 7 Update 25
Java Auto Updater
Java(TM) 6 Update 14
KCP Å©·Î½ººê¶ó¿ì¡ ActiveX ¹öÀü
Label@Once 1.0
Logitech Vid
Logitech Webcam Software
Logitech Webcam Software Driver Package
Malwarebytes Anti-Malware version 1.75.0.1300
Media Player Classic - Home Cinema v1.5.0.2827
Menu Templates - Starter Kit
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Movie Templates - Starter Kit
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyToshiba
Nero 9 Trial
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero Disc Copy Gadget
Nero DiscSpeed
Nero DriveSpeed
Nero InfoTool
Nero Installer
Nero PhotoSnap
Nero Recode
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero Vision
Nero WaveEditor
NeroBurningROM
NeroExpress
neroxml
Network
Octoshape add-in for Adobe Flash Player
PlayReady PC Runtime x86
PowerDirector Express
PowerProducer
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
REALTEK RTL8185 Wireless LAN Software
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver and Utility
Realtek WLAN Driver
Scan
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for CAPICOM (KB931906)
Skype Launcher
Skype™ 5.5
SoundTrax
Spelling Dictionaries Support For Adobe Reader 9
Synaptics Pointing Device Driver
Toolbox
Toshiba Application and Driver Installer
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Online Backup
Toshiba Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
ToshibaRegistration
TweetDeck
Update for 2007 Microsoft Office System (KB967642)
Visual C++ 9.0 CRT (x86) WinSXS MSM
Visual C++ 9.0 OpenMP (x86) WinSXS MSM
VLC media player 1.0.3
Vz In-Home Agent
WinAVI Video Converter
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
8/9/2013 2:27:01 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.2 with the system having network hardware address E0-CA-94-C9-49-25. Network operations on this system may be disrupted as a result.
8/16/2013 6:23:21 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/16/2013 6:22:06 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/16/2013 6:22:01 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
8/16/2013 6:22:01 PM, Error: atikmdag [43029] - Display is not active
8/16/2013 3:22:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
8/16/2013 3:22:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
8/15/2013 9:04:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
8/14/2013 7:37:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
8/14/2013 10:48:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Realtek8185 service.
8/14/2013 1:41:37 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.4 with the system having network hardware address 00-22-FB-9B-A6-B6. Network operations on this system may be disrupted as a result.
8/13/2013 6:27:28 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.2 with the system having network hardware address 00-22-FB-9B-A6-B6. Network operations on this system may be disrupted as a result.
8/13/2013 4:09:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
8/13/2013 4:09:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.
8/13/2013 12:29:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
8/10/2013 3:12:10 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address E0-CA-94-C9-49-25. Network operations on this system may be disrupted as a result.
8/10/2013 10:16:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================


*Thank you so much for your help.
 


redtarget.gif
Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

Download Malwarebytes Anti-Rootkit (MBAR) from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
 
RogueKiller V8.6.6 [Aug 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User : MT [Admin rights]
Mode : Remove -- Date : 08/20/2013 00:38:01
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\MT\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-1582868316-1146028689-1569875838-1002\[...]\Run : Google Update ("C:\Users\MT\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> [0x2] The system cannot find the file specified.
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 4 ¤¤¤
[V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-1582868316-1146028689-1569875838-1002UA.job : C:\Users\MT\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> DELETED
[V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-1582868316-1146028689-1569875838-1002Core.job : C:\Users\MT\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> DELETED
[V2][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-1582868316-1146028689-1569875838-1002Core : C:\Users\MT\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> DELETED
[V2][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-1582868316-1146028689-1569875838-1002UA : C:\Users\MT\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> ERROR DELETING TASK

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX ATA Device +++++
--- User ---
[MBR] ee7f93ef193748a26c9f55a017e54960
[BSP] bb822f2f22e7fe542d4b4d5d666d1dd4 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 228845 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 471748608 | Size: 8129 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_08202013_003801.txt >>
RKreport[0]_S_08202013_003743.txt
 
Malwarebytes Anti-Rootkit BETA 1.06.1.1005
www.malwarebytes.org

Database version: v2013.08.19.06

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
MT :: M6 [administrator]

8/20/2013 1:32:32 AM
-log-2013-08-20 (01-32-32).txt

Scan type: Quick scan
Scan options enabled: PUM | P2P
Scan options disabled: Anti-Rootkit | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP
Objects scanned: 0
Time elapsed:

Memory Processes Detected: 0
(No malicious items detected)

I still can't get to the "cleanup" part. This is the log after it froze again.


Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\CLASSES\INTERFACE\{825C19D3-35CE-428F-876B-88E080466689} (Adware.CWS) -> No action taken.
HKLM\SOFTWARE\CLASSES\TypeLib\{0409743C-E5E3-4BDD-9EC7-EFF622530282} (Adware.CWS) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)


(end)
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-08-2013 02
Ran by MH (administrator) on 22-08-2013 01:50:56
Running from C:\Users\MH\Downloads
Microsoft Windows 7 Home Premium (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Realtek) C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgemcx.exe
(Realtek) C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtlService.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtWlan.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtWlan.exe
(Sophos Limited) C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG10\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Google Inc.) C:\Users\MH\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MH\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MH\AppData\Local\Google\Chrome\Application\chrome.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Google Inc.) C:\Users\MH\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MH\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-29] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [476512 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [460088 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [NortonOnlineBackupReminder] - C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe [529256 2009-07-16] (Toshiba)
HKLM\...\Run: [NeroFilterCheck] - C:\windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2010-01-18] (RealNetworks, Inc.)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files\Sophos\AutoUpdate\almon.exe [900160 2012-08-08] (Sophos Limited)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [MyTOSHIBA] - C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe [264048 2009-08-06] (TOSHIBA)
HKCU\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKCU\...\Run: [Wisdom-soft ScreenHunter 5.1 Free] - 0 [x]
HKCU\...\Run: [AdobeBridge] - [x]
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /syncC:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=U016&ocid=U016DHP&dt=041013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
SearchScopes: HKCU - DefaultScope {2DDA7029-1B90-4BF1-AC49-AE6C2C7D990C} URL = http://www.bing.com/search?FORM=U016DF&PC=U016&dt=041013&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {2DDA7029-1B90-4BF1-AC49-AE6C2C7D990C} URL = http://www.bing.com/search?FORM=U016DF&PC=U016&dt=041013&q={searchTerms}&src=IE-SearchBox
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: {0349EF81-B9C1-4B97-86F7-7B931D0E2532} http://sticube.clubbox.co.kr/sticubeupdate/cab/NowStarter2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4} http://www.clubbox.co.kr/neo.fld/MultiUpload.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kcp.co.kr/plugin;version=1 - C:\Program Files\KCP\Plugin\npKCPPlugin.dll (KCP CO.,LTD)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\MH\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\MH\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: zettamedia.co.kr/ZmLauncher - C:\Users\MH\AppData\Local\Zettamedia\PdClubBox\npZmLauncher.dll (Zettamedia Co.,Ltd.)
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] C:\Program Files\AVG\AVG10\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG10\Firefox4\

Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR RestoreOnStartup: "hxxp://google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\MH\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\MH\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\MH\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (KCP) - C:\Program Files\KCP\Plugin\npKCPPlugin.dll (KCP CO.,LTD)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\MH\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Zettamedia Launcher) - C:\Users\MH\AppData\Local\Zettamedia\PdClubBox\npZmLauncher.dll (Zettamedia Co.,Ltd.)
CHR Plugin: (TVU Web Player for FireFox) - C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\MAITAO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\MAITAO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (TweetDeck) - C:\Users\MAITAO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.1.4_0
CHR Extension: (AVG Safe Search) - C:\Users\MAITAO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0
CHR Extension: (Gmail) - C:\Users\MAITAO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [mffdcionknddopdmdnloanoafafkmckb] - C:\Users\MH\AppData\Roaming\OpenCandy\7475B9D73D2C43CEBCFA8C0C570C5BFA\extension.crx

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [346696 2013-07-30] (Verizon)
R2 Realtek8185; C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek)
R2 Realtek87B; C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek)
R2 SAVAdminService; C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [216640 2012-09-17] (Sophos Limited)
R2 SAVService; C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [139840 2012-07-26] (Sophos Limited)
R2 Sophos Agent; C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2012-09-17] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files\Sophos\Remote Management System\RouterNT.exe [818240 2012-09-17] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-07-26] (Sophos Limited)
R2 swi_service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2863168 2012-09-17] (Sophos Limited)
S2 swi_update; C:\ProgramData\Sophos\Web Intelligence\swi_update.exe [1465920 2012-08-08] (Sophos Limited)
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-08-17] (TOSHIBA Corporation)
R3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-08-03] (TOSHIBA Corporation)

==================== Drivers (Whitelisted) ====================

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [21968 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [248656 2011-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-05] (AVG Technologies CZ, s.r.o.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
R3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25624 2009-04-30] ()
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [31560 2013-08-20] ()
S3 mbamswissarmy; C:\windows\system32\drivers\mbamswissarmy.sys [146648 2013-08-20] (Malwarebytes Corporation)
S3 NOWMEMDF; C:\windows\system32\NOWMEMDF.sys [15104 2009-12-07] ((c)NOWCOM)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [376832 2009-12-15] (Realtek Semiconductor Corporation )
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [123680 2012-07-26] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [33696 2012-07-26] (Sophos Limited)
R1 SKMScan; C:\Windows\System32\DRIVERS\skmscan.sys [31736 2012-07-26] (Sophos Plc)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [22536 2012-07-21] (Sophos Plc)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-22 01:50 - 2013-08-22 01:50 - 00000000 ____D C:\FRST
2013-08-21 23:15 - 2013-08-21 23:16 - 15163458 _____ C:\Users\MH\Downloads\[NAVER STARCAST] TVXQ in Nissan Stadium Highlight.mp4
2013-08-20 21:25 - 2013-08-20 21:25 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{F4ED4186-811C-484B-B0BF-E0C6FCC77E33}
2013-08-20 02:36 - 2013-08-20 02:36 - 00146648 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamswissarmy.sys
2013-08-20 02:35 - 2013-08-20 02:35 - 00031560 _____ C:\windows\system32\Drivers\mbamchameleon.sys
2013-08-20 02:34 - 2013-08-20 02:34 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{37000D07-3EB2-4C42-A5E7-9E9AE6F6DBA3}
2013-08-20 00:49 - 2013-08-20 02:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-20 00:45 - 2013-08-20 02:14 - 00000000 ____D C:\Users\MH\Desktop\mbar
2013-08-20 00:39 - 2013-08-20 00:42 - 12081912 _____ (Malwarebytes Corp.) C:\Users\MH\Downloads\mbar-1.06.1.1005.exe
2013-08-20 00:38 - 2013-08-20 00:38 - 00002708 _____ C:\Users\MH\Desktop\RKreport[0]_D_08202013_003801.txt
2013-08-20 00:37 - 2013-08-20 00:37 - 00002593 _____ C:\Users\MH\Desktop\RKreport[0]_S_08202013_003743.txt
2013-08-20 00:33 - 2013-08-20 00:40 - 00000000 ____D C:\Users\MH\Desktop\RK_Quarantine
2013-08-20 00:33 - 2013-08-20 00:33 - 00923136 _____ C:\Users\MH\Downloads\RogueKiller.exe
2013-08-16 18:29 - 2013-08-16 18:30 - 00016298 _____ C:\Users\MH\Desktop\dds.txt
2013-08-16 18:29 - 2013-08-16 18:30 - 00010390 _____ C:\Users\MH\Desktop\attach.txt
2013-08-16 18:24 - 2013-08-16 18:25 - 00688992 ____R (Swearware) C:\Users\MH\Downloads\dds.com
2013-08-16 18:23 - 2013-08-16 18:23 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{011730D3-3492-4179-A620-D8567E7634CE}
2013-08-16 17:46 - 2013-08-16 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-16 17:46 - 2013-08-16 17:46 - 00001042 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-16 17:46 - 2013-08-16 17:46 - 00000000 ____D C:\Users\MH\AppData\Roaming\Malwarebytes
2013-08-16 17:46 - 2013-08-16 17:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-16 17:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-08-16 17:43 - 2013-08-16 17:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\MH\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-14 21:28 - 2013-08-14 21:28 - 00000000 ____D C:\Users\MH\Downloads\130814 Changmin @ Filming + PressCon @ Cool Kiz on the block
2013-08-13 22:24 - 2013-08-13 22:25 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{FD16079E-7F88-4CE6-839A-D4E180A9668C}
2013-08-08 18:43 - 2013-08-08 18:43 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{15B97F17-5AAD-4BC0-9DF8-02D2C8AEB907}
2013-08-08 18:41 - 2013-08-16 18:21 - 00146378 _____ C:\windows\PFRO.log
2013-08-08 08:03 - 2013-08-08 08:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-08-08 08:03 - 2013-08-08 08:03 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-08-08 06:43 - 2013-08-20 21:24 - 00001064 _____ C:\windows\setupact.log
2013-08-08 06:43 - 2013-08-08 06:43 - 00000000 ____D C:\Users\MH\.android
2013-08-08 06:43 - 2013-08-08 06:43 - 00000000 _____ C:\windows\setuperr.log
2013-08-07 07:13 - 2013-08-07 07:13 - 273083480 _____ C:\Users\MH\Downloads\[DBSKnights] Bigeast Limited DVD 2013 Summer ver (480p).avi
2013-08-06 22:48 - 2013-08-06 22:48 - 00000940 _____ C:\Users\Public\Desktop\ClipGrab.lnk
2013-08-06 22:48 - 2013-08-06 22:48 - 00000000 ____D C:\Program Files\ClipGrab
2013-08-06 16:00 - 2013-08-06 16:42 - 00000000 ____D C:\Users\MH\www.apowersoft.com
2013-08-03 14:07 - 2013-08-03 14:07 - 00000042 _____ C:\windows\system32\AK083E209605E394C.lie
2013-08-03 13:00 - 2013-08-03 13:00 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{E3A60500-BA9E-419A-A8C0-B688D21168F2}
2013-08-03 12:55 - 2013-08-03 12:55 - 00002214 _____ C:\Users\Public\Desktop\REALTEK RTL8187B Wireless LAN Utility.lnk
2013-08-03 11:10 - 2013-08-03 11:10 - 00001122 _____ C:\Users\Public\Desktop\Vz In-Home Agent.lnk
2013-08-03 11:10 - 2013-08-03 11:10 - 00000260 _____ C:\windows\system32\cmdVBS.vbs
2013-08-03 11:10 - 2013-08-03 11:10 - 00000256 _____ C:\windows\system32\MSIevent.bat
2013-08-03 11:09 - 2013-08-03 11:10 - 04818944 _____ C:\ProgramData\IHAMC.msi
2013-08-03 10:39 - 2013-08-03 10:39 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{2C405ACD-4522-4972-AF60-443BA5CE1BC7}
2013-08-02 23:22 - 2013-08-02 23:22 - 00002170 _____ C:\Users\MH\Uninstall-VzInHomeAgentlog.log
2013-08-02 23:18 - 2013-08-03 11:11 - 00000000 ____D C:\Program Files\Verizon
2013-08-02 23:18 - 2013-08-03 11:10 - 00001767 _____ C:\Users\MH\Install-VzInHomeAgentLog.log
2013-08-02 23:18 - 2013-08-03 11:10 - 00000000 ____D C:\Users\MH\AppData\Roaming\Verizon
2013-08-02 11:41 - 2013-08-02 11:42 - 01358496 _____ C:\Users\MH\Downloads\VzInHomeAgent.exe
2013-07-29 15:11 - 2013-07-29 16:28 - 00017233 _____ C:\Users\MH\Documents\thefirstbloom_css_072913.txt

==================== One Month Modified Files and Folders =======

2013-08-22 01:50 - 2013-08-22 01:50 - 01070315 _____ (Farbar) C:\Users\MH\Downloads\FRST.exe
2013-08-22 01:50 - 2013-08-22 01:50 - 00000000 ____D C:\FRST
2013-08-21 23:16 - 2013-08-21 23:15 - 15163458 _____ C:\Users\MH\Downloads\[NAVER STARCAST] TVXQ in Nissan Stadium Highlight.mp4
2013-08-21 18:35 - 2009-11-05 06:50 - 01277621 _____ C:\windows\WindowsUpdate.log
2013-08-20 21:32 - 2009-07-14 00:34 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 21:32 - 2009-07-14 00:34 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 21:25 - 2013-08-20 21:25 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{F4ED4186-811C-484B-B0BF-E0C6FCC77E33}
2013-08-20 21:24 - 2013-08-08 06:43 - 00001064 _____ C:\windows\setupact.log
2013-08-20 21:24 - 2010-05-08 00:18 - 00000000 ____D C:\Users\MH\Tracing
2013-08-20 21:24 - 2009-07-14 00:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-20 02:39 - 2013-08-20 00:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-20 02:36 - 2013-08-20 02:36 - 00146648 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamswissarmy.sys
2013-08-20 02:35 - 2013-08-20 02:35 - 00031560 _____ C:\windows\system32\Drivers\mbamchameleon.sys
2013-08-20 02:34 - 2013-08-20 02:34 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{37000D07-3EB2-4C42-A5E7-9E9AE6F6DBA3}
2013-08-20 02:14 - 2013-08-20 00:45 - 00000000 ____D C:\Users\MH\Desktop\mbar
2013-08-20 00:42 - 2013-08-20 00:39 - 12081912 _____ (Malwarebytes Corp.) C:\Users\MH\Downloads\mbar-1.06.1.1005.exe
2013-08-20 00:40 - 2013-08-20 00:33 - 00000000 ____D C:\Users\MH\Desktop\RK_Quarantine
2013-08-20 00:38 - 2013-08-20 00:38 - 00002708 _____ C:\Users\MH\Desktop\RKreport[0]_D_08202013_003801.txt
2013-08-20 00:37 - 2013-08-20 00:37 - 00002593 _____ C:\Users\MH\Desktop\RKreport[0]_S_08202013_003743.txt
2013-08-20 00:33 - 2013-08-20 00:33 - 00923136 _____ C:\Users\MH\Downloads\RogueKiller.exe
2013-08-16 18:30 - 2013-08-16 18:29 - 00016298 _____ C:\Users\MH\Desktop\dds.txt
2013-08-16 18:30 - 2013-08-16 18:29 - 00010390 _____ C:\Users\MH\Desktop\attach.txt
2013-08-16 18:25 - 2013-08-16 18:24 - 00688992 ____R (Swearware) C:\Users\MH\Downloads\dds.com
2013-08-16 18:23 - 2013-08-16 18:23 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{011730D3-3492-4179-A620-D8567E7634CE}
2013-08-16 18:22 - 2013-08-16 17:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-16 18:21 - 2013-08-08 18:41 - 00146378 _____ C:\windows\PFRO.log
2013-08-16 18:21 - 2009-07-13 22:37 - 00000000 ____D C:\windows\Cursors
2013-08-16 17:46 - 2013-08-16 17:46 - 00001042 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-16 17:46 - 2013-08-16 17:46 - 00000000 ____D C:\Users\MH\AppData\Roaming\Malwarebytes
2013-08-16 17:46 - 2013-08-16 17:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-16 17:45 - 2013-08-16 17:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\MH\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-14 21:28 - 2013-08-14 21:28 - 00000000 ____D C:\Users\MH\Downloads\130814 Changmin @ Filming + PressCon @ Cool Kiz on the block
2013-08-13 22:25 - 2013-08-13 22:24 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{FD16079E-7F88-4CE6-839A-D4E180A9668C}
2013-08-12 19:15 - 2009-07-13 22:37 - 00000000 ____D C:\windows\system32\NDF
2013-08-08 18:43 - 2013-08-08 18:43 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{15B97F17-5AAD-4BC0-9DF8-02D2C8AEB907}
2013-08-08 08:04 - 2010-11-14 17:11 - 00000000 ____D C:\Users\MH\AppData\Roaming\DVDVideoSoft
2013-08-08 08:03 - 2013-08-08 08:03 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-08-08 08:03 - 2013-08-08 08:03 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-08-08 07:36 - 2012-12-31 03:06 - 00000000 ____D C:\Program Files\YouKu
2013-08-08 07:36 - 2012-11-17 08:29 - 00000000 ____D C:\Program Files\yy
2013-08-08 07:35 - 2012-11-17 08:29 - 00000000 ____D C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YY
2013-08-08 06:43 - 2013-08-08 06:43 - 00000000 ____D C:\Users\MH\.android
2013-08-08 06:43 - 2013-08-08 06:43 - 00000000 _____ C:\windows\setuperr.log
2013-08-08 06:43 - 2009-12-24 21:16 - 00000000 ___HD C:\Users\MH
2013-08-07 07:13 - 2013-08-07 07:13 - 273083480 _____ C:\Users\MH\Downloads\[DBSKnights] Bigeast Limited DVD 2013 Summer ver (480p).avi
2013-08-06 22:48 - 2013-08-06 22:48 - 00000940 _____ C:\Users\Public\Desktop\ClipGrab.lnk
2013-08-06 22:48 - 2013-08-06 22:48 - 00000000 ____D C:\Program Files\ClipGrab
2013-08-06 16:42 - 2013-08-06 16:00 - 00000000 ____D C:\Users\MH\www.apowersoft.com
2013-08-03 14:07 - 2013-08-03 14:07 - 00000042 _____ C:\windows\system32\AK083E209605E394C.lie
2013-08-03 13:00 - 2013-08-03 13:00 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{E3A60500-BA9E-419A-A8C0-B688D21168F2}
2013-08-03 12:55 - 2013-08-03 12:55 - 00002214 _____ C:\Users\Public\Desktop\REALTEK RTL8187B Wireless LAN Utility.lnk
2013-08-03 12:53 - 2009-11-05 07:32 - 00000000 ____D C:\Program Files\Realtek
2013-08-03 12:53 - 2009-08-23 21:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-03 11:11 - 2013-08-02 23:18 - 00000000 ____D C:\Program Files\Verizon
2013-08-03 11:10 - 2013-08-03 11:10 - 00001122 _____ C:\Users\Public\Desktop\Vz In-Home Agent.lnk
2013-08-03 11:10 - 2013-08-03 11:10 - 00000260 _____ C:\windows\system32\cmdVBS.vbs
2013-08-03 11:10 - 2013-08-03 11:10 - 00000256 _____ C:\windows\system32\MSIevent.bat
2013-08-03 11:10 - 2013-08-03 11:09 - 04818944 _____ C:\ProgramData\IHAMC.msi
2013-08-03 11:10 - 2013-08-02 23:18 - 00001767 _____ C:\Users\MH\Install-VzInHomeAgentLog.log
2013-08-03 11:10 - 2013-08-02 23:18 - 00000000 ____D C:\Users\MH\AppData\Roaming\Verizon
2013-08-03 10:39 - 2013-08-03 10:39 - 00000000 ____D C:\Users\MAITAO~1\AppData\Local\{2C405ACD-4522-4972-AF60-443BA5CE1BC7}
2013-08-02 23:22 - 2013-08-02 23:22 - 00002170 _____ C:\Users\MH\Uninstall-VzInHomeAgentlog.log
2013-08-02 11:42 - 2013-08-02 11:41 - 01358496 _____ C:\Users\MH\Downloads\VzInHomeAgent.exe
2013-08-02 03:08 - 2010-02-05 20:29 - 00000000 ____D C:\Users\MH\Documents\readings
2013-08-02 02:26 - 2010-01-04 18:05 - 00000000 ____D C:\Users\MH\AppData\Roaming\vlc
2013-07-31 23:21 - 2010-02-22 18:37 - 00000000 ____D C:\Users\MH\Documents\writing
2013-07-29 16:28 - 2013-07-29 15:11 - 00017233 _____ C:\Users\MH\Documents\thefirstbloom_css_072913.txt
2013-07-26 16:55 - 2009-12-25 17:56 - 00000000 ____D C:\Users\MH\Documents\DBSG 5

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-10 14:48


==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-08-2013 02
Ran by MH at 2013-08-22 01:52:54
Running from C:\Users\MH\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 6.1.2)
Á¦Å¸¹Ìµð¾î ·±Ã³
Ŭ·´¹Ú½º ÆÄÀÏÀü¼Û°ü¸®ÀÚ
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.5)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Reader 9.5.3 (Version: 9.5.3)
Advertising Center (Version: 0.0.0.2)
AVG 2011 (Version: 10.0.1427)
AVG 2011 (Version: 10.0.2112)
AVG 2011 (Version: 10.0.2441)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Light (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Common (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0729.2238.38827)
Catalyst Control Center InstallProxy (Version: 2009.0729.2238.38827)
Catalyst Control Center Localization All (Version: 2009.0729.2238.38827)
Çǵð¹Ú½º/Ŭ·´¹Ú½º Á¦°Å
CCC Help Chinese Standard (Version: 2009.0729.2237.38827)
CCC Help Chinese Traditional (Version: 2009.0729.2237.38827)
CCC Help Czech (Version: 2009.0729.2237.38827)
CCC Help Danish (Version: 2009.0729.2237.38827)
CCC Help Dutch (Version: 2009.0729.2237.38827)
CCC Help English (Version: 2009.0729.2237.38827)
CCC Help Finnish (Version: 2009.0729.2237.38827)
CCC Help French (Version: 2009.0729.2237.38827)
CCC Help German (Version: 2009.0729.2237.38827)
CCC Help Greek (Version: 2009.0729.2237.38827)
CCC Help Hungarian (Version: 2009.0729.2237.38827)
CCC Help Italian (Version: 2009.0729.2237.38827)
CCC Help Japanese (Version: 2009.0729.2237.38827)
CCC Help Korean (Version: 2009.0729.2237.38827)
CCC Help Norwegian (Version: 2009.0729.2237.38827)
CCC Help Polish (Version: 2009.0729.2237.38827)
CCC Help Portuguese (Version: 2009.0729.2237.38827)
CCC Help Russian (Version: 2009.0729.2237.38827)
CCC Help Spanish (Version: 2009.0729.2237.38827)
CCC Help Swedish (Version: 2009.0729.2237.38827)
CCC Help Thai (Version: 2009.0729.2237.38827)
CCC Help Turkish (Version: 2009.0729.2237.38827)
ccc-core-static (Version: 2009.0729.2238.38827)
ccc-utility (Version: 2009.0729.2238.38827)
CCleaner (Version: 3.08)
Click to Call with Skype (Version: 5.6.8153)
ClipGrab 3.2.1.2
Clubbox ÆÄÀÏÀü¼Û°ü¸®ÀÚ
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
D3DX10 (Version: 15.4.2368.0902)
DivX Plus Media Foundation Components (Version: 1.0.0)
DJ_AIO_06_F4500_SW_MIN (Version: 140.0.690.000)
DolbyFiles (Version: 2.0)
ffdshow [rev 1324] [2007-07-01] (Version: 1.0)
Free YouTube Download version 3.2.9.725 (Version: 3.2.9.725)
Google Chrome (HKCU Version: 28.0.1500.95)
HijackThis 2.0.2 (Version: 2.0.2)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
IHA_MessageCenter (Version: 1.8.70)
ImagXpress (Version: 7.0.74.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 14 (Version: 6.0.140)
KCP Å©·Î½ººê¶ó¿ì¡ ActiveX ¹öÀü
Label@Once 1.0 (Version: 1.0)
Logitech Vid (Version: 1.00.1062)
Logitech Webcam Software (Version: 12.00.1280)
Logitech Webcam Software Driver Package (Version: 12.0.1278)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Media Player Classic - Home Cinema v1.5.0.2827 (Version: 1.5.0.2827)
Menu Templates - Starter Kit (Version: 9.4.6.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Movie Templates - Starter Kit (Version: 9.4.6.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyToshiba (Version: 2.2.0.3)
Nero 9 Trial
Nero BurnRights (Version: 3.4.13.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.12.100)
Nero Disc Copy Gadget (Version: 2.4.34.0)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero InfoTool (Version: 6.4.12.100)
Nero Installer (Version: 4.4.9.0)
Nero PhotoSnap (Version: 2.4.28.0)
Nero Recode (Version: 4.4.38.1)
Nero Rescue Agent (Version: 2.4.14.100)
Nero ShowTime (Version: 5.4.21.100)
Nero StartSmart (Version: 9.4.19.100)
Nero Vision (Version: 6.4.16.100)
Nero WaveEditor (Version: 5.4.37.1)
NeroBurningROM (Version: 9.4.26.100)
NeroExpress (Version: 9.4.26.100)
neroxml (Version: 1.0.0)
Network (Version: 140.0.215.000)
Octoshape add-in for Adobe Flash Player
PlayReady PC Runtime x86 (Version: 1.3.0)
PowerDirector Express
PowerProducer
RealPlayer
Realtek Ethernet Controller Driver (Version: 1.00.0008)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
REALTEK RTL8185 Wireless LAN Software (Version: 1.00.0145)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
REALTEK Wireless LAN Driver and Utility (Version: 1.00.0145)
Realtek WLAN Driver (Version: 2.00.0005)
Scan (Version: 140.0.80.000)
Skype Launcher (Version: 2.01)
Skype™ 5.5 (Version: 5.5.115)
SoundTrax (Version: 4.4.37.1)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Synaptics Pointing Device Driver (Version: 13.2.6.1)
Toolbox (Version: 140.0.428.000)
Toshiba Application and Driver Installer (Version: 9.0.0.9)
TOSHIBA Assist (Version: 2.01.11)
TOSHIBA ConfigFree (Version: 8.0.21)
TOSHIBA Disc Creator (Version: 2.1.0.1)
TOSHIBA DVD PLAYER (Version: 3.01.0.07-A)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Hardware Setup (Version: 2.00.11)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.0)
Toshiba Online Backup (Version: 1.2.0.35)
Toshiba Quality Application (Version: 1.001.0000)
TOSHIBA Recovery Media Creator (Version: 2.1.0.2)
TOSHIBA Service Station (Version: 2.1.33)
TOSHIBA Speech System Applications (Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.10)
TOSHIBA Value Added Package (Version: 1.2.25)
ToshibaRegistration (Version: 1.0.3)
TweetDeck (Version: 0.37.4)
Update for 2007 Microsoft Office System (KB967642)
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
Visual C++ 9.0 OpenMP (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.0.3 (Version: 1.0.3)
Vz In-Home Agent (Version: 9.0.35.0)
WinAVI Video Converter
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
[FONT=SimSun]美图秀秀[/FONT] 2.7.5 [FONT=SimSun]安全版[/FONT]


==================== Restore Points =========================

16-07-2013 03:47:25 Scheduled Checkpoint
03-08-2013 16:52:29 Installed REALTEK RTL8187B Wireless LAN Driver and Utility
20-08-2013 04:43:54 before anti-malware rootkit

==================== Hosts content: ==========================

2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {032701FA-8631-4163-868E-801E440A4255} - System32\Tasks\{A890B313-1641-48DE-848E-F8DA3BB34C17} => C:\Program Files\Skype\Phone\Skype.exe [2011-08-26] (Skype Technologies S.A.)
Task: {09E2A409-A93C-4BC4-924A-3D19BBF57D4D} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-07-13] (TOSHIBA CORPORATION)
Task: {4F34B40F-4982-438B-BF86-3C7817DE2BA4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2009-07-13] (Microsoft Corporation)
Task: {7243039B-5BF8-4191-A221-D40750CB71C9} - System32\Tasks\{3085D996-74C8-496C-AF41-F48328DA96B8} => C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe [2005-09-01] (Ahead Software AG)
Task: {D6C26B7B-2DC9-49A0-8DBB-03587B2FC88D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

==================== Faulty Device Manager Devices =============

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/22/2013 01:53:05 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:52:05 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:51:05 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:50:05 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:49:05 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:48:04 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:47:04 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:46:04 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:45:04 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SWIManager' is in a failure state. The component will not be returned.

Error: (08/22/2013 01:44:41 AM) (Source: Sophos Anti-Virus) (User: )
Description: The requested component 'SIPSManager' is in a failure state. The component will not be returned.


System errors:
=============
Error: (08/21/2013 09:59:40 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (08/21/2013 09:59:39 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (08/21/2013 09:59:39 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.

Error: (08/21/2013 06:35:25 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (08/21/2013 06:35:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.

Error: (08/21/2013 06:35:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (08/20/2013 09:26:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/20/2013 09:24:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (08/20/2013 09:24:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (08/20/2013 09:24:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (01/22/2012 09:43:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1336 seconds with 180 seconds of active time. This session ended with a crash.

Error: (06/14/2011 09:07:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/04/2011 07:11:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 251 seconds with 240 seconds of active time. This session ended with a crash.

Error: (04/16/2011 00:25:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 115210 seconds with 300 seconds of active time. This session ended with a crash.

Error: (03/23/2011 03:29:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 9919 seconds with 600 seconds of active time. This session ended with a crash.

Error: (03/15/2011 09:46:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 249 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/15/2011 09:42:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 12698 seconds with 1080 seconds of active time. This session ended with a crash.

Error: (02/05/2011 03:30:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 128452 seconds with 540 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 2813.83 MB
Available physical RAM: 1826.3 MB
Total Pagefile: 5625.94 MB
Available Pagefile: 4317.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.67 MB

==================== Drives ================================

Drive c: (TI102902W0D) (Fixed) (Total:223.48 GB) (Free:19.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 118BD073)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=17)


==================== End Of Log ============================



Thank you again!
 
That looks fine.

redtarget.gif
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

redtarget.gif
Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
Thank you again, and apologies for the delay.

ComboFix 13-08-28.02 - MH 08/28/2013 3:09.1.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2814.1911 [GMT -4:00]
Running from: c:\users\MH\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\114la.ico
c:\programdata\115
c:\programdata\115\UDown\Data\HisData.db
c:\programdata\115\UDown\resume.ini
c:\programdata\115\UDown\Syscfg.ini
c:\programdata\115\UDown\transfer.ini
c:\programdata\115\UDown\uar.bin
c:\users\MH\AppData\Local\assembly\tmp
c:\users\MH\AppData\Roaming\0100266C3111CA
c:\users\MH\AppData\Roaming\040026B667CD95
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-07-28 to 2013-08-28 )))))))))))))))))))))))))))))))
.
.
2013-08-22 05:50 . 2013-08-22 05:50 -------- d-----w- C:\FRST
2013-08-20 06:36 . 2013-08-20 06:36 146648 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-08-20 06:35 . 2013-08-20 06:35 31560 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-08-20 04:49 . 2013-08-20 06:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-08-16 21:46 . 2013-08-16 21:46 -------- d-----w- c:\users\MH\AppData\Roaming\Malwarebytes
2013-08-16 21:46 . 2013-08-16 22:22 -------- d-----w- c:\programdata\Malwarebytes
2013-08-16 21:46 . 2013-08-16 21:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-16 21:46 . 2013-04-04 18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-08 12:03 . 2013-08-08 12:03 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2013-08-08 12:03 . 2013-08-08 12:03 -------- d-----w- c:\program files\DVDVideoSoft
2013-08-08 12:01 . 2013-08-08 12:01 -------- d-----w- c:\users\MH\AppData\Local\Programs
2013-08-08 10:43 . 2013-08-08 10:43 -------- d-----w- c:\users\MH\.android
2013-08-07 02:48 . 2013-08-07 02:48 -------- d-----w- c:\program files\ClipGrab
2013-08-06 20:00 . 2013-08-06 20:42 -------- d-----w- c:\users\MH\www.apowersoft.com
2013-08-03 15:10 . 2013-08-03 15:10 260 ----a-w- c:\windows\system32\cmdVBS.vbs
2013-08-03 15:10 . 2013-08-03 15:10 256 ----a-w- c:\windows\system32\MSIevent.bat
2013-08-03 15:09 . 2013-08-03 15:10 4818944 ----a-w- c:\programdata\IHAMC.msi
2013-08-03 03:18 . 2013-08-03 15:10 -------- d-----w- c:\users\MH\AppData\Roaming\Verizon
2013-08-03 03:18 . 2013-08-03 15:11 -------- d-----w- c:\program files\Verizon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-19 03:39 . 2013-06-19 03:40 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-19 03:39 . 2012-09-10 07:10 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-19 03:39 . 2012-09-10 07:10 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-15 05:04 . 2012-04-28 00:34 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-15 05:04 . 2011-06-07 20:16 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft ScreenHunter 5.1 Free"="0" [X]
"MyTOSHIBA"="c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe" [2009-08-06 264048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-21 1545512]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 611672]
"NortonOnlineBackupReminder"="c:\program files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-18 198160]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]
"Sophos AutoUpdate Monitor"="c:\program files\Sophos\AutoUpdate\almon.exe" [2012-08-08 900160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-unins...KzEtQ0lEMTArMS1DSUQrMTI&prod=90&ver=10.0.1427" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 swi_update;Sophos Web Intelligence Update;c:\programdata\Sophos\Web Intelligence\swi_update.exe [2012-08-08 1465920]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-30 16640]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-08-20 31560]
R3 mbamswissarmy;mbamswissarmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-08-20 146648]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 sdcfilter;sdcfilter;c:\windows\system32\DRIVERS\sdcfilter.sys [2012-07-26 33696]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [2012-07-21 22536]
S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [2012-07-26 123680]
S1 SKMScan;SKMScan;c:\windows\system32\DRIVERS\skmscan.sys [2012-07-26 31736]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 176128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2013-07-30 346696]
S2 Realtek8185;Realtek8185;c:\program files\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
S2 Realtek87B;Realtek87B;c:\program files\Realtek\RTL8187B Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
S2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2012-09-17 216640]
S2 SAVService;Sophos Anti-Virus;c:\program files\Sophos\Sophos Anti-Virus\SavService.exe [2012-07-26 139840]
S2 Sophos Web Control Service;Sophos Web Control Service;c:\program files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [2012-07-26 357400]
S2 swi_service;Sophos Web Intelligence Service;c:\program files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2012-09-17 2863168]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-31 187392]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-12-15 376832]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 111960]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE: &U????????? - c:\program files\NamiRobot\Data\du.html
IE: &??115?? 3?? - c:\program files\115\UDown\getUrl.htm
IE: &??115?? 3?????? - c:\program files\115\UDown\getAllUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
LSP: c:\programdata\Sophos\Web Intelligence\swi_ifslsp.dll
Trusted Zone: clubbox.co.kr
TCP: DhcpNameServer = 192.168.1.1
DPF: {F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4} - hxxp://www.clubbox.co.kr/neo.fld/MultiUpload.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-AdobeBridge - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Sophos Message Router]
"ImagePath"="\"c:\program files\Sophos\Remote Management System\RouterNT.exe\" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\taskhost.exe
c:\program files\Realtek\RTL8185 Wireless LAN Utility\RtWlan.exe
c:\program files\Realtek\RTL8187B Wireless LAN Utility\RtWlan.exe
c:\program files\Sophos\Remote Management System\ManagementAgentNT.exe
c:\program files\Sophos\Remote Management System\RouterNT.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Completion time: 2013-08-28 03:24:43 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-28 07:24
.
Pre-Run: 22,190,280,704 bytes free
Post-Run: 21,969,125,376 bytes free
.
- - End Of File - - 0EE282045493EF37A9E5532D588A292B

5B5E648D12FCADC244C1EC30318E1EB9
 
Looks good.

How is computer doing?

You can reinstall AVG now.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

redtarget.gif
Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
# AdwCleaner v3.001 - Report created 31/08/2013 at 03:29:28
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium (32 bits)
# Username : MH - M6
# Running from : C:\Users\MH\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\MH\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\MH\AppData\Roaming\Mozilla\Firefox\Profiles\bp0n4tij.default\Conduit

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_video-download-capture_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_video-download-capture_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Softonic

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16869


-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\MH\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2439 octets] - [31/08/2013 03:27:25]
AdwCleaner[S0].txt - [2402 octets] - [31/08/2013 03:29:28]


########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2462 octets] ##########
 
OTL logfile created on: 8/31/2013 3:42:54 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MH\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 66.18% Memory free
5.49 Gb Paging File | 4.36 Gb Available in Paging File | 79.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.48 Gb Total Space | 22.24 Gb Free Space | 9.95% Space Free | Partition Type: NTFS

Computer Name: M6 | User Name: MH | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/31 03:25:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MH\Downloads\OTL.exe
PRC - [2013/07/30 16:41:32 | 000,346,696 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2012/09/17 16:52:12 | 002,863,168 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
PRC - [2012/09/17 16:51:33 | 000,216,640 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2012/09/17 16:47:16 | 000,818,240 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Remote Management System\RouterNT.exe
PRC - [2012/09/17 16:47:06 | 000,289,856 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
PRC - [2012/07/26 17:19:14 | 000,357,400 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
PRC - [2012/07/26 17:18:08 | 000,139,840 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2010/01/18 18:37:40 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/08 14:15:24 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtWLan.exe
PRC - [2010/01/08 14:15:24 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtWLan.exe
PRC - [2009/12/07 13:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtlService.exe
PRC - [2009/12/07 13:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/08/17 14:48:46 | 001,294,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/08/17 14:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009/08/10 23:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2009/08/05 18:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/05 18:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/05 18:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/08/03 21:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/03 21:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/07/30 03:54:38 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/30 03:54:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/29 00:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/28 18:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/28 18:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 19:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/05/08 11:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/05/08 11:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/04/30 17:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/03/10 22:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/29 04:00:13 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\cabd75d4716ede2fed948cbff94dcc38\System.ServiceProcess.ni.dll
MOD - [2011/10/29 03:59:51 | 012,431,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011/10/29 03:58:07 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MOD - [2011/10/29 03:57:07 | 011,807,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5a95ba97100404e2ab26b5a9ab9ef965\System.Web.ni.dll
MOD - [2011/10/29 03:56:29 | 001,586,688 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011/10/29 03:56:11 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011/10/29 03:55:40 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011/10/29 03:55:10 | 007,949,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011/10/29 03:54:35 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2010/01/25 00:58:31 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2009/11/05 07:25:06 | 001,736,704 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3497.38831__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009/11/05 07:25:06 | 000,339,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3497.38814__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:06 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009/11/05 07:25:06 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3497.38880__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:06 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3497.38863__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:06 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3497.38828__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009/11/05 07:25:06 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:06 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3497.38823__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:05 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009/11/05 07:25:05 | 000,331,776 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:05 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009/11/05 07:25:05 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3497.38822__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:05 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3497.38867__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:05 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:04 | 000,782,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:04 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3497.38875__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009/11/05 07:25:04 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:04 | 000,081,920 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:04 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:03 | 000,950,272 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3497.38923__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:03 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:03 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:03 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:03 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009/11/05 07:25:03 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:03 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:03 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3497.38861__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009/11/05 07:25:03 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:03 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:03 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:03 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3497.38860__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:03 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009/11/05 07:25:02 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009/11/05 07:25:02 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009/11/05 07:25:02 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009/11/05 07:25:02 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009/11/05 07:25:02 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009/11/05 07:25:02 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009/11/05 07:25:02 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009/11/05 07:25:02 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009/11/05 07:25:01 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009/11/05 07:25:01 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009/11/05 07:25:01 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009/11/05 07:25:01 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009/11/05 07:25:01 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009/11/05 07:25:01 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009/11/05 07:25:01 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009/11/05 07:25:01 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009/11/05 07:25:01 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009/11/05 07:25:01 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009/11/05 07:25:01 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009/11/05 07:25:01 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009/11/05 07:25:01 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009/11/05 07:25:01 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009/11/05 07:25:01 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009/11/05 07:25:00 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009/11/05 07:24:59 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009/11/05 07:24:59 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009/11/05 07:24:59 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3497.38904__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009/11/05 07:24:59 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009/11/05 07:24:59 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009/11/05 07:24:59 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009/11/05 07:24:59 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009/11/05 07:24:59 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009/11/05 07:24:59 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009/11/05 07:24:59 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3497.38810__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009/11/05 07:24:58 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3497.38827__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009/11/05 07:24:58 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3497.38894__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009/11/05 07:24:58 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3497.38892__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009/11/05 07:24:58 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3497.38813__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009/11/05 07:24:58 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3497.38812__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009/11/05 07:24:58 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009/11/05 07:24:58 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009/11/05 07:24:58 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009/11/05 07:24:58 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009/11/05 07:24:58 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009/11/05 07:24:58 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009/11/05 07:24:57 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3497.38819__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009/11/05 07:24:57 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3497.38811__90ba9c70f846762e\APM.Server.dll
MOD - [2009/11/05 07:24:57 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3497.38810__90ba9c70f846762e\AEM.Server.dll
MOD - [2009/11/05 07:24:57 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009/11/05 07:24:57 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009/11/05 07:24:57 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/11/05 07:24:57 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3497.38893__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/08/03 21:17:24 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
MOD - [2009/07/25 14:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/07/16 19:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 19:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009/06/22 18:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2009/05/08 11:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/05/08 11:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/05/04 14:45:14 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/03/12 23:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll


========== Services (SafeList) ==========

SRV - [2013/07/30 16:41:32 | 000,346,696 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/09/17 16:52:12 | 002,863,168 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service)
SRV - [2012/09/17 16:51:33 | 000,216,640 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2012/09/17 16:47:16 | 000,818,240 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Remote Management System\RouterNT.exe -- (Sophos Message Router)
SRV - [2012/09/17 16:47:06 | 000,289,856 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe -- (Sophos Agent)
SRV - [2012/08/08 09:45:27 | 001,465,920 | ---- | M] (Sophos Limited) [Auto | Stopped] -- C:\ProgramData\Sophos\Web Intelligence\swi_update.exe -- (swi_update)
SRV - [2012/07/26 17:19:14 | 000,357,400 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe -- (Sophos Web Control Service)
SRV - [2012/07/26 17:18:08 | 000,139,840 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2009/12/07 13:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\Realtek\RTL8187B Wireless LAN Utility\RtlService.exe -- (Realtek87B)
SRV - [2009/12/07 13:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\Realtek\RTL8185 Wireless LAN Utility\RtlService.exe -- (Realtek8185)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/08/17 14:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/10 23:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/08/05 18:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/08/03 21:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/07/30 03:54:10 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/28 18:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/30 17:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/03/10 22:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvuvc.sys -- (LVUVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvrs.sys -- (LVRS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvpopflt.sys -- (lvpopflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\MAITAO~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/08/20 02:36:02 | 000,146,648 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (mbamswissarmy)
DRV - [2013/08/20 02:35:44 | 000,031,560 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2012/07/26 17:19:52 | 000,033,696 | ---- | M] (Sophos Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sdcfilter.sys -- (sdcfilter)
DRV - [2012/07/26 17:19:41 | 000,123,680 | ---- | M] (Sophos Limited) [File_System | System | Running] -- C:\Windows\System32\drivers\savonaccess.sys -- (SAVOnAccess)
DRV - [2012/07/26 17:18:43 | 000,031,736 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\drivers\skmscan.sys -- (SKMScan)
DRV - [2012/07/21 00:39:21 | 000,022,536 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\SophosBootDriver.sys -- (SophosBootDriver)
DRV - [2010/12/30 15:19:40 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2009/12/15 15:13:16 | 000,376,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2009/12/07 06:31:38 | 000,015,104 | ---- | M] ((c)NOWCOM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\nowmemdf.sys -- (NOWMEMDF)
DRV - [2009/07/30 20:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/30 16:06:30 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/24 19:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/14 19:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009/07/13 18:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
 
DRV - [2009/07/07 12:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2009/05/05 04:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009/04/30 17:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2DDA7029-1B90-4BF1-AC49-AE6C2C7D990C}: "URL" = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7TSNA


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=U016&ocid=U016DHP&dt=041013
IE - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\..\SearchScopes\{2DDA7029-1B90-4BF1-AC49-AE6C2C7D990C}: "URL" = http://www.bing.com/search?FORM=U016DF&PC=U016&dt=041013&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\..\SearchScopes\{CB0A1D37-B2A4-4AA0-A643-102B4944BEC3}: "URL" = http://www.google.com/search?source...tEncoding}&oe={outputEncoding}&rlz=1I7TSNA_en
IE - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@kcp.co.kr/plugin;version=1: C:\Program Files\KCP\Plugin\npKCPPlugin.dll (KCP CO.,LTD)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MH\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MH\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\zettamedia.co.kr/ZmLauncher: C:\Users\MH\AppData\Local\Zettamedia\PdClubBox\npZmLauncher.dll (Zettamedia Co.,Ltd.)


[2013/04/05 02:29:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/04 02:24:15 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MH\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\MH\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MH\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\windows\system32\npDeployJava1.dll
CHR - plugin: KCP (Enabled) = C:\Program Files\KCP\Plugin\npKCPPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\MH\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Zettamedia Launcher (Enabled) = C:\Users\MH\AppData\Local\Zettamedia\PdClubBox\npZmLauncher.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\MH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: TweetDeck = C:\Users\MH\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.2.2_0\
CHR - Extension: Gmail = C:\Users\MH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/28 03:20:10 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Limited)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002..\Run: [MyTOSHIBA] C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002..\Run: [Wisdom-soft ScreenHunter 5.1 Free] 0 File not found
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\windows\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &U[FONT=SimSun]使用米人下载并收藏[/FONT] - C:\Program Files\NamiRobot\Data\du.html ()
O8 - Extra context menu item: &[FONT=SimSun]使用[/FONT]115[FONT=SimSun]优蛋[/FONT] 3[FONT=SimSun]下载[/FONT] - C:\Program Files\115\UDown\getUrl.htm File not found
O8 - Extra context menu item: &[FONT=SimSun]使用[/FONT]115[FONT=SimSun]优蛋[/FONT] 3[FONT=SimSun]下载全部链接[/FONT] - C:\Program Files\115\UDown\getAllUrl.htm File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O15 - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\..Trusted Domains: clubbox.co.kr ([]http in Trusted sites)
O16 - DPF: {0349EF81-B9C1-4B97-86F7-7B931D0E2532} http://sticube.clubbox.co.kr/sticubeupdate/cab/NowStarter2.cab (NowStarter2 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4} http://www.clubbox.co.kr/neo.fld/MultiUpload.cab (MultiUpload Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88BD8012-3626-43CA-B0E5-D495FD05A524}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4137034-3661-4912-B1B4-8961E1F0A2E8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/31 03:27:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/28 03:20:14 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/08/28 03:18:15 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\temp
[2013/08/28 03:07:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/08/28 03:07:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/08/28 03:07:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/08/28 03:06:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/28 03:06:33 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/08/28 03:01:36 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{992B1B58-B2EB-4C63-95CC-ABE28665B4EA}
[2013/08/22 01:50:35 | 000,000,000 | ---D | C] -- C:\FRST
[2013/08/20 21:25:26 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{F4ED4186-811C-484B-B0BF-E0C6FCC77E33}
[2013/08/20 02:36:02 | 000,146,648 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2013/08/20 02:34:25 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{37000D07-3EB2-4C42-A5E7-9E9AE6F6DBA3}
[2013/08/20 00:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/08/20 00:45:54 | 000,000,000 | ---D | C] -- C:\Users\MH\Desktop\mbar
[2013/08/20 00:33:52 | 000,000,000 | ---D | C] -- C:\Users\MH\Desktop\RK_Quarantine
[2013/08/16 20:07:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2013/08/16 18:23:26 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{011730D3-3492-4179-A620-D8567E7634CE}
[2013/08/16 17:46:25 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Roaming\Malwarebytes
[2013/08/16 17:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/16 17:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/16 17:46:07 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013/08/16 17:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/08/13 22:24:12 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{FD16079E-7F88-4CE6-839A-D4E180A9668C}
[2013/08/08 18:43:03 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{15B97F17-5AAD-4BC0-9DF8-02D2C8AEB907}
[2013/08/08 08:01:54 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\Programs
[2013/08/08 06:43:44 | 000,000,000 | ---D | C] -- C:\Users\MH\.android
[2013/08/06 16:00:56 | 000,000,000 | ---D | C] -- C:\Users\MH\www.apowersoft.com
[2013/08/03 13:00:33 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{E3A60500-BA9E-419A-A8C0-B688D21168F2}
[2013/08/03 12:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187B Wireless LAN Utility
[2013/08/03 10:39:23 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Local\{2C405ACD-4522-4972-AF60-443BA5CE1BC7}
[2013/08/02 23:18:44 | 000,000,000 | ---D | C] -- C:\Users\MH\AppData\Roaming\Verizon
[2013/08/02 23:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\MH\Desktop\*.tmp files -> C:\Users\MH\Desktop\*.tmp -> ]
[1 C:\Users\MH\*.tmp files -> C:\Users\MH\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/31 03:39:37 | 000,015,568 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/31 03:39:37 | 000,015,568 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/31 03:31:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/08/31 03:31:33 | 2212,884,480 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/28 03:20:10 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/08/27 00:20:39 | 000,029,943 | ---- | M] () -- C:\Users\MH\Desktop\cm1.JPG
[2013/08/24 05:46:34 | 000,195,888 | ---- | M] () -- C:\Users\MH\Desktop\Untitled.png
[2013/08/24 05:38:40 | 000,018,845 | ---- | M] () -- C:\Users\MH\Desktop\Capture.JPG
[2013/08/20 02:36:02 | 000,146,648 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2013/08/20 02:35:44 | 000,031,560 | ---- | M] () -- C:\windows\System32\drivers\mbamchameleon.sys
[2013/08/05 23:26:20 | 000,158,396 | ---- | M] () -- C:\Users\MH\Desktop\024 - Copy.JPG
[2013/08/04 23:57:37 | 000,390,075 | ---- | M] () -- C:\Users\MH\Desktop\Image08012013185506.jpg
[2013/08/03 14:07:09 | 000,000,042 | ---- | M] () -- C:\windows\System32\AK083E209605E394C.lie
[2013/08/03 12:55:05 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\REALTEK RTL8187B Wireless LAN Utility.lnk
[2013/08/03 11:10:59 | 000,000,260 | ---- | M] () -- C:\windows\System32\cmdVBS.vbs
[2013/08/03 11:10:59 | 000,000,256 | ---- | M] () -- C:\windows\System32\MSIevent.bat
[2013/08/03 11:10:46 | 004,818,944 | ---- | M] () -- C:\ProgramData\IHAMC.msi
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\MH\Desktop\*.tmp files -> C:\Users\MH\Desktop\*.tmp -> ]
[1 C:\Users\MH\*.tmp files -> C:\Users\MH\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/31 00:49:06 | 000,050,507 | ---- | C] () -- C:\Users\MH\Desktop\BBhxIBWCMAECPgN.jpg
[2013/08/31 00:47:05 | 000,232,891 | ---- | C] () -- C:\Users\MH\Desktop\24ypnyv.jpg
[2013/08/28 03:07:08 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/08/28 03:07:08 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/08/28 03:07:08 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/08/28 03:07:08 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/08/28 03:07:08 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/08/27 00:20:38 | 000,029,943 | ---- | C] () -- C:\Users\MH\Desktop\cm1.JPG
[2013/08/24 05:38:39 | 000,018,845 | ---- | C] () -- C:\Users\MH\Desktop\Capture.JPG
[2013/08/24 04:36:21 | 000,195,888 | ---- | C] () -- C:\Users\MH\Desktop\Untitled.png
[2013/08/24 04:22:23 | 000,209,456 | ---- | C] () -- C:\Users\MH\Desktop\6845ok.jpg
[2013/07/04 04:33:06 | 000,451,072 | ---- | C] () -- C:\windows\System32\ISSRemoveSP.exe
[2012/06/02 23:25:31 | 000,001,456 | ---- | C] () -- C:\Users\MH\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/03/19 01:15:59 | 000,000,532 | ---- | C] () -- C:\windows\hpomdl46.dat.temp
[2011/09/15 19:52:20 | 000,173,322 | ---- | C] () -- C:\windows\hpoins46.dat
[2011/09/15 19:52:20 | 000,000,532 | ---- | C] () -- C:\windows\hpomdl46.dat
[2011/08/08 18:20:31 | 000,000,132 | ---- | C] () -- C:\Users\MH\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/06/25 18:34:28 | 000,000,000 | ---- | C] () -- C:\Users\MH\AppData\Roaming\wklnhst.dat
[2010/02/21 21:37:46 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/29 17:12:59 | 000,000,178 | ---- | C] () -- C:\Users\MH\AppData\Roaming\default.rss
[2009/12/29 17:12:59 | 000,000,000 | ---- | C] () -- C:\Users\MH\AppData\Roaming\downloads.m3u
[2009/12/25 17:18:07 | 000,029,184 | ---- | C] () -- C:\Users\MH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 10:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/08/26 17:13:18 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\Apowersoft
[2011/08/14 20:51:19 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\Audacity
[2011/07/25 04:08:22 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\AVG10
[2011/11/14 13:24:53 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/10/21 02:54:45 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010/07/13 19:15:57 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\DataCast
[2012/11/17 08:28:50 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\duowan
[2013/07/08 03:37:13 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\foobar2000
[2012/12/31 03:33:33 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\iSkysoft
[2010/02/21 21:31:02 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\Leadertech
[2012/10/01 18:37:26 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\Orbit
[2012/10/01 18:11:24 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\ProgSense
[2011/07/01 04:15:28 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\RayV
[2010/06/25 18:34:31 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\Template
[2009/12/30 23:50:08 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\TOSHIBA
[2011/09/23 13:31:14 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2012/07/11 02:31:30 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\UDown
[2011/07/07 15:30:02 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\WinAVI
[2009/12/24 21:17:29 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/07/11 02:21:29 | 000,000,000 | ---D | M](C:\Users\MH\Documents\115???) -- C:\Users\MH\Documents\115[FONT=SimSun]浏览器[/FONT]
[2012/07/11 02:20:57 | 000,000,000 | ---D | C](C:\Users\MH\Documents\115???) -- C:\Users\MH\Documents\115[FONT=SimSun]浏览器[/FONT]
[2011/08/20 05:34:29 | 000,000,000 | ---D | M](C:\Users\MH\Documents\????) -- C:\Users\MH\Documents\[FONT=SimSun]美图图库[/FONT]
[2011/08/20 05:34:27 | 000,000,000 | ---D | C](C:\Users\MH\Documents\????) -- C:\Users\MH\Documents\[FONT=SimSun]美图图库[/FONT]
[2011/08/20 05:31:33 | 000,001,028 | ---- | M] ()(C:\Users\MH\Application Data\Microsoft\Internet Explorer\Quick Launch\????.lnk) -- C:\Users\MH\Application Data\Microsoft\Internet Explorer\Quick Launch\[FONT=SimSun]美图秀秀[/FONT].lnk
[2011/08/20 05:31:33 | 000,001,028 | ---- | C] ()(C:\Users\MH\Application Data\Microsoft\Internet Explorer\Quick Launch\????.lnk) -- C:\Users\MH\Application Data\Microsoft\Internet Explorer\Quick Launch\[FONT=SimSun]美图秀秀[/FONT].lnk
(C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??) -- C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\[FONT=SimSun]美图[/FONT]
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[FONT=SimSun]美图[/FONT]


< End of report >





================

JRT won't work for me, should I keep trying? Other then that, the computer is working normally. Thank you.
 
Good news :)

redtarget.gif
Did you switch from AVG to Sophos?

redtarget.gif
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
Code: 
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvuvc.sys -- (LVUVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvrs.sys -- (LVRS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvpopflt.sys -- (lvpopflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\MAITAO~1\AppData\Local\Temp\catchme.sys -- (catchme)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O4 - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002..\Run: [Wisdom-soft ScreenHunter 5.1 Free] 0 File not found
O8 - Extra context menu item: &U使用米人下载并收藏 - C:\Program Files\NamiRobot\Data\du.html ()
O8 - Extra context menu item: &使用115优蛋 3下载 - C:\Program Files\115\UDown\getUrl.htm File not found
O8 - Extra context menu item: &使用115优蛋 3下载全部链接 - C:\Program Files\115\UDown\getAllUrl.htm File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O15 - HKU\S-1-5-21-1582868316-1146028689-1569875838-1002\..Trusted Domains: clubbox.co.kr ([]http in Trusted sites)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2011/07/25 04:08:22 | 000,000,000 | ---D | M] -- C:\Users\MH\AppData\Roaming\AVG10


:Services

:Reg

:Files
C:\FRST

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Thanks once more. Before I follow the next instructions, I wanted to say that I didn't switch to Sophos. I thought I uninstalled Sophos about a year ago but sometimes it randomly still appears even with AVG running. Sophos was leftover from when I lived on campus but then it expired.
 
You must log in or register to reply here.

Similar threads

Bob O'Donnell
Data Governance and Provenance: Two words that are critical to the future of generative AI
Replies
1
Views
133
human7
H
M
Device ran into a problem and needs to restart.
Replies
0
Views
447
Mark Fuller
M
A
An old and unreleased beta build of Windows 7 has leaked online
Replies
8
Views
188
ZedRM
ZedRM

Latest posts

Back