Hunterkiller
2014-07-27, 09:49
1171411716
This is FRST.txt only way I can figure out how to get it in here. sry I got agitated.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Phil (administrator) on PHIL-HUNTER on 27-07-2014 01:30:02
Running from C:\Users\Phil\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Phil\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Phil\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
(Anvisoft Corporation) C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Anvi RAM Booster\Anvi_RAM_Booster.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\klwtblfs.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart�
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [701736 2012-02-02] (CyberLink Corporation.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2012-04-02] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2012-03-06] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe�
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [Power2GoExpress] => [X]
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [TWC.Win7] => C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe [55120 2014-04-09] ()
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-05-29] (Anvisoft)
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [mmonitor] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\toolbox\Anvi RAM Booster\Anvi_RAM_Bo (the data entry has 17 more characters).
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\MountPoints2: D - D:\setup.exe -a
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\MountPoints2: {37408140-39e9-11e3-b020-00044b1992e1} - F:\LGAutoRun.exe
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\MountPoints2: {42a4b180-21cd-11e3-8202-00044b1992e1} - F:\setup.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HRBlockDirect.lnk
ShortcutTarget: HRBlockDirect.lnk -> C:\Program Files (x86)\HRBlockDirect\HRBlockDirect.exe (HR Block )
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6076F0CD0DCECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
URLSearchHook: HKLM-x32 - MixiDJ V43 Toolbar - {62f386ad-a806-4d2c-87d2-f8cf31faf77e} - No File
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^XP^xdm044^S02020^us&si=CJPFuOGX8LACFQhgTAodOTqFwQ&ptb=785D9EDA-F3AC-4EB7-8ED7-9CCF38CE9B0E&psa=&ind=2012062801&st=sb&n=77eda451&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={47693960-E050-11E2-9A02-00044B1992E1}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&q={searchTerms}&SSPV=
SearchScopes: HKCU - 65A02591468F493D9D37BF6677ACE964 URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3307181&CUI=UN25759970510773707&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&q={searchTerms}&SSPV=
SearchScopes: HKCU - {3D82820D-B262-4C35-9AC7-4E0EFF941FAF} URL = http://www.mysearchresults.com/search?c=4100&t=04&q={searchTerms}
SearchScopes: HKCU - {47FA6A6E-1C09-4ECA-A70C-81F51DFC8355} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0101&cd=2XzuyEtN2Y1L1QzutDtDtDyEyE0BtCzyzytB0EtB0A0BtAtDtN0D0Tzu0CyBtAtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=65225379&ir=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {CFDB445B-2FCB-4E41-9D54-8EAAC2273CE9} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=7E1CEE6F-5D54-4C72-9082-E75978566431&apn_sauid=98577795-9D61-4581-9A2E-86C704277DF3
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: No Name -> {A7C0A55C-300E-4193-8FB5-5DB8E6533D35} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: No Name -> {1C8501DD-5580-48AB-B25C-6D5DBE835A6A} -> No File
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: MixiDJ V43 Toolbar -> {62f386ad-a806-4d2c-87d2-f8cf31faf77e} -> No File
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: No Name -> {A7C0A55C-300E-4193-8FB5-5DB8E6533D35} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - MixiDJ V43 Toolbar - {62f386ad-a806-4d2c-87d2-f8cf31faf77e} - No File
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\km1wbfpq.default
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @ei.GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: anvisoft.com/AdblockPlugin - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll (Anvisoft)
FF user.js: detected! => C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\km1wbfpq.default\user.js
FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\km1wbfpq.default\searchplugins\conduit-search.xml
FF Extension: SySaver - C:\Program Files (x86)\Mozilla Firefox\extensions\ecyoivyyjrojzoyplneg@nrbkkafymvigofepbi.org [2014-02-14]
FF Extension: Unit Layers - C:\Program Files (x86)\Mozilla Firefox\extensions\fgsegj@ohwcaijlmohgftbpsu.org [2014-02-14]
FF Extension: AnviAdblock - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\AnviAdblock@anvisoft.com.xpi [2014-07-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP","http:\/\/search.conduit.com\/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&SSPV="
CHR NewTab: "chrome-extension://pflphaooapbgpeakohlggbpidpppgdff/content/newtab/newtab.html"
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q={searchTerms}
CHR Extension: (Docs) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-23]
CHR Extension: (Google Drive) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-23]
CHR Extension: (YouTube) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-23]
CHR Extension: (Extended Protection) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2013-11-05]
CHR Extension: (Google Search) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-23]
CHR Extension: (xVidly1) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dachbokeklmhlikpklnkmmealjdfanoh [2013-10-23]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-10-23]
CHR Extension: (Safe Money) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-10-23]
CHR Extension: (Vgrabber v1.5) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hchkdglnjoagfcnikmcebkjlfbcbkhnm [2013-10-23]
CHR Extension: (Lightning Newtab) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2013-11-05]
CHR Extension: (MixiDJ V43) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplmoojljbihgoknngmcimjbaddnnhkd [2013-10-23]
CHR Extension: (Virtual Keyboard) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-10-23]
CHR Extension: (WhiteSmoke New) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi [2013-10-23]
CHR Extension: (Ziftr Alerts - formerly FreePriceAlerts.com) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngoiabglmnijabkfknliolcbjfcmbmdl [2013-10-23]
CHR Extension: (Google Wallet) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-23]
CHR Extension: (GreatArcadeHits Add-on) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh [2013-11-05]
CHR Extension: (MySearchDial New Tab) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-02-02]
CHR Extension: (Gmail) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-23]
CHR Extension: (Anti-Banner) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-10-23]
CHR HKCU\...\Chrome\Extension: [dachbokeklmhlikpklnkmmealjdfanoh] - C:\Users\Phil\AppData\Local\CRE\dachbokeklmhlikpklnkmmealjdfanoh.crx [2013-08-07]
CHR HKCU\...\Chrome\Extension: [hchkdglnjoagfcnikmcebkjlfbcbkhnm] - C:\Users\Phil\AppData\Local\CRE\hchkdglnjoagfcnikmcebkjlfbcbkhnm.crx [2013-08-20]
CHR HKCU\...\Chrome\Extension: [iplmoojljbihgoknngmcimjbaddnnhkd] - C:\Users\Phil\AppData\Local\CRE\iplmoojljbihgoknngmcimjbaddnnhkd.crx [2013-10-02]
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Phil\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-04-25]
CHR HKLM-x32\...\Chrome\Extension: [dachbokeklmhlikpklnkmmealjdfanoh] - C:\Users\Phil\AppData\Local\CRE\dachbokeklmhlikpklnkmmealjdfanoh.crx [2013-08-07]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hchkdglnjoagfcnikmcebkjlfbcbkhnm] - C:\Users\Phil\AppData\Local\CRE\hchkdglnjoagfcnikmcebkjlfbcbkhnm.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [iplmoojljbihgoknngmcimjbaddnnhkd] - C:\Users\Phil\AppData\Local\CRE\iplmoojljbihgoknngmcimjbaddnnhkd.crx [2013-10-02]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Phil\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-04-25]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2014-04-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - [url]https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ngoiabglmnijabkfknliolcbjfcmbmdl] - C:\ProgramData\FreePriceAlerts\Chrome\FreePriceAlerts.crx [2013-09-16]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-05-29] (Anvisoft)
R2 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1206504 2014-05-28] (Anvisoft)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2012-04-02] (CyberLink)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-07-20] (Creative Labs) [File not signed]
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-09-06] () [File not signed]
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [X]
S2 MDM; "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 asd2fsm; C:\Windows\System32\DRIVERS\asd2fsm.sys [48656 2014-05-28] (Anvisoft)
R1 Asdids; C:\Windows\System32\DRIVERS\asdids.sys [47632 2014-05-28] (Anvisoft)
S0 aswRvrt; No ImagePath
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2012-02-02] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [377840 2012-02-02] (CyberLink Corporation.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-23] (Kaspersky Lab ZAO)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2x.sys [553472 2008-09-29] (Atheros Communications, Inc.)
R3 aswVmm; \??\C:\Users\Phil\AppData\Local\Temp\aswVmm.sys [X]
S3 cpuz136; \??\C:\Users\Phil\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
U3 aswMBR; \??\C:\Users\Phil\AppData\Local\Temp\aswMBR.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-27 01:26 - 2014-07-27 01:30 - 00032548 _____ () C:\Users\Phil\Desktop\FRST.txt
2014-07-27 01:23 - 2014-07-27 01:23 - 02093568 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2014-07-27 01:10 - 2014-07-27 01:10 - 00002370 _____ () C:\Users\Phil\Desktop\aswMBR.txt
2014-07-27 01:10 - 2014-07-27 01:10 - 00000512 _____ () C:\Users\Phil\Desktop\MBR.dat
2014-07-26 08:35 - 2014-07-26 08:35 - 00000224 _____ () C:\Windows\setupact.log
2014-07-26 08:35 - 2014-07-26 08:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 08:34 - 2014-07-26 08:34 - 00001366 _____ () C:\Windows\PFRO.log
2014-07-26 05:28 - 2014-07-26 05:28 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-07-26 05:17 - 2014-07-27 01:21 - 00000000 ____D () C:\Users\Phil\Desktop\VIRUS RECOVERY FOLDER
2014-07-26 05:16 - 2014-07-27 01:30 - 00000000 ____D () C:\FRST
2014-07-26 05:15 - 2014-07-26 05:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PHIL-HUNTER-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-26 05:13 - 2014-07-26 05:13 - 00000000 ____D () C:\RegBackup
2014-07-26 05:12 - 2014-07-26 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-26 05:11 - 2014-07-26 05:11 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-26 05:05 - 2014-07-26 05:05 - 00003732 _____ () C:\Windows\System32\Tasks\ASD_Schedule
2014-07-26 04:22 - 2014-07-26 08:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-07-26 04:22 - 2014-07-26 07:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-07-26 04:22 - 2014-07-26 05:05 - 00003272 _____ () C:\Windows\System32\Tasks\ASD_Main
2014-07-26 04:22 - 2014-07-26 04:22 - 00001191 _____ () C:\Users\Phil\Desktop\Anvi Smart Defender.lnk
2014-07-26 04:01 - 2014-07-26 04:01 - 13829304 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\mseinstall.exe
2014-07-26 03:58 - 2014-07-26 07:32 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-07-26 03:58 - 2014-07-26 03:58 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-07-26 03:58 - 2014-05-28 21:03 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-07-26 03:57 - 2014-07-26 03:57 - 36035456 _____ (Anvisoft) C:\Users\Phil\Downloads\asdsetup.exe
2014-07-26 01:05 - 2014-07-26 01:05 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Oracle
2014-07-26 00:16 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-26 00:16 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-26 00:16 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-26 00:16 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-26 00:16 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-26 00:16 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-26 00:15 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-26 00:15 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-26 00:15 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-26 00:15 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-26 00:15 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-26 00:15 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-26 00:15 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-26 00:15 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-26 00:15 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-26 00:15 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-26 00:15 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-26 00:15 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-26 00:15 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-26 00:15 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-26 00:15 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-26 00:15 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-26 00:15 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-26 00:15 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-26 00:15 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-26 00:15 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-26 00:15 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-26 00:15 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-26 00:15 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-26 00:15 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-26 00:15 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-26 00:15 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-26 00:15 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-26 00:15 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-26 00:15 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-26 00:15 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-26 00:15 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-26 00:15 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-26 00:15 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-26 00:15 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-26 00:15 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-26 00:15 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-26 00:15 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-26 00:15 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-26 00:15 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-26 00:15 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-26 00:15 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-26 00:15 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-26 00:15 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-26 00:15 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-26 00:15 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-26 00:15 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-26 00:15 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-26 00:15 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-26 00:15 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-26 00:15 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-26 00:15 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-26 00:15 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-26 00:15 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-26 00:15 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-26 00:15 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-26 00:15 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-26 00:15 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-26 00:15 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-26 00:14 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-26 00:14 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-26 00:14 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-26 00:14 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-26 00:13 - 2014-07-26 00:14 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-26 00:12 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-26 00:12 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-26 00:12 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-13 23:20 - 2014-05-29 18:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-13 23:20 - 2014-05-29 18:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-13 23:16 - 2014-07-13 23:20 - 00000000 ____D () C:\Users\Phil\AppData\Local\NVIDIA Corporation
2014-07-13 23:16 - 2014-05-29 18:07 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-13 23:16 - 2014-05-29 18:07 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-13 23:15 - 2014-07-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-13 23:14 - 2014-05-19 18:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-13 23:14 - 2014-05-14 18:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-13 23:12 - 2014-05-19 21:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-13 23:12 - 2014-05-19 21:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-13 23:12 - 2014-03-31 11:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-07-13 23:12 - 2014-03-31 11:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-07-13 23:12 - 2014-03-31 11:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-07-13 23:05 - 2014-07-13 23:06 - 231400888 _____ (NVIDIA Corporation) C:\Users\Phil\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-07-13 17:29 - 2014-07-13 17:29 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-07-12 19:44 - 2014-07-12 19:44 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup(1).exe
2014-07-12 19:41 - 2014-07-12 19:42 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup.exe
2014-07-08 00:58 - 2014-07-08 00:58 - 00262144 _____ () C:\Windows\Minidump\070814-21528-01.dmp
2014-07-08 00:58 - 2014-07-08 00:58 - 00000000 ____D () C:\Windows\Minidump
2014-07-06 17:46 - 2014-07-06 17:47 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.5
2014-07-06 17:45 - 2014-07-06 17:45 - 01047296 _____ () C:\Users\Phil\Downloads\oQueue_1.9.5.zip
2014-07-04 15:57 - 2014-07-04 15:57 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-07-04 15:57 - 2014-07-04 15:57 - 00000000 ____D () C:\Users\Phil\AppData\Local\Downloaded Installations
2014-06-29 01:54 - 2014-06-29 01:54 - 00000000 ____D () C:\Users\Phil\AppData\Local\Skype
2014-06-29 01:53 - 2014-06-29 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-27 02:23 - 2014-06-27 02:24 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.4
2014-06-27 02:23 - 2014-06-27 02:23 - 01047047 _____ () C:\Users\Phil\Downloads\oQueue_1.9.4.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-27 01:30 - 2014-07-27 01:26 - 00032548 _____ () C:\Users\Phil\Desktop\FRST.txt
2014-07-27 01:30 - 2014-07-26 05:16 - 00000000 ____D () C:\FRST
2014-07-27 01:23 - 2014-07-27 01:23 - 02093568 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2014-07-27 01:21 - 2014-07-26 05:17 - 00000000 ____D () C:\Users\Phil\Desktop\VIRUS RECOVERY FOLDER
2014-07-27 01:21 - 2014-02-14 01:21 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2014-07-27 01:21 - 2013-10-20 20:21 - 00000288 _____ () C:\Windows\Tasks\DigitalSite.job
2014-07-27 01:15 - 2013-03-18 18:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-27 01:10 - 2014-07-27 01:10 - 00002370 _____ () C:\Users\Phil\Desktop\aswMBR.txt
2014-07-27 01:10 - 2014-07-27 01:10 - 00000512 _____ () C:\Users\Phil\Desktop\MBR.dat
2014-07-27 00:50 - 2013-09-23 20:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-27 00:37 - 2013-08-12 17:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-27 00:28 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 00:21 - 2013-10-20 21:21 - 00000208 _____ () C:\Users\Phil\AppData\Roaming\WB.CFG
2014-07-26 22:12 - 2013-10-10 18:50 - 00000000 ____D () C:\Users\Phil\AppData\Local\SevereWeatherAlerts
2014-07-26 21:02 - 2013-10-23 11:46 - 00000000 ____D () C:\Users\Phil\AppData\Local\Battle.net
2014-07-26 17:55 - 2011-07-20 15:06 - 01212934 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 09:37 - 2013-08-12 17:42 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 08:42 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 08:42 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 08:35 - 2014-07-26 08:35 - 00000224 _____ () C:\Windows\setupact.log
2014-07-26 08:35 - 2014-07-26 08:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 08:35 - 2014-07-26 04:22 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-07-26 08:35 - 2013-05-21 18:58 - 00155136 ___SH () C:\Users\Phil\Desktop\Thumbs.db
2014-07-26 08:35 - 2011-07-24 11:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-26 08:35 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 08:34 - 2014-07-26 08:34 - 00001366 _____ () C:\Windows\PFRO.log
2014-07-26 08:08 - 2013-09-18 03:48 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Guild Wars 2
2014-07-26 08:08 - 2012-10-18 23:16 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\TS3Client
2014-07-26 07:57 - 2011-07-20 15:47 - 00000000 ____D () C:\Users\Phil\Documents\My Received Files
2014-07-26 07:42 - 2014-02-14 02:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-26 07:42 - 2011-07-20 17:53 - 00000000 ____D () C:\Windows\Panther
2014-07-26 07:41 - 2013-10-05 02:20 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy BitTorrent Client
2014-07-26 07:41 - 2013-02-23 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strongvault Online Backup
2014-07-26 07:41 - 2012-12-11 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-26 07:41 - 2012-10-02 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
2014-07-26 07:41 - 2011-10-20 19:37 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-26 07:41 - 2011-07-20 15:48 - 00000000 ___RD () C:\Users\Phil\Desktop\Kalyn Hunter
2014-07-26 07:32 - 2014-07-26 04:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-07-26 07:32 - 2014-07-26 03:58 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-07-26 07:10 - 2013-08-15 00:35 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{63CEC37D-1E44-4705-B186-48006A0133CC}
2014-07-26 05:58 - 2014-01-02 09:09 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-07-26 05:28 - 2014-07-26 05:28 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-07-26 05:15 - 2014-07-26 05:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PHIL-HUNTER-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-26 05:13 - 2014-07-26 05:13 - 00000000 ____D () C:\RegBackup
2014-07-26 05:12 - 2014-07-26 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-26 05:11 - 2014-07-26 05:11 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-26 05:05 - 2014-07-26 05:05 - 00003732 _____ () C:\Windows\System32\Tasks\ASD_Schedule
2014-07-26 05:05 - 2014-07-26 04:22 - 00003272 _____ () C:\Windows\System32\Tasks\ASD_Main
2014-07-26 04:22 - 2014-07-26 04:22 - 00001191 _____ () C:\Users\Phil\Desktop\Anvi Smart Defender.lnk
2014-07-26 04:01 - 2014-07-26 04:01 - 13829304 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\mseinstall.exe
2014-07-26 03:58 - 2014-07-26 03:58 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-07-26 03:57 - 2014-07-26 03:57 - 36035456 _____ (Anvisoft) C:\Users\Phil\Downloads\asdsetup.exe
2014-07-26 01:08 - 2009-07-13 23:45 - 00425504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-26 01:07 - 2012-06-28 00:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-26 01:07 - 2012-06-28 00:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-26 01:06 - 2014-05-09 07:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-26 01:06 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-26 01:06 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-26 01:06 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-26 01:05 - 2014-07-26 01:05 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Oracle
2014-07-26 01:04 - 2013-10-17 21:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-26 00:22 - 2013-08-06 08:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-26 00:20 - 2011-07-24 10:52 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-26 00:19 - 2012-06-28 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-26 00:19 - 2011-07-20 15:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-26 00:14 - 2014-07-26 00:13 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-26 00:14 - 2013-06-26 20:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-24 18:54 - 2013-10-23 11:46 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-24 17:21 - 2013-09-06 15:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-22 18:26 - 2014-03-12 05:49 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-13 23:20 - 2014-07-13 23:16 - 00000000 ____D () C:\Users\Phil\AppData\Local\NVIDIA Corporation
2014-07-13 23:20 - 2011-07-24 10:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-13 23:18 - 2014-04-29 23:38 - 00000000 ____D () C:\Users\Phil\AppData\Local\NVIDIA
2014-07-13 23:18 - 2011-07-24 10:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-13 23:16 - 2011-07-24 11:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-13 23:15 - 2014-07-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-13 23:06 - 2014-07-13 23:05 - 231400888 _____ (NVIDIA Corporation) C:\Users\Phil\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-07-13 22:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-13 17:57 - 2011-07-20 15:06 - 00000000 ____D () C:\Users\Phil
2014-07-13 17:29 - 2014-07-13 17:29 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-07-12 19:44 - 2014-07-12 19:44 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup(1).exe
2014-07-12 19:44 - 2014-03-11 16:00 - 00000930 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-07-12 19:42 - 2014-07-12 19:41 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup.exe
2014-07-11 03:02 - 2014-07-26 00:14 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-26 00:14 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-26 00:14 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-26 00:14 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-08 18:50 - 2013-09-23 20:44 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 18:50 - 2013-09-23 20:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 18:50 - 2013-09-23 20:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 00:58 - 2014-07-08 00:58 - 00262144 _____ () C:\Windows\Minidump\070814-21528-01.dmp
2014-07-08 00:58 - 2014-07-08 00:58 - 00000000 ____D () C:\Windows\Minidump
2014-07-08 00:31 - 2013-09-06 15:51 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Skype
2014-07-06 17:47 - 2014-07-06 17:46 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.5
2014-07-06 17:47 - 2011-07-20 18:43 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-07-06 17:45 - 2014-07-06 17:45 - 01047296 _____ () C:\Users\Phil\Downloads\oQueue_1.9.5.zip
2014-07-04 15:57 - 2014-07-04 15:57 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-07-04 15:57 - 2014-07-04 15:57 - 00000000 ____D () C:\Users\Phil\AppData\Local\Downloaded Installations
2014-07-04 15:57 - 2013-09-14 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-07-04 15:57 - 2013-09-14 11:27 - 00000000 ____D () C:\Program Files (x86)\The Weather Channel
2014-06-29 21:09 - 2014-07-26 00:16 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 21:04 - 2014-07-26 00:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 01:54 - 2014-06-29 01:54 - 00000000 ____D () C:\Users\Phil\AppData\Local\Skype
2014-06-29 01:53 - 2014-06-29 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-29 01:53 - 2013-09-06 15:50 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-29 01:53 - 2013-09-06 15:50 - 00000000 ____D () C:\ProgramData\Skype
2014-06-27 02:24 - 2014-06-27 02:23 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.4
2014-06-27 02:23 - 2014-06-27 02:23 - 01047047 _____ () C:\Users\Phil\Downloads\oQueue_1.9.4.zip
Some content of TEMP:
====================
C:\Users\Phil\AppData\Local\Temp\_is100B.exe
C:\Users\Phil\AppData\Local\Temp\_isEC84.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-30 20:46
==================== End Of Log ============================
This is FRST.txt only way I can figure out how to get it in here. sry I got agitated.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Phil (administrator) on PHIL-HUNTER on 27-07-2014 01:30:02
Running from C:\Users\Phil\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Phil\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Phil\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
(Anvisoft Corporation) C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\Toolbox\Anvi RAM Booster\Anvi_RAM_Booster.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\klwtblfs.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart�
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [701736 2012-02-02] (CyberLink Corporation.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2012-04-02] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2012-03-06] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe�
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [Power2GoExpress] => [X]
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [TWC.Win7] => C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe [55120 2014-04-09] ()
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [CloudSystemBooster] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-05-29] (Anvisoft)
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\Run: [mmonitor] => C:\Program Files (x86)\Anvisoft\Cloud System Booster\extentions\toolbox\Anvi RAM Booster\Anvi_RAM_Bo (the data entry has 17 more characters).
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\MountPoints2: D - D:\setup.exe -a
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\MountPoints2: {37408140-39e9-11e3-b020-00044b1992e1} - F:\LGAutoRun.exe
HKU\S-1-5-21-311460615-1237340197-3635507080-1000\...\MountPoints2: {42a4b180-21cd-11e3-8202-00044b1992e1} - F:\setup.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HRBlockDirect.lnk
ShortcutTarget: HRBlockDirect.lnk -> C:\Program Files (x86)\HRBlockDirect\HRBlockDirect.exe (HR Block )
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6076F0CD0DCECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=ds&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190&type=default&q={searchTerms}
URLSearchHook: HKLM-x32 - MixiDJ V43 Toolbar - {62f386ad-a806-4d2c-87d2-f8cf31faf77e} - No File
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^XP^xdm044^S02020^us&si=CJPFuOGX8LACFQhgTAodOTqFwQ&ptb=785D9EDA-F3AC-4EB7-8ED7-9CCF38CE9B0E&psa=&ind=2012062801&st=sb&n=77eda451&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={47693960-E050-11E2-9A02-00044B1992E1}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&q={searchTerms}&SSPV=
SearchScopes: HKCU - 65A02591468F493D9D37BF6677ACE964 URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3307181&CUI=UN25759970510773707&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&q={searchTerms}&SSPV=
SearchScopes: HKCU - {3D82820D-B262-4C35-9AC7-4E0EFF941FAF} URL = http://www.mysearchresults.com/search?c=4100&t=04&q={searchTerms}
SearchScopes: HKCU - {47FA6A6E-1C09-4ECA-A70C-81F51DFC8355} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0101&cd=2XzuyEtN2Y1L1QzutDtDtDyEyE0BtCzyzytB0EtB0A0BtAtDtN0D0Tzu0CyBtAtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=65225379&ir=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {CFDB445B-2FCB-4E41-9D54-8EAAC2273CE9} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=7E1CEE6F-5D54-4C72-9082-E75978566431&apn_sauid=98577795-9D61-4581-9A2E-86C704277DF3
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: No Name -> {A7C0A55C-300E-4193-8FB5-5DB8E6533D35} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: No Name -> {1C8501DD-5580-48AB-B25C-6D5DBE835A6A} -> No File
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: MixiDJ V43 Toolbar -> {62f386ad-a806-4d2c-87d2-f8cf31faf77e} -> No File
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: No Name -> {A7C0A55C-300E-4193-8FB5-5DB8E6533D35} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - MixiDJ V43 Toolbar - {62f386ad-a806-4d2c-87d2-f8cf31faf77e} - No File
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\km1wbfpq.default
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @ei.GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderlandEI\Installr\1.bin\NPgtEISB.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: anvisoft.com/AdblockPlugin - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll (Anvisoft)
FF user.js: detected! => C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\km1wbfpq.default\user.js
FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\km1wbfpq.default\searchplugins\conduit-search.xml
FF Extension: SySaver - C:\Program Files (x86)\Mozilla Firefox\extensions\ecyoivyyjrojzoyplneg@nrbkkafymvigofepbi.org [2014-02-14]
FF Extension: Unit Layers - C:\Program Files (x86)\Mozilla Firefox\extensions\fgsegj@ohwcaijlmohgftbpsu.org [2014-02-14]
FF Extension: AnviAdblock - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\AnviAdblock@anvisoft.com.xpi [2014-07-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP
CHR RestoreOnStartup: "hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP","http:\/\/search.conduit.com\/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0EABCB22-6F73-48BF-BC6F-DA436CAAD75E&SSPV="
CHR NewTab: "chrome-extension://pflphaooapbgpeakohlggbpidpppgdff/content/newtab/newtab.html"
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q={searchTerms}
CHR Extension: (Docs) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-23]
CHR Extension: (Google Drive) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-23]
CHR Extension: (YouTube) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-23]
CHR Extension: (Extended Protection) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2013-11-05]
CHR Extension: (Google Search) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-23]
CHR Extension: (xVidly1) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dachbokeklmhlikpklnkmmealjdfanoh [2013-10-23]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-10-23]
CHR Extension: (Safe Money) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-10-23]
CHR Extension: (Vgrabber v1.5) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hchkdglnjoagfcnikmcebkjlfbcbkhnm [2013-10-23]
CHR Extension: (Lightning Newtab) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2013-11-05]
CHR Extension: (MixiDJ V43) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplmoojljbihgoknngmcimjbaddnnhkd [2013-10-23]
CHR Extension: (Virtual Keyboard) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-10-23]
CHR Extension: (WhiteSmoke New) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi [2013-10-23]
CHR Extension: (Ziftr Alerts - formerly FreePriceAlerts.com) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngoiabglmnijabkfknliolcbjfcmbmdl [2013-10-23]
CHR Extension: (Google Wallet) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-23]
CHR Extension: (GreatArcadeHits Add-on) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh [2013-11-05]
CHR Extension: (MySearchDial New Tab) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-02-02]
CHR Extension: (Gmail) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-23]
CHR Extension: (Anti-Banner) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-10-23]
CHR HKCU\...\Chrome\Extension: [dachbokeklmhlikpklnkmmealjdfanoh] - C:\Users\Phil\AppData\Local\CRE\dachbokeklmhlikpklnkmmealjdfanoh.crx [2013-08-07]
CHR HKCU\...\Chrome\Extension: [hchkdglnjoagfcnikmcebkjlfbcbkhnm] - C:\Users\Phil\AppData\Local\CRE\hchkdglnjoagfcnikmcebkjlfbcbkhnm.crx [2013-08-20]
CHR HKCU\...\Chrome\Extension: [iplmoojljbihgoknngmcimjbaddnnhkd] - C:\Users\Phil\AppData\Local\CRE\iplmoojljbihgoknngmcimjbaddnnhkd.crx [2013-10-02]
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Phil\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-04-25]
CHR HKLM-x32\...\Chrome\Extension: [dachbokeklmhlikpklnkmmealjdfanoh] - C:\Users\Phil\AppData\Local\CRE\dachbokeklmhlikpklnkmmealjdfanoh.crx [2013-08-07]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hchkdglnjoagfcnikmcebkjlfbcbkhnm] - C:\Users\Phil\AppData\Local\CRE\hchkdglnjoagfcnikmcebkjlfbcbkhnm.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [iplmoojljbihgoknngmcimjbaddnnhkd] - C:\Users\Phil\AppData\Local\CRE\iplmoojljbihgoknngmcimjbaddnnhkd.crx [2013-10-02]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Phil\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-04-25]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2014-04-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - [url]https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ngoiabglmnijabkfknliolcbjfcmbmdl] - C:\ProgramData\FreePriceAlerts\Chrome\FreePriceAlerts.crx [2013-09-16]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=3219913727_67194_C482AB30&ts=1383634190
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-05-29] (Anvisoft)
R2 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1206504 2014-05-28] (Anvisoft)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2012-04-02] (CyberLink)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-07-20] (Creative Labs) [File not signed]
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-09-06] () [File not signed]
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [X]
S2 MDM; "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 asd2fsm; C:\Windows\System32\DRIVERS\asd2fsm.sys [48656 2014-05-28] (Anvisoft)
R1 Asdids; C:\Windows\System32\DRIVERS\asdids.sys [47632 2014-05-28] (Anvisoft)
S0 aswRvrt; No ImagePath
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2012-02-02] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [377840 2012-02-02] (CyberLink Corporation.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-23] (Kaspersky Lab ZAO)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2x.sys [553472 2008-09-29] (Atheros Communications, Inc.)
R3 aswVmm; \??\C:\Users\Phil\AppData\Local\Temp\aswVmm.sys [X]
S3 cpuz136; \??\C:\Users\Phil\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
U3 aswMBR; \??\C:\Users\Phil\AppData\Local\Temp\aswMBR.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-27 01:26 - 2014-07-27 01:30 - 00032548 _____ () C:\Users\Phil\Desktop\FRST.txt
2014-07-27 01:23 - 2014-07-27 01:23 - 02093568 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2014-07-27 01:10 - 2014-07-27 01:10 - 00002370 _____ () C:\Users\Phil\Desktop\aswMBR.txt
2014-07-27 01:10 - 2014-07-27 01:10 - 00000512 _____ () C:\Users\Phil\Desktop\MBR.dat
2014-07-26 08:35 - 2014-07-26 08:35 - 00000224 _____ () C:\Windows\setupact.log
2014-07-26 08:35 - 2014-07-26 08:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 08:34 - 2014-07-26 08:34 - 00001366 _____ () C:\Windows\PFRO.log
2014-07-26 05:28 - 2014-07-26 05:28 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-07-26 05:17 - 2014-07-27 01:21 - 00000000 ____D () C:\Users\Phil\Desktop\VIRUS RECOVERY FOLDER
2014-07-26 05:16 - 2014-07-27 01:30 - 00000000 ____D () C:\FRST
2014-07-26 05:15 - 2014-07-26 05:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PHIL-HUNTER-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-26 05:13 - 2014-07-26 05:13 - 00000000 ____D () C:\RegBackup
2014-07-26 05:12 - 2014-07-26 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-26 05:11 - 2014-07-26 05:11 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-26 05:05 - 2014-07-26 05:05 - 00003732 _____ () C:\Windows\System32\Tasks\ASD_Schedule
2014-07-26 04:22 - 2014-07-26 08:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-07-26 04:22 - 2014-07-26 07:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-07-26 04:22 - 2014-07-26 05:05 - 00003272 _____ () C:\Windows\System32\Tasks\ASD_Main
2014-07-26 04:22 - 2014-07-26 04:22 - 00001191 _____ () C:\Users\Phil\Desktop\Anvi Smart Defender.lnk
2014-07-26 04:01 - 2014-07-26 04:01 - 13829304 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\mseinstall.exe
2014-07-26 03:58 - 2014-07-26 07:32 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-07-26 03:58 - 2014-07-26 03:58 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-07-26 03:58 - 2014-05-28 21:03 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-07-26 03:57 - 2014-07-26 03:57 - 36035456 _____ (Anvisoft) C:\Users\Phil\Downloads\asdsetup.exe
2014-07-26 01:05 - 2014-07-26 01:05 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Oracle
2014-07-26 00:16 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-26 00:16 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-26 00:16 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-26 00:16 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-26 00:16 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-26 00:16 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-26 00:15 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-26 00:15 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-26 00:15 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-26 00:15 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-26 00:15 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-26 00:15 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-26 00:15 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-26 00:15 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-26 00:15 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-26 00:15 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-26 00:15 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-26 00:15 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-26 00:15 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-26 00:15 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-26 00:15 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-26 00:15 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-26 00:15 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-26 00:15 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-26 00:15 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-26 00:15 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-26 00:15 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-26 00:15 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-26 00:15 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-26 00:15 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-26 00:15 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-26 00:15 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-26 00:15 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-26 00:15 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-26 00:15 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-26 00:15 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-26 00:15 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-26 00:15 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-26 00:15 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-26 00:15 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-26 00:15 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-26 00:15 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-26 00:15 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-26 00:15 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-26 00:15 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-26 00:15 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-26 00:15 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-26 00:15 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-26 00:15 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-26 00:15 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-26 00:15 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-26 00:15 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-26 00:15 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-26 00:15 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-26 00:15 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-26 00:15 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-26 00:15 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-26 00:15 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-26 00:15 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-26 00:15 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-26 00:15 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-26 00:15 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-26 00:15 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-26 00:15 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-26 00:15 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-26 00:15 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-26 00:14 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-26 00:14 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-26 00:14 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-26 00:14 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-26 00:13 - 2014-07-26 00:14 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-26 00:12 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-26 00:12 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-26 00:12 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-13 23:20 - 2014-05-29 18:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-13 23:20 - 2014-05-29 18:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-13 23:16 - 2014-07-13 23:20 - 00000000 ____D () C:\Users\Phil\AppData\Local\NVIDIA Corporation
2014-07-13 23:16 - 2014-05-29 18:07 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-13 23:16 - 2014-05-29 18:07 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-13 23:15 - 2014-07-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-13 23:14 - 2014-05-19 18:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-13 23:14 - 2014-05-14 18:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-13 23:12 - 2014-05-19 21:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-13 23:12 - 2014-05-19 21:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-13 23:12 - 2014-05-19 21:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-13 23:12 - 2014-03-31 11:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-07-13 23:12 - 2014-03-31 11:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-07-13 23:12 - 2014-03-31 11:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-07-13 23:05 - 2014-07-13 23:06 - 231400888 _____ (NVIDIA Corporation) C:\Users\Phil\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-07-13 17:29 - 2014-07-13 17:29 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-07-12 19:44 - 2014-07-12 19:44 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup(1).exe
2014-07-12 19:41 - 2014-07-12 19:42 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup.exe
2014-07-08 00:58 - 2014-07-08 00:58 - 00262144 _____ () C:\Windows\Minidump\070814-21528-01.dmp
2014-07-08 00:58 - 2014-07-08 00:58 - 00000000 ____D () C:\Windows\Minidump
2014-07-06 17:46 - 2014-07-06 17:47 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.5
2014-07-06 17:45 - 2014-07-06 17:45 - 01047296 _____ () C:\Users\Phil\Downloads\oQueue_1.9.5.zip
2014-07-04 15:57 - 2014-07-04 15:57 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-07-04 15:57 - 2014-07-04 15:57 - 00000000 ____D () C:\Users\Phil\AppData\Local\Downloaded Installations
2014-06-29 01:54 - 2014-06-29 01:54 - 00000000 ____D () C:\Users\Phil\AppData\Local\Skype
2014-06-29 01:53 - 2014-06-29 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-27 02:23 - 2014-06-27 02:24 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.4
2014-06-27 02:23 - 2014-06-27 02:23 - 01047047 _____ () C:\Users\Phil\Downloads\oQueue_1.9.4.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-27 01:30 - 2014-07-27 01:26 - 00032548 _____ () C:\Users\Phil\Desktop\FRST.txt
2014-07-27 01:30 - 2014-07-26 05:16 - 00000000 ____D () C:\FRST
2014-07-27 01:23 - 2014-07-27 01:23 - 02093568 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2014-07-27 01:21 - 2014-07-26 05:17 - 00000000 ____D () C:\Users\Phil\Desktop\VIRUS RECOVERY FOLDER
2014-07-27 01:21 - 2014-02-14 01:21 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2014-07-27 01:21 - 2013-10-20 20:21 - 00000288 _____ () C:\Windows\Tasks\DigitalSite.job
2014-07-27 01:15 - 2013-03-18 18:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-27 01:10 - 2014-07-27 01:10 - 00002370 _____ () C:\Users\Phil\Desktop\aswMBR.txt
2014-07-27 01:10 - 2014-07-27 01:10 - 00000512 _____ () C:\Users\Phil\Desktop\MBR.dat
2014-07-27 00:50 - 2013-09-23 20:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-27 00:37 - 2013-08-12 17:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-27 00:28 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 00:21 - 2013-10-20 21:21 - 00000208 _____ () C:\Users\Phil\AppData\Roaming\WB.CFG
2014-07-26 22:12 - 2013-10-10 18:50 - 00000000 ____D () C:\Users\Phil\AppData\Local\SevereWeatherAlerts
2014-07-26 21:02 - 2013-10-23 11:46 - 00000000 ____D () C:\Users\Phil\AppData\Local\Battle.net
2014-07-26 17:55 - 2011-07-20 15:06 - 01212934 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 09:37 - 2013-08-12 17:42 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 08:42 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 08:42 - 2009-07-13 23:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 08:35 - 2014-07-26 08:35 - 00000224 _____ () C:\Windows\setupact.log
2014-07-26 08:35 - 2014-07-26 08:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 08:35 - 2014-07-26 04:22 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-07-26 08:35 - 2013-05-21 18:58 - 00155136 ___SH () C:\Users\Phil\Desktop\Thumbs.db
2014-07-26 08:35 - 2011-07-24 11:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-26 08:35 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 08:34 - 2014-07-26 08:34 - 00001366 _____ () C:\Windows\PFRO.log
2014-07-26 08:08 - 2013-09-18 03:48 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Guild Wars 2
2014-07-26 08:08 - 2012-10-18 23:16 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\TS3Client
2014-07-26 07:57 - 2011-07-20 15:47 - 00000000 ____D () C:\Users\Phil\Documents\My Received Files
2014-07-26 07:42 - 2014-02-14 02:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-26 07:42 - 2011-07-20 17:53 - 00000000 ____D () C:\Windows\Panther
2014-07-26 07:41 - 2013-10-05 02:20 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy BitTorrent Client
2014-07-26 07:41 - 2013-02-23 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strongvault Online Backup
2014-07-26 07:41 - 2012-12-11 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-26 07:41 - 2012-10-02 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
2014-07-26 07:41 - 2011-10-20 19:37 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-07-26 07:41 - 2011-07-20 15:48 - 00000000 ___RD () C:\Users\Phil\Desktop\Kalyn Hunter
2014-07-26 07:32 - 2014-07-26 04:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-07-26 07:32 - 2014-07-26 03:58 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-07-26 07:10 - 2013-08-15 00:35 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{63CEC37D-1E44-4705-B186-48006A0133CC}
2014-07-26 05:58 - 2014-01-02 09:09 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-07-26 05:28 - 2014-07-26 05:28 - 00002052 _____ () C:\Windows\epplauncher.mif
2014-07-26 05:15 - 2014-07-26 05:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PHIL-HUNTER-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-26 05:13 - 2014-07-26 05:13 - 00000000 ____D () C:\RegBackup
2014-07-26 05:12 - 2014-07-26 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-26 05:11 - 2014-07-26 05:11 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-26 05:05 - 2014-07-26 05:05 - 00003732 _____ () C:\Windows\System32\Tasks\ASD_Schedule
2014-07-26 05:05 - 2014-07-26 04:22 - 00003272 _____ () C:\Windows\System32\Tasks\ASD_Main
2014-07-26 04:22 - 2014-07-26 04:22 - 00001191 _____ () C:\Users\Phil\Desktop\Anvi Smart Defender.lnk
2014-07-26 04:01 - 2014-07-26 04:01 - 13829304 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\mseinstall.exe
2014-07-26 03:58 - 2014-07-26 03:58 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-07-26 03:57 - 2014-07-26 03:57 - 36035456 _____ (Anvisoft) C:\Users\Phil\Downloads\asdsetup.exe
2014-07-26 01:08 - 2009-07-13 23:45 - 00425504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-26 01:07 - 2012-06-28 00:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-26 01:07 - 2012-06-28 00:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-26 01:06 - 2014-05-09 07:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-26 01:06 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-26 01:06 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-26 01:06 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-26 01:05 - 2014-07-26 01:05 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Oracle
2014-07-26 01:04 - 2013-10-17 21:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-26 00:22 - 2013-08-06 08:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-26 00:20 - 2011-07-24 10:52 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-26 00:19 - 2012-06-28 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-26 00:19 - 2011-07-20 15:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-26 00:14 - 2014-07-26 00:13 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-26 00:14 - 2013-06-26 20:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-24 18:54 - 2013-10-23 11:46 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-24 17:21 - 2013-09-06 15:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-22 18:26 - 2014-03-12 05:49 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-13 23:20 - 2014-07-13 23:16 - 00000000 ____D () C:\Users\Phil\AppData\Local\NVIDIA Corporation
2014-07-13 23:20 - 2011-07-24 10:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-13 23:18 - 2014-04-29 23:38 - 00000000 ____D () C:\Users\Phil\AppData\Local\NVIDIA
2014-07-13 23:18 - 2011-07-24 10:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-13 23:16 - 2011-07-24 11:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-13 23:15 - 2014-07-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-13 23:06 - 2014-07-13 23:05 - 231400888 _____ (NVIDIA Corporation) C:\Users\Phil\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-07-13 22:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-13 17:57 - 2011-07-20 15:06 - 00000000 ____D () C:\Users\Phil
2014-07-13 17:29 - 2014-07-13 17:29 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-07-12 19:44 - 2014-07-12 19:44 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup(1).exe
2014-07-12 19:44 - 2014-03-11 16:00 - 00000930 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-07-12 19:42 - 2014-07-12 19:41 - 01141408 _____ ( ) C:\Users\Phil\Downloads\hwmonitor_1.25-setup.exe
2014-07-11 03:02 - 2014-07-26 00:14 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-26 00:14 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-26 00:14 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-26 00:14 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-08 18:50 - 2013-09-23 20:44 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 18:50 - 2013-09-23 20:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 18:50 - 2013-09-23 20:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 00:58 - 2014-07-08 00:58 - 00262144 _____ () C:\Windows\Minidump\070814-21528-01.dmp
2014-07-08 00:58 - 2014-07-08 00:58 - 00000000 ____D () C:\Windows\Minidump
2014-07-08 00:31 - 2013-09-06 15:51 - 00000000 ____D () C:\Users\Phil\AppData\Roaming\Skype
2014-07-06 17:47 - 2014-07-06 17:46 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.5
2014-07-06 17:47 - 2011-07-20 18:43 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-07-06 17:45 - 2014-07-06 17:45 - 01047296 _____ () C:\Users\Phil\Downloads\oQueue_1.9.5.zip
2014-07-04 15:57 - 2014-07-04 15:57 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-07-04 15:57 - 2014-07-04 15:57 - 00000000 ____D () C:\Users\Phil\AppData\Local\Downloaded Installations
2014-07-04 15:57 - 2013-09-14 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-07-04 15:57 - 2013-09-14 11:27 - 00000000 ____D () C:\Program Files (x86)\The Weather Channel
2014-06-29 21:09 - 2014-07-26 00:16 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 21:04 - 2014-07-26 00:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 01:54 - 2014-06-29 01:54 - 00000000 ____D () C:\Users\Phil\AppData\Local\Skype
2014-06-29 01:53 - 2014-06-29 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-29 01:53 - 2013-09-06 15:50 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-29 01:53 - 2013-09-06 15:50 - 00000000 ____D () C:\ProgramData\Skype
2014-06-27 02:24 - 2014-06-27 02:23 - 00000000 ____D () C:\Users\Phil\Downloads\oQueue_1.9.4
2014-06-27 02:23 - 2014-06-27 02:23 - 01047047 _____ () C:\Users\Phil\Downloads\oQueue_1.9.4.zip
Some content of TEMP:
====================
C:\Users\Phil\AppData\Local\Temp\_is100B.exe
C:\Users\Phil\AppData\Local\Temp\_isEC84.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-30 20:46
==================== End Of Log ============================