Solved Go Save Booster Virus and Friends

[Xeon897]

Well, I've already described the majority of the problem above but I can tell its still here for when I tried to log on to my game (League of Legends) it fails to connect and when I hit the help link on the client, chrome said that something or someone was trying to intercept my information, yay... Also I can still see folders on my hard drive, which is always a fun time...

P.S. Sorry, I didn't know that I had to have the AdwCleaner, aswMBR and FRST scan logs so here are the FRST scan logs first, I will repost the others shortly.

Edit: Looking at the logs it says my Anti-Virus was Windows Defender, I had Malwarebytes but It stopped working for whatever reason recently-- Hopefully this will fix my Malwarebytes also but if not I can always redownload (not now though)

 

[TwinHeadedEagle]

Hello,



They call me TwinHeadedEagle around here, and I'll be working with you.



Before we start please read and note the following:

• At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
• Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  
• All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
• If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
• I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
  
• Please attach all report using
  
  button below. Doing this, you make it easier for me to analyze and fix your problem.
  
• Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:
  

  createsrpoint;
  autoclean;
  emptyalltemp;
  ipconfig /flushdns;b

• Make sure that Scan All Users option is checked.
• Push Run Script and wait patiently. The scan may take a couple of minutes.
• When the scan completes, a zoek-results logfile should open in notepad.
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 

[Xeon897]

Here you go, I will also upload it in a txt:
--
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by Jason at 2014-10-03 16:25:59
Running from C:\Users\Jason\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"PAYDAY 2" (HKLM-x32\...\{1BDD16AF-A9A5-4C62-8492-94367E7D0A42}_is1) (Version: 1.7.1 (Update 25.1) - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.30.100.40522 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - )
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
ArcheAge (HKLM-x32\...\Steam App 304030) (Version: - XLGAMES)
Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
ChronoTimer (HKLM-x32\...\{6376ADA5-D796-4EC6-A4DC-B35D3EE8925A}) (Version: 2.0.1 - PC Scoreboards)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dungeon Defenders Eternity (HKLM-x32\...\Steam App 302270) (Version: - Nom Nom Games)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.4 - Echobit, LLC)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Firefall (HKLM-x32\...\Steam App 227700) (Version: - Red 5 Studios)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
God Mode (HKLM-x32\...\Steam App 227480) (Version: - Old School Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GS_Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54}) (Version: - Certified Publisher) <==== ATTENTION
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
HP Officejet Pro 8100 Basic Device Software (HKLM\...\{E6403545-8324-47B4-ADCD-4F8A4CD8A1E1}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{DE788AD4-F7CE-4995-ADF8-56174A7B613C}) (Version: 3.0.41.1571 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version: - )
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.5.2 - www.leaguereplays.com)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 3.1.59 (HKLM-x32\...\ManyCam) (Version: 3.1.59 - ManyCam LLC)
MechWarrior Online (HKLM-x32\...\{73bcb521-8936-42d7-ad00-ec2bb399e26c}) (Version: 1.4.3.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.3.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mount Your Friends (HKLM-x32\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
Mozilla Firefox 22.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 en-US)) (Version: 22.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
My Game Long Name (HKLM\...\UDK-4885f459-5593-464d-abd3-2e696724498e) (Version: - Epic Games, Inc.)
Nass_Client (HKLM-x32\...\{BB39BE0F-5634-C12C-BF3B-D1F319A3F315}) (Version: - )
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.25 - NETGEAR Inc.)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.1.1 - Nexon)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pandora First Contact (HKLM-x32\...\Pandora First Contact_is1) (Version: - Slitherine)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfect Resize 7.5 (HKLM-x32\...\{EFBAD7A9-39AB-4C34-8745-0DEBA5BDC793}) (Version: 7.5 - onOne Software)
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1020.0 - Passmark Software)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 Live Test (HKCU\...\SOE-PlanetSide 2 Test) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quickscope Simulator (HKCU\...\Quickscope Simulator) (Version: - )
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12889.86 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Robocraft version 0.3.274 (HKCU\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.274 - Freejam)
Rosetta Stone V3 (HKLM-x32\...\{7210BCFE-ED8D-4261-8537-81B5A4BDFA2A}) (Version: 3.2.11 - Rosetta Stone)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sobolsoft PDF Setup (HKLM\...\Sobolsoft PDF Setup) (Version: - )
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)
Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)
Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version: - )
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
SpaceChem (HKLM-x32\...\Steam App 92800) (Version: - Zachtronics)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II Mod Tools (HKLM-x32\...\{F7D0A1C2-9CBA-4207-8138-DE9DDBFCFAA3}) (Version: 1.0 - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.014 - MSI)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Toribash (HKLM-x32\...\Steam App 248570) (Version: - Nabi Studios)
Total War ROME II (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
TRENDnet Powerline Utility (HKLM-x32\...\{57F145A5-2B04-4A76-9BE0-EF8EFBA70DE0}) (Version: 6.0.1 - TRENDnet)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Development Kit (HKLM-x32\...\Steam App 13260) (Version: - Epic Games)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
War Thunder Launcher 1.0.1.278 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
YooutubeAdBlOcke (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 2.2.0.1297 - )
YTD Video Downloader 4.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.6 - GreenTree Applications SRL)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1346016982-562286635-2600817751-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jason\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

26-09-2014 20:22:11 Windows Update
30-09-2014 21:06:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {11448784-4518-45E5-8B96-E2D99B2CF087} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {265CF00D-D156-4175-B7D7-E594571880F3} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {3334CD00-FCFA-4361-8524-2FD1DF812AAD} - System32\Tasks\PCMeter\Startup => C:\Users\Jason\AppData\Local\Temp\Rar$EXa0.726\PCMeter\PCMeterV0.3.exe <==== ATTENTION
Task: {44F7AFD0-894C-4A16-A24A-40B789B9BCC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {589304FA-1A5D-4D9A-9E93-DD13F9F5FC29} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1346016982-562286635-2600817751-1000UA => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {61D76718-4E7C-4CA6-B416-858CF63A835F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6E7BE97C-E03F-42A1-9F0E-76B243CD40E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {A3BBB722-FE83-4EEE-8FAE-947D88451176} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1346016982-562286635-2600817751-1000Core => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1346016982-562286635-2600817751-1000Core.job => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1346016982-562286635-2600817751-1000UA.job => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-08 11:33 - 2010-12-10 12:24 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2012-08-16 20:36 - 2012-08-16 20:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 20:36 - 2012-08-16 20:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-06-12 19:18 - 2013-06-12 19:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-05-29 16:25 - 2012-09-28 13:51 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-01 21:18 - 2014-10-01 21:18 - 04210176 _____ () C:\Program Files (x86)\GS_Booster\Assistant_x64.dll
2014-06-11 02:40 - 2014-06-11 02:40 - 00098816 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2014-03-13 15:52 - 2014-03-13 15:52 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-13 15:52 - 2014-03-13 15:52 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-13 15:52 - 2014-03-13 15:52 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-04-04 03:38 - 2014-03-13 15:52 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-04-04 03:38 - 2014-03-13 15:52 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-13 15:52 - 2014-03-13 15:52 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-13 15:52 - 2014-03-13 15:52 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-04-04 03:38 - 2014-03-13 15:52 - 00134088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2013-04-04 03:38 - 2014-03-13 15:52 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-10 16:43 - 2014-03-13 15:52 - 00577480 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-10-03 16:15 - 2014-10-03 16:15 - 01290752 _____ () C:\Users\Jason\Downloads\zoek.exe
2013-09-28 20:14 - 2013-09-28 20:14 - 03369922 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuin51.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00544817 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00989805 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2013-09-28 20:14 - 2013-09-28 20:14 - 01978690 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuuc51.dll
2013-09-28 20:14 - 2013-09-28 20:14 - 22378434 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icudt51.dll
2013-09-28 20:14 - 2013-09-28 20:14 - 01233408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2014-06-11 02:40 - 2014-06-11 02:40 - 00523776 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2014-06-11 02:09 - 2014-06-11 02:09 - 01554944 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2014-06-11 02:10 - 2014-06-11 02:10 - 00192512 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2014-06-11 02:11 - 2014-06-11 02:11 - 00632832 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2014-06-11 02:59 - 2014-06-11 02:59 - 05992960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2014-03-23 22:33 - 2014-03-23 22:33 - 00068608 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2014-06-11 02:30 - 2014-06-11 02:30 - 00427520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2014-03-23 22:33 - 2014-03-23 22:33 - 00144896 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2014-06-11 02:29 - 2014-06-11 02:29 - 01175552 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2014-06-11 02:31 - 2014-06-11 02:31 - 10063872 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2014-06-13 02:39 - 2014-06-13 02:39 - 01361920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2014-06-11 02:35 - 2014-06-11 02:35 - 00200192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2014-06-11 02:36 - 2014-06-11 02:36 - 00885248 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2014-06-11 02:38 - 2014-06-11 02:38 - 00427520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00052224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00261120 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2014-04-08 03:07 - 2014-04-08 03:07 - 00081408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2014-04-08 03:06 - 2014-04-08 03:06 - 00143360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2012-11-29 04:56 - 2012-11-29 04:56 - 03332720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2014-03-23 22:31 - 2014-03-23 22:31 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2014-03-23 22:31 - 2014-03-23 22:31 - 00074240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2014-03-23 22:31 - 2014-03-23 22:31 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2014-06-11 02:36 - 2014-06-11 02:36 - 00642048 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2014-06-11 02:38 - 2014-06-11 02:38 - 00458752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-03-23 23:08 - 2014-03-23 23:08 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2014-03-23 22:31 - 2014-03-23 22:31 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00040960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2014-10-03 16:05 - 2014-10-03 16:05 - 00043008 _____ () c:\users\jason\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkkamvj.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\Jason\AppData\Roaming\Dropbox\bin\libcef.dll
2013-05-29 16:37 - 2012-10-22 00:22 - 01199648 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-09-24 21:06 - 2014-09-22 23:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-24 21:06 - 2014-09-22 23:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-24 21:06 - 2014-09-22 23:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-24 21:06 - 2014-09-22 23:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-24 21:06 - 2014-09-22 23:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1346016982-562286635-2600817751-500 - Administrator - Disabled)
Guest (S-1-5-21-1346016982-562286635-2600817751-501 - Limited - Disabled)
Jason (S-1-5-21-1346016982-562286635-2600817751-1000 - Administrator - Enabled) => C:\Users\Jason

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/03/2014 04:06:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 04:00:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xd08
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (10/03/2014 03:45:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 03:44:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Exception code: 0x40000015
Fault offset: 0x0007da8a
Faulting process id: 0x97c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (10/03/2014 03:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamscheduler.exe, version: 3.0.2.0, time stamp: 0x5339cec3
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x430
Faulting application start time: 0xmbamscheduler.exe0
Faulting application path: mbamscheduler.exe1
Faulting module path: mbamscheduler.exe2
Report Id: mbamscheduler.exe3

Error: (10/03/2014 03:21:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1530
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (10/03/2014 03:14:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 03:13:51 PM) (Source: MsiInstaller) (EventID: 11310) (User: Jason-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Jason\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (10/03/2014 03:13:31 PM) (Source: MsiInstaller) (EventID: 11310) (User: Jason-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Jason\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (10/03/2014 03:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Exception code: 0x40000015
Fault offset: 0x0007da8a
Faulting process id: 0x994
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3


System errors:
=============
Error: (10/03/2014 04:07:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (10/03/2014 04:06:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/03/2014 03:46:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (10/03/2014 03:45:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/03/2014 03:44:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

Error: (10/03/2014 03:44:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%1053

Error: (10/03/2014 03:44:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

Error: (10/03/2014 03:15:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (10/03/2014 03:13:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/03/2014 03:13:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (10/03/2014 04:06:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 04:00:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd0801cfdf4d113edd3bC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll501fb688-4b40-11e4-bc74-d43d7e965946

Error: (10/03/2014 03:45:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 03:44:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a97c01cfdf4ad5a7e017C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe1c4fdc40-4b3e-11e4-bc74-d43d7e965946

Error: (10/03/2014 03:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe3.0.2.05339cec3MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd43001cfdf4acbda97feC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll12f0712b-4b3e-11e4-bc74-d43d7e965946

Error: (10/03/2014 03:21:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd153001cfdf47933659bdC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlld2153733-4b3a-11e4-ae91-d43d7e965946

Error: (10/03/2014 03:14:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 03:13:51 PM) (Source: MsiInstaller) (EventID: 11310) (User: Jason-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Jason\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 03:13:31 PM) (Source: MsiInstaller) (EventID: 11310) (User: Jason-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Jason\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2014 03:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a99401cfdf466d9bd87bC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeb4463605-4b39-11e4-ae91-d43d7e965946


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16070.93 MB
Available physical RAM: 13127.32 MB
Total Pagefile: 32140.04 MB
Available Pagefile: 28832.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (The Computer's Wild Imagination) (Fixed) (Total:931.41 GB) (Free:443.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F17CB8C1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[TwinHeadedEagle]

This is not what a asked you to do.

 

[Xeon897]

I scanned with Zoek and sent the Farbar log-- Great Job Me!!!
I shall right my wrongs...
--

Zoek.exe v5.0.0.0 Updated 03-October-2014
Tool run by Jason on Fri 10/03/2014 at 16:15:52.97.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jason\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/3/2014 5:10:23 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\YooutubeAdBlOcke deleted
C:\ProgramData\YooutubeAdBlOcke deleted
C:\Users\Jason\AppData\Roaming\All CPU MeterV3_Settings.ini deleted
C:\Users\Jason\AppData\Roaming\GPU MeterV2_Settings.ini deleted
C:\Users\Jason\AppData\Roaming\Network Meter_Settings.ini deleted
C:\Users\Jason\AppData\Roaming\Network Meter_Usage.ini deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\Trusted Publisher deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Jason\AppData\Local\CrashRpt deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\utx1o44p.default\extensions\staged deleted
C:\Users\Jason\Desktop\Folder Of Folders\Battle Mac\##### u ilivid.png deleted
"C:\PROGRA~3\fd1902d28d802131\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20141001211816" deleted
"C:\PROGRA~3\fd1902d28d802131\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20141001211821" deleted
"C:\PROGRA~3\fd1902d28d802131\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141001211803" deleted
"C:\PROGRA~3\fd1902d28d802131\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141001211810" deleted
"C:\PROGRA~3\fd1902d28d802131\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141003160422" deleted
"C:\PROGRA~2\GS_Booster\Assistant_x64.dll" deleted
"C:\PROGRA~3\fd1902d28d802131" deleted
"C:\PROGRA~2\GS_Booster" not deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\utx1o44p.default
- ReloadEvery - %ProfilePath%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\utx1o44p.default
66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bmiabdepfhhiieiipmeecdmeljggmfee - No path found[]
dflinnddekagfkncpgojoppgnppfkbkj - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Jason\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[08/20/2013 11:49 AM]

GoSavEu - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Administrator\AppData\Local\Torch\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Guest\AppData\Local\Torch\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Guest\AppData\Local\Torch\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Jason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Jason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Jason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Jason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
Google Voice Search Hotword (Beta) - Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
GoSavEu - Jason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Jason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald
GoSavEu - Jason\AppData\Local\Torch\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg
SocialReviver - Jason\AppData\Local\Torch\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald

==== Chromium Fix ======================

C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully
C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Jason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Jason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Jason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Jason\AppData\Local\Torch\User Data\Default\Extensions\agnacdfkcbbebjmalgeonghfooaggecg deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Jason\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Jason\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Jason\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully
C:\Users\Jason\AppData\Local\Torch\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7MSIM_enUS539"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1346016982-562286635-2600817751-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully
HKEY_USERS\S-1-5-21-1346016982-562286635-2600817751-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9972aa54-66d8-4639-8749-15b6f8290a34} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dflinnddekagfkncpgojoppgnppfkbkj deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=201 folders=116 50365437 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jason\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jason\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\PROGRA~2\GS_Booster" not found

==== EOF on Sat 10/04/2014 at 12:02:21.84 ======================

 

[TwinHeadedEagle]

Very good

How is your PC now?

 

[Xeon897]

Seems back to normal

 

[TwinHeadedEagle]

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself

Recommended reading:
​

MUST READ - security tips:

• Computer Security - a short guide to staying safer online.
• Simple and easy ways to keep your computer safe and secure on the Internet

MUST READ - general maintenance:

• What to do if your Computer is running slowly?

The Importance of Software Updating:
​

In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.​

Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

• How to configure and use Automatic Updates in Windows
• How to update Java
• How to update Adobe Reader

Recommended additional software:
​

TFC - to clean unneeded temporary files.

Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.

Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.

McShield - to prevent infections spread by removable media.

CryptoPrevent - to secure yourself from very severe CryptoLocker infection.

Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.

FiheHippo.com Update Checker - to keep your programs up-to-date.

Adblock - to surf the web without annoying ads!

Post-cleanup procedures:​

Download DelFix by Xplode and save it to your desktop.

• Run the tool by right click on the
  
  icon and Run as administrator option.
• Make sure that these ones are checked:
  • Remove disinfection tools
  • Purge system restore
  • Reset system settings
• Push Run and wait until the tool completes his work.
• All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

My help is free for everybody.
If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation:
Thank you!​

Stay safe,
TwinHeadedEagle