Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
IStartSurf taking over all browsers
Message
<blockquote data-quote="LiamA" data-source="post: 259667" data-attributes="member: 27752"><p>I'm having a problem with a random search engine by the name of IStartSurf, it occured after I downloaded Google Chrome AdBlock (Doesn't make sense to me) And from that point onwards my computer is always laggy and slow to function. Along with this problem, there is pop-ups which destroy my current window/tab.</p><p></p><p>I read another thread which had a similar problem and completed the first step with the zoek, here as is follows after copying and pasting what was in the box:</p><p></p><p></p><p>Zoek.exe v5.0.0.0 Updated 10-September-2014</p><p>Tool run by User on 10/09/2014 at 21:53:11.59.</p><p>Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\User\Downloads\zoek.exe [Scan all users] [Script inserted]</p><p></p><p>==== System Restore Info ======================</p><p></p><p>10/09/2014 21:54:47 Zoek.exe System Restore Point Created Succesfully.</p><p></p><p>==== Installed Programs ======================</p><p></p><p>Acer System Information </p><p>Adobe AIR </p><p>Adobe Flash Player 14 Plugin </p><p>Adobe Flash Player 15 ActiveX </p><p>Adobe Reader XI (11.0.07) </p><p>Adobe Shockwave Player 12.1 </p><p>Akamai NetSession Interface </p><p>Apple Application Support </p><p>Apple Mobile Device Support </p><p>Apple Software Update </p><p>Audacity 2.0.5 </p><p>Auslogics DiskDefrag </p><p>avast Free Antivirus </p><p>Bonjour </p><p>Broadcom Gigabit NetLink Controller </p><p>Browse Safe </p><p>Browsers Apps </p><p>CDBurnerXP </p><p>Combined Community Codec Pack 2014-04-20 </p><p>CouponFactory </p><p>D3DX10 </p><p>Driver Support </p><p>eDealsPop version 1.0 </p><p>eMu3Ds </p><p>FreeSoftToday 013.97 </p><p>GIMP 2.8.10 </p><p>Glary Utilities 5.1 </p><p>Google Chrome </p><p>Google Earth </p><p>Google Update Helper </p><p>Happy Cloud Client </p><p>Hotspot Shield 3.46 </p><p>Idle~_~Crawler </p><p>ImgBurn </p><p>InfraRecorder 0.53 (x64 edition) </p><p>Intel(R) Processor Graphics </p><p>istartsurf uninstall </p><p>iTunes </p><p>Java 7 Update 60 </p><p>Java 7 Update 67 (64-bit) </p><p>Java Auto Updater </p><p>K-Lite Codec Pack 10.5.0 Full </p><p>Malwarebytes Anti-Malware version 2.0.2.1012 </p><p>McAfee Security Scan Plus </p><p>MediaMonkey 4.1 </p><p>Microsoft .NET Framework 4.5.1 </p><p>Microsoft Application Error Reporting </p><p>Microsoft Security Client </p><p>Microsoft Security Essentials </p><p>Microsoft Silverlight </p><p>Microsoft SQL Server 2005 Compact Edition [ENU] </p><p>Microsoft Visual C++ 2005 Redistributable </p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 </p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 </p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 </p><p>Movie Maker </p><p>Mozilla Firefox 31.0 (x86 en-US) </p><p>Mozilla Maintenance Service </p><p>MSVCRT </p><p>MSVCRT110 </p><p>MSVCRT110_amd64 </p><p>MyPC Backup </p><p>OffersWizard Network System Driver </p><p>OpenOffice 4.1.0 </p><p>Optimizer Pro v3.2 </p><p>Paint.NET v3.5.11 </p><p>PepperZip 1.0 </p><p>Photo Common </p><p>Photo Gallery </p><p>PrivateTunnel </p><p>proXPN 2.7.2 </p><p>qBittorrent 3.1.9.2 </p><p>Qualcomm Atheros Fast Reconnect </p><p>QuickTime 7 </p><p>Remote Desktop Access (VuuPC) </p><p>Revo Uninstaller 1.95 </p><p>SaveRAuddon </p><p>Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) </p><p>Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) </p><p>Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) </p><p>SkypeT 6.16 </p><p>SlimDrivers </p><p>Spotify </p><p>swMSM </p><p>TeamViewer 9 </p><p>The Lord of the Rings Online </p><p>The Lord of the Rings OnlineT v1301.0055.0535.4025 </p><p>ToggleMark </p><p>VLC media player 2.1.3 </p><p>WindApp (remove only) </p><p>Windows Live Communications Platform </p><p>Windows Live Essentials </p><p>Windows Live ID Sign-in Assistant </p><p>Windows Live Installer </p><p>Windows Live Photo Common </p><p>Windows Live PIMT Platform </p><p>Windows Live SOXE </p><p>Windows Live SOXE Definitions </p><p>Windows Live UX Platform </p><p>Windows Live UX Platform Language Pack </p><p>WindowsMangerProtect20.0.0.502 </p><p>WinRAR 5.01 (64-bit) </p><p>Yahoo Community Smartbar </p><p>Yahoo Community Smartbar Engine </p><p></p><p>==== Running Processes ======================</p><p></p><p>C:\Program Files\AVAST Software\Avast\AvastSvc.exe</p><p>C:\ProgramData\IePluginServices\PluginService.exe</p><p>C:\Program Files (x86)\SupTab\HpUI.exe</p><p>C:\Windows\SysWOW64\rundll32.exe</p><p>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe</p><p>C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe</p><p>C:\Program Files (x86)\SupTab\Loader32.exe</p><p>C:\Program Files (x86)\Glary Utilities 5\Integrator.exe</p><p>C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe</p><p>C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe</p><p>C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe</p><p>C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe</p><p>C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptcore.exe</p><p>C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe</p><p>C:\Users\User\AppData\Local\fst_gb_97\upfst_gb_97.exe</p><p>C:\Program Files (x86)\Skype\Phone\Skype.exe</p><p>C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe</p><p>C:\Users\User\AppData\Local\Akamai\netsession_win.exe</p><p>C:\Users\User\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe</p><p>C:\Users\User\AppData\Local\Akamai\netsession_win.exe</p><p>C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe</p><p>C:\Program Files (x86)\iTunes\iTunesHelper.exe</p><p>C:\Users\User\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe</p><p>C:\Program Files (x86)\fst_gb_97\fst_gb_97.exe</p><p>C:\Program Files (x86)\eDealsPop\eDealsPop.exe</p><p>C:\Program Files\AVAST Software\Avast\avastui.exe</p><p>C:\Program Files (x86)\Bench\BService\1.1\bservice.exe</p><p>C:\Program Files (x86)\Bench\Wd\wd.exe</p><p>C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe</p><p>C:\Users\User\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe</p><p>C:\Users\User\AppData\Local\Temp\JExplorer32.2.7.1.exe</p><p>C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe</p><p>C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe</p><p>C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>C:\Users\User\Downloads\zoek.exe</p><p>C:\Windows\SysWOW64\cmd.exe</p><p>C:\Windows\SysWOW64\cmd.exe</p><p>C:\Windows\SysWOW64\cmd.exe</p><p></p><p>==== Services (whitelist) ======================</p><p>Powered by <a href="http://www.antimalwarehelp.be/EDev/" target="_blank">E Dev</a></p><p></p><p>R2 - [70e6ca8c] - Optimizer Pro Crash Monitor - "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll",SVC</p><p>R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"</p><p>R2 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"</p><p>R2 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"</p><p>R2 - [hshld] - Hotspot Shield Service - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe</p><p>R2 - [HssWd] - Hotspot Shield Monitoring Service - "C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" -product hss</p><p>R2 - [IePluginServices] - IePlugin Services - C:\ProgramData\IePluginServices\PluginService.exe -service</p><p>R2 - [MsMpSvc] - Microsoft Antimalware Service - "c:\Program Files\Microsoft Security Client\MsMpEng.exe"</p><p>R2 - [ptservice] - Private Tunnel Core Service - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe</p><p>R2 - [TeamViewer9] - TeamViewer 9 - "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"</p><p>R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"</p><p>R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding</p><p>R2 - [ZAtheros Wlan Agent] - ZAtheros Wlan Agent - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe</p><p>R3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"</p><p>R3 - [NisSrv] - Microsoft Network Inspection - "c:\Program Files\Microsoft Security Client\NisSrv.exe"</p><p>R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe</p><p>S2 - [BackupStack] - Computer Backup (MyPC Backup) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe</p><p>S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe</p><p>S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe</p><p>S2 - [globalUpdate] - globalUpdate Update Service (globalUpdate) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc</p><p>S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc</p><p>S2 - [PrivacyRawRecycle.exe] - PrivacyRawRecycle.exe - C:\Users\User\AppData\Local\PrivacyRawRecycle\PrivacyRawRecycle.exe</p><p>S2 - [sppsvc] - Software Protection - C:\Windows\system32\sppsvc.exe</p><p>S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe</p><p>S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}</p><p>S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe</p><p>S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe</p><p>S3 - [Fax] - Fax - C:\Windows\system32\fxssvc.exe</p><p>S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>S3 - [globalUpdatem] - globalUpdate Update Service (globalUpdatem) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc</p><p>S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc</p><p>S3 - [HssTrayService] - Hotspot Shield Tray Service - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE</p><p>S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\Windows\system32\IEEtwCollector.exe /V</p><p>S3 - [McComponentHostService] - McAfee Security Scan Component Host Service - "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe"</p><p>S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"</p><p>S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe</p><p>S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V</p><p>S3 - [PerfHost] - Performance Counter DLL Host - C:\Windows\SysWow64\perfhost.exe</p><p>S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe</p><p>S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe</p><p>S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe</p><p>S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe</p><p>S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\Windows\system32\Wat\WatAdminSvc.exe</p><p>S3 - [wbengine] - Block Level Backup Engine Service - "C:\Windows\system32\wbengine.exe"</p><p>S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe</p><p>S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"</p><p>S4 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe</p><p>S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe</p><p>S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe</p><p>S4 - [CompilerRawWindows.exe] - CompilerRawWindows.exe - C:\Users\User\AppData\Local\CompilerRawWindows\CompilerRawWindows.exe</p><p>S4 - [NetHttpService] - Network HTTP Support Service - C:\Windows\SysWOW64\nethtsrv.exe</p><p>S4 - [scores] - scores - C:\Windows\score.exe</p><p></p><p>==== Folders Found ======================</p><p></p><p></p><p>==== Files Found ======================</p><p></p><p></p><p>--- C:\Windows\System32\GroupPolicy\GPT.INI ---</p><p>Company: ------</p><p>File Description: ------</p><p>File Version: ------</p><p>Product Name: ------</p><p>Copyright: ------</p><p>Original Filename: ------</p><p>File type: ----a-w-</p><p>File size: 11</p><p>Created time: 2014-08-12 12:39:39</p><p>Modified time: 2014-08-14 15:36:51</p><p>MD5: EC3584F3DB838942EC3669DB02DC908E</p><p>SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA</p><p></p><p></p><p>--- C:\Windows\SysWOW64\GroupPolicy\gpt.ini ---</p><p>Company: ------</p><p>File Description: ------</p><p>File Version: ------</p><p>Product Name: ------</p><p>Copyright: ------</p><p>Original Filename: ------</p><p>File type: ----a-w-</p><p>File size: 11</p><p>Created time: 2014-08-12 12:39:39</p><p>Modified time: 2014-08-14 15:36:51</p><p>MD5: EC3584F3DB838942EC3669DB02DC908E</p><p>SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA</p><p></p><p></p><p>==== Folders Found In C:\Windows\System32\GroupPolicy ======================</p><p></p><p>2014-08-12 12:39:39 d-----w- C:\Windows\System32\GroupPolicy\Machine</p><p>2014-08-12 12:39:39 d-----w- C:\Windows\System32\GroupPolicy\User</p><p></p><p>==== Files Found In C:\Windows\System32\GroupPolicy ======================</p><p></p><p>2014-08-14 15:36:51 165 ----a-w- 9119465A983611C21B0D09D23B5C8DCE C:\Windows\System32\GroupPolicy\GPT.INI</p><p></p><p>==== Files Found In C:\Windows\SysWOW64\GroupPolicy ======================</p><p></p><p>2014-08-14 15:36:51 11 ----a-w- EC3584F3DB838942EC3669DB02DC908E C:\Windows\SysWOW64\GroupPolicy\gpt.ini</p><p></p><p>==== System Specs ======================</p><p></p><p>Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)</p><p>Memory (RAM): 5815 MB</p><p>CPU Info: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz</p><p>CPU Speed: 2635.2 MHz</p><p>Sound Card: Headset Earphone (2- Microsoft |</p><p>Speakers (High Definition Audio |</p><p>Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver</p><p>Monitors: 1x; Generic PnP Monitor |</p><p>Screen Resolution: 1366 X 768 - 32 bit</p><p>Network: Network Present</p><p>Network Adapters: Anchorfree HSS VPN Adapter #2 | Anchorfree HSS VPN Adapter | TAP Adapter V9 for Private Tunnel | Atheros AR5B97 Wireless Network Adapter | Broadcom NetLink (TM) Gigabit Ethernet</p><p>CD / DVD Drives: 1x (D: | ) D: PIONEER DVD-RW DVRTD11RS</p><p>Ports: COM Ports NOT Present. LPT Port NOT Present.</p><p>Mouse: 2 Button Mouse Present</p><p>Hard Disks: C: 111.7GB</p><p>Hard Disks - Free: C: 53.5GB</p><p>Manufacturer *: Acer</p><p>BIOS Info: AT/AT COMPATIBLE | 05/30/11 | ACRSYS - 1</p><p>Time Zone: GMT Standard Time</p><p>Motherboard *: Acer Aspire 5742</p><p>Country: United Kingdom</p><p>Language: ENG</p><p></p><p>==== System Specs (Software) ======================</p><p></p><p>Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)</p><p>Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)</p><p>Anti-Spyware: Windows Defender disabled (Outdated)</p><p>Anti-Spyware: avast! Antivirus disabled (Outdated)</p><p>Anti-Spyware: Microsoft Security Essentials disabled (Outdated)</p><p>Default Browser: Firefox 31.0</p><p>Internet Explorer Version: 11.0.9600.17239</p><p>Mozilla Firefox version: 31.0 (x86 en-US)</p><p>Google Chrome version: 37.0.2062.103</p><p>Adobe Reader version: 11.0.07.79</p><p>Sun Java version: 1.7.0_67 (32-bit)</p><p>Sun Java version: 1.7.0_67 (64-bit)</p><p>Flash Player version: 14.0.0.145</p><p>Shockwave Player version: 12.1.2r152</p><p></p><p>==== Files Recently Created / Modified ======================</p><p></p><p>====== C:\Windows ====</p><p>2014-08-12 13:20:36 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr</p><p>2014-08-12 10:43:11 43BB01FA6B3E6E4D4343BDEAB3EC56B7 4816384 ----a-w- C:\Windows\score.exe</p><p>====== C:\Users\User\AppData\Local\Temp ====</p><p>2014-09-10 14:51:10 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownde095e0b-e3a3-4446-b1e8-f8e7ffb32cad\jniwrap.dll</p><p>2014-09-09 17:05:44 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown33637f02-1f83-41f9-b913-238373dca614\jniwrap.dll</p><p>2014-09-08 15:03:20 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown1b63191f-ece6-4dda-a4fa-d16f8f91a308\jniwrap.dll</p><p>2014-09-07 08:19:51 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown7449f4c7-2381-4e4a-9a64-2a521d76adcd\jniwrap.dll</p><p>2014-09-06 09:45:36 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown62747c7a-ab0e-4e30-9c5c-88ad231a964f\jniwrap.dll</p><p>2014-09-05 12:28:06 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown25d56463-afe5-45a5-91af-d2489f045f85\jniwrap.dll</p><p>2014-09-04 15:03:35 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown8223d624-d81b-4b4b-a331-f995af34c79e\jniwrap.dll</p><p>2014-09-04 15:00:34 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-04 15:00:33 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-04 15:00:33 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-04 15:00:28 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 21:41:35 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 21:41:35 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 21:41:35 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 21:41:35 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 21:34:25 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 21:34:24 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 21:34:24 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 21:34:24 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 20:58:14 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 20:58:14 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 20:58:14 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 20:58:14 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 20:50:04 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 20:50:03 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 20:50:03 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 20:50:03 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 20:35:30 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 20:35:30 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 20:35:29 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 20:35:29 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 20:21:11 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 20:21:11 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 20:21:11 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 20:21:11 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 20:15:00 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 20:15:00 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 20:15:00 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 20:15:00 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 20:05:47 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 20:05:47 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 20:05:46 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 20:05:46 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 19:54:25 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-32.dll</p><p>2014-09-03 19:54:25 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterWin7-64.dll</p><p>2014-09-03 19:54:25 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-64.dll</p><p>2014-09-03 19:54:25 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\<a href="mailto:vagrant@firefox.net">vagrant@firefox.net</a>\resources\vagrant\data\dll\MuterHook-32.dll</p><p>2014-09-03 19:48:16 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownff034df9-38b1-4751-9fb6-16b67ec20d17\jniwrap.dll</p><p>2014-09-03 19:34:10 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownc4a75055-828b-49e7-9759-be1bf642c91a\jniwrap.dll</p><p>2014-09-03 15:03:40 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownca017e71-7667-4fc1-99fb-d44609520184\jniwrap.dll</p><p>2014-09-03 14:52:19 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown89dc08ab-fffc-4867-86e3-f27ab312ad24\jniwrap.dll</p><p>2014-09-02 15:14:54 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown43a36978-a220-441e-aec6-966b8ee7a888\jniwrap.dll</p><p>2014-09-01 15:05:03 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown6630ab8e-2436-4b07-9d05-747545d92f15\jniwrap.dll</p><p>2014-08-31 07:55:47 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownbc61fdad-e4dc-41f0-a0ee-9ba09ad42b66\jniwrap.dll</p><p>2014-08-30 12:50:01 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown271bc7a5-64d6-449f-b529-012dd80ff008\jniwrap.dll</p><p>2014-08-30 09:27:15 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknowneb8b2cce-c725-4927-a399-564a51b2a18d\jniwrap.dll</p><p>2014-08-29 11:04:10 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown02ca584c-cd92-4b58-86e5-132ed295c457\jniwrap.dll</p><p>2014-08-28 14:54:05 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownf9e116d6-332c-4b1f-adf3-05ed426b39af\jniwrap.dll</p><p>====== Java Cache =====</p><p>====== C:\Windows\SysWOW64 =====</p><p>2014-08-28 15:00:07 980305AC3AF53C1964A11190451ABB32 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll</p><p>====== C:\Windows\SysWOW64\drivers =====</p><p>====== C:\Windows\Sysnative =====</p><p>2014-09-03 19:56:52 1E4B49F0261DFE0554ADC597F531E2C6 319912 ----a-w- C:\Windows\Sysnative\javaws.exe</p><p>2014-09-03 19:56:43 F5853E27E18E47E4A0F1F69F068B5AEC 111016 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll</p><p>2014-09-03 19:56:43 EC335EBD1AD1B3D252F9485DFE9AA6A7 189352 ----a-w- C:\Windows\Sysnative\javaw.exe</p><p>2014-09-03 19:56:43 881430C055BAD0233EF9014C12AC629A 189352 ----a-w- C:\Windows\Sysnative\java.exe</p><p>2014-08-28 15:00:07 A347EF56B7CD8360B3EF7772FEA597B9 3163648 ----a-w- C:\Windows\Sysnative\win32k.sys</p><p>2014-08-28 15:00:07 860528C9E50AB84935843B23A80E665E 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll</p><p>====== C:\Windows\Sysnative\drivers =====</p><p>2014-09-10 20:47:45 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\Sysnative\drivers\essb.sys</p><p>2014-09-10 20:31:58 ADCFDB071D98DE433842D54A6566724C 55104 ----a-w- C:\Windows\Sysnative\drivers\ucjbnfyo.sys</p><p>2014-09-10 20:21:38 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys</p><p>2014-08-13 15:38:28 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys</p><p>2014-08-12 13:20:51 48DED912CDE54FC0923B9858512366E1 92008 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys</p><p>2014-08-12 13:20:50 B8FDEDE963B82CFD23B3A53A3084666D 1041168 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys</p><p>2014-08-12 13:20:50 471A311745848B80339436688A8286E6 224896 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys</p><p>2014-08-12 13:20:50 0DEDC041DF594AEC2C3BD00417CFAF60 427360 ----a-w- C:\Windows\Sysnative\drivers\aswsp.sys</p><p>2014-08-12 13:20:49 FF1E537A3632CBB9A0BF72B9FD0878D5 79184 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys</p><p>2014-08-12 13:20:49 D95E64416A4A3ED6986E0F474DA934BD 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys</p><p>2014-08-12 13:20:49 645D97385F3F284FB5604F9B970F4D24 65776 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys</p><p>2014-08-12 13:20:48 A5757DE5F9C83AB40667A53D5126EA40 93568 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys</p><p>====== C:\Windows\Tasks ======</p><p>2014-08-31 21:04:37 77939B986C82BF08A22A9B02E4E16D92 4582 ----a-w- C:\Windows\Sysnative\Tasks\Idle~_~Crawler Runner</p><p>2014-08-28 15:28:08 CEFBC4378C5D12C5CA91FFF178875109 3762 ----a-w- C:\Windows\Sysnative\Tasks\Driver Support-RTMRules</p><p>2014-08-28 15:28:07 8C4040C0996331E4B4A8A75CFE87D3A1 3776 ----a-w- C:\Windows\Sysnative\Tasks\Driver Support-RTMUpdater</p><p>2014-08-28 15:28:06 766156E6FEFDC3AC87DABC4A54C2A81D 3778 ----a-w- C:\Windows\Sysnative\Tasks\Driver Support-RTMScan</p><p>2014-08-12 13:26:11 455334C97AFB84E3D0359EAE20471C39 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update</p><p>2014-08-12 10:45:16 C33A2251AB36E42CF212C2E22B87B421 1376 ----a-w- C:\Windows\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2.job</p><p>2014-08-12 10:45:16 6162432589E45B81BAF2A495CC017452 4406 ----a-w- C:\Windows\Sysnative\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2</p><p>2014-08-12 10:45:10 74900F71CACBCDBBFAB57625FF25AF2F 1692 ----a-w- C:\Windows\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1.job</p><p>2014-08-12 10:45:10 6ECD68EEC507D5CC41A38474BCDC753F 4722 ----a-w- C:\Windows\Sysnative\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1</p><p>2014-08-12 10:44:30 95A5D4EC9B11D1D51F6A33CF1426ABC1 2006 ----a-w- C:\Windows\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7.job</p><p>2014-08-12 10:44:30 5133B11216B164911DB32CD95BC3F32C 5036 ----a-w- C:\Windows\Sysnative\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7</p><p>2014-08-12 10:44:25 A29F7DE523F787B4F89079F12EF3AA6A 3636 ----a-w- C:\Windows\Sysnative\Tasks\90a6a590-0d41-4f77-a577-a138cdea22b4</p><p>2014-08-12 10:44:24 DBE653286F7BBDEB17A7F5674315A57B 614 ----a-w- C:\Windows\Tasks\90a6a590-0d41-4f77-a577-a138cdea22b4.job</p><p>2014-08-12 10:44:11 1F2972CBE76285CA8897C08372CBC368 3886 ----a-w- C:\Windows\Sysnative\Tasks\globalUpdateUpdateTaskMachineUA</p><p>2014-08-12 10:44:08 72675333E8492A6F3B87C03867FBA23F 888 ----a-w- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job</p><p>2014-08-12 10:44:05 BF4C4EE6E23EB81049AB1804521636A6 3632 ----a-w- C:\Windows\Sysnative\Tasks\globalUpdateUpdateTaskMachineCore</p><p>2014-08-12 10:44:00 9262C90C1FF44356F6BC0BB1F3549ED5 884 ----a-w- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job</p><p>2014-08-12 10:43:46 AFB260021A0469CAB83CAAC39C97075E 3238 ----a-w- C:\Windows\Sysnative\Tasks\Optimizer Pro Schedule</p><p>2014-08-12 10:43:07 619C68932D0DF7D9E423FECF8D5C4E19 4020 ----a-w- C:\Windows\Sysnative\Tasks\LaunchSignup</p><p>====== C:\Windows\Temp ======</p><p>======= C:\Program Files =====</p><p>======= C:\PROGRA~2 =====</p><p>2014-08-28 15:27:33 -------- d-----w- C:\PROGRA~2\Driver Support</p><p>2014-08-14 15:36:45 -------- d-----w- C:\PROGRA~2\SupTab</p><p>2014-08-14 15:36:29 -------- d-----w- C:\PROGRA~2\Bench</p><p>2014-08-14 15:36:12 -------- d-----w- C:\PROGRA~2\Browse Safe</p><p>2014-08-13 15:23:26 -------- d-----w- C:\PROGRA~2\ToggleMark</p><p>2014-08-12 12:39:40 -------- d-----w- C:\PROGRA~2\cosstminn</p><p>2014-08-12 12:39:23 -------- d-----w- C:\PROGRA~2\eDealsPop</p><p>2014-08-12 12:27:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java</p><p>2014-08-12 10:43:47 -------- d-----w- C:\PROGRA~2\globalUpdate</p><p>2014-08-12 10:43:38 -------- d-----w- C:\PROGRA~2\Browsers Apps</p><p>2014-08-12 10:43:16 -------- d-----w- C:\PROGRA~2\PepperZip</p><p>2014-08-12 10:43:08 -------- d-----w- C:\PROGRA~2\Optimizer Pro</p><p>2014-08-12 10:42:36 -------- d-----w- C:\PROGRA~2\MyPC Backup</p><p>2014-08-12 10:41:07 -------- d-----w- C:\PROGRA~2\fst_gb_97</p><p>======= C: =====</p><p>2014-08-12 12:50:31 F14F1EBB47CCBD9C1AE2348E8FF7BF9E 687 ----a-w- C:\awh4AA6.tmp</p><p>2014-08-12 08:57:33 F14F1EBB47CCBD9C1AE2348E8FF7BF9E 687 ----a-w- C:\awh2D37.tmp</p><p>====== C:\Users\User\AppData\Roaming ======</p><p>2014-09-04 15:10:44 4352D88A78AA39750BF70CD6F27BCAA5 4 ----a-w- C:\Users\User\AppData\Roaming\appdataFr2.bin</p><p>2014-09-03 19:52:56 -------- d-----w- C:\Users\User\AppData\Local\Adobe</p><p>2014-08-31 21:04:34 -------- d-----w- C:\Users\User\AppData\Local\Idle~_~Crawler</p><p>2014-08-31 18:40:10 -------- d-----w- C:\Users\User\AppData\Roaming\OpenOffice</p><p>2014-08-28 15:28:04 -------- d-----w- C:\Users\User\AppData\Local\PC_Drivers_Headquarters</p><p>2014-08-25 15:09:04 -------- d-----w- C:\Users\User\AppData\Local\DebugSoftwareUtility</p><p>2014-08-14 15:37:03 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browse Safe</p><p>2014-08-14 15:36:29 -------- d-----w- C:\Users\User\AppData\Locallow\{8E56A02B-46FE-4490-B169-F16E5231533B}</p><p>2014-08-14 15:36:26 -------- d-----w- C:\Users\User\AppData\Roaming\istartsurf</p><p>2014-08-14 15:36:09 -------- d-----w- C:\Users\User\AppData\Local\Browse Safe</p><p>2014-08-13 19:05:46 -------- d-----w- C:\Users\User\AppData\Roaming\Store</p><p>2014-08-13 19:05:15 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock</p><p>2014-08-13 19:04:19 -------- d-----w- C:\Users\User\AppData\Roaming\Nosibay</p><p>2014-08-13 15:23:38 -------- d-----w- C:\Users\User\AppData\Local\SearchProtect</p><p>2014-08-12 13:37:13 -------- d-----w- C:\Users\User\AppData\Roaming\Dropbox</p><p>2014-08-12 12:42:18 -------- d-----w- C:\Users\User\AppData\Local\CheckCode</p><p>2014-08-12 12:39:36 -------- d-----w- C:\Users\User\AppData\Local\Chromatic Browser</p><p>2014-08-12 12:39:36 -------- d-----w- C:\Users\Guest\AppData\Local\Chromatic Browser</p><p>2014-08-12 12:39:36 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser</p><p>2014-08-12 12:39:35 -------- d-----w- C:\Users\User\AppData\Local\Torch</p><p>2014-08-12 12:39:35 -------- d-----w- C:\Users\Guest\AppData\Local\Torch</p><p>2014-08-12 12:39:35 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch</p><p>2014-08-12 12:39:34 -------- d-----w- C:\Users\User\AppData\Local\Comodo</p><p>2014-08-12 12:39:34 -------- d-----w- C:\Users\Guest\AppData\Local\Comodo</p><p>2014-08-12 12:39:34 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo</p><p>2014-08-12 12:39:32 -------- d-----w- C:\Users\Guest\AppData\Local\Google</p><p>2014-08-12 12:39:27 -------- d-----w- C:\Users\Administrator\AppData\Local\Google</p><p>2014-08-12 10:45:43 -------- d-----w- C:\Users\User\AppData\Locallow\Smartbar</p><p>2014-08-12 10:43:46 -------- d-----w- C:\Users\User\AppData\Local\globalUpdate</p><p>2014-08-12 10:43:42 -------- d-----w- C:\Users\User\AppData\Roaming\Optimizer Pro</p><p>2014-08-12 10:43:17 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip</p><p>2014-08-12 10:42:40 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup</p><p>2014-08-12 10:42:03 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage</p><p>2014-08-12 10:42:02 -------- d-----w- C:\Users\User\AppData\Roaming\VOPackage</p><p>2014-08-12 10:41:08 -------- d-----w- C:\Users\User\AppData\Local\fst_gb_97</p><p>2014-08-12 10:40:13 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts</p><p>2014-08-12 10:39:51 -------- d-----w- C:\Users\User\AppData\Local\WeatherAlerts</p><p>====== C:\Users\User ======</p><p>2014-09-04 18:10:17 EE13A631AE02DF26E1E274287484E84F 895120 ----a-w- C:\Users\User\Downloads\ChromeSetup(1).exe</p><p>2014-09-03 19:26:35 -------- d-----w- C:\ProgramData\CouponFactory</p><p>2014-09-01 20:41:34 -------- d-----w- C:\ProgramData\SaveRAuddon</p><p>2014-09-01 20:21:49 -------- d-----w- C:\ProgramData\87415d5c200d2892</p><p>2014-08-31 21:03:45 B2B87E43A315EA1EB91CE837B1F01546 123469 ------w- C:\Users\Public\1CD067E59E4740D1AD79D1B37547207E\setup.exe</p><p>2014-08-31 21:03:44 -------- d-----w- C:\Users\Public\1CD067E59E4740D1AD79D1B37547207E</p><p>2014-08-28 15:28:09 -------- d-----w- C:\ProgramData\UAB</p><p>2014-08-28 15:27:59 -------- d-----w- C:\ProgramData\Driver Support</p><p>2014-08-28 15:27:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support</p><p>2014-08-28 15:26:22 9F26BDD20D770BB3ACEEB42640F7EC10 351744 ------w- C:\Users\Public\906C433CEBE8467FBAC8B9C0BA903E85\setup.exe</p><p>2014-08-28 15:26:22 -------- d-----w- C:\Users\Public\906C433CEBE8467FBAC8B9C0BA903E85</p><p>2014-08-14 15:37:02 -------- d-----w- C:\ProgramData\IePluginServices</p><p>2014-08-14 15:36:32 -------- d-----w- C:\ProgramData\WindowsMangerProtect</p><p>2014-08-13 19:01:55 -------- d-----w- C:\Users\Public\BAD0A63E56F143D78BF7956FA9206150</p><p>2014-08-12 13:26:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast</p><p>2014-08-12 12:39:40 075B0DA82E23780FA2DD7F2EA0464FD4 258 --sha-r- C:\ProgramData\ntuser.pol</p><p>2014-08-12 12:39:32 -------- d-----w- C:\Users\Guest\AppData</p><p>2014-08-12 12:39:27 -------- d-----w- C:\Users\Administrator\AppData</p><p>2014-08-12 12:28:04 -------- d-----w- C:\ProgramData\Oracle</p><p>2014-08-12 10:43:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2</p><p>2014-08-12 10:43:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip</p><p></p><p>====== C: exe-files ==</p><p>2014-09-04 18:13:56 29DA99B398CDD1B42D2CD49CAC5BA4B8 39915088 ----a-w- C:\Program Files (x86)\Google\Update\Install\{13E798E2-2380-4A9D-9BF8-1F082DFC8F6B}\37.0.2062.103_chrome_installer.exe</p><p>2014-09-04 18:13:55 29DA99B398CDD1B42D2CD49CAC5BA4B8 39915088 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\37.0.2062.103\37.0.2062.103_chrome_installer.exe</p><p>2014-09-04 18:11:05 EE13A631AE02DF26E1E274287484E84F 895120 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe</p><p>2014-09-04 18:11:05 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe</p><p>2014-09-04 18:11:05 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe</p><p>2014-09-04 18:11:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>2014-09-04 18:11:03 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe</p><p>2014-09-04 18:11:03 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe</p><p>2014-09-04 18:11:03 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe</p><p>2014-09-04 18:11:02 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe</p><p>2014-09-04 18:10:17 EE13A631AE02DF26E1E274287484E84F 895120 ----a-w- C:\Users\User\Downloads\ChromeSetup(1).exe</p><p>=== C: other files ==</p><p>2014-09-10 20:47:45 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\System32\drivers\essb.sys</p><p>2014-09-10 20:31:58 ADCFDB071D98DE433842D54A6566724C 55104 ----a-w- C:\Windows\System32\drivers\ucjbnfyo.sys</p><p>2014-09-10 20:21:38 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys</p><p></p><p>==== Startup Registry Enabled ======================</p><p></p><p>[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"</p><p></p><p>[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"</p><p></p><p>[HKEY_USERS\S-1-5-21-807559294-1489611633-1804961059-1000\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun"</p><p>"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"</p><p>"Spotify Web Helper"="C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"</p><p>"Akamai NetSession Interface"="C:\Users\User\AppData\Local\Akamai\netsession_win.exe"</p><p>"Driver Support"="C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false"</p><p></p><p>[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"mctadmin"="C:\Windows\System32\mctadmin.exe"</p><p></p><p>[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"mctadmin"="C:\Windows\System32\mctadmin.exe"</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"</p><p>"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"</p><p>"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"</p><p>"Registry Helper"="C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot"</p><p>"fst_gb_97"="C:\Program Files (x86)\fst_gb_97\fst_gb_97.exe"</p><p>"eDealsPop"="C:\Program Files (x86)\eDealsPop\eDealsPop.exe"</p><p>"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"Browse Safe-repairJob"="wscript.exe C:\Users\User\AppData\Local\Browse Safe\repair.js Browse Safe-repairJob"</p><p>"upfst_gb_97.exe"="C:\Users\User\AppData\Local\fst_gb_97\upfst_gb_97.exe -runonce"</p><p>"Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun"</p><p>"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"</p><p>"Spotify Web Helper"="C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"</p><p>"Akamai NetSession Interface"="C:\Users\User\AppData\Local\Akamai\netsession_win.exe"</p><p>"Driver Support"="C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false"</p><p></p><p>==== Startup Registry Enabled x64 ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"</p><p>"IgfxTray"="C:\Windows\system32\igfxtray.exe"</p><p>"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"</p><p>"Persistence"="C:\Windows\system32\igfxpers.exe"</p><p></p><p>==== Startup Folders ======================</p><p></p><p>2014-08-12 10:42:42 1097 ----a-w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk</p><p>2014-06-27 17:00:59 1931 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk</p><p>2014-07-28 21:21:10 2248 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk</p><p></p><p>==== Task Scheduler Jobs ======================</p><p></p><p>C:\Windows\tasks\90a6a590-0d41-4f77-a577-a138cdea22b4.job --a------ C:\Program Files (x86)\Browsers Apps\90a6a590-0d41-4f77-a577-a138cdea22b4.exe [12/08/2014 11:44]</p><p>C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]</p><p>C:\Windows\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1.job --a------ C:\Program Files (x86)\Browsers Apps\Browsers Apps-codedownloader.exe [12/08/2014 11:45]</p><p>C:\Windows\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2.job --a------ C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-2.exe [12/08/2014 11:45]</p><p>C:\Windows\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7.job --a------ C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-7.exe [12/08/2014 11:44]</p><p>C:\Windows\tasks\GlaryInitialize 5.job --a------ [Undetermined Task]</p><p>C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [12/08/2014 11:43]</p><p>C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [12/08/2014 11:43]</p><p>C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2014 19:10]</p><p>C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2014 19:10]</p><p></p><p>==== Other Scheduled Tasks ======================</p><p></p><p>"C:\Windows\SysNative\tasks\90a6a590-0d41-4f77-a577-a138cdea22b4" [C:\Program Files (x86)\Browsers Apps\90a6a590-0d41-4f77-a577-a138cdea22b4.exe]</p><p>"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]</p><p>"C:\Windows\SysNative\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1" [C:\Program Files (x86)\Browsers Apps\Browsers Apps-codedownloader.exe]</p><p>"C:\Windows\SysNative\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2" [C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-2.exe]</p><p>"C:\Windows\SysNative\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7" [C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-7.exe]</p><p>"C:\Windows\SysNative\tasks\Driver Support-RTMRules" [C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe]</p><p>"C:\Windows\SysNative\tasks\Driver Support-RTMScan" [C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe]</p><p>"C:\Windows\SysNative\tasks\Driver Support-RTMUpdater" [C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe]</p><p>"C:\Windows\SysNative\tasks\GlaryInitialize 5" [C:\Program Files (x86)\Glary Utilities 5\Initialize.exe]</p><p>"C:\Windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\GU5SkipUAC" [C:\Program Files (x86)\Glary Utilities 5\Integrator.exe]</p><p>"C:\Windows\SysNative\tasks\Idle~_~Crawler Runner" ["%LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe"]</p><p>"C:\Windows\SysNative\tasks\LaunchSignup" [C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe]</p><p>"C:\Windows\SysNative\tasks\Optimizer Pro Schedule" ["C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe"]</p><p>"C:\Windows\SysNative\tasks\proXPN" ["C:\Program Files (x86)\proXPN\bin\proxpn.exe"]</p><p>"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]</p><p></p><p>==== Firefox Extensions Registry ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]</p><p>"<a href="mailto:faststartff@gmail.com">faststartff@gmail.com</a>"="C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c15ib0e9.default\extensions\<a href="mailto:faststartff@gmail.com">faststartff@gmail.com</a>" []</p><p>[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]</p><p>"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 11:36]</p><p></p><p>==== Firefox Extensions ======================</p><p></p><p>AppDir: C:\Program Files (x86)\Mozilla Firefox</p><p>- Hotspot Shield Extension - %AppDir%\browser\extensions\<a href="mailto:afproxy@anchorfree.com">afproxy@anchorfree.com</a></p><p>- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}</p><p></p><p>==== Firefox Plugins ======================</p><p></p><p>Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ddy1u3tr.default-1409772981256</p><p>4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash</p><p>C195AC4544729A69CFF30BB62F473054 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll - Shockwave for Director / Shockwave for Director</p><p>4C07B5286D129DFD25C24B4A31B9B888 - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll - Happy Cloud Plugin</p><p></p><p></p><p>==== Chromium Look ======================</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>bopakagnckmlgajfccecajhnimjiiedh - No path found[]</p><p>gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12/08/2014 14:20]</p><p></p><p>cosstminn - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Administrator\AppData\Local\Torch\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - Guest\AppData\Local\Torch\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf</p><p>Google Voice Search Hotword (Beta) - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn</p><p>YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo</p><p>Browse Safe - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaolfhobbbokdcmfiplbokkokobjgc</p><p>Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf</p><p>cosstminn - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>Browsers Apps - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg</p><p>Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda</p><p>Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia</p><p>cosstminn - User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p>cosstminn - User\AppData\Local\Torch\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape</p><p></p><p>==== Chromium Startpages ======================</p><p></p><p>C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences</p><p>"homepage": "<a href="http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S" target="_blank">http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S</a>",</p><p>"startup_urls": [ "<a href="http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S" target="_blank">http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S</a>" ],</p><p></p><p></p><p>==== IE Start and Search Settings ======================</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.msn.com/?pc=AV01" target="_blank">http://www.msn.com/?pc=AV01</a>"</p><p>"Search Page"="<a href="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" target="_blank">http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01</a>"</p><p>"Use Search Asst"="yes"</p><p>[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]</p><p>"Search Page"="<a href="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" target="_blank">http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01</a>"</p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]</p><p>"Search Page"="<a href="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" target="_blank">http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01</a>"</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]</p><p>"Tabs"="about:newtab"</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]</p><p>"Tabs"="about:newtab"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]</p><p>"Default_Search_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"SearchAssistant"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]</p><p>"DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>{006ee092-9658-4fd6-bd8e-a21a348e59f5} Web Search Url="<a href="http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDfrtyFevjNFgZdFCmUbZjEjbh_r2SzfU-F5163giNwGMsHCXjcf-J9SPjzbpvGwxhzcnAQIJbkjBdIl9DQVgPsG7L3OmDBGUR61Zhed7D7x79P46hM3-wG9B9C8gOpe5rTEvHgwvoEJ8D1V9eIAUhdXijciZDFPQdTCL2rcRQn2jxYepw,,&q={searchTerms}" target="_blank">http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDfrtyFevjNFgZdFCmUbZjEjbh_r2SzfU-F5163giNwGMsHCXjcf-J9SPjzbpvGwxhzcnAQIJbkjBdIl9DQVgPsG7L3OmDBGUR61Zhed7D7x79P46hM3-wG9B9C8gOpe5rTEvHgwvoEJ8D1V9eIAUhdXijciZDFPQdTCL2rcRQn2jxYepw,,&q={searchTerms}</a>"</p><p>{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Trovi search Url="<a href="http://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MCDBE1078-FEC3-485C-A44A-973AC5265D6C&SearchSource=58&CUI=&UM=6&UP=SPCD50C583-F04A-4B38-AEC3-02E205460DDE&q={searchTerms}&SSPV=" target="_blank">http://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MCDBE1078-FEC3-485C-A44A-973AC5265D6C&SearchSource=58&CUI=&UM=6&UP=SPCD50C583-F04A-4B38-AEC3-02E205460DDE&q={searchTerms}&SSPV=</a>"</p><p>{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR</a>"</p><p>{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="<a href="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" target="_blank">http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01</a>"</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=0 folders=0 0 bytes)</p><p></p><p>==== EOF on 10/09/2014 at 22:01:11.37 ======================</p></blockquote><p></p>
[QUOTE="LiamA, post: 259667, member: 27752"] I'm having a problem with a random search engine by the name of IStartSurf, it occured after I downloaded Google Chrome AdBlock (Doesn't make sense to me) And from that point onwards my computer is always laggy and slow to function. Along with this problem, there is pop-ups which destroy my current window/tab. I read another thread which had a similar problem and completed the first step with the zoek, here as is follows after copying and pasting what was in the box: Zoek.exe v5.0.0.0 Updated 10-September-2014 Tool run by User on 10/09/2014 at 21:53:11.59. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 10/09/2014 21:54:47 Zoek.exe System Restore Point Created Succesfully. ==== Installed Programs ====================== Acer System Information Adobe AIR Adobe Flash Player 14 Plugin Adobe Flash Player 15 ActiveX Adobe Reader XI (11.0.07) Adobe Shockwave Player 12.1 Akamai NetSession Interface Apple Application Support Apple Mobile Device Support Apple Software Update Audacity 2.0.5 Auslogics DiskDefrag avast Free Antivirus Bonjour Broadcom Gigabit NetLink Controller Browse Safe Browsers Apps CDBurnerXP Combined Community Codec Pack 2014-04-20 CouponFactory D3DX10 Driver Support eDealsPop version 1.0 eMu3Ds FreeSoftToday 013.97 GIMP 2.8.10 Glary Utilities 5.1 Google Chrome Google Earth Google Update Helper Happy Cloud Client Hotspot Shield 3.46 Idle~_~Crawler ImgBurn InfraRecorder 0.53 (x64 edition) Intel(R) Processor Graphics istartsurf uninstall iTunes Java 7 Update 60 Java 7 Update 67 (64-bit) Java Auto Updater K-Lite Codec Pack 10.5.0 Full Malwarebytes Anti-Malware version 2.0.2.1012 McAfee Security Scan Plus MediaMonkey 4.1 Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Maker Mozilla Firefox 31.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 MyPC Backup OffersWizard Network System Driver OpenOffice 4.1.0 Optimizer Pro v3.2 Paint.NET v3.5.11 PepperZip 1.0 Photo Common Photo Gallery PrivateTunnel proXPN 2.7.2 qBittorrent 3.1.9.2 Qualcomm Atheros Fast Reconnect QuickTime 7 Remote Desktop Access (VuuPC) Revo Uninstaller 1.95 SaveRAuddon Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) SkypeT 6.16 SlimDrivers Spotify swMSM TeamViewer 9 The Lord of the Rings Online The Lord of the Rings OnlineT v1301.0055.0535.4025 ToggleMark VLC media player 2.1.3 WindApp (remove only) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WindowsMangerProtect20.0.0.502 WinRAR 5.01 (64-bit) Yahoo Community Smartbar Yahoo Community Smartbar Engine ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\ProgramData\IePluginServices\PluginService.exe C:\Program Files (x86)\SupTab\HpUI.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe C:\Program Files (x86)\SupTab\Loader32.exe C:\Program Files (x86)\Glary Utilities 5\Integrator.exe C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptcore.exe C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe C:\Users\User\AppData\Local\fst_gb_97\upfst_gb_97.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\User\AppData\Local\Akamai\netsession_win.exe C:\Users\User\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe C:\Users\User\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\User\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe C:\Program Files (x86)\fst_gb_97\fst_gb_97.exe C:\Program Files (x86)\eDealsPop\eDealsPop.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Bench\BService\1.1\bservice.exe C:\Program Files (x86)\Bench\Wd\wd.exe C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe C:\Users\User\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe C:\Users\User\AppData\Local\Temp\JExplorer32.2.7.1.exe C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\User\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Services (whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [70e6ca8c] - Optimizer Pro Crash Monitor - "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll",SVC R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" R2 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" R2 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe" R2 - [hshld] - Hotspot Shield Service - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe R2 - [HssWd] - Hotspot Shield Monitoring Service - "C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" -product hss R2 - [IePluginServices] - IePlugin Services - C:\ProgramData\IePluginServices\PluginService.exe -service R2 - [MsMpSvc] - Microsoft Antimalware Service - "c:\Program Files\Microsoft Security Client\MsMpEng.exe" R2 - [ptservice] - Private Tunnel Core Service - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe R2 - [TeamViewer9] - TeamViewer 9 - "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding R2 - [ZAtheros Wlan Agent] - ZAtheros Wlan Agent - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe R3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe" R3 - [NisSrv] - Microsoft Network Inspection - "c:\Program Files\Microsoft Security Client\NisSrv.exe" R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe S2 - [BackupStack] - Computer Backup (MyPC Backup) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe S2 - [globalUpdate] - globalUpdate Update Service (globalUpdate) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc S2 - [PrivacyRawRecycle.exe] - PrivacyRawRecycle.exe - C:\Users\User\AppData\Local\PrivacyRawRecycle\PrivacyRawRecycle.exe S2 - [sppsvc] - Software Protection - C:\Windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe S3 - [Fax] - Fax - C:\Windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe S3 - [globalUpdatem] - globalUpdate Update Service (globalUpdatem) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc S3 - [HssTrayService] - Hotspot Shield Tray Service - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\Windows\system32\IEEtwCollector.exe /V S3 - [McComponentHostService] - McAfee Security Scan Component Host Service - "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V S3 - [PerfHost] - Performance Counter DLL Host - C:\Windows\SysWow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\Windows\system32\Wat\WatAdminSvc.exe S3 - [wbengine] - Block Level Backup Engine Service - "C:\Windows\system32\wbengine.exe" S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe" S4 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe S4 - [CompilerRawWindows.exe] - CompilerRawWindows.exe - C:\Users\User\AppData\Local\CompilerRawWindows\CompilerRawWindows.exe S4 - [NetHttpService] - Network HTTP Support Service - C:\Windows\SysWOW64\nethtsrv.exe S4 - [scores] - scores - C:\Windows\score.exe ==== Folders Found ====================== ==== Files Found ====================== --- C:\Windows\System32\GroupPolicy\GPT.INI --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 11 Created time: 2014-08-12 12:39:39 Modified time: 2014-08-14 15:36:51 MD5: EC3584F3DB838942EC3669DB02DC908E SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA --- C:\Windows\SysWOW64\GroupPolicy\gpt.ini --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 11 Created time: 2014-08-12 12:39:39 Modified time: 2014-08-14 15:36:51 MD5: EC3584F3DB838942EC3669DB02DC908E SHA1: 8DCEB96874D5C6425EBB81BFEE587244C89416DA ==== Folders Found In C:\Windows\System32\GroupPolicy ====================== 2014-08-12 12:39:39 d-----w- C:\Windows\System32\GroupPolicy\Machine 2014-08-12 12:39:39 d-----w- C:\Windows\System32\GroupPolicy\User ==== Files Found In C:\Windows\System32\GroupPolicy ====================== 2014-08-14 15:36:51 165 ----a-w- 9119465A983611C21B0D09D23B5C8DCE C:\Windows\System32\GroupPolicy\GPT.INI ==== Files Found In C:\Windows\SysWOW64\GroupPolicy ====================== 2014-08-14 15:36:51 11 ----a-w- EC3584F3DB838942EC3669DB02DC908E C:\Windows\SysWOW64\GroupPolicy\gpt.ini ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 5815 MB CPU Info: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz CPU Speed: 2635.2 MHz Sound Card: Headset Earphone (2- Microsoft | Speakers (High Definition Audio | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Anchorfree HSS VPN Adapter #2 | Anchorfree HSS VPN Adapter | TAP Adapter V9 for Private Tunnel | Atheros AR5B97 Wireless Network Adapter | Broadcom NetLink (TM) Gigabit Ethernet CD / DVD Drives: 1x (D: | ) D: PIONEER DVD-RW DVRTD11RS Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 111.7GB Hard Disks - Free: C: 53.5GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 05/30/11 | ACRSYS - 1 Time Zone: GMT Standard Time Motherboard *: Acer Aspire 5742 Country: United Kingdom Language: ENG ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Firefox 31.0 Internet Explorer Version: 11.0.9600.17239 Mozilla Firefox version: 31.0 (x86 en-US) Google Chrome version: 37.0.2062.103 Adobe Reader version: 11.0.07.79 Sun Java version: 1.7.0_67 (32-bit) Sun Java version: 1.7.0_67 (64-bit) Flash Player version: 14.0.0.145 Shockwave Player version: 12.1.2r152 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-08-12 13:20:36 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr 2014-08-12 10:43:11 43BB01FA6B3E6E4D4343BDEAB3EC56B7 4816384 ----a-w- C:\Windows\score.exe ====== C:\Users\User\AppData\Local\Temp ==== 2014-09-10 14:51:10 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownde095e0b-e3a3-4446-b1e8-f8e7ffb32cad\jniwrap.dll 2014-09-09 17:05:44 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown33637f02-1f83-41f9-b913-238373dca614\jniwrap.dll 2014-09-08 15:03:20 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown1b63191f-ece6-4dda-a4fa-d16f8f91a308\jniwrap.dll 2014-09-07 08:19:51 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown7449f4c7-2381-4e4a-9a64-2a521d76adcd\jniwrap.dll 2014-09-06 09:45:36 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown62747c7a-ab0e-4e30-9c5c-88ad231a964f\jniwrap.dll 2014-09-05 12:28:06 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown25d56463-afe5-45a5-91af-d2489f045f85\jniwrap.dll 2014-09-04 15:03:35 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown8223d624-d81b-4b4b-a331-f995af34c79e\jniwrap.dll 2014-09-04 15:00:34 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-04 15:00:33 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-04 15:00:33 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-04 15:00:28 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{628DD5EE-DC77-49F6-A876-94F3A1E4DF42}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 21:41:35 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 21:41:35 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 21:41:35 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 21:41:35 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{007AED8C-35A4-4738-810E-3BCB8442D356}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 21:34:25 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 21:34:24 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 21:34:24 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 21:34:24 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E569CD3F-7E23-41E6-973E-C2D39EF8BEAC}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 20:58:14 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 20:58:14 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 20:58:14 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 20:58:14 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{7EF16A5F-6C05-4F0A-90EC-2AB2BFD82F4A}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 20:50:04 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 20:50:03 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 20:50:03 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 20:50:03 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{E760846F-A7A5-48E9-8AC5-21B3EED9DDDD}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 20:35:30 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 20:35:30 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 20:35:29 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 20:35:29 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C719D746-DDF3-4F98-BDBA-C8B0F40FFC4B}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 20:21:11 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 20:21:11 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 20:21:11 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 20:21:11 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{DA61D9CA-C087-4228-9994-C898D16A6AE3}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 20:15:00 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 20:15:00 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 20:15:00 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 20:15:00 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{C9D7061C-5EAD-49D2-AADA-8696814CA741}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 20:05:47 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 20:05:47 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 20:05:46 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 20:05:46 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{9E8AB65D-27F1-457F-B6BF-7211C9960C88}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 19:54:25 9E816C5D8F31EFAA4F5316DFE3D830B9 116736 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-32.dll 2014-09-03 19:54:25 7A9CE7AB06F9C8D5330E6945CAED451A 131072 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterWin7-64.dll 2014-09-03 19:54:25 3C92833D35AF2B1275CD4E825C1D2C9B 132096 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-64.dll 2014-09-03 19:54:25 3BFA4922D5187D5080B1CF5AB86C58E3 111104 ----a-w- C:\Users\User\AppData\Local\Temp\{4AF357ED-C7A4-411D-A18C-B71244991553}\{F524719B-E023-426C-90C5-3C39ACB7E0BB}\extensions\[email]vagrant@firefox.net[/email]\resources\vagrant\data\dll\MuterHook-32.dll 2014-09-03 19:48:16 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownff034df9-38b1-4751-9fb6-16b67ec20d17\jniwrap.dll 2014-09-03 19:34:10 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownc4a75055-828b-49e7-9759-be1bf642c91a\jniwrap.dll 2014-09-03 15:03:40 9251C7F50E95F549A72904A2D08DAD5C 49249 ----a-w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownca017e71-7667-4fc1-99fb-d44609520184\jniwrap.dll 2014-09-03 14:52:19 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown89dc08ab-fffc-4867-86e3-f27ab312ad24\jniwrap.dll 2014-09-02 15:14:54 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown43a36978-a220-441e-aec6-966b8ee7a888\jniwrap.dll 2014-09-01 15:05:03 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown6630ab8e-2436-4b07-9d05-747545d92f15\jniwrap.dll 2014-08-31 07:55:47 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownbc61fdad-e4dc-41f0-a0ee-9ba09ad42b66\jniwrap.dll 2014-08-30 12:50:01 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown271bc7a5-64d6-449f-b529-012dd80ff008\jniwrap.dll 2014-08-30 09:27:15 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknowneb8b2cce-c725-4927-a399-564a51b2a18d\jniwrap.dll 2014-08-29 11:04:10 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknown02ca584c-cd92-4b58-86e5-132ed295c457\jniwrap.dll 2014-08-28 14:54:05 9251C7F50E95F549A72904A2D08DAD5C 49249 ------w- C:\Users\User\AppData\Local\Temp\privatetunnel-desktop-jar-with-dependencies.Build.Unknownf9e116d6-332c-4b1f-adf3-05ed426b39af\jniwrap.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-08-28 15:00:07 980305AC3AF53C1964A11190451ABB32 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-09-03 19:56:52 1E4B49F0261DFE0554ADC597F531E2C6 319912 ----a-w- C:\Windows\Sysnative\javaws.exe 2014-09-03 19:56:43 F5853E27E18E47E4A0F1F69F068B5AEC 111016 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll 2014-09-03 19:56:43 EC335EBD1AD1B3D252F9485DFE9AA6A7 189352 ----a-w- C:\Windows\Sysnative\javaw.exe 2014-09-03 19:56:43 881430C055BAD0233EF9014C12AC629A 189352 ----a-w- C:\Windows\Sysnative\java.exe 2014-08-28 15:00:07 A347EF56B7CD8360B3EF7772FEA597B9 3163648 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-08-28 15:00:07 860528C9E50AB84935843B23A80E665E 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll ====== C:\Windows\Sysnative\drivers ===== 2014-09-10 20:47:45 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\Sysnative\drivers\essb.sys 2014-09-10 20:31:58 ADCFDB071D98DE433842D54A6566724C 55104 ----a-w- C:\Windows\Sysnative\drivers\ucjbnfyo.sys 2014-09-10 20:21:38 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-08-13 15:38:28 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2014-08-12 13:20:51 48DED912CDE54FC0923B9858512366E1 92008 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys 2014-08-12 13:20:50 B8FDEDE963B82CFD23B3A53A3084666D 1041168 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys 2014-08-12 13:20:50 471A311745848B80339436688A8286E6 224896 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2014-08-12 13:20:50 0DEDC041DF594AEC2C3BD00417CFAF60 427360 ----a-w- C:\Windows\Sysnative\drivers\aswsp.sys 2014-08-12 13:20:49 FF1E537A3632CBB9A0BF72B9FD0878D5 79184 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2014-08-12 13:20:49 D95E64416A4A3ED6986E0F474DA934BD 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys 2014-08-12 13:20:49 645D97385F3F284FB5604F9B970F4D24 65776 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2014-08-12 13:20:48 A5757DE5F9C83AB40667A53D5126EA40 93568 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys ====== C:\Windows\Tasks ====== 2014-08-31 21:04:37 77939B986C82BF08A22A9B02E4E16D92 4582 ----a-w- C:\Windows\Sysnative\Tasks\Idle~_~Crawler Runner 2014-08-28 15:28:08 CEFBC4378C5D12C5CA91FFF178875109 3762 ----a-w- C:\Windows\Sysnative\Tasks\Driver Support-RTMRules 2014-08-28 15:28:07 8C4040C0996331E4B4A8A75CFE87D3A1 3776 ----a-w- C:\Windows\Sysnative\Tasks\Driver Support-RTMUpdater 2014-08-28 15:28:06 766156E6FEFDC3AC87DABC4A54C2A81D 3778 ----a-w- C:\Windows\Sysnative\Tasks\Driver Support-RTMScan 2014-08-12 13:26:11 455334C97AFB84E3D0359EAE20471C39 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update 2014-08-12 10:45:16 C33A2251AB36E42CF212C2E22B87B421 1376 ----a-w- C:\Windows\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2.job 2014-08-12 10:45:16 6162432589E45B81BAF2A495CC017452 4406 ----a-w- C:\Windows\Sysnative\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2 2014-08-12 10:45:10 74900F71CACBCDBBFAB57625FF25AF2F 1692 ----a-w- C:\Windows\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1.job 2014-08-12 10:45:10 6ECD68EEC507D5CC41A38474BCDC753F 4722 ----a-w- C:\Windows\Sysnative\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1 2014-08-12 10:44:30 95A5D4EC9B11D1D51F6A33CF1426ABC1 2006 ----a-w- C:\Windows\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7.job 2014-08-12 10:44:30 5133B11216B164911DB32CD95BC3F32C 5036 ----a-w- C:\Windows\Sysnative\Tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7 2014-08-12 10:44:25 A29F7DE523F787B4F89079F12EF3AA6A 3636 ----a-w- C:\Windows\Sysnative\Tasks\90a6a590-0d41-4f77-a577-a138cdea22b4 2014-08-12 10:44:24 DBE653286F7BBDEB17A7F5674315A57B 614 ----a-w- C:\Windows\Tasks\90a6a590-0d41-4f77-a577-a138cdea22b4.job 2014-08-12 10:44:11 1F2972CBE76285CA8897C08372CBC368 3886 ----a-w- C:\Windows\Sysnative\Tasks\globalUpdateUpdateTaskMachineUA 2014-08-12 10:44:08 72675333E8492A6F3B87C03867FBA23F 888 ----a-w- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2014-08-12 10:44:05 BF4C4EE6E23EB81049AB1804521636A6 3632 ----a-w- C:\Windows\Sysnative\Tasks\globalUpdateUpdateTaskMachineCore 2014-08-12 10:44:00 9262C90C1FF44356F6BC0BB1F3549ED5 884 ----a-w- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-08-12 10:43:46 AFB260021A0469CAB83CAAC39C97075E 3238 ----a-w- C:\Windows\Sysnative\Tasks\Optimizer Pro Schedule 2014-08-12 10:43:07 619C68932D0DF7D9E423FECF8D5C4E19 4020 ----a-w- C:\Windows\Sysnative\Tasks\LaunchSignup ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-08-28 15:27:33 -------- d-----w- C:\PROGRA~2\Driver Support 2014-08-14 15:36:45 -------- d-----w- C:\PROGRA~2\SupTab 2014-08-14 15:36:29 -------- d-----w- C:\PROGRA~2\Bench 2014-08-14 15:36:12 -------- d-----w- C:\PROGRA~2\Browse Safe 2014-08-13 15:23:26 -------- d-----w- C:\PROGRA~2\ToggleMark 2014-08-12 12:39:40 -------- d-----w- C:\PROGRA~2\cosstminn 2014-08-12 12:39:23 -------- d-----w- C:\PROGRA~2\eDealsPop 2014-08-12 12:27:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-08-12 10:43:47 -------- d-----w- C:\PROGRA~2\globalUpdate 2014-08-12 10:43:38 -------- d-----w- C:\PROGRA~2\Browsers Apps 2014-08-12 10:43:16 -------- d-----w- C:\PROGRA~2\PepperZip 2014-08-12 10:43:08 -------- d-----w- C:\PROGRA~2\Optimizer Pro 2014-08-12 10:42:36 -------- d-----w- C:\PROGRA~2\MyPC Backup 2014-08-12 10:41:07 -------- d-----w- C:\PROGRA~2\fst_gb_97 ======= C: ===== 2014-08-12 12:50:31 F14F1EBB47CCBD9C1AE2348E8FF7BF9E 687 ----a-w- C:\awh4AA6.tmp 2014-08-12 08:57:33 F14F1EBB47CCBD9C1AE2348E8FF7BF9E 687 ----a-w- C:\awh2D37.tmp ====== C:\Users\User\AppData\Roaming ====== 2014-09-04 15:10:44 4352D88A78AA39750BF70CD6F27BCAA5 4 ----a-w- C:\Users\User\AppData\Roaming\appdataFr2.bin 2014-09-03 19:52:56 -------- d-----w- C:\Users\User\AppData\Local\Adobe 2014-08-31 21:04:34 -------- d-----w- C:\Users\User\AppData\Local\Idle~_~Crawler 2014-08-31 18:40:10 -------- d-----w- C:\Users\User\AppData\Roaming\OpenOffice 2014-08-28 15:28:04 -------- d-----w- C:\Users\User\AppData\Local\PC_Drivers_Headquarters 2014-08-25 15:09:04 -------- d-----w- C:\Users\User\AppData\Local\DebugSoftwareUtility 2014-08-14 15:37:03 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browse Safe 2014-08-14 15:36:29 -------- d-----w- C:\Users\User\AppData\Locallow\{8E56A02B-46FE-4490-B169-F16E5231533B} 2014-08-14 15:36:26 -------- d-----w- C:\Users\User\AppData\Roaming\istartsurf 2014-08-14 15:36:09 -------- d-----w- C:\Users\User\AppData\Local\Browse Safe 2014-08-13 19:05:46 -------- d-----w- C:\Users\User\AppData\Roaming\Store 2014-08-13 19:05:15 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock 2014-08-13 19:04:19 -------- d-----w- C:\Users\User\AppData\Roaming\Nosibay 2014-08-13 15:23:38 -------- d-----w- C:\Users\User\AppData\Local\SearchProtect 2014-08-12 13:37:13 -------- d-----w- C:\Users\User\AppData\Roaming\Dropbox 2014-08-12 12:42:18 -------- d-----w- C:\Users\User\AppData\Local\CheckCode 2014-08-12 12:39:36 -------- d-----w- C:\Users\User\AppData\Local\Chromatic Browser 2014-08-12 12:39:36 -------- d-----w- C:\Users\Guest\AppData\Local\Chromatic Browser 2014-08-12 12:39:36 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-08-12 12:39:35 -------- d-----w- C:\Users\User\AppData\Local\Torch 2014-08-12 12:39:35 -------- d-----w- C:\Users\Guest\AppData\Local\Torch 2014-08-12 12:39:35 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch 2014-08-12 12:39:34 -------- d-----w- C:\Users\User\AppData\Local\Comodo 2014-08-12 12:39:34 -------- d-----w- C:\Users\Guest\AppData\Local\Comodo 2014-08-12 12:39:34 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-08-12 12:39:32 -------- d-----w- C:\Users\Guest\AppData\Local\Google 2014-08-12 12:39:27 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2014-08-12 10:45:43 -------- d-----w- C:\Users\User\AppData\Locallow\Smartbar 2014-08-12 10:43:46 -------- d-----w- C:\Users\User\AppData\Local\globalUpdate 2014-08-12 10:43:42 -------- d-----w- C:\Users\User\AppData\Roaming\Optimizer Pro 2014-08-12 10:43:17 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip 2014-08-12 10:42:40 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2014-08-12 10:42:03 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2014-08-12 10:42:02 -------- d-----w- C:\Users\User\AppData\Roaming\VOPackage 2014-08-12 10:41:08 -------- d-----w- C:\Users\User\AppData\Local\fst_gb_97 2014-08-12 10:40:13 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts 2014-08-12 10:39:51 -------- d-----w- C:\Users\User\AppData\Local\WeatherAlerts ====== C:\Users\User ====== 2014-09-04 18:10:17 EE13A631AE02DF26E1E274287484E84F 895120 ----a-w- C:\Users\User\Downloads\ChromeSetup(1).exe 2014-09-03 19:26:35 -------- d-----w- C:\ProgramData\CouponFactory 2014-09-01 20:41:34 -------- d-----w- C:\ProgramData\SaveRAuddon 2014-09-01 20:21:49 -------- d-----w- C:\ProgramData\87415d5c200d2892 2014-08-31 21:03:45 B2B87E43A315EA1EB91CE837B1F01546 123469 ------w- C:\Users\Public\1CD067E59E4740D1AD79D1B37547207E\setup.exe 2014-08-31 21:03:44 -------- d-----w- C:\Users\Public\1CD067E59E4740D1AD79D1B37547207E 2014-08-28 15:28:09 -------- d-----w- C:\ProgramData\UAB 2014-08-28 15:27:59 -------- d-----w- C:\ProgramData\Driver Support 2014-08-28 15:27:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support 2014-08-28 15:26:22 9F26BDD20D770BB3ACEEB42640F7EC10 351744 ------w- C:\Users\Public\906C433CEBE8467FBAC8B9C0BA903E85\setup.exe 2014-08-28 15:26:22 -------- d-----w- C:\Users\Public\906C433CEBE8467FBAC8B9C0BA903E85 2014-08-14 15:37:02 -------- d-----w- C:\ProgramData\IePluginServices 2014-08-14 15:36:32 -------- d-----w- C:\ProgramData\WindowsMangerProtect 2014-08-13 19:01:55 -------- d-----w- C:\Users\Public\BAD0A63E56F143D78BF7956FA9206150 2014-08-12 13:26:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-08-12 12:39:40 075B0DA82E23780FA2DD7F2EA0464FD4 258 --sha-r- C:\ProgramData\ntuser.pol 2014-08-12 12:39:32 -------- d-----w- C:\Users\Guest\AppData 2014-08-12 12:39:27 -------- d-----w- C:\Users\Administrator\AppData 2014-08-12 12:28:04 -------- d-----w- C:\ProgramData\Oracle 2014-08-12 10:43:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 2014-08-12 10:43:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip ====== C: exe-files == 2014-09-04 18:13:56 29DA99B398CDD1B42D2CD49CAC5BA4B8 39915088 ----a-w- C:\Program Files (x86)\Google\Update\Install\{13E798E2-2380-4A9D-9BF8-1F082DFC8F6B}\37.0.2062.103_chrome_installer.exe 2014-09-04 18:13:55 29DA99B398CDD1B42D2CD49CAC5BA4B8 39915088 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\37.0.2062.103\37.0.2062.103_chrome_installer.exe 2014-09-04 18:11:05 EE13A631AE02DF26E1E274287484E84F 895120 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe 2014-09-04 18:11:05 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe 2014-09-04 18:11:05 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe 2014-09-04 18:11:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2014-09-04 18:11:03 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe 2014-09-04 18:11:03 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe 2014-09-04 18:11:03 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe 2014-09-04 18:11:02 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe 2014-09-04 18:10:17 EE13A631AE02DF26E1E274287484E84F 895120 ----a-w- C:\Users\User\Downloads\ChromeSetup(1).exe === C: other files == 2014-09-10 20:47:45 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\System32\drivers\essb.sys 2014-09-10 20:31:58 ADCFDB071D98DE433842D54A6566724C 55104 ----a-w- C:\Windows\System32\drivers\ucjbnfyo.sys 2014-09-10 20:21:38 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-807559294-1489611633-1804961059-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify Web Helper"="C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Akamai NetSession Interface"="C:\Users\User\AppData\Local\Akamai\netsession_win.exe" "Driver Support"="C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Registry Helper"="C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot" "fst_gb_97"="C:\Program Files (x86)\fst_gb_97\fst_gb_97.exe" "eDealsPop"="C:\Program Files (x86)\eDealsPop\eDealsPop.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Browse Safe-repairJob"="wscript.exe C:\Users\User\AppData\Local\Browse Safe\repair.js Browse Safe-repairJob" "upfst_gb_97.exe"="C:\Users\User\AppData\Local\fst_gb_97\upfst_gb_97.exe -runonce" "Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify Web Helper"="C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Akamai NetSession Interface"="C:\Users\User\AppData\Local\Akamai\netsession_win.exe" "Driver Support"="C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Startup Folders ====================== 2014-08-12 10:42:42 1097 ----a-w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk 2014-06-27 17:00:59 1931 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk 2014-07-28 21:21:10 2248 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\90a6a590-0d41-4f77-a577-a138cdea22b4.job --a------ C:\Program Files (x86)\Browsers Apps\90a6a590-0d41-4f77-a577-a138cdea22b4.exe [12/08/2014 11:44] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1.job --a------ C:\Program Files (x86)\Browsers Apps\Browsers Apps-codedownloader.exe [12/08/2014 11:45] C:\Windows\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2.job --a------ C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-2.exe [12/08/2014 11:45] C:\Windows\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7.job --a------ C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-7.exe [12/08/2014 11:44] C:\Windows\tasks\GlaryInitialize 5.job --a------ [Undetermined Task] C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [12/08/2014 11:43] C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [12/08/2014 11:43] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2014 19:10] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/09/2014 19:10] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\90a6a590-0d41-4f77-a577-a138cdea22b4" [C:\Program Files (x86)\Browsers Apps\90a6a590-0d41-4f77-a577-a138cdea22b4.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-1" [C:\Program Files (x86)\Browsers Apps\Browsers Apps-codedownloader.exe] "C:\Windows\SysNative\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-2" [C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-2.exe] "C:\Windows\SysNative\tasks\c57b5d7b-2403-4341-b235-3e180f8171e4-7" [C:\Program Files (x86)\Browsers Apps\c57b5d7b-2403-4341-b235-3e180f8171e4-7.exe] "C:\Windows\SysNative\tasks\Driver Support-RTMRules" [C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe] "C:\Windows\SysNative\tasks\Driver Support-RTMScan" [C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe] "C:\Windows\SysNative\tasks\Driver Support-RTMUpdater" [C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe] "C:\Windows\SysNative\tasks\GlaryInitialize 5" [C:\Program Files (x86)\Glary Utilities 5\Initialize.exe] "C:\Windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GU5SkipUAC" [C:\Program Files (x86)\Glary Utilities 5\Integrator.exe] "C:\Windows\SysNative\tasks\Idle~_~Crawler Runner" ["%LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe"] "C:\Windows\SysNative\tasks\LaunchSignup" [C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe] "C:\Windows\SysNative\tasks\Optimizer Pro Schedule" ["C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe"] "C:\Windows\SysNative\tasks\proXPN" ["C:\Program Files (x86)\proXPN\bin\proxpn.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "[email]faststartff@gmail.com[/email]"="C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c15ib0e9.default\extensions\[email]faststartff@gmail.com[/email]" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 11:36] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Hotspot Shield Extension - %AppDir%\browser\extensions\[email]afproxy@anchorfree.com[/email] - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ddy1u3tr.default-1409772981256 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash C195AC4544729A69CFF30BB62F473054 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll - Shockwave for Director / Shockwave for Director 4C07B5286D129DFD25C24B4A31B9B888 - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll - Happy Cloud Plugin ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12/08/2014 14:20] cosstminn - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Administrator\AppData\Local\Torch\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - Guest\AppData\Local\Torch\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Voice Search Hotword (Beta) - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Browse Safe - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaolfhobbbokdcmfiplbokkokobjgc Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf cosstminn - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape Browsers Apps - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia cosstminn - User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape cosstminn - User\AppData\Local\Torch\User Data\Default\Extensions\daghjgaeamaenkcfjbojfdiamlocmape ==== Chromium Startpages ====================== C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "[url]http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S[/url]", "startup_urls": [ "[url]http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S[/url]" ], ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.msn.com/?pc=AV01[/url]" "Search Page"="[url]http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01[/url]" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="[url]http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01[/url]" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="[url]http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01[/url]" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="[url]http://www.google.com[/url]" "SearchAssistant"="[url]http://www.google.com[/url]" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {006ee092-9658-4fd6-bd8e-a21a348e59f5} Web Search Url="[url]http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDfrtyFevjNFgZdFCmUbZjEjbh_r2SzfU-F5163giNwGMsHCXjcf-J9SPjzbpvGwxhzcnAQIJbkjBdIl9DQVgPsG7L3OmDBGUR61Zhed7D7x79P46hM3-wG9B9C8gOpe5rTEvHgwvoEJ8D1V9eIAUhdXijciZDFPQdTCL2rcRQn2jxYepw,,&q={searchTerms}[/url]" {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Trovi search Url="[url]http://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MCDBE1078-FEC3-485C-A44A-973AC5265D6C&SearchSource=58&CUI=&UM=6&UP=SPCD50C583-F04A-4B38-AEC3-02E205460DDE&q={searchTerms}&SSPV=[/url]" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="[url]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR[/url]" {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="[url]http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01[/url]" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on 10/09/2014 at 22:01:11.37 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top