Jump to content

freakstyle

Honorary Members
 View Profile  See their activity

  • Posts

    58

  • Joined

  • Last visited

 Content Type 

Everything posted by freakstyle

  1. freakstyle
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014 Ran by asus at 2014-07-04 12:16:46 Running from C:\Users\asus\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated) Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.11.3116 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{80194F84-21CE-44CF-A46E-38D8CE448856}) (Version: 0.8.11.3116 - BlueStack Systems, Inc.) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.) CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW® Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.661 - Corel Corporation) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.) CyberLink YouCam 5 (x32 Version: 5.0.0909 - CyberLink Corp.) Hidden DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot) Hotspot Shield 3.40 (HKLM-x32\...\HotspotShield) (Version: 3.40 - AnchorFree Inc.) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden K-Lite Mega Codec Pack 10.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - ) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden Nero 9 Essentials (HKLM-x32\...\{1d54a3c6-3b28-4cbc-bec7-cd67fe438563}) (Version: - Nero AG) Nero BurnRights (x32 Version: 3.4.11.100 - Nero AG) Hidden Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden Nero CoverDesigner (x32 Version: 4.4.9.100 - Nero AG) Hidden Nero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) Hidden Nero DiscSpeed (x32 Version: 5.4.11.100 - Nero AG) Hidden Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden Nero DriveSpeed (x32 Version: 4.4.11.100 - Nero AG) Hidden Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden Nero Express Help (x32 Version: 9.6.2.101 - Nero AG) Hidden Nero InfoTool (x32 Version: 6.4.11.100 - Nero AG) Hidden Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden Nero ShowTime (x32 Version: 5.4.0.100 - Nero AG) Hidden Nero ShowTime (x32 Version: 5.4.13.100 - Nero AG) Hidden Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden Nero StartSmart Help (x32 Version: 9.4.12.100 - Nero AG) Hidden Nero Vision (x32 Version: 6.4.12.100 - Nero AG) Hidden Nero Vision Help (x32 Version: 6.4.8.100 - Nero AG) Hidden NeroExpress (x32 Version: 9.4.17.100 - Nero AG) Hidden neroxml (x32 Version: 1.0.0 - Nero AG) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team) NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation) NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden proDAD Mercalli 3.0 (64bit) (HKLM\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.) Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd) RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.5.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 6.7 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.) Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.1 - Synaptics Incorporated) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer) TP-LINK Wireless Client Utility (HKLM-x32\...\{C1EB6825-9339-4B18-99B0-C455B2288FF9}) (Version: 1.00.4323 - TP-LINK TECHNOLOGIES CO., LTD.) USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab) Vegas Pro 10.0 (64-bit) (HKLM\...\{C616FD4F-11F5-11E0-A38F-0013D3D69929}) (Version: 10.0.470 - Sony) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Visual Basic for Applications ® Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden Visual Basic for Applications ® Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 5.10 beta 3 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) YTD Video Downloader 4.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.4 - GreenTree Applications SRL) ==================== Restore Points ========================= 27-06-2014 12:54:46 Windows Update 29-06-2014 12:09:20 Removed BlueStacks Notification Center 29-06-2014 13:50:53 Removed BlueStacks Notification Center 01-07-2014 04:21:42 Windows Update 03-07-2014 14:27:49 Removed Vegas Pro 10.0 (64-bit) 03-07-2014 14:38:53 Removed Vegas Pro 10.0 (64-bit) ==================== Hosts content: ========================== 2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {46FE268B-7E75-47AB-8E4B-89308BB8C517} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {4C88F906-A23D-4E60-BC08-64F0050ADD48} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {5530E6E8-723E-48C9-97B5-3C84C8011104} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.) Task: {65B49B60-2604-4C44-9E25-077A45D19708} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {CFC23C2A-C73C-4FF3-BA9E-A8DE7CDE4BF8} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31] (globalUpdate) <==== ATTENTION Task: {D7FBD7B3-77C7-44AC-AF65-D6F96A2D3F16} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31] (globalUpdate) <==== ATTENTION Task: {DE58F856-F4A7-4F4A-9625-A9BBB0CC21D0} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {EA7A300C-6A66-4E70-9F43-DE27BAAE66FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.) Task: {EEB2D0C5-1880-469D-B779-A670B1146D6C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-18] (Piriform Ltd) Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core.job => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA.job => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-17 15:40 - 2013-11-11 23:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-05-10 02:23 - 2014-05-10 02:23 - 00559912 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-05-17 14:16 - 2011-03-04 17:40 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll 2014-05-17 14:13 - 2011-10-22 00:49 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-05-20 18:22 - 2014-06-27 22:47 - 00598072 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyHelper.exe 2014-05-10 02:21 - 2014-05-10 02:21 - 00965416 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll 2014-05-10 02:28 - 2014-05-10 02:28 - 00229672 _____ () C:\Program Files (x86)\Hotspot Shield\bin\cmwhydraplugin.dll 2014-05-10 02:22 - 2014-05-10 02:22 - 00517928 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-06-27 13:21 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-06-27 13:21 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-06-27 13:21 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-06-27 13:21 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-06-27 13:21 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-05-20 18:22 - 2014-06-27 22:47 - 36966968 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\libcef.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 00716616 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 00126280 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll 2014-06-03 18:39 - 2011-02-04 08:47 - 00522752 _____ () C:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\sqlite3.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 04217672 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 00414536 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 01732424 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00212992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\dot1x_dll.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00045056 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWLAN.dll 2014-05-17 15:46 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll 2014-05-20 18:22 - 2014-06-27 22:47 - 00886840 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\libglesv2.dll 2014-05-20 18:22 - 2014-06-27 22:46 - 00108600 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\libegl.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 14612296 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/04/2014 00:16:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/04/2014 00:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2014 00:05:10 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/04/2014 11:47:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2014 11:47:26 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/04/2014 11:44:57 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/04/2014 11:42:36 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2014 11:41:34 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/04/2014 11:19:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/04/2014 11:17:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: This operation returned because the timeout period expired. . System errors: ============= Error: (07/04/2014 11:43:33 AM) (Source: DCOM) (EventID: 10016) (User: asus-PC) Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}asus-PCGuestS-1-5-21-1210325367-195732664-3179361299-501LocalHost (Using LRPC) Error: (07/04/2014 11:18:46 AM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (07/03/2014 08:39:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (07/03/2014 08:39:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (07/03/2014 01:12:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Error: (07/03/2014 01:12:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. Error: (07/02/2014 08:43:23 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (07/02/2014 10:46:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Error: (07/02/2014 10:46:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. Error: (07/02/2014 06:04:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Microsoft Office Sessions: ========================= Error: (07/04/2014 00:16:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/04/2014 00:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2014 00:05:10 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/04/2014 11:47:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2014 11:47:26 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/04/2014 11:44:57 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/04/2014 11:42:36 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2014 11:41:34 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/04/2014 11:19:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/04/2014 11:17:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crtThis operation returned because the timeout period expired. ==================== Memory info =========================== Percentage of memory in use: 57% Total physical RAM: 6054.63 MB Available physical RAM: 2593.28 MB Total Pagefile: 12107.46 MB Available Pagefile: 7966.91 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:195.21 GB) (Free:85.56 GB) NTFS Drive d: () (Fixed) (Total:270.45 GB) (Free:205.42 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F5BE972F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=270 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  2. freakstyle
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014 Ran by asus (administrator) on ASUS-PC on 09-07-2014 19:46:16 Running from C:\Users\asus\Downloads Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Spotify Ltd) C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (PhrozenSoft) C:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe (Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe () C:\Users\asus\Desktop\Orion.exe (Gary's Hood) C:\Users\asus\Downloads\rsclient.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-04] (Synaptics Incorporated) HKLM\...\Run: [synAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-03-04] (Synaptics Incorporated) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [uSB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [687336 2013-06-20] (Zbshareware Lab) HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [247016 2011-09-09] (CyberLink Corp.) HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [kbdsprt] => [X] HKLM-x32\...\Run: [ZDWlan.EXE] => C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE [491520 2009-01-14] (TP-LINK TECHNOLOGIES CO., LTD.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-11] (Elaborate Bytes AG) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.) HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [Google Update] => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-19] (Google Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [spotify] => C:\Users\asus\AppData\Roaming\Spotify\Spotify.exe [6189624 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [spotify Web Helper] => C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [Phrozen Keylogger Lite] => [X] HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [GoogleChromeAutoLaunch_3C776F0E4C9D4C175BD7848BC811E09D] => C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [Phrozen Mon_KP] => C:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe [3282952 2013-09-14] (PhrozenSoft) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [uTorrent] => C:\Users\asus\Downloads\uTorrent.exe [1270864 2014-05-19] (BitTorrent Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [Google Update] => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-19] (Google Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [spotify] => C:\Users\asus\AppData\Roaming\Spotify\Spotify.exe [6189624 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [spotify Web Helper] => C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [Phrozen Keylogger Lite] => [X] AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.linkzb.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.linkzb.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\asus\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\asus\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR HomePage: hxxp://google.com/ CHR StartupUrls: "hxxp://www.linkzb.com" CHR Extension: (Google Docs) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17] CHR Extension: (Google Drive) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23] CHR Extension: (YouTube) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17] CHR Extension: (Google Search) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17] CHR Extension: (Rescroller) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod [2014-05-20] CHR Extension: (MightyText - SMS Text Messaging from Computer) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-05-20] CHR Extension: (AdBlock) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-20] CHR Extension: (Google Keep - notes and lists) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-05-20] CHR Extension: (Web Navigation) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja [2014-05-19] CHR Extension: (Twitch Now) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2014-05-20] CHR Extension: (Google Wallet) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19] CHR Extension: (Gmail) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17] CHR HKLM-x32\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx [2014-05-17] ==================== Services (Whitelisted) ================= R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed] R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-06-11] (Macrovision Europe Ltd.) [File not signed] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-05-17] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) ==================== Drivers (Whitelisted) ==================== R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-06] (Atheros Communications, Inc.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [43104 2013-10-10] (IVT Corporation.) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-07] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-09] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-07] (Anchorfree Inc.) S3 ZD1211BU(TP-LINK); C:\Windows\System32\DRIVERS\zd1211Bu.sys [602880 2009-01-05] (Atheros Technology Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-09 19:45 - 2014-07-09 19:45 - 00000000 ____D () C:\Users\asus\Downloads\FRST-OlderVersion 2014-07-09 13:19 - 2014-07-09 13:19 - 02347384 _____ (ESET) C:\Users\asus\Downloads\esetsmartinstaller_enu.exe 2014-07-09 13:19 - 2014-07-09 13:19 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-09 12:57 - 2014-07-09 12:57 - 00000000 ___RD () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-09 12:54 - 2014-07-09 12:54 - 00000000 ____H () C:\ProgramData\cm-lock 2014-07-09 12:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-09 12:37 - 2014-07-09 12:52 - 00000000 ____D () C:\AdwCleaner 2014-07-09 12:36 - 2014-07-09 12:36 - 01348263 _____ () C:\Users\asus\Downloads\AdwCleaner.exe 2014-07-09 12:35 - 2014-07-09 19:44 - 00000000 ____D () C:\Users\asus\Desktop\scans 2014-07-09 12:35 - 2014-07-09 12:35 - 00001756 _____ () C:\Users\asus\Desktop\JRT.txt 2014-07-09 12:23 - 2014-07-09 12:23 - 00000000 ____D () C:\Windows\ERUNT 2014-07-09 12:20 - 2014-07-09 12:21 - 01016261 _____ (Thisisu) C:\Users\asus\Downloads\JRT.exe 2014-07-07 06:18 - 2014-07-07 06:18 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-05 21:29 - 2014-07-05 21:29 - 00000000 ____D () C:\Users\Guest\Documents\My Games 2014-07-05 20:47 - 2014-07-05 20:47 - 00000284 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts.sfl 2014-07-05 20:33 - 2014-07-05 20:47 - 375570432 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts 2014-07-05 20:01 - 2014-07-05 20:01 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\NVIDIA 2014-07-05 19:57 - 2014-07-05 19:57 - 00000028 _____ () C:\Users\Guest\Desktop\SDE.avi.sfl 2014-07-05 19:41 - 2014-07-05 19:41 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\MPC-HC 2014-07-05 19:39 - 2014-07-05 19:39 - 00000036 _____ () C:\Users\Guest\Desktop\Martha SDE.avi.sfl 2014-07-05 17:31 - 2014-07-05 17:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\proDAD_GmbH 2014-07-05 10:16 - 2014-07-05 10:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrashDumps 2014-07-05 09:57 - 2014-07-06 01:05 - 00000158 _____ () C:\Users\Guest\AppData\Roaming\default.rss 2014-07-05 09:56 - 2014-07-05 19:59 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Nero 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Local\Nero 2014-07-05 09:55 - 2014-07-05 20:53 - 00000000 ____D () C:\Users\Guest\Desktop\Martha 2014-07-04 22:28 - 2014-07-04 22:28 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Publish Providers 2014-07-04 22:27 - 2014-07-04 22:27 - 00001062 _____ () C:\Users\Guest\Desktop\Vegas Pro 10.0 (64-bit).lnk 2014-07-04 22:27 - 2014-07-04 22:27 - 00000000 ____D () C:\Users\Guest\AppData\Local\Sony 2014-07-04 21:59 - 2014-07-04 21:59 - 00000000 ____D () C:\Users\asus\Documents\fkl-setup 2014-07-04 21:58 - 2014-07-04 21:58 - 00275888 _____ () C:\Users\asus\Documents\fkl-setup.zip 2014-07-04 12:53 - 2014-07-04 12:53 - 00006730 _____ () C:\Users\asus\Desktop\RKreport_SCN_07042014_125245.log 2014-07-04 12:46 - 2014-07-04 12:46 - 05283416 _____ () C:\Users\asus\Downloads\RogueKillerX64.exe 2014-07-04 12:41 - 2014-07-04 12:41 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-04 12:40 - 2014-07-04 12:41 - 04721240 _____ () C:\Users\asus\Downloads\RogueKiller.exe 2014-07-04 12:16 - 2014-07-04 12:17 - 00031049 _____ () C:\Users\asus\Downloads\Addition.txt 2014-07-04 12:15 - 2014-07-09 19:46 - 00020837 _____ () C:\Users\asus\Downloads\FRST.txt 2014-07-04 12:12 - 2014-07-09 19:46 - 00000000 ____D () C:\FRST 2014-07-04 12:09 - 2014-07-09 19:45 - 02084352 _____ (Farbar) C:\Users\asus\Downloads\FRST64.exe 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla 2014-07-03 22:44 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Publish Providers 2014-07-03 22:41 - 2014-07-03 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\ProgramData\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-07-03 22:29 - 2014-07-03 22:40 - 00000000 ____D () C:\Program Files\Sony 2014-07-03 22:20 - 2014-07-03 22:44 - 00002696 _____ () C:\Users\asus\Documents\Register Vegas Pro.htm 2014-07-03 22:15 - 2014-07-03 22:15 - 00000000 ____D () C:\Users\asus\AppData\Local\Sony 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\Users\asus\AppData\Local\proDAD_GmbH 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\ProgramData\proDAD 2014-07-03 22:11 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Sony 2014-07-03 22:10 - 2014-07-03 22:10 - 00001110 _____ () C:\Users\Public\Desktop\Mercalli 3.0.lnk 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Users\asus\AppData\Roaming\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Program Files\proDAD 2014-07-03 22:09 - 2014-07-03 22:22 - 00000000 ____D () C:\Users\asus\Documents\New folder (2) 2014-07-03 22:08 - 2014-07-04 22:28 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Sony 2014-07-03 22:08 - 2014-07-04 11:16 - 00000000 ____D () C:\Users\Guest\Desktop\x64 2014-07-03 22:08 - 2011-01-27 02:57 - 00002844 _____ () C:\Users\Guest\Desktop\INSTRUCTIONS.txt 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\Desktop\proDAD Mercalli 3.0.215.1 Standalone (Win32-64) Serial [ChingLiu] 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR 2014-07-03 22:07 - 2014-07-03 21:08 - 396390718 ____R () C:\Users\Guest\Desktop\Sony Vegas PRO 10.0c+Keygen(works with windows7) [ kk ].rar 2014-07-03 22:07 - 2011-01-27 03:01 - 00000000 ____D () C:\Users\Guest\Desktop\x32 2014-07-03 20:39 - 2014-07-05 23:06 - 00000000 ____D () C:\Users\Guest\Documents\Youcam 2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\CyberLink 2014-07-03 20:38 - 2014-07-04 22:27 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Folder 2014-07-03 20:38 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00117592 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-03 20:38 - 2014-07-03 20:38 - 00001443 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00001409 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Zbshareware Lab 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\BMExplorer 2014-07-03 20:37 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest 2014-07-03 20:37 - 2014-07-03 20:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini 2014-07-03 20:37 - 2009-07-14 12:54 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-03 20:37 - 2009-07-14 12:49 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-07-02 11:25 - 2014-07-02 11:25 - 00016500 _____ () C:\Users\asus\Downloads\[kickass.to]super.8.2011.720p.brrip.x264.mp4.multisubs.aac.cc.torrent 2014-06-30 11:43 - 2014-06-30 11:43 - 00013780 _____ () C:\Users\asus\Desktop\com.supercell.clashofclans.cfg - Shortcut.lnk 2014-06-30 07:57 - 2014-06-30 07:57 - 00000000 ____D () C:\Users\asus\AppData\Roaming\NVIDIA 2014-06-29 21:58 - 2014-06-29 21:58 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-06-29 21:58 - 2014-06-29 21:58 - 00001780 _____ () C:\Users\Public\Desktop\Apps.lnk 2014-06-29 21:57 - 2014-06-29 21:58 - 00000000 ____D () C:\ProgramData\BlueStacks 2014-06-29 21:57 - 2014-06-29 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-06-29 21:57 - 2014-06-29 21:57 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-06-29 21:56 - 2014-06-29 21:56 - 00000000 ____D () C:\Users\asus\AppData\Local\Bluestacks 2014-06-29 21:51 - 2014-06-29 21:55 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native_b.exe 2014-06-28 13:00 - 2014-06-28 13:00 - 00056797 _____ () C:\Users\asus\Downloads\[kickass.to]the.haunting.in.connecticut.2.ghosts.of.georgia.2013.french.dvdrip.xvid.tmb.torrent 2014-06-27 20:47 - 2014-06-27 20:47 - 00003467 _____ () C:\Windows\SysWOW64\collectionCache.bnk 2014-06-27 13:21 - 2014-06-27 21:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-06-27 13:21 - 2014-06-27 13:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-06-27 13:21 - 2014-06-27 13:21 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-06-27 13:21 - 2014-06-27 13:21 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-06-27 13:21 - 2014-06-27 13:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-06-27 13:21 - 2014-06-27 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-06-27 13:21 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-06-27 13:00 - 2014-06-27 13:03 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\asus\Downloads\spybot-2.3.exe 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\system32\NV 2014-06-27 07:50 - 2014-06-27 07:50 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-27 07:43 - 2014-06-27 07:46 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\asus\Downloads\TeamSpeak3-Client-win64-3.0.15.exe 2014-06-26 20:43 - 2014-06-26 20:44 - 00002046 _____ () C:\Users\asus\Desktop\OSRS.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002076 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002046 _____ () C:\Users\asus\Desktop\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2014-06-26 20:39 - 2014-06-29 20:11 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-06-26 20:39 - 2014-06-26 20:40 - 23805952 _____ () C:\Users\asus\Downloads\RuneScape (1).msi 2014-06-26 20:28 - 2014-06-29 21:56 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-06-26 20:24 - 2014-06-26 20:28 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native.exe 2014-06-26 19:15 - 2014-06-26 19:16 - 01653168 _____ () C:\Users\asus\Desktop\Orion.exe 2014-06-26 19:13 - 2014-06-30 21:06 - 00000000 ____D () C:\Users\asus\jagexcache 2014-06-26 19:06 - 2014-06-26 19:11 - 00000000 ____D () C:\Users\asus\Orion 2014-06-23 19:35 - 2014-06-23 19:35 - 00002984 _____ () C:\Windows\System32\Tasks\ATKOSD2 2014-06-23 19:35 - 2014-06-23 19:35 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-06-23 19:30 - 2014-06-23 19:30 - 00001250 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-06-23 19:28 - 2014-06-23 19:29 - 01640984 _____ () C:\Users\asus\Downloads\SetupVirtualCloneDrive5470.exe 2014-06-23 15:08 - 2014-06-23 15:08 - 00000290 _____ () C:\Users\asus\Documents\vpn kali.txt 2014-06-23 13:30 - 2014-06-23 13:30 - 10432166 _____ () C:\Users\asus\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.3.10-93012.vbox-extpack 2014-06-23 13:25 - 2014-06-23 13:25 - 00000000 ____D () C:\Users\asus\VirtualBox VMs 2014-06-22 11:05 - 2014-06-22 11:05 - 00025017 _____ () C:\Users\asus\Downloads\[kickass.to]farcry.3.black.box.silvertorrent.torrent 2014-06-21 04:46 - 2014-06-21 04:46 - 00020122 _____ () C:\Users\asus\Downloads\[kickass.to]game.of.thrones.the.complete.season.4.hdtv.torrent 2014-06-20 20:13 - 2014-06-20 20:13 - 00004292 _____ () C:\STF711D.tmp 2014-06-20 20:00 - 2014-06-20 20:00 - 00004292 _____ () C:\STF9465.tmp 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\Documents\Square Enix 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\AppData\Local\SKIDROW 2014-06-20 11:11 - 2014-06-20 11:11 - 00002088 _____ () C:\Users\Public\Desktop\TP-LINK Wireless Client Utility.lnk 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\Program Files (x86)\TP-LINK 2014-06-20 11:11 - 2009-01-05 14:54 - 00602880 _____ (Atheros Technology Corporation) C:\Windows\system32\Drivers\ZD1211BU.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00499712 _____ (Atheros Technology Corporation) C:\Windows\SysWOW64\ZD11BUME.SYS 2014-06-20 11:11 - 2009-01-05 14:54 - 00499712 _____ (Atheros Technology Corporation) C:\Windows\SysWOW64\ZD11BU98.SYS 2014-06-20 11:11 - 2009-01-05 14:54 - 00081920 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\ZDPN50.DLL 2014-06-20 11:11 - 2009-01-05 14:54 - 00031744 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00031744 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\ZDPSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00029184 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\BRGSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00029184 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\BRGSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00028672 _____ () C:\Windows\SysWOW64\InsDrvZD.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00024576 _____ () C:\Windows\SysWOW64\ZyDelReg.exe 2014-06-20 11:11 - 2009-01-05 14:54 - 00020608 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\BRGSp50.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00019524 _____ () C:\Windows\SysWOW64\BRGSp31.VXD 2014-06-20 11:11 - 2009-01-05 14:54 - 00017664 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\ZDPSp50.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00017151 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\ZDPNDIS5.SYS 2014-06-20 11:11 - 2009-01-05 14:54 - 00015941 _____ () C:\Windows\SysWOW64\ZDPNDIS3.VXD 2014-06-20 11:11 - 2009-01-05 14:54 - 00015872 _____ () C:\Windows\SysWOW64\InsDrvZD64.DLL 2014-06-20 11:11 - 2009-01-05 14:54 - 00015872 _____ () C:\Windows\system32\InsDrvZD64.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00015428 _____ () C:\Windows\SysWOW64\ZDPSp31.VXD 2014-06-20 11:11 - 2007-06-25 20:29 - 00499712 _____ (Atheros Technology Corporation) C:\Windows\SysWOW64\ZD11BU.SYS 2014-06-20 11:10 - 2009-03-18 15:34 - 00000000 ____D () C:\Users\asus\Documents\Win98_ME_2K_XP_X64 2014-06-20 11:10 - 2009-03-18 15:34 - 00000000 ____D () C:\Users\asus\Documents\Vista 2014-06-20 11:09 - 2014-06-20 11:10 - 06876733 _____ () C:\Users\asus\Documents\2009319153528.zip 2014-06-20 11:00 - 2014-06-20 11:00 - 00225888 _____ (NirSoft) C:\Users\asus\Desktop\c.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00090720 _____ (NirSoft) C:\Users\asus\Desktop\f.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00051200 _____ (NirSoft) C:\Users\asus\Desktop\i.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00000136 _____ () C:\Users\asus\Desktop\launch.bat 2014-06-19 14:05 - 2014-06-19 14:11 - 00000000 ____D () C:\Users\asus\Documents\USB files 2014-06-19 13:52 - 2014-06-20 12:11 - 00000000 ____D () C:\Users\asus\Desktop\POW 2014-06-13 12:02 - 2014-06-13 12:02 - 00034563 _____ () C:\Users\asus\energy-report.html 2014-06-11 21:35 - 2014-06-11 21:36 - 00000841 _____ () C:\Users\asus\Downloads\[kickass.to]just.cause.2.savegame.100.torrent 2014-06-11 21:28 - 2014-06-11 21:28 - 00001432 _____ () C:\Users\asus\Desktop\Play Just Cause 2.lnk 2014-06-11 21:18 - 2014-06-11 21:18 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS3.lnk 2014-06-11 21:16 - 2014-06-11 21:16 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-06-11 21:15 - 2014-06-11 21:15 - 00001223 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk 2014-06-11 21:13 - 2014-06-11 21:13 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk 2014-06-11 21:13 - 2014-06-11 21:13 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk 2014-06-11 21:11 - 2014-06-11 21:11 - 00000000 ____D () C:\Windows\SysWOW64\spool 2014-06-11 21:10 - 2014-06-11 21:10 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk 2014-06-11 21:10 - 2014-06-11 21:10 - 00000000 ____D () C:\Windows\SysWOW64\Macromed ==================== One Month Modified Files and Folders ======= 2014-07-09 19:46 - 2014-07-04 12:15 - 00020837 _____ () C:\Users\asus\Downloads\FRST.txt 2014-07-09 19:46 - 2014-07-04 12:12 - 00000000 ____D () C:\FRST 2014-07-09 19:45 - 2014-07-09 19:45 - 00000000 ____D () C:\Users\asus\Downloads\FRST-OlderVersion 2014-07-09 19:45 - 2014-07-04 12:09 - 02084352 _____ (Farbar) C:\Users\asus\Downloads\FRST64.exe 2014-07-09 19:44 - 2014-07-09 12:35 - 00000000 ____D () C:\Users\asus\Desktop\scans 2014-07-09 19:22 - 2014-05-19 20:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA.job 2014-07-09 19:22 - 2014-05-19 20:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core.job 2014-07-09 18:42 - 2014-05-20 18:16 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Spotify 2014-07-09 18:09 - 2014-05-20 09:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-09 15:48 - 2014-06-06 19:30 - 00000000 ____D () C:\Users\asus\Documents\Greenshot 2014-07-09 14:23 - 2014-05-18 04:37 - 01567834 _____ () C:\Windows\WindowsUpdate.log 2014-07-09 14:19 - 2014-06-03 17:43 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-09 14:12 - 2014-05-20 18:13 - 00000043 _____ () C:\Users\asus\jagex_cl_oldschool_LIVE.dat 2014-07-09 13:19 - 2014-07-09 13:19 - 02347384 _____ (ESET) C:\Users\asus\Downloads\esetsmartinstaller_enu.exe 2014-07-09 13:19 - 2014-07-09 13:19 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-09 12:58 - 2014-06-01 16:32 - 00000000 ____D () C:\Users\asus\Documents\Youcam 2014-07-09 12:57 - 2014-07-09 12:57 - 00000000 ___RD () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-09 12:54 - 2014-07-09 12:54 - 00000000 ____H () C:\ProgramData\cm-lock 2014-07-09 12:54 - 2010-11-21 11:47 - 00043112 _____ () C:\Windows\PFRO.log 2014-07-09 12:54 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-09 12:54 - 2009-07-14 12:51 - 00062045 _____ () C:\Windows\setupact.log 2014-07-09 12:52 - 2014-07-09 12:37 - 00000000 ____D () C:\AdwCleaner 2014-07-09 12:36 - 2014-07-09 12:36 - 01348263 _____ () C:\Users\asus\Downloads\AdwCleaner.exe 2014-07-09 12:35 - 2014-07-09 12:35 - 00001756 _____ () C:\Users\asus\Desktop\JRT.txt 2014-07-09 12:23 - 2014-07-09 12:23 - 00000000 ____D () C:\Windows\ERUNT 2014-07-09 12:22 - 2014-05-21 22:35 - 00000024 _____ () C:\Users\asus\jagexappletviewer.preferences 2014-07-09 12:21 - 2014-07-09 12:20 - 01016261 _____ (Thisisu) C:\Users\asus\Downloads\JRT.exe 2014-07-08 11:54 - 2014-05-20 18:23 - 00000000 ____D () C:\Users\asus\AppData\Local\Spotify 2014-07-08 00:26 - 2009-07-14 12:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-08 00:26 - 2009-07-14 12:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-07 06:46 - 2014-05-24 15:54 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-07-07 06:46 - 2014-05-24 15:54 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-07-07 06:18 - 2014-07-07 06:18 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-06 20:06 - 2014-05-20 03:43 - 00000000 ____D () C:\Users\asus\AppData\Roaming\vlc 2014-07-06 12:59 - 2014-05-17 15:58 - 00052843 _____ () C:\Windows\DirectX.log 2014-07-06 11:48 - 2014-05-17 15:08 - 00000000 ____D () C:\Users\asus\Documents\Bluetooth Folder 2014-07-06 01:05 - 2014-07-05 09:57 - 00000158 _____ () C:\Users\Guest\AppData\Roaming\default.rss 2014-07-05 23:16 - 2009-07-14 13:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-05 23:06 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\Documents\Youcam 2014-07-05 21:29 - 2014-07-05 21:29 - 00000000 ____D () C:\Users\Guest\Documents\My Games 2014-07-05 20:53 - 2014-07-05 09:55 - 00000000 ____D () C:\Users\Guest\Desktop\Martha 2014-07-05 20:47 - 2014-07-05 20:47 - 00000284 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts.sfl 2014-07-05 20:47 - 2014-07-05 20:33 - 375570432 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts 2014-07-05 20:01 - 2014-07-05 20:01 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\NVIDIA 2014-07-05 19:59 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc 2014-07-05 19:57 - 2014-07-05 19:57 - 00000028 _____ () C:\Users\Guest\Desktop\SDE.avi.sfl 2014-07-05 19:41 - 2014-07-05 19:41 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\MPC-HC 2014-07-05 19:39 - 2014-07-05 19:39 - 00000036 _____ () C:\Users\Guest\Desktop\Martha SDE.avi.sfl 2014-07-05 17:31 - 2014-07-05 17:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\proDAD_GmbH 2014-07-05 10:16 - 2014-07-05 10:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrashDumps 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Nero 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Local\Nero 2014-07-04 22:28 - 2014-07-04 22:28 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Publish Providers 2014-07-04 22:28 - 2014-07-03 22:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Sony 2014-07-04 22:27 - 2014-07-04 22:27 - 00001062 _____ () C:\Users\Guest\Desktop\Vegas Pro 10.0 (64-bit).lnk 2014-07-04 22:27 - 2014-07-04 22:27 - 00000000 ____D () C:\Users\Guest\AppData\Local\Sony 2014-07-04 22:27 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Folder 2014-07-04 21:59 - 2014-07-04 21:59 - 00000000 ____D () C:\Users\asus\Documents\fkl-setup 2014-07-04 21:58 - 2014-07-04 21:58 - 00275888 _____ () C:\Users\asus\Documents\fkl-setup.zip 2014-07-04 19:14 - 2014-05-21 22:26 - 00000043 _____ () C:\Users\asus\jagex_cl_runescape_LIVE.dat 2014-07-04 12:53 - 2014-07-04 12:53 - 00006730 _____ () C:\Users\asus\Desktop\RKreport_SCN_07042014_125245.log 2014-07-04 12:46 - 2014-07-04 12:46 - 05283416 _____ () C:\Users\asus\Downloads\RogueKillerX64.exe 2014-07-04 12:41 - 2014-07-04 12:41 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-04 12:41 - 2014-07-04 12:40 - 04721240 _____ () C:\Users\asus\Downloads\RogueKiller.exe 2014-07-04 12:17 - 2014-07-04 12:16 - 00031049 _____ () C:\Users\asus\Downloads\Addition.txt 2014-07-04 12:11 - 2014-05-19 18:45 - 00000000 ____D () C:\Users\asus\AppData\Roaming\uTorrent 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla 2014-07-04 11:24 - 2014-06-03 18:39 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phrozen Keylogger Lite 2014-07-04 11:16 - 2014-07-03 22:08 - 00000000 ____D () C:\Users\Guest\Desktop\x64 2014-07-03 22:44 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Publish Providers 2014-07-03 22:44 - 2014-07-03 22:20 - 00002696 _____ () C:\Users\asus\Documents\Register Vegas Pro.htm 2014-07-03 22:44 - 2014-07-03 22:11 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Sony 2014-07-03 22:41 - 2014-07-03 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\ProgramData\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-07-03 22:40 - 2014-07-03 22:29 - 00000000 ____D () C:\Program Files\Sony 2014-07-03 22:22 - 2014-07-03 22:09 - 00000000 ____D () C:\Users\asus\Documents\New folder (2) 2014-07-03 22:15 - 2014-07-03 22:15 - 00000000 ____D () C:\Users\asus\AppData\Local\Sony 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\Users\asus\AppData\Local\proDAD_GmbH 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\ProgramData\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00001110 _____ () C:\Users\Public\Desktop\Mercalli 3.0.lnk 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Users\asus\AppData\Roaming\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Program Files\proDAD 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\Desktop\proDAD Mercalli 3.0.215.1 Standalone (Win32-64) Serial [ChingLiu] 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR 2014-07-03 21:08 - 2014-07-03 22:07 - 396390718 ____R () C:\Users\Guest\Desktop\Sony Vegas PRO 10.0c+Keygen(works with windows7) [ kk ].rar 2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\CyberLink 2014-07-03 20:39 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00117592 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-03 20:38 - 2014-07-03 20:38 - 00001443 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00001409 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Zbshareware Lab 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\BMExplorer 2014-07-03 20:38 - 2014-07-03 20:37 - 00000000 ____D () C:\Users\Guest 2014-07-03 20:38 - 2014-05-17 15:11 - 00000000 ____D () C:\ProgramData\Atheros 2014-07-03 20:37 - 2014-07-03 20:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini 2014-07-02 11:25 - 2014-07-02 11:25 - 00016500 _____ () C:\Users\asus\Downloads\[kickass.to]super.8.2011.720p.brrip.x264.mp4.multisubs.aac.cc.torrent 2014-07-01 13:39 - 2014-05-17 15:13 - 00000000 ____D () C:\Users\asus\AppData\Local\CrashDumps 2014-06-30 21:06 - 2014-06-26 19:13 - 00000000 ____D () C:\Users\asus\jagexcache 2014-06-30 18:37 - 2014-05-22 09:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-06-30 11:43 - 2014-06-30 11:43 - 00013780 _____ () C:\Users\asus\Desktop\com.supercell.clashofclans.cfg - Shortcut.lnk 2014-06-30 07:57 - 2014-06-30 07:57 - 00000000 ____D () C:\Users\asus\AppData\Roaming\NVIDIA 2014-06-30 04:35 - 2014-06-06 19:28 - 00000000 ____D () C:\Users\asus\AppData\Local\Greenshot 2014-06-29 21:58 - 2014-06-29 21:58 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-06-29 21:58 - 2014-06-29 21:58 - 00001780 _____ () C:\Users\Public\Desktop\Apps.lnk 2014-06-29 21:58 - 2014-06-29 21:57 - 00000000 ____D () C:\ProgramData\BlueStacks 2014-06-29 21:58 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-06-29 21:57 - 2014-06-29 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-06-29 21:57 - 2014-06-29 21:57 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-06-29 21:56 - 2014-06-29 21:56 - 00000000 ____D () C:\Users\asus\AppData\Local\Bluestacks 2014-06-29 21:56 - 2014-06-26 20:28 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-06-29 21:55 - 2014-06-29 21:51 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native_b.exe 2014-06-29 20:11 - 2014-06-26 20:39 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-06-28 13:00 - 2014-06-28 13:00 - 00056797 _____ () C:\Users\asus\Downloads\[kickass.to]the.haunting.in.connecticut.2.ghosts.of.georgia.2013.french.dvdrip.xvid.tmb.torrent 2014-06-27 21:30 - 2014-06-27 13:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-06-27 20:47 - 2014-06-27 20:47 - 00003467 _____ () C:\Windows\SysWOW64\collectionCache.bnk 2014-06-27 13:26 - 2014-06-27 13:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-06-27 13:21 - 2014-06-27 13:21 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-06-27 13:21 - 2014-06-27 13:21 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-06-27 13:21 - 2014-06-27 13:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-06-27 13:21 - 2014-06-27 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-06-27 13:03 - 2014-06-27 13:00 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\asus\Downloads\spybot-2.3.exe 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\system32\NV 2014-06-27 12:45 - 2014-05-17 15:41 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-27 12:45 - 2014-05-17 15:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-27 12:45 - 2014-05-17 15:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-27 07:50 - 2014-06-27 07:50 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-27 07:46 - 2014-06-27 07:43 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\asus\Downloads\TeamSpeak3-Client-win64-3.0.15.exe 2014-06-26 20:44 - 2014-06-26 20:43 - 00002046 _____ () C:\Users\asus\Desktop\OSRS.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002076 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002046 _____ () C:\Users\asus\Desktop\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2014-06-26 20:40 - 2014-06-26 20:39 - 23805952 _____ () C:\Users\asus\Downloads\RuneScape (1).msi 2014-06-26 20:37 - 2014-05-20 03:42 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Nero 2014-06-26 20:28 - 2014-06-26 20:24 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native.exe 2014-06-26 20:00 - 2009-07-14 13:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-26 19:16 - 2014-06-26 19:15 - 01653168 _____ () C:\Users\asus\Desktop\Orion.exe 2014-06-26 19:13 - 2014-05-17 13:42 - 00000000 ____D () C:\Users\asus 2014-06-26 19:11 - 2014-06-26 19:06 - 00000000 ____D () C:\Users\asus\Orion 2014-06-24 19:17 - 2014-05-19 20:47 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA 2014-06-24 19:17 - 2014-05-19 20:47 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core 2014-06-23 19:35 - 2014-06-23 19:35 - 00002984 _____ () C:\Windows\System32\Tasks\ATKOSD2 2014-06-23 19:35 - 2014-06-23 19:35 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-06-23 19:30 - 2014-06-23 19:30 - 00001250 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-06-23 19:29 - 2014-06-23 19:28 - 01640984 _____ () C:\Users\asus\Downloads\SetupVirtualCloneDrive5470.exe 2014-06-23 16:54 - 2014-06-01 18:57 - 00000000 ____D () C:\Users\asus\.VirtualBox 2014-06-23 15:08 - 2014-06-23 15:08 - 00000290 _____ () C:\Users\asus\Documents\vpn kali.txt 2014-06-23 13:30 - 2014-06-23 13:30 - 10432166 _____ () C:\Users\asus\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.3.10-93012.vbox-extpack 2014-06-23 13:25 - 2014-06-23 13:25 - 00000000 ____D () C:\Users\asus\VirtualBox VMs 2014-06-22 11:05 - 2014-06-22 11:05 - 00025017 _____ () C:\Users\asus\Downloads\[kickass.to]farcry.3.black.box.silvertorrent.torrent 2014-06-21 04:46 - 2014-06-21 04:46 - 00020122 _____ () C:\Users\asus\Downloads\[kickass.to]game.of.thrones.the.complete.season.4.hdtv.torrent 2014-06-20 20:13 - 2014-06-20 20:13 - 00004292 _____ () C:\STF711D.tmp 2014-06-20 20:00 - 2014-06-20 20:00 - 00004292 _____ () C:\STF9465.tmp 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\Documents\Square Enix 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\AppData\Local\SKIDROW 2014-06-20 12:11 - 2014-06-19 13:52 - 00000000 ____D () C:\Users\asus\Desktop\POW 2014-06-20 11:11 - 2014-06-20 11:11 - 00002088 _____ () C:\Users\Public\Desktop\TP-LINK Wireless Client Utility.lnk 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\Program Files (x86)\TP-LINK 2014-06-20 11:11 - 2014-05-17 15:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-20 11:10 - 2014-06-20 11:09 - 06876733 _____ () C:\Users\asus\Documents\2009319153528.zip 2014-06-20 11:00 - 2014-06-20 11:00 - 00225888 _____ (NirSoft) C:\Users\asus\Desktop\c.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00090720 _____ (NirSoft) C:\Users\asus\Desktop\f.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00051200 _____ (NirSoft) C:\Users\asus\Desktop\i.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00000136 _____ () C:\Users\asus\Desktop\launch.bat 2014-06-19 14:11 - 2014-06-19 14:05 - 00000000 ____D () C:\Users\asus\Documents\USB files 2014-06-13 12:02 - 2014-06-13 12:02 - 00034563 _____ () C:\Users\asus\energy-report.html 2014-06-12 08:37 - 2014-05-17 15:52 - 00117592 _____ () C:\Users\asus\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-12 08:37 - 2009-07-14 12:45 - 02358264 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-11 21:36 - 2014-06-11 21:35 - 00000841 _____ () C:\Users\asus\Downloads\[kickass.to]just.cause.2.savegame.100.torrent 2014-06-11 21:28 - 2014-06-11 21:28 - 00001432 _____ () C:\Users\asus\Desktop\Play Just Cause 2.lnk 2014-06-11 21:18 - 2014-06-11 21:18 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS3.lnk 2014-06-11 21:17 - 2014-05-19 19:11 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Adobe 2014-06-11 21:17 - 2014-05-17 15:41 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-06-11 21:17 - 2014-05-17 15:40 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-11 21:16 - 2014-06-11 21:16 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-06-11 21:15 - 2014-06-11 21:15 - 00001223 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk 2014-06-11 21:13 - 2014-06-11 21:13 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk 2014-06-11 21:13 - 2014-06-11 21:13 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk 2014-06-11 21:11 - 2014-06-11 21:11 - 00000000 ____D () C:\Windows\SysWOW64\spool 2014-06-11 21:10 - 2014-06-11 21:10 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk 2014-06-11 21:10 - 2014-06-11 21:10 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-06-10 20:13 - 2014-06-06 17:13 - 00000044 _____ () C:\Users\asus\jagex_cl_runescape_LIVE1.dat Files to move or delete: ==================== C:\Users\asus\jagex_cl_oldschool_LIVE.dat C:\Users\asus\jagex_cl_runescape_LIVE.dat C:\Users\asus\jagex_cl_runescape_LIVE1.dat C:\Users\asus\random.dat Some content of TEMP: ==================== C:\Users\asus\AppData\Local\Temp\GoogleSetup.exe C:\Users\asus\AppData\Local\Temp\HssInstaller64.exe C:\Users\asus\AppData\Local\Temp\ose00000.exe C:\Users\asus\AppData\Local\Temp\Quarantine.exe C:\Users\asus\AppData\Local\Temp\SRLDetectionLibrary6637867993982747457.dll C:\Users\asus\AppData\Local\Temp\xmlUpdater.exe C:\Users\asus\AppData\Local\Temp\{E0CE4544-F568-480B-AEFC-9211B307B5BF}-34.0.1847.137_chrome_installer.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-30 05:10 ==================== End Of Log ============================
  3. freakstyle
    Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/9/2014Scan Time: 1:02:04 PMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.09.02Rootkit Database: v2014.07.07.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: asus Scan Type: Threat ScanResult: CompletedObjects Scanned: 358540Time Elapsed: 15 min, 12 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 2PUM.Hijack.Regedit, HKU\S-1-5-21-1210325367-195732664-3179361299-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegistryTools, 1, Good: (0), Bad: (1),Replaced,[7a3c950789f2c670822f771c4eb61ce4]PUM.Hijack.TaskManager, HKU\S-1-5-21-1210325367-195732664-3179361299-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableTaskMgr, 1, Good: (0), Bad: (1),Replaced,[7d39c3d9e596072f1300fe97d52f36ca] Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) ESET:C:\Users\asus\AppData\Local\Temp\GoogleSetup.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationC:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe Win32/KeyLogger.Phrozen.B applicationC:\Users\asus\Desktop\c.exe Win32/PSWTool.ChromePass.A potentially unsafe applicationC:\Users\asus\Desktop\f.exe Win32/PSWTool.PassFox.D potentially unsafe applicationC:\Users\asus\Desktop\i.exe Win32/PSWTool.IEPassView.NAE potentially unsafe applicationC:\Users\asus\Documents\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationC:\Users\asus\Documents\Havij v1.16 Pro Portable.exe Win32/HackTool.Crack.BF potentially unsafe applicationC:\Users\asus\Documents\fkl-setup\fkl-setup (password=2013).exe a variant of Win32/KeyLogger.FamilyKeyLogger.F applicationC:\Users\asus\Documents\PhrozenKeyloggerLite1-0R3_setup\PhrozenKeyloggerLite1-0R3_setup.exe Win32/KeyLogger.Phrozen.B applicationC:\Users\asus\Documents\USB files\New folder\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationC:\Users\asus\Downloads\cbsidlm-cbsi188-Free_Keylogger_Pro-SEO-75886072.exe a variant of Win32/CNETInstaller.B potentially unwanted applicationC:\Users\asus\Downloads\HSS-3.40-install-hss-561-conduit.exe Win32/Toolbar.Conduit potentially unwanted applicationC:\Windows\System32\HavijPro\Havij_Load.exe Win32/HackTool.Crack.BF potentially unsafe applicationC:\Windows\SysWOW64\HavijPro\Havij_Load.exe Win32/HackTool.Crack.BF potentially unsafe applicationD:\drivers\Audio_Realtek_Win7_64_Z6016373\Setup.exe a variant of Win32/Sality.NDW virusD:\drivers\Audio_Realtek_Win7_64_Z6016373\Vista\RtHDVCpl.exe probably a variant of Win32/Sality.NAR virusD:\drivers\Camera_Azurewave_VS010_Win7_64_Z5855133208\vsnp2uvc.exe Win32/Sality.NBA virusD:\drivers\CardReader_Win7_32_Win7_64_Z61760010001\APBin_32bit\addfilter.exe Win32/Sality.NBA virusD:\drivers\CardReader_Win7_32_Win7_64_Z61760010001\DriverBin_32bit\revcon.exe a variant of Win32/Sality.NDW virusD:\drivers\VGA_nVidia_Win7_64_Z817126856\Display.Update\ComUpdatus.exe probably a variant of Win32/Sality.NAR virusD:\drivers\VGA_nVidia_Win7_64_Z817126856\Display.Update\daemonu.exe probably a variant of Win32/Sality.NAR virusOperating memory Win32/KeyLogger.Phrozen.B application -------------
  4. freakstyle
    # AdwCleaner v3.215 - Report created 09/07/2014 at 12:37:52 # Updated 09/07/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : asus - ASUS-PC # Running from : C:\Users\asus\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** Service Found : globalUpdate Service Found : globalUpdatem ***** [ Files / Folders ] ***** File Found : C:\Users\asus\daemonprocess.txt File Found : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore File Found : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA File Found : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job File Found : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job Folder Found : C:\Program Files (x86)\globalUpdate Folder Found : C:\Program Files (x86)\GreenTree Applications Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield Folder Found : C:\Users\asus\AppData\Local\globalUpdate Folder Found : C:\Users\asus\AppData\Local\Mobogenie Folder Found : C:\Users\asus\AppData\Local\Temp\hotspot shield Folder Found : C:\Users\asus\Documents\Mobogenie Folder Found : C:\Windows\SysWOW64\hotspot shield ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Found : HKLM\Software\hotspotshield Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7601.17514 -\\ Google Chrome v [ File : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3346 octets] - [09/07/2014 12:37:52] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3406 octets] ########## # AdwCleaner v3.215 - Report created 09/07/2014 at 12:52:19 # Updated 09/07/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : asus - ASUS-PC # Running from : C:\Users\asus\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted : globalUpdate [#] Service Deleted : globalUpdatem ***** [ Files / Folders ] ***** [x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield Folder Deleted : C:\Program Files (x86)\globalUpdate [x] Not Deleted : C:\Program Files (x86)\GreenTree Applications [x] Not Deleted : C:\Windows\SysWOW64\hotspot shield Folder Deleted : C:\Users\asus\AppData\Local\globalUpdate Folder Deleted : C:\Users\asus\AppData\Local\Mobogenie [x] Not Deleted : C:\Users\asus\AppData\Local\Temp\hotspot shield Folder Deleted : C:\Users\asus\Documents\Mobogenie [x] Not Deleted : C:\Users\asus\daemonprocess.txt File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\Software\hotspotshield Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7601.17514 -\\ Google Chrome v [ File : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://en.softonic.com/s/{searchTerms} Deleted [search Provider] : hxxp://go.speedbit.com/search.aspx?s=DBIaya1&q={searchTerms} Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms} Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} ************************* AdwCleaner[R0].txt - [3502 octets] - [09/07/2014 12:37:52] AdwCleaner[s0].txt - [3695 octets] - [09/07/2014 12:52:19] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3755 octets] ##########
  5. freakstyle
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows_NT x64 Ran by asus on Wed 07/09/2014 at 12:29:51.05 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] hshld Successfully deleted: [service] hshld ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 07/09/2014 at 12:35:43.04 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  6. freakstyle
    bump
  7. freakstyle
    Roguekiller report: RKreport_SCN_07042014_125245.log
  8. freakstyle
    MBAM scan: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/4/2014Scan Time: 12:23:36 PMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.04.02Rootkit Database: v2014.07.03.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: asus Scan Type: Threat ScanResult: CompletedObjects Scanned: 356240Time Elapsed: 14 min, 1 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 1Keylogger.PKL, HKU\S-1-5-21-1210325367-195732664-3179361299-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Phrozen Mon_KP, "C:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe" /h, , [2cf60d8ea6d5b87e9018bf1df210ea16] Registry Data: 2PUM.Hijack.Regedit, HKU\S-1-5-21-1210325367-195732664-3179361299-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegistryTools, 1, Good: (0), Bad: (1),,[6cb61f7c35467cbaa408fc91f21222de]PUM.Hijack.TaskManager, HKU\S-1-5-21-1210325367-195732664-3179361299-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableTaskMgr, 1, Good: (0), Bad: (1),,[75ad3e5da8d39a9c5eb09bf49f653ec2] Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) Addition.txt FRST.txt
  9. freakstyle
    for some reason i couldnt post the 2 files as it says that my post is too long.
  10. freakstyle
    Everytime I run a scan on MBAM these two always appear. I ran farbar as said in this link https://forums.malwarebytes.org/index.php?/topic/9573-im-infected-what-do-i-do-now/
  11. freakstyle
    Maniac. by the way. the virus/malware isnt showing up anymore. do you think my pc game performance will be back to normal if i uninstall the things u let me install in the past?
  12. freakstyle
    already did.
  13. freakstyle
    already done all the stuff at http://forums.malwarebytes.org/index.php?showtopic=81990 and nothing changed.
  14. freakstyle
    i already did what you told me. by the way what instructions are you talking about. because the instructions in http://forums.malwarebytes.org/index.php?showtopic=81990 doesnt show a log file
  15. freakstyle
    or do you think one of the things you let me download caused it ? is it possible?? those applications/pograms like combofix etc
  16. freakstyle
    they are up to date. before i made those scans my games are running perfectly. what may have caused em?
  17. freakstyle
    by the way. the display graphics also worsened.
  18. freakstyle
    atm no annoying nginx or partner37 stuff. hey by the way when i ran games, my frames per second lowered.. im not saying its your fault, im saying maybe the malware/antivirus/scanning stuff removed a driver or somethin?
  19. freakstyle
    i already posted the logs btw
  20. freakstyle
    i just posted.. lol
  21. freakstyle
    Results of screen317's Security Check version 0.99.42 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Trend Micro Titanium Internet Security Microsoft Security Essentials Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 JavaFX 2.1.1 Java 6 Update 31 Java 7 Update 5 Adobe Reader X (10.1.3) Google Chrome 19.0.1084.56 Google Chrome 20.0.1132.47 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Microsoft Security Client Antimalware MsMpEng.exe Microsoft Security Client Antimalware NisSrv.exe Trend Micro Titanium TiMiniService.exe Trend Micro Titanium TiResumeSrv.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````
  22. freakstyle
    ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=53251
  23. freakstyle
    should i do the scan from http://www.eset.com/onlinescan/ firsT?
  24. freakstyle
    Maniac by the way, earlier when i play a game that i usually play, i noticed that the graphics got worse. even though i didnt move the graphic settings of the game. can you please check maybe the things u made me do accidentally uninstall a driver or something? thanks
  25. freakstyle
    im gonna try again tomorow. will leave it at like 8am. and il check it back at around 6pm. lol
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.