Jump to content

brownhy

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. done the steps. suppose to uninstall rougekiller and JRT? because it is still on my desktop. Thank you for your help!
  2. I have a few windows updates to make after the deletions.Should I update them?
  3. I think start up seems abit faster and the ads are gone. Anything else I shoulddo to prevent future infections? Can I repeat the steps if I am ever infected again? Thanks.
  4. Hi Borislav, Just for info, the computer was not responding when I first run the AdwCleaner and I had to do a cold restart. Upon restart, I ran the program again and it works. I am inserting both logs from both sessions of AdwCleaner. See below for the logs requested. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.1.6 (07.17.2013:4)OS: Windows 7 Home Premium x64Ran by Ong Huan Yi on 21/07/2013 Sun at 1:36:00.29~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Failed to stop: [service] ibupdaterservice ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.comSuccessfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.comSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-3289639598-2459867880-2544685933-1000\software\web assistant"Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\extension.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\secman.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4d076ab4-7562-427a-b5d2-bd96e19dee56}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bdb69379-802f-4eaf-b541-f8de92dd98db}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{2eecd738-5844-4a99-b4b6-146bf802613b}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{826d7151-8d99-434b-8540-082b8c2ae556}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e46c8196-b634-44a1-af6e-957c64278ab1}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{11549fe4-7c5a-4c17-9fc3-56fc5162a994}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylonSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installerSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.comSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\imSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstallerSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonicSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistantSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnltSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopesSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossriderSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{2eecd738-5844-4a99-b4b6-146bf802613b}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{2eecd738-5844-4a99-b4b6-146bf802613b}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlprSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobjectSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.capSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\i want this_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\i want this_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibartoolbar_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibartoolbar_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3220468Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon"Successfully deleted: [Folder] "C:\ProgramData\partner"Successfully deleted: [Folder] "C:\ProgramData\premium"Successfully deleted: [Folder] "C:\Users\Ong Huan Yi\AppData\Roaming\babylon"Successfully deleted: [Folder] "C:\Users\Ong Huan Yi\appdata\local\apn"Successfully deleted: [Folder] "C:\Users\Ong Huan Yi\appdata\local\conduit"Successfully deleted: [Folder] "C:\Users\Ong Huan Yi\appdata\locallow\babylontoolbar"Successfully deleted: [Folder] "C:\Users\Ong Huan Yi\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Users\Ong Huan Yi\appdata\locallow\coolyou"Successfully deleted: [Folder] "C:\Users\Ong Huan Yi\appdata\locallow\incredibar.com"Successfully deleted: [Folder] "C:\Program Files (x86)\chatzum toolbar"Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"Failed to delete: [Folder] "C:\Windows\syswow64\jmdp"Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{01CE31C5-152B-46F3-B5B8-85C4EDA7DC5C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{02E5C93D-A507-4C20-AEDA-4E62FA2AE9E6}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{03276D5E-94B3-4653-A815-D65834CEE8DC}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{05024832-ABDB-4BFE-AC9E-DC653E3C5FED}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{058CC7EB-A4F8-48E9-B87D-1AC49EDB746C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{07E06736-AEF8-489E-9286-4E17EC705AA1}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{08353646-41AD-434A-8962-C23E6020D9D1}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{08630A69-A0FF-4366-ABFF-83DF83407423}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{08CBADD3-79D3-4980-A68E-C0452AB45254}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{08F545F2-1A55-471F-B57A-627F75A1E1D3}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{09A30A75-52C7-473F-8876-81D9DCA069C4}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{09FFAC1D-5221-434D-9517-B089B25C4D22}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{0E8F619F-9EDC-406A-AEF8-BD82B196529D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{10773ADB-4762-497A-B2D2-D11B2AD1629C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{10C8F3FC-9017-4432-AF7A-0D3036D97CA8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{1105526D-6C65-460C-A535-6C4CE16C5110}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{11BF1F6F-EC60-41AD-8E17-6DDE9C940A96}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{12809893-42EE-4590-B3D1-A1D7E1ABBE33}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{136C7904-3099-4137-9CB2-88166498A307}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{15903E6D-B944-4387-98A3-2FD936876E8D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{15BD8971-5E10-4E0F-A8BD-82CFADE279CC}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{1889714F-881F-4999-9830-CE249D11F47A}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{1F809ABF-A876-49F1-9C91-CA33141F6316}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{207632D0-44FF-4D48-A0FF-6FC5905B5195}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{209C44E3-2F28-4FF3-8661-CE165FF58036}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{21522891-25B5-41A4-AAE6-2B2FACCD88C3}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{246DE4C5-CF08-40C9-8F83-EB5E5C258D7F}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{253EAE4E-78D6-43DA-9328-924B1C00C390}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{26BFECDA-1264-45DF-9F32-00B4529DF594}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{282EDB2E-A597-49A4-93F3-7507484B9901}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{2A181414-5E59-4832-AC90-D5319E56CCE8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{2A1F3072-29C9-4DAF-A985-E5969ECC2A94}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{2E5FF2F9-1ED5-4B33-9907-251CD28BAD3F}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{2EAE6AE2-BD38-4C53-A3D6-4C5C052DA085}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{300F2E47-1064-40C2-BF79-342779E31079}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{30E1F22D-40AF-4B1B-A04E-0B31DD64DA54}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{30E78A66-33BE-497C-B66B-A1EDDE0081C1}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{3202EE73-0C31-43F4-AFB1-8C454EF218A2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{33BB707D-A05D-406D-84E2-3834E4C8A861}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{34EFF2E8-F9AD-41CE-9294-BEF87563B58D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{3517D9F3-400C-48D0-83E1-E77DB26CCA21}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{35C4D097-4BD4-4620-B832-2917E41B7BE8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{37CC27F1-8EF9-4C7A-8E0D-193310C57E93}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{3D35FA79-9E60-420C-9AC5-F5C784460116}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{3E102E59-4079-4E18-8381-B622AFE5899E}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{3E6EF6B6-60E6-4A96-8B8C-9A9D65E29BC2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{3FF4E95C-7B8E-44C2-8D5F-5D04B95E8362}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{417F6E68-B96C-4D8C-B212-4BCD883AFA2A}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{41A58073-C66C-484C-B526-B32ECD78A6D7}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{48CA81B8-4D09-40C4-8A01-23E3A6A6E395}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{498A7C37-0402-4862-AD2D-115E85CC486F}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{4B9FC4EC-341E-4446-8D1F-A9524C35515D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{4C6E45DC-C407-4088-8B00-94F4701C318D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{4C8F2AD2-3247-45B5-A7DA-9EC7861CD8AC}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{4CD079B1-2710-44E0-BFA5-3D41B5C4A5B1}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{4E19463E-3E54-400A-82C0-7975721D2E5A}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{4E668AAB-2D33-494C-84AD-445971E9D16E}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{51923C3F-EF48-42CF-ABBA-73FEB5F10BB9}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{5293DB47-22F9-4D43-BAED-0D6E0CFC6020}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{53D1CAFE-05F2-4335-BBE5-27103382EAAF}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{546957FC-4205-4183-B402-8DCAE2090C3E}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{56B07CF3-F425-4054-8E9E-10DB8E148D16}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{56DBDE15-C0F1-4C74-AC85-A277268E2349}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{56EF8726-62A0-4C7E-8C14-943B2D27B5A3}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{597609CE-9C4F-4F29-B1A2-2567D73B1A0B}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{59E578D7-1CE4-496D-A358-9D0021E39DB2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{59FB2CA2-68A3-4417-8BD4-7303C89171CF}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{5E9A62D3-E41D-423F-9BCC-B3927940D4F4}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{60ED2CF4-BA79-451B-ABD2-0D72543E9FC7}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{612A0AE8-BA6C-46D4-A102-05984BA406C4}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{62846899-4A21-4362-B3CF-6F07B9302F52}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{6417C730-2204-4E38-BD78-435961CE4CFF}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{642E8DD7-9587-4D41-B109-DC07022D63E2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{66F52FFB-D306-4018-8D86-E097687D953E}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{6963D691-89C3-4863-990D-016A703D240D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{698D0E3F-9BDB-4AD9-8BF1-2A2DD08CF136}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{6C4EB308-F487-4950-8F62-C1FB27F49CBD}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{6C60DFCC-4FF6-4B7A-8895-9337101846D2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{6F9D311B-286F-4BEB-9614-B759E09FE68E}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{70558C25-298B-4B84-86EF-3C04A4F9965C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{72D8E2D5-4F9C-4979-BF41-8579090478D3}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{73429DA0-AFD6-4FD2-99F2-F741E486A862}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{750BBE33-2990-48C0-A02D-CA27D7631078}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{781650BC-8A67-4AE2-8BF4-40783BEBCBBD}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{7978F237-025F-45BC-AF52-A668866F66B8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{799802A5-737C-4F1B-95B4-1D5BC0609C06}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{7C532C66-2950-4947-80F6-0342D6160B9E}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{7D4754F7-8C11-4B09-9861-03D517FCDDA4}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{7DE70D83-D8EB-4C15-8FD3-9582A55C5330}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{825C47C1-8C9B-4DF8-8C92-730EDC7F5CA8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{8814B43F-ED78-4B4D-8A20-95667A93AD7C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{8A3C9246-63EF-41C3-B8EC-ABB00AF4C432}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{8BC13620-6CB8-4FF1-854E-0BCA0E3CB9FA}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{8CECC54B-921E-4B14-9F6D-6695C9B565B9}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{90919E4C-7AD1-43EF-BA13-8558087DAB8B}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{912E6AEF-07BC-460C-9335-3F50CF3F80DB}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{955E6D71-2A75-435B-9AB7-762844357BE6}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{95F8A98A-5827-4147-A31C-1469CA93E55E}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{97BE8637-1518-4518-A035-B5946F954457}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{98BA2539-45D4-4F83-ABE4-83265019E790}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{994C6A13-2EB9-45EB-B2F0-A0274957692F}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{997F7401-AEAC-45B4-87D9-18C2DAAB9528}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{99A1929E-1DDC-478F-9A81-13533F4FF2BD}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{99B0FF75-0BAC-4ABD-AC91-18604176F9ED}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{9B7A84B9-999E-4D78-8370-7DF25D8C3699}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{9C43BA5E-B943-4AB0-9C72-6558145D558F}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{9E0FBA48-CB99-4F54-9F2D-7F7A25AE3B77}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{9E2DBAB8-9484-4A5C-B828-429AED900B81}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{9E4D9D11-10DC-46CB-8A3D-B0CBD2422CE2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{9F0FB0A6-5918-4FC5-9A14-B75412B546F5}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{A03A5B77-BB70-4DEF-A112-9332486B6FC9}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{A1F5EB11-13EE-4F91-A3CF-AD4B7CD57384}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{A27C420D-7A0B-4AFA-ADF1-AAC926176CB5}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{A7471E18-6C81-4C66-9211-8D59EC2B9DD2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{AB37A76D-6DC7-4532-8804-2078CA74169D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{ABCF4ACF-2428-4E72-A42C-A48F82FB71E9}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{ABE5214A-A7D9-44FC-9436-6D68470C8981}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{AE242331-00C4-487E-98D0-6401422CB190}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{AE2B6E89-9A0F-490B-9958-2B648E3C5135}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{AE3C30DC-FE32-4F8F-AAD3-89A4738B717C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B267B842-34A8-4D1A-B6EC-ED1E032F910A}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B2B8F08E-4293-40C5-A876-1A1459CBDA4B}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B46B6CA2-CE09-4E29-96D8-33B7EF0B0E81}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B47F68B5-E763-47A4-A141-02B4C100C272}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B5830F6C-E534-4CB1-A496-51BD985E11B8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B5FD3BD3-1F8C-4C9D-BA78-563FE026367A}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B661CEE0-DC3A-425A-92D2-17265D75E525}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B6803681-E20B-4736-B8FF-87C8314B37D5}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B7CCDA2A-2FDA-4D8F-B00D-FDD7019CC7B4}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B8112722-5AD9-48A9-8814-3B4D66EFDFFD}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{B8AD3B02-5551-4980-B059-56E4B45364F2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{BBA5A7D8-31BC-4328-8952-DA47B4CF751C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{BCC3A32B-445A-46D7-B663-22090A3F81DA}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{BFEBD203-DB96-4660-A284-1299905E6974}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C0716737-537A-4C4F-9FEA-031B84C47BC8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C34008F2-8735-4C05-81C5-7A773BC9F514}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C34592BA-7807-43A4-A183-D0C34D76FA28}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C3FC99B6-4C38-47F0-8D15-BB90358F2B2B}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C6C6DFD5-BCA7-441A-9964-5DCE7867C214}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C75F68AA-212D-4A89-A78F-BF9AEC6C8845}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C78841BC-3070-471E-800C-A40BDEFE5961}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C7D5E132-2FB7-47ED-A87E-D75AFA16CCA1}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C8610ECB-0435-4A26-B1F0-DC41598671DC}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{C952B539-81BE-4338-A507-F4E79DFC6B70}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{CA9FE305-AD6E-47B8-96C6-344FB1BF11B9}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{CAACBDAE-E3ED-4997-84FF-1524AD3D9B07}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{CC0CBAD8-E39D-4E8F-92FF-A1DC22755D9C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{CC48AFDD-5EE0-4BB5-94BC-DC0A224E4B6B}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{D10B5658-5A48-44AC-9B8A-EAA0EA0F2F9C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{D1A48D69-BF2A-4FC6-809B-7EA0676F767B}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{D33DCCB4-E99C-4F74-B538-E98A7454189C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{D823D18C-AE41-4749-917D-5BEE422E98B6}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{D8258310-7426-4273-A38A-3FF27478560C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{D8F22D66-7F04-48F7-99C9-6422FB92A46D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{D9515198-2BC8-47DF-91E3-45CC4CBA2DA6}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{DA3DCCC1-4950-46EE-ACF3-05064E6FB2AA}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{DA41851D-68B7-455A-9950-B1D293EF2CE1}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{DAD1984C-B260-4393-A31D-998EFA9D9D71}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{DBB744F0-30FB-44EF-90C8-66CB83E995FC}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{DCAD89C7-DCFE-4220-AFF7-EF971297C8E2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{DD0A93E0-131C-4DCC-9535-40DBFF379280}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{DE56E37E-6F00-4693-9479-52C90024A669}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E04C75F9-4293-4EAE-99E6-581AFDA84330}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E1CE4402-8FA4-4658-82B8-C22C18E46128}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E1DEE605-D051-4F1A-ACFB-39F75E6EB549}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E25CAD27-E2CE-4F18-A073-4906EF7FB963}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E2AFF207-68DA-4B31-B7F7-CDFA09861A11}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E501C832-86B3-4483-8497-46C2B98CC9CF}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E55806AB-CC15-43B4-9A32-78CFE6CF21F9}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E5CDEC06-E46D-4AF2-878F-6DE6ECAFEA79}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E74A96E7-8D62-4B45-991B-E46EB398F87B}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E805D5CD-2536-4179-AE34-48DDF5156101}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E8515C44-A291-4A2D-AE11-9E15B93259D6}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{E8CEC1D4-D458-4BE2-9CF9-D11E3C0B3AA4}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{EAA89B08-45F5-4A48-957D-659DE41EB048}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{EC8C35EE-A99E-45AA-9166-4770F4816676}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{ED7D624E-C893-495D-9E24-5174B2C84FA2}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F1BAACC8-4E87-4317-8CA5-7D803BD25FBD}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F435C82E-B46F-403E-AB3F-17D1AC745A7C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F45C5D66-B76A-42C3-A638-CA4A60D43C6C}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F523BC37-42F4-4621-BA18-CDB20F7148F5}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F6B869ED-1526-4AB1-A53F-26356EAA0001}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F7E2A949-1ADE-467E-931E-FB6B18BA231D}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F820924B-8FD7-486D-BABD-8568561B68A8}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F82F2BB1-6269-4E41-8799-539E166238D0}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{F92F38A8-9A41-469C-B233-0FEDC4E8AFDE}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{FBF8AFB5-6A44-431A-97A0-213BCAD78431}Successfully deleted: [Empty Folder] C:\Users\Ong Huan Yi\appdata\local\{FD7B5278-93C6-4240-B6EB-E83B565BF1D6} ~~~ Chrome Successfully deleted: [Folder] C:\Users\Ong Huan Yi\appdata\local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 21/07/2013 Sun at 1:42:21.53End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From 1st AdwCleaner Session: # AdwCleaner v2.306 - Logfile created 07/21/2013 at 01:47:20# Updated 19/07/2013 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : Ong Huan Yi - ONGHUANYI-PC# Boot Mode : Normal# Running from : C:\Users\Ong Huan Yi\Desktop\AdwCleaner.exe# Option [Delete] ***** [services] ***** Stopped & Deleted : IBUpdaterServiceStopped & Deleted : Web Assistant ***** [Files / Folders] ***** From 2nd AdwCleaner Session: # AdwCleaner v2.306 - Logfile created 07/21/2013 at 02:04:01# Updated 19/07/2013 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : Ong Huan Yi - ONGHUANYI-PC# Boot Mode : Normal# Running from : C:\Users\Ong Huan Yi\Desktop\AdwCleaner.exe# Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\user.jsFolder Deleted : C:\Program Files\Web AssistantFolder Deleted : C:\Users\ONGHUA~1\AppData\Local\Temp\BabylonToolbarFolder Deleted : C:\Windows\SysWOW64\jmdpFolder Deleted : C:\Windows\SysWOW64\WNLT ***** [Registry] ***** Key Deleted : HKCU\Software\ChatZum ToolbarKey Deleted : HKCU\Software\InstallCoreKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}Key Deleted : HKCU\Software\WNLTKey Deleted : HKLM\Software\ChatZum ToolbarKey Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCSKey Deleted : HKLM\Software\SimilarSitesKey Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLTKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1Key Deleted : HKLM\SOFTWARE\Web AssistantValue Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.72 File : C:\Users\Ong Huan Yi\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [442 octets] - [21/07/2013 01:47:20]AdwCleaner[s2].txt - [3966 octets] - [21/07/2013 02:04:01] ########## EOF - C:\AdwCleaner[s2].txt - [4026 octets] ########## Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2013.07.20.05 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16635Ong Huan Yi :: ONGHUANYI-PC [administrator] Protection: Disabled 21/7/2013 2:10:03 AMmbam-log-2013-07-21 (02-10-03).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 221573Time elapsed: 5 minute(s), 23 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1C:\Users\Ong Huan Yi\AppData\Local\Temp\9494486.Uninstall\Uninstall.exe (PUP.Adware.Installcore) -> Quarantined and deleted successfully. (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635Run by Ong Huan Yi at 2:20:28 on 2013-07-21Microsoft Windows 7 Home Premium 6.1.7601.1.936.65.1033.18.8169.6459 [GMT 8:00].AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Trend Micro Firewall Booster *Disabled* {50C2E989-60CF-0845-AFD3-290B7D301E79}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\FBAgent.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exeC:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\NVIDIA Corporation\Display\NvXDSync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Bluetooth Suite\adminservice.exeC:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exeC:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Intel\TurboBoost\TurboBoost.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Program Files\P4G\BatteryLife.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exeC:\Program Files (x86)\ASUS\Splendid\ACMON.exeC:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exeC:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exeC:\Windows\SysWOW64\ACEngSvr.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\servicing\TrustedInstaller.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exeC:\Windows\System32\rundll32.exeC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\AsScrPro.exeC:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files (x86)\Bluetooth Suite\AthBtTray.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Trend Micro\Titanium\TiMiniService.exeC:\Program Files (x86)\Samsung\Kies\Kies.exeC:\Program Files\Trend Micro\Titanium\TiResumeSrv.exeC:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files (x86)\ASUS\APRP\aprp.exeC:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exeC:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exeC:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exeC:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exeC:\Program Files (x86)\BlueStacks\HD-Agent.exeC:\Users\Ong Huan Yi\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>uURLSearchHooks: <No Name>: - LocalServer32 - <no file>mURLSearchHooks: <No Name>: - LocalServer32 - <no file>mWinlogon: Userinit = userinit.exe,BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-windowuRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preloaduRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startupuRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exemRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /SmRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exemRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exemRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exemRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exemRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exemRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startupmRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exemRun: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exeStartupFolder: C:\Users\ONGHUA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Ong Huan Yi\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exeuPolicies-Explorer: NoDriveAutoRun = dword:0mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.1.254TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C} : DHCPNameServer = 192.168.1.254TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C}\75962756C6563737043574 : DHCPNameServer = 165.21.83.88TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D70A623F-5E52-424C-81BE-8D8BA70B4E91} : DHCPNameServer = 192.168.42.129TCP: Interfaces\{F4129D77-97E2-4B91-B5CB-A1DCE00ADDA5} : DHCPNameServer = 192.168.42.129Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dllHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [setwallpaper] c:\programdata\SetWallpaper.cmdx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dllx64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dllx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-26 17536]R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2013-7-19 194640]R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-8-23 379520]R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-14 138400]R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-14 74912]R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-5-13 70984]R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-5-13 384840]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-5-1 181544]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-19 418376]R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-2-27 167424]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-6-5 378472]R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-4-2 67664]R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2013-7-19 339536]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832]R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-3 128488]R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-3 401896]R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-14 28832]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-7-11 142632]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-19 25928]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-8-23 311400]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-23 413800]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-27 241488]S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-5-13 393032]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-19 701512]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-2 267480]S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-14 36000]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-14 298656]S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-14 201376]S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-14 55456]S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-14 154272]S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-14 280224]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-18 48488]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\System32\drivers\ewusbfake.sys [2011-12-8 116224]S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-11 57344]S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-11 56832]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-19 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-19 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-5 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184].=============== Created Last 30 ================.2013-07-20 17:35:57 -------- d-----w- C:\Windows\ERUNT2013-07-20 14:22:45 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D577256A-49DE-47A3-8203-58700C074F3D}\offreg.dll2013-07-20 04:43:19 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D577256A-49DE-47A3-8203-58700C074F3D}\mpengine.dll2013-07-19 07:12:23 -------- d-----w- C:\Users\Ong Huan Yi\AppData\Roaming\Malwarebytes2013-07-19 07:12:06 -------- d-----w- C:\ProgramData\Malwarebytes2013-07-19 07:12:04 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-07-19 07:12:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-19 07:05:26 339536 ----a-w- C:\Windows\System32\drivers\tmwfp.sys2013-07-19 07:05:26 194640 ----a-w- C:\Windows\System32\drivers\tmlwf.sys2013-07-11 06:27:52 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll2013-07-11 06:27:52 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll2013-07-11 06:27:52 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll2013-07-11 06:27:52 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll2013-07-11 06:27:52 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll2013-07-11 06:27:52 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll2013-07-11 06:27:52 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll2013-07-11 06:27:46 624128 ----a-w- C:\Windows\System32\qedit.dll2013-07-11 06:27:46 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2013-07-11 06:27:40 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-11 06:27:40 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-11 06:26:39 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-07-11 06:26:38 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll2013-07-11 06:26:38 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL2013-07-11 06:26:38 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll2013-07-11 06:26:38 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll2013-07-11 06:26:38 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll2013-07-11 06:25:18 1643520 ----a-w- C:\Windows\System32\DWrite.dll2013-07-11 06:25:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll.==================== Find3M ====================.2013-07-20 18:18:24 45056 ----a-w- C:\Windows\System32\acovcnt.exe2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-01 18:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll.============= FINISH: 2:21:44.30 ===============
  5. Hi, I recently experienced ads by this coupondropdown. Ads persists after removing using malwarebytes,though a second scan shows that the coupondropdown does not exist anymore. Also discovered this PUP.installbrain. Appreciate your help. Below the DDS.txt, Attach.txt and RougeKiller 64-bit log. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635Run by Ong Huan Yi at 1:00:37 on 2013-07-21Microsoft Windows 7 Home Premium 6.1.7601.1.936.65.1033.18.8169.4089 [GMT 8:00].AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Trend Micro Firewall Booster *Disabled* {50C2E989-60CF-0845-AFD3-290B7D301E79}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\FBAgent.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exeC:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\NVIDIA Corporation\Display\NvXDSync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exeC:\Program Files (x86)\Bluetooth Suite\adminservice.exeC:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exeC:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exeC:\Windows\system32\dmwu.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Intel\TurboBoost\TurboBoost.exeC:\Program Files\Web Assistant\ExtensionUpdaterService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\taskhost.exeC:\Program Files (x86)\BlueStacks\HD-Service.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\BlueStacks\HD-Network.exeC:\Windows\SysWOW64\jmdp\stij.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\BlueStacks\HD-BlockDevice.exeC:\Program Files (x86)\BlueStacks\HD-SharedFolder.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exeC:\Windows\system32\taskeng.exeC:\Program Files\P4G\BatteryLife.exeC:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exeC:\Program Files (x86)\ASUS\Splendid\ACMON.exeC:\Windows\system32\taskeng.exeC:\Windows\SysWOW64\ACEngSvr.exeC:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exeC:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files (x86)\Bluetooth Suite\AthBtTray.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Samsung\Kies\Kies.exeC:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exeC:\Users\Ong Huan Yi\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exeC:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exeC:\Program Files (x86)\BlueStacks\HD-Agent.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\AsScrPro.exeC:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Trend Micro\Titanium\TiMiniService.exeC:\Program Files\Trend Micro\Titanium\TiResumeSrv.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dlluURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>uURLSearchHooks: <No Name>: - LocalServer32 - <no file>mURLSearchHooks: <No Name>: - LocalServer32 - <no file>mURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dllmWinlogon: Userinit = userinit.exe,BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dllBHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-windowuRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preloaduRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startupuRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeuRunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil64_11_5_502_149_ActiveX.exe -update activexmRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /SmRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exemRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exemRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exemRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exemRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exemRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startupmRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exemRun: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exeStartupFolder: C:\Users\ONGHUA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Ong Huan Yi\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exeuPolicies-Explorer: NoDriveAutoRun = dword:0mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllIE: {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.1.254TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C} : DHCPNameServer = 192.168.1.254TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C}\75962756C6563737043574 : DHCPNameServer = 165.21.83.88TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D70A623F-5E52-424C-81BE-8D8BA70B4E91} : DHCPNameServer = 192.168.42.129TCP: Interfaces\{F4129D77-97E2-4B91-B5CB-A1DCE00ADDA5} : DHCPNameServer = 192.168.42.129Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dllHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dllx64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [setwallpaper] c:\programdata\SetWallpaper.cmdx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dllx64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dllx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-26 17536]R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2013-7-19 194640]R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-8-23 379520]R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-14 138400]R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-14 74912]R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-5-13 393032]R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-5-13 70984]R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-5-13 384840]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-5-1 181544]R2 IBUpdaterService;IBUpdaterService;C:\Windows\System32\dmwu.exe [2012-9-13 1455408]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-19 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-19 701512]R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-2-27 167424]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-6-5 378472]R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-4-2 67664]R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2013-7-19 339536]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832]R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]R2 Web Assistant;Web Assistant;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-9-13 188760]R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-3 128488]R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-3 401896]R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-14 28832]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-7-11 142632]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-19 25928]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-8-23 311400]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-23 413800]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-27 241488]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-2 267480]S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-14 36000]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-14 298656]S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-14 201376]S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-14 55456]S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-14 154272]S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-14 280224]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-18 48488]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\System32\drivers\ewusbfake.sys [2011-12-8 116224]S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-11 57344]S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-11 56832]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-19 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-19 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-5 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184].=============== Created Last 30 ================.2013-07-20 14:22:45 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D577256A-49DE-47A3-8203-58700C074F3D}\offreg.dll2013-07-20 04:43:19 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D577256A-49DE-47A3-8203-58700C074F3D}\mpengine.dll2013-07-19 07:12:23 -------- d-----w- C:\Users\Ong Huan Yi\AppData\Roaming\Malwarebytes2013-07-19 07:12:06 -------- d-----w- C:\ProgramData\Malwarebytes2013-07-19 07:12:04 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-07-19 07:12:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-19 07:05:26 339536 ----a-w- C:\Windows\System32\drivers\tmwfp.sys2013-07-19 07:05:26 194640 ----a-w- C:\Windows\System32\drivers\tmlwf.sys2013-07-19 06:55:41 -------- d-----w- C:\Users\Ong Huan Yi\AppData\Local\{3D35FA79-9E60-420C-9AC5-F5C784460116}2013-07-11 06:27:52 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll2013-07-11 06:27:52 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll2013-07-11 06:27:52 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll2013-07-11 06:27:52 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll2013-07-11 06:27:52 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll2013-07-11 06:27:52 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll2013-07-11 06:27:52 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll2013-07-11 06:27:46 624128 ----a-w- C:\Windows\System32\qedit.dll2013-07-11 06:27:46 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2013-07-11 06:27:40 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-11 06:27:40 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-11 06:26:39 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-07-11 06:26:38 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll2013-07-11 06:26:38 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL2013-07-11 06:26:38 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll2013-07-11 06:26:38 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll2013-07-11 06:26:38 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll2013-07-11 06:25:18 1643520 ----a-w- C:\Windows\System32\DWrite.dll2013-07-11 06:25:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll.==================== Find3M ====================.2013-07-20 13:00:33 45056 ----a-w- C:\Windows\System32\acovcnt.exe2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-01 18:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll.============= FINISH: 1:00:57.57 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 3/9/2011 11:18:09 AMSystem Uptime: 20/7/2013 8:59:56 PM (5 hours ago).Motherboard: ASUSTeK Computer Inc. | | K43SVProcessor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 259 GiB total, 161.485 GiB free.D: is FIXED (NTFS) - 312 GiB total, 310.576 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP182: 25/6/2013 8:31:10 PM - Windows UpdateRP183: 28/6/2013 8:34:55 PM - Windows UpdateRP184: 3/7/2013 12:18:51 PM - Windows UpdateRP185: 9/7/2013 2:54:36 PM - Windows UpdateRP186: 11/7/2013 3:16:00 PM - Windows UpdateRP187: 15/7/2013 3:44:12 PM - Windows UpdateRP188: 19/7/2013 2:59:02 PM - 删除了 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)RP191: 19/7/2013 3:00:45 PM - 已移除 適用遠端連線的 Windows Live Mesh ActiveX 控制項RP192: 19/7/2013 3:01:30 PM - Quitado Control ActiveX de Windows Live Mesh para conexiones remotasRP193: 19/7/2013 3:02:01 PM - Removed Windows Live Mesh ActiveX Control for Remote ConnectionsRP194: 20/7/2013 12:42:23 PM - Windows Update.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)7-Zip 9.22betaAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAhnLab Online SecurityAsmedia ASM104x USB 3.0 Host Controller DriverASUS AI RecoveryASUS FancyStartASUS K3 Series ScreenSaverASUS LifeFrame3ASUS Live UpdateASUS Power4Gear HybridASUS SmartLogonASUS Splendid Video Enhancement TechnologyASUS Virtual CameraASUS WebStorageAsusVibe2.0Atheros Client Installation ProgramATK PackageBing BarBlueStacks App PlayerBlueStacks Notification CenterBluetooth Win7 Suite (64)Canon MP Navigator 2.0Canon MP450CarbonCyberLink LabelPrintCyberLink Power2GoD3DX10DropboxETDWare PS/2-X64 8.0.5.3_WHQLFast BootGaleria de Fotografias do Windows LiveGalería fotográfica de Windows LiveGalerie de photos Windows LiveGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperHotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)HTC BMP USB DriverHTC Driver InstallerHTC SyncIB Updater ServiceIntel® Turbo Boost Technology MonitorIPTInstallerJava Auto UpdaterJava 6 Update 37Junk Mail filter updateMalwarebytes Anti-Malware version 1.75.0.1300MapleStorySEA version v1.06Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office 2010Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Click-to-Run 2010Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Starter 2010 - EnglishMicrosoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Mobile Broadband ModemMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 Parser (KB2758694)Nuance PDF ReaderNVIDIA 3D Vision Driver 268.83NVIDIA Control Panel 268.83NVIDIA Graphics Driver 268.83NVIDIA HD Audio Driver 1.2.23.3NVIDIA Install ApplicationNVIDIA Stereoscopic 3D DriverRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRealtek USB 2.0 Reader DriverRemote Access Viewer Ver 4.5.1Samsung KiesSAMSUNG USB Driver for Mobile PhonesSeagate Manager InstallerSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SimilarSitesSkype? 6.1Sonic Focussyncables desktop SETrend Micro Titanium Internet SecurityUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596802) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VLC media player 2.0.6Web Assistant 2.0.0.572Windows LiveWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Live 影像中心Windows Live 照片库Windows Live 程式集Windows Live 软件包Windows Media Player Firefox PluginWinFlashWireless Console 3.==== Event Viewer Messages From Past Week ========.21/7/2013 12:09:31 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.19/7/2013 10:26:06 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.18/7/2013 7:26:26 PM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.18/7/2013 2:30:12 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.18/7/2013 10:36:23 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7.18/7/2013 10:35:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.18/7/2013 10:35:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2..==== End Of File =========================== RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Ong Huan Yi [Admin rights]Mode : Scan -- Date : 07/21/2013 01:11:02| ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤[sERVICE] IBUpdaterService -- C:\Windows\System32\dmwu.exe [x] -> ERROR [1052] ¤¤¤ Registry Entries : 5 ¤¤¤[sERVICE][bLVALUE] HKLM\[...]\CCSet\[...]\Services : IBUpdaterService (C:\Windows\System32\dmwu.exe [7]) -> FOUND[sERVICE][bLVALUE] HKLM\[...]\CS001\[...]\Services : IBUpdaterService (C:\Windows\System32\dmwu.exe [7]) -> FOUND[sERVICE][bLVALUE] HKLM\[...]\CS002\[...]\Services : IBUpdaterService (C:\Windows\System32\dmwu.exe [7]) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS547564A9E384 +++++--- User ---[MBR] 393469542cb348f26f9a89bcd8736cc6[bSP] 2df4e4393ef6efc24351e5bc0934916b : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 265395 Mo2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 595959808 | Size: 319484 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_07212013_011102.txt >>
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.