Jump to content

ChaoticFox

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. SystemLook 30.07.11 by jpshortstuff Log created at 20:45 on 14/09/2013 by Owner Administrator - Elevation successful ========== folderfind ========== Searching for "bejbohlohkkgompgecdcbbglkpjfjgdj" No folders found. -= EOF =-
  2. Well, I wasn't able to find that extension that you mentioned, since it doesn't show up in my list of extensions, but that certainly sounds like the culprit. I followed every other step that you mentioned, however, and here is the new log: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-09-2013Ran by Owner (administrator) on OWNER-PC on 14-09-2013 20:01:41Running from C:\Users\Owner\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe(AMD) C:\Windows\system32\atieclxx.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe() C:\Program Files\LTONHIS\Verbatim\SKDaemon.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe() C:\Program Files (x86)\puush\puush.exe() C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE() C:\Program Files\Rainmeter\Rainmeter.exe() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RunDLLEntry_THXCfg] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64HKLM\...\Run: [RunDLLEntry_EptMon] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [207845 2011-04-29] ()HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor)HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [sKDaemon.exe] - C:\Program Files\LTONHIS\Verbatim\SKDaemon.exe [318464 2008-09-17] ()HKLM\...\Policies\Explorer: [NoStrCmpLogical] 1HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1811368 2013-09-06] (Valve Corporation)HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgroundHKCU\...\Run: [AdobeBridge] - [x]HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] ()HKCU\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1268472 2013-05-13] (Bogdan Sharkov)HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)HKCU\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKCU\...\Policies\Explorer: [NoDesktopCleanupWizard] 1MountPoints2: I - I:\Autorun.exeMountPoints2: {0b2c84ad-2116-11e2-a34f-180373d24315} - J:\TL_Bootstrap.exeHKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)HKLM-x32\...\Run: [shwiconXP9106] - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)HKLM-x32\...\Run: [updReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [] - [x]HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2825741 2011-04-29] ()HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2011-11-14] (Power Software Ltd)HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-05-07] (Adobe Systems Incorporated)HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)HKLM-x32\...\Run: [sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnkShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1URLSearchHook: (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No FileSearchScopes: HKLM - DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKCU - DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Winsock: Catalog9 01 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 15 C:\Windows\system32\Sendori.dll File Not found () Hosts: Hosts file not detected in the default directoryTcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{215759C3-A3D4-4BF2-9F09-F1BC2B23C784}: [NameServer]8.8.8.8 FireFox:========FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.defaultFF Homepage: about:homeFF Keyword.URL: user_pref("keyword.URL", "");FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Extension: Просмотр HTTP заголовков - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}FF Extension: No Name - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpiFF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 Chrome: =======CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll (RealNetworks, Inc.)CHR Plugin: (RealPlayer Version Plugin) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll (RealNetworks, Inc.)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)CHR Plugin: (Java Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No FileCHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Google Update) - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No FileCHR Extension: (James White) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (YouTube\u2122 Ratings Preview) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank\2.3.3_0CHR Extension: (AdBlock) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0CHR Extension: (Stealthy) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0CHR Extension: (Auto Replay for YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0CHR Extension: (Chrome In-App Payments service) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0CHR Extension: (4chan Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\3.0.0_0CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Owner\AppData\Local\Temp\ccex.crxCHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crxCHR HKLM-x32\...\Chrome\Extension: [lkpmjnommfoljgjbckjmjhkmnhfmcmon] - C:\ProgramData\WeCareReminder\\wecarereminderro.crxCHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crxCHR StartMenuInternet: Google Chrome - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5180032 2012-12-23] (INCA Internet Co., Ltd.)R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-08-15] ()R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori) ==================== Drivers (Whitelisted) ==================== S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1101600 2010-06-11] (Ralink Technology Corp.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2011-02-14] (LG Electronics Inc.)S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2011-02-14] (LG Electronics Inc.)S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2011-02-14] (LG Electronics Inc.)S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-14 20:01 - 2013-09-14 20:01 - 01950310 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe2013-09-14 19:56 - 2013-09-14 19:56 - 04454952 _____ (Piriform Ltd) C:\Users\Owner\Desktop\ccsetup405.exe2013-09-14 19:56 - 2013-09-14 19:56 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC2013-09-14 19:56 - 2013-09-14 19:56 - 00000000 ____D C:\Program Files\CCleaner2013-09-14 19:38 - 2013-09-14 19:38 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll2013-09-14 19:38 - 2013-09-14 19:38 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll2013-09-14 19:35 - 2013-09-14 19:36 - 30669224 _____ (Oracle Corporation) C:\Users\Owner\Desktop\jre-7u40-windows-x64.exe2013-09-14 17:11 - 2013-09-14 17:11 - 00001699 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_171138.txt2013-09-14 17:01 - 2013-09-14 17:01 - 00293774 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5233be6c.dmp2013-09-14 16:57 - 2013-09-14 16:57 - 00001666 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_165707.txt2013-09-14 16:54 - 2013-09-14 16:54 - 00001630 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_165419.txt2013-09-14 16:51 - 2013-09-14 16:51 - 00001596 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_165154.txt2013-09-13 23:20 - 2013-09-13 23:20 - 00005439 _____ C:\Users\Owner\Desktop\RKreport[0]_D_09132013_232039.txt2013-09-13 22:43 - 2013-09-13 22:43 - 00005179 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_224332.txt2013-09-13 21:36 - 2013-09-13 21:36 - 00295232 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5232c00d.dmp2013-09-13 21:02 - 2013-09-13 22:08 - 00000000 ____D C:\Users\Owner\Desktop\mbar2013-09-13 21:00 - 2013-09-13 21:00 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Owner\Desktop\mbar-1.07.0.1005.exe2013-09-13 19:08 - 2013-09-13 19:08 - 00060385 _____ C:\Users\Owner\Desktop\FRST.txt2013-09-13 19:08 - 2013-09-13 19:08 - 00048901 _____ C:\Users\Owner\Desktop\Addition.txt2013-09-13 19:07 - 2013-09-13 19:07 - 00000000 ____D C:\FRST2013-09-13 17:09 - 2013-09-13 17:09 - 00006806 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_170954.txt2013-09-13 16:02 - 2013-09-13 16:02 - 00028006 _____ C:\Users\Owner\Desktop\dds.txt2013-09-13 16:02 - 2013-09-13 16:02 - 00024804 _____ C:\Users\Owner\Desktop\attach.txt2013-09-13 15:59 - 2013-09-13 15:59 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.com2013-09-13 15:10 - 2013-09-13 15:10 - 00007296 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_151032.txt2013-09-13 15:06 - 2013-09-13 23:20 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine2013-09-13 15:06 - 2013-09-13 15:06 - 03787776 _____ C:\Users\Owner\Desktop\RogueKillerX64.exe2013-09-13 00:05 - 2013-09-13 00:05 - 00000000 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_52328ef3.dmp2013-09-12 12:58 - 2013-09-12 12:58 - 00354042 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5230db24.dmp2013-09-11 17:02 - 2013-09-14 17:15 - 00000000 ____D C:\AdwCleaner2013-09-11 17:01 - 2013-09-11 17:01 - 01037278 _____ C:\Users\Owner\Desktop\adwcleaner.exe2013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Users\Owner\Documents\Visual Studio 20122013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Program Files (x86)\NuGet2013-09-07 03:34 - 2013-09-07 03:34 - 00000000 ____D C:\Windows\symbols2013-09-07 03:33 - 2013-09-07 03:33 - 00000000 ____D C:\Program Files (x86)\Windows Kits2013-09-07 03:32 - 2013-09-07 03:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server2013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\SysWOW64\10332013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\system32\10332013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer2013-09-07 03:30 - 2013-09-07 03:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.02013-09-07 03:27 - 2013-09-07 03:27 - 00336750 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522ad53f.dmp2013-09-07 03:25 - 2013-09-07 03:25 - 00302988 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522903d0.dmp2013-09-06 15:48 - 2013-09-06 15:51 - 00000000 ____D C:\ProgramData\Package Cache2013-09-05 14:46 - 2013-09-05 14:46 - 00302088 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522390ce.dmp2013-09-05 14:28 - 2013-09-05 14:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TuneUp Software2013-09-03 14:40 - 2013-09-03 14:40 - 00066566 _____ C:\Users\Owner\Desktop\download.htm2013-09-03 10:49 - 2013-09-03 10:49 - 00000963 _____ C:\Users\Owner\Desktop\ruined_Cottage.schematic2013-09-02 12:59 - 2013-09-07 00:02 - 00000000 ____D C:\Users\Owner\AppData\Roaming\skypePM2013-09-02 12:59 - 2013-09-02 12:59 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat2013-09-02 12:58 - 2013-09-11 19:33 - 00000000 ___RD C:\Program Files (x86)\Skype2013-09-02 12:58 - 2013-09-02 12:58 - 00002866 _____ C:\Windows\System32\Tasks\{9C7234AC-3983-483F-AF95-BAD5EE791D25}2013-09-02 12:56 - 2013-09-02 12:56 - 00003122 _____ C:\Windows\System32\Tasks\{2F628C03-D09B-4EBF-85D8-00E7AA18D331}2013-09-02 12:49 - 2013-09-02 12:49 - 00003122 _____ C:\Windows\System32\Tasks\{85EF0623-8253-46B2-BE8A-BE9D67FE6D9E}2013-09-01 15:53 - 2013-09-01 15:53 - 00000413 _____ C:\wakeuptoken.info2013-08-30 18:34 - 2013-08-30 18:34 - 00000000 ____D C:\Windows\Sun2013-08-29 15:40 - 2013-08-29 15:40 - 00338032 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_521f716d.dmp2013-08-29 13:47 - 2013-08-29 14:25 - 00000000 ____D C:\Users\Owner\Desktop\STTBTLL-v1.22013-08-29 12:40 - 2013-08-29 12:40 - 00000000 ____D C:\SMBX2013-08-29 11:22 - 2013-08-29 11:22 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\ProgramData\Malwarebytes2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-08-29 11:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2013-08-29 11:18 - 2013-08-29 11:24 - 00008564 _____ C:\Users\Owner\Desktop\Rkill.txt2013-08-29 11:18 - 2013-08-29 11:18 - 00000000 ____D C:\Users\Owner\Desktop\rkill2013-08-29 11:11 - 2013-09-14 17:01 - 00002186 _____ C:\Windows\SysWOW64\debug.log2013-08-29 07:31 - 2013-08-29 11:12 - 00000000 ____D C:\ProgramData\ahrpDn372013-08-29 07:31 - 2013-08-29 07:31 - 00000000 ____D C:\Program Files (x86)\Google2013-08-28 18:22 - 2013-08-28 18:23 - 00000000 ____D C:\ProgramData\nklc2013-08-28 18:09 - 2013-09-05 14:57 - 00000000 ____D C:\ProgramData\ggab2013-08-21 21:02 - 2013-08-21 21:18 - 00000000 ____D C:\Users\Owner\Desktop\VIDEO_TS2013-08-21 21:02 - 2013-08-21 21:02 - 00000000 ____D C:\Users\Owner\Desktop\AUDIO_TS2013-08-20 18:57 - 2013-08-20 18:57 - 10012564 _____ C:\Users\Owner\Desktop\spelunky_1_1.zip2013-08-20 15:30 - 2013-08-20 15:30 - 00504856 _____ C:\Users\Owner\Desktop\mcrtoolkit10a14_5.zip2013-08-17 21:08 - 2013-08-17 21:08 - 00000000 ____D C:\Users\Owner\AppData\Local\Electronic Arts2013-08-17 21:07 - 2013-08-17 21:07 - 00000000 ____D C:\Users\Owner\Documents\Electrontic Arts2013-08-16 19:45 - 2013-08-16 19:45 - 00000000 ____D C:\ProgramData\ATI2013-08-16 19:44 - 2013-08-16 19:44 - 00000000 ____D C:\Program Files (x86)\AMD AVT2013-08-16 13:50 - 2013-08-16 13:50 - 00000000 ____D C:\Users\Owner\Documents\EA Games2013-08-16 00:32 - 2013-08-16 00:32 - 00000000 ____D C:\Users\Owner\AppData\Local\Criterion Games2013-08-15 22:46 - 2013-08-15 22:46 - 00000000 ____D C:\ProgramData\SystemRequirementsLab2013-08-15 22:33 - 2013-08-15 22:34 - 00000000 ____D C:\Users\Owner\Documents\Battlefield 32013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Users\Owner\AppData\Local\ESN2013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins2013-08-15 22:28 - 2013-08-15 22:28 - 00000000 ____D C:\ProgramData\EA Core2013-08-15 22:27 - 2013-08-17 21:08 - 00000000 ____D C:\Users\Owner\Documents\Electronic Arts2013-08-15 22:26 - 2013-08-17 01:22 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll2013-08-15 19:58 - 2013-08-22 19:51 - 00000000 ____D C:\Program Files (x86)\Origin Games2013-08-15 19:52 - 2013-08-15 22:28 - 00000000 ____D C:\Users\Owner\AppData\Local\Origin2013-08-15 19:52 - 2013-08-15 22:18 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Origin2013-08-15 19:51 - 2013-08-27 20:13 - 00000000 ____D C:\Program Files (x86)\Origin2013-08-15 19:51 - 2013-08-15 22:28 - 00000000 ____D C:\ProgramData\Electronic Arts2013-08-15 19:51 - 2013-08-15 20:01 - 00000000 ____D C:\ProgramData\Origin2013-08-15 01:37 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-08-15 01:37 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-08-15 01:37 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-08-15 01:37 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-08-15 01:37 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-08-15 01:37 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-08-15 01:37 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-08-15 01:37 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-08-15 01:37 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-08-15 01:37 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-08-15 01:37 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-08-15 01:37 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-08-15 01:37 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-08-15 01:37 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-08-15 01:37 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-08-15 01:37 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-08-15 01:37 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-08-15 01:37 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-08-15 01:37 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-08-15 01:37 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-08-15 01:37 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-08-15 01:37 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-08-15 01:36 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-08-15 01:36 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-08-15 01:36 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-08-15 01:36 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-08-15 01:36 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-08-15 01:36 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-08-15 01:36 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-08-15 01:36 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-08-15 01:36 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-08-15 01:31 - 2013-08-15 01:33 - 00000000 ____D C:\Windows\system32\MRT ==================== One Month Modified Files and Folders ======= 2013-09-14 20:01 - 2013-09-14 20:01 - 01950310 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe2013-09-14 20:01 - 2012-01-17 17:12 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype2013-09-14 19:59 - 2013-01-18 19:30 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Winamp2013-09-14 19:59 - 2012-08-11 19:42 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Ventrilo2013-09-14 19:59 - 2012-07-31 15:45 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Media Player Classic2013-09-14 19:59 - 2012-03-18 16:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TS3Client2013-09-14 19:59 - 2012-02-01 16:08 - 00000000 ____D C:\Users\Owner\Tracing2013-09-14 19:59 - 2012-01-17 16:18 - 00000000 ____D C:\Program Files (x86)\Steam2013-09-14 19:59 - 2011-02-10 10:02 - 00000000 ____D C:\Windows\panther2013-09-14 19:56 - 2013-09-14 19:56 - 04454952 _____ (Piriform Ltd) C:\Users\Owner\Desktop\ccsetup405.exe2013-09-14 19:56 - 2013-09-14 19:56 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC2013-09-14 19:56 - 2013-09-14 19:56 - 00000000 ____D C:\Program Files\CCleaner2013-09-14 19:38 - 2013-09-14 19:38 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll2013-09-14 19:38 - 2013-09-14 19:38 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll2013-09-14 19:38 - 2011-10-15 01:44 - 00973736 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll2013-09-14 19:38 - 2011-10-15 01:44 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2013-09-14 19:38 - 2011-10-15 01:44 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2013-09-14 19:38 - 2011-10-15 01:44 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe2013-09-14 19:38 - 2011-10-15 01:44 - 00000000 ____D C:\Program Files\Java2013-09-14 19:36 - 2013-09-14 19:35 - 30669224 _____ (Oracle Corporation) C:\Users\Owner\Desktop\jre-7u40-windows-x64.exe2013-09-14 19:34 - 2012-04-18 21:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-09-14 17:15 - 2013-09-11 17:02 - 00000000 ____D C:\AdwCleaner2013-09-14 17:11 - 2013-09-14 17:11 - 00001699 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_171138.txt2013-09-14 17:11 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-09-14 17:11 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-09-14 17:02 - 2012-01-16 13:47 - 00000000 ____D C:\Users\Owner\AppData\Local\SoftThinks2013-09-14 17:02 - 2011-10-15 01:48 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup2013-09-14 17:02 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-09-14 17:01 - 2013-09-14 17:01 - 00293774 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5233be6c.dmp2013-09-14 17:01 - 2013-08-29 11:11 - 00002186 _____ C:\Windows\SysWOW64\debug.log2013-09-14 16:57 - 2013-09-14 16:57 - 00001666 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_165707.txt2013-09-14 16:54 - 2013-09-14 16:54 - 00001630 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_165419.txt2013-09-14 16:51 - 2013-09-14 16:51 - 00001596 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09142013_165154.txt2013-09-14 16:47 - 2012-08-02 21:45 - 00000000 ____D C:\Users\Owner\AppData\Local\PMB Files2013-09-14 16:47 - 2012-08-02 21:45 - 00000000 ____D C:\ProgramData\PMB Files2013-09-14 15:41 - 2013-03-09 23:10 - 00000000 ____D C:\Program Files (x86)\Guild Wars 22013-09-14 15:40 - 2013-03-09 23:09 - 00000000 ____D C:\Users\Owner\Documents\Guild Wars 22013-09-14 03:03 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF2013-09-14 02:00 - 2012-01-22 21:29 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe2013-09-13 23:20 - 2013-09-13 23:20 - 00005439 _____ C:\Users\Owner\Desktop\RKreport[0]_D_09132013_232039.txt2013-09-13 23:20 - 2013-09-13 15:06 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine2013-09-13 22:43 - 2013-09-13 22:43 - 00005179 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_224332.txt2013-09-13 22:08 - 2013-09-13 21:02 - 00000000 ____D C:\Users\Owner\Desktop\mbar2013-09-13 21:37 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\addins2013-09-13 21:36 - 2013-09-13 21:36 - 00295232 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5232c00d.dmp2013-09-13 21:00 - 2013-09-13 21:00 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Owner\Desktop\mbar-1.07.0.1005.exe2013-09-13 19:08 - 2013-09-13 19:08 - 00060385 _____ C:\Users\Owner\Desktop\FRST.txt2013-09-13 19:08 - 2013-09-13 19:08 - 00048901 _____ C:\Users\Owner\Desktop\Addition.txt2013-09-13 19:07 - 2013-09-13 19:07 - 00000000 ____D C:\FRST2013-09-13 17:09 - 2013-09-13 17:09 - 00006806 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_170954.txt2013-09-13 16:02 - 2013-09-13 16:02 - 00028006 _____ C:\Users\Owner\Desktop\dds.txt2013-09-13 16:02 - 2013-09-13 16:02 - 00024804 _____ C:\Users\Owner\Desktop\attach.txt2013-09-13 16:00 - 2012-01-18 22:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\uTorrent2013-09-13 15:59 - 2013-09-13 15:59 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.com2013-09-13 15:10 - 2013-09-13 15:10 - 00007296 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_151032.txt2013-09-13 15:06 - 2013-09-13 15:06 - 03787776 _____ C:\Users\Owner\Desktop\RogueKillerX64.exe2013-09-13 15:02 - 2013-05-23 16:20 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask2013-09-13 11:34 - 2013-03-12 17:42 - 04751752 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2013-09-13 11:34 - 2012-04-18 21:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-09-13 11:34 - 2012-04-18 21:05 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-09-13 11:34 - 2011-10-15 01:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-09-13 00:05 - 2013-09-13 00:05 - 00000000 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_52328ef3.dmp2013-09-12 19:43 - 2012-11-16 23:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\ftblauncher2013-09-12 12:58 - 2013-09-12 12:58 - 00354042 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5230db24.dmp2013-09-11 23:17 - 2012-09-12 20:09 - 00000000 ____D C:\Users\Owner\Downloads\PFConfig 1.0.296+working serial2013-09-11 19:33 - 2013-09-02 12:58 - 00000000 ___RD C:\Program Files (x86)\Skype2013-09-11 19:33 - 2011-10-15 01:50 - 00000000 ____D C:\ProgramData\Skype2013-09-11 17:04 - 2012-01-21 00:34 - 00000000 ____D C:\ProgramData\Uniblue2013-09-11 17:01 - 2013-09-11 17:01 - 01037278 _____ C:\Users\Owner\Desktop\adwcleaner.exe2013-09-09 17:01 - 2012-01-19 19:52 - 00000000 ____D C:\Users\Owner\Games2013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Users\Owner\Documents\Visual Studio 20122013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Program Files (x86)\NuGet2013-09-07 03:36 - 2012-04-18 21:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server2013-09-07 03:35 - 2013-09-07 03:32 - 00000000 ____D C:\Program Files\Microsoft SQL Server2013-09-07 03:35 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared2013-09-07 03:34 - 2013-09-07 03:34 - 00000000 ____D C:\Windows\symbols2013-09-07 03:33 - 2013-09-07 03:33 - 00000000 ____D C:\Program Files (x86)\Windows Kits2013-09-07 03:33 - 2013-09-07 03:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.02013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\SysWOW64\10332013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\system32\10332013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer2013-09-07 03:32 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\MSBuild2013-09-07 03:31 - 2012-04-18 21:09 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition2013-09-07 03:31 - 2011-10-15 01:57 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-09-07 03:27 - 2013-09-07 03:27 - 00336750 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522ad53f.dmp2013-09-07 03:25 - 2013-09-07 03:25 - 00302988 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522903d0.dmp2013-09-07 03:07 - 2011-02-10 12:10 - 00774402 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-09-07 03:07 - 2009-07-14 01:13 - 00774402 _____ C:\Windows\system32\PerfStringBackup.INI2013-09-07 00:02 - 2013-09-02 12:59 - 00000000 ____D C:\Users\Owner\AppData\Roaming\skypePM2013-09-06 15:51 - 2013-09-06 15:48 - 00000000 ____D C:\ProgramData\Package Cache2013-09-05 18:28 - 2013-02-10 15:33 - 00000000 ____D C:\ProgramData\Sendori2013-09-05 14:57 - 2013-08-28 18:09 - 00000000 ____D C:\ProgramData\ggab2013-09-05 14:46 - 2013-09-05 14:46 - 00302088 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522390ce.dmp2013-09-05 14:29 - 2012-01-18 00:21 - 00000000 ____D C:\ProgramData\MFAData2013-09-05 14:28 - 2013-09-05 14:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TuneUp Software2013-09-05 13:13 - 2012-08-26 04:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-09-03 23:15 - 2012-01-16 23:21 - 00000000 ____D C:\Users\Owner\AppData\Roaming\.minecraft2013-09-03 14:40 - 2013-09-03 14:40 - 00066566 _____ C:\Users\Owner\Desktop\download.htm2013-09-03 10:49 - 2013-09-03 10:49 - 00000963 _____ C:\Users\Owner\Desktop\ruined_Cottage.schematic2013-09-02 12:59 - 2013-09-02 12:59 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat2013-09-02 12:58 - 2013-09-02 12:58 - 00002866 _____ C:\Windows\System32\Tasks\{9C7234AC-3983-483F-AF95-BAD5EE791D25}2013-09-02 12:56 - 2013-09-02 12:56 - 00003122 _____ C:\Windows\System32\Tasks\{2F628C03-D09B-4EBF-85D8-00E7AA18D331}2013-09-02 12:49 - 2013-09-02 12:49 - 00003122 _____ C:\Windows\System32\Tasks\{85EF0623-8253-46B2-BE8A-BE9D67FE6D9E}2013-09-01 15:53 - 2013-09-01 15:53 - 00000413 _____ C:\wakeuptoken.info2013-09-01 15:07 - 2012-01-18 19:31 - 00000000 ____D C:\Program Files\WinRAR2013-08-30 18:34 - 2013-08-30 18:34 - 00000000 ____D C:\Windows\Sun2013-08-29 15:40 - 2013-08-29 15:40 - 00338032 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_521f716d.dmp2013-08-29 14:25 - 2013-08-29 13:47 - 00000000 ____D C:\Users\Owner\Desktop\STTBTLL-v1.22013-08-29 12:58 - 2012-01-18 17:20 - 00000000 ____D C:\Program Files\Common Files\Apple2013-08-29 12:40 - 2013-08-29 12:40 - 00000000 ____D C:\SMBX2013-08-29 12:27 - 2012-01-18 19:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2013-08-29 12:11 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration2013-08-29 11:24 - 2013-08-29 11:18 - 00008564 _____ C:\Users\Owner\Desktop\Rkill.txt2013-08-29 11:22 - 2013-08-29 11:22 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\ProgramData\Malwarebytes2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-08-29 11:18 - 2013-08-29 11:18 - 00000000 ____D C:\Users\Owner\Desktop\rkill2013-08-29 11:12 - 2013-08-29 07:31 - 00000000 ____D C:\ProgramData\ahrpDn372013-08-29 11:11 - 2013-01-29 22:20 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam2013-08-29 07:31 - 2013-08-29 07:31 - 00000000 ____D C:\Program Files (x86)\Google2013-08-29 07:31 - 2013-01-11 22:23 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics2013-08-28 18:23 - 2013-08-28 18:22 - 00000000 ____D C:\ProgramData\nklc2013-08-27 20:13 - 2013-08-15 19:51 - 00000000 ____D C:\Program Files (x86)\Origin2013-08-22 19:51 - 2013-08-15 19:58 - 00000000 ____D C:\Program Files (x86)\Origin Games2013-08-22 00:14 - 2012-05-26 19:58 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll2013-08-22 00:14 - 2012-05-26 19:58 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll2013-08-22 00:14 - 2012-05-26 19:58 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll2013-08-22 00:14 - 2012-05-26 19:57 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll2013-08-21 21:18 - 2013-08-21 21:02 - 00000000 ____D C:\Users\Owner\Desktop\VIDEO_TS2013-08-21 21:02 - 2013-08-21 21:02 - 00000000 ____D C:\Users\Owner\Desktop\AUDIO_TS2013-08-20 18:57 - 2013-08-20 18:57 - 10012564 _____ C:\Users\Owner\Desktop\spelunky_1_1.zip2013-08-20 15:30 - 2013-08-20 15:30 - 00504856 _____ C:\Users\Owner\Desktop\mcrtoolkit10a14_5.zip2013-08-18 20:57 - 2012-01-25 15:57 - 00000132 _____ C:\Users\Owner\AppData\Roaming\Adobe PNG Format CS5 Prefs2013-08-18 03:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache2013-08-17 21:08 - 2013-08-17 21:08 - 00000000 ____D C:\Users\Owner\AppData\Local\Electronic Arts2013-08-17 21:08 - 2013-08-15 22:27 - 00000000 ____D C:\Users\Owner\Documents\Electronic Arts2013-08-17 21:07 - 2013-08-17 21:07 - 00000000 ____D C:\Users\Owner\Documents\Electrontic Arts2013-08-17 01:28 - 2011-10-15 01:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2013-08-17 01:22 - 2013-08-15 22:26 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll2013-08-16 19:45 - 2013-08-16 19:45 - 00000000 ____D C:\ProgramData\ATI2013-08-16 19:45 - 2012-06-09 18:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SystemRequirementsLab2013-08-16 19:45 - 2012-06-09 18:08 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab2013-08-16 19:44 - 2013-08-16 19:44 - 00000000 ____D C:\Program Files (x86)\AMD AVT2013-08-16 19:44 - 2012-08-01 13:35 - 00000000 ____D C:\ProgramData\AMD2013-08-16 19:44 - 2012-08-01 13:33 - 00000000 ____D C:\Program Files\ATI Technologies2013-08-16 13:50 - 2013-08-16 13:50 - 00000000 ____D C:\Users\Owner\Documents\EA Games2013-08-16 00:32 - 2013-08-16 00:32 - 00000000 ____D C:\Users\Owner\AppData\Local\Criterion Games2013-08-15 22:46 - 2013-08-15 22:46 - 00000000 ____D C:\ProgramData\SystemRequirementsLab2013-08-15 22:34 - 2013-08-15 22:33 - 00000000 ____D C:\Users\Owner\Documents\Battlefield 32013-08-15 22:33 - 2012-05-27 02:08 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr2013-08-15 22:33 - 2012-05-27 02:08 - 00000000 ____D C:\Users\Owner\AppData\Local\PunkBuster2013-08-15 22:33 - 2012-05-27 02:06 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe2013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Users\Owner\AppData\Local\ESN2013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins2013-08-15 22:28 - 2013-08-15 22:28 - 00000000 ____D C:\ProgramData\EA Core2013-08-15 22:28 - 2013-08-15 19:52 - 00000000 ____D C:\Users\Owner\AppData\Local\Origin2013-08-15 22:28 - 2013-08-15 19:51 - 00000000 ____D C:\ProgramData\Electronic Arts2013-08-15 22:18 - 2013-08-15 19:52 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Origin2013-08-15 22:12 - 2012-05-27 02:06 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex02013-08-15 22:12 - 2012-05-27 02:06 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe2013-08-15 20:01 - 2013-08-15 19:51 - 00000000 ____D C:\ProgramData\Origin2013-08-15 14:26 - 2013-01-16 15:38 - 00000000 ____D C:\ProgramData\InstallMate2013-08-15 01:33 - 2013-08-15 01:31 - 00000000 ____D C:\Windows\system32\MRT2013-08-15 01:33 - 2012-02-08 17:33 - 00000000 ____D C:\ProgramData\Microsoft Help2013-08-15 01:31 - 2012-01-16 16:17 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-11 02:40 ==================== End Of Log ============================
  3. Well, I ran both RogueKiller and AdwCleaner, and both came up with almost no results. Here are the logs of each, in that order. RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Owner [Admin rights]Mode : Scan -- Date : 09/14/2013 17:11:38| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD10EALX-759BA1 +++++--- User ---[MBR] 3676249455b64b91538b69be8c59c4d6[bSP] d53b0be2a56687c8690d9092ce5b8143 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 876334 Mo3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 1822599166 | Size: 63928 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_09142013_171138.txt >>RKreport[0]_D_09132013_232039.txt;RKreport[0]_S_09132013_151032.txt;RKreport[0]_S_09132013_170954.txtRKreport[0]_S_09132013_224332.txt;RKreport[0]_S_09142013_165154.txt;RKreport[0]_S_09142013_165419.txtRKreport[0]_S_09142013_165707.txt _______________________________________________________________________________ # AdwCleaner v3.003 - Report created 14/09/2013 at 17:14:51# Updated 07/09/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Owner - OWNER-PC# Running from : C:\Users\Owner\Desktop\adwcleaner.exe# Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v16.0.2 (en-US) [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [15966 octets] - [11/09/2013 17:02:04]AdwCleaner[R1].txt - [1935 octets] - [14/09/2013 16:58:09]AdwCleaner[R2].txt - [1995 octets] - [14/09/2013 17:13:25]AdwCleaner[R3].txt - [1842 octets] - [14/09/2013 17:14:51]AdwCleaner[s0].txt - [16189 octets] - [11/09/2013 17:04:16] ########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1963 octets] ##########
  4. Sorry if that came off as aggressive. I really didn't mean anything by it. Here is the new log: RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Owner [Admin rights]Mode : Scan -- Date : 09/13/2013 22:43:32| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 15 ¤¤¤[RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND[RUN][sUSP PATH] HKCU\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [x][x][x][x]) -> FOUND[RUN][sUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID 0913a [x][x][x]) -> FOUND[RUN][ZeroAccess] HKUS\.DEFAULT\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\?��?��?��\?��?��?��\???ﯹ๛\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\GoogleUpdate.exe" >) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [x][x][x][x]) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID 0913a [x][x][x]) -> FOUND[RUN][ZeroAccess] HKUS\S-1-5-18\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\?��?��?��\?��?��?��\???ﯹ๛\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\GoogleUpdate.exe" >) -> FOUND[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 6 ¤¤¤[V1][sUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND[V2][sUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD10EALX-759BA1 +++++--- User ---[MBR] 3676249455b64b91538b69be8c59c4d6[bSP] d53b0be2a56687c8690d9092ce5b8143 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 876334 Mo3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 1822599166 | Size: 63928 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_09132013_224332.txt >>RKreport[0]_S_09132013_151032.txt;RKreport[0]_S_09132013_170954.txt
  5. I ran the program twice, the second sweep coming up clean, and the problem still persists. Here are the two logs, anyway. Malwarebytes Anti-Rootkit BETA 1.07.0.1005 www.malwarebytes.org Database version: v2013.09.13.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Owner :: OWNER-PC [administrator] 9/13/2013 9:02:42 PM mbar-log-2013-09-13 (21-02-42).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 306560 Time elapsed: 24 minute(s), 24 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 4 HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Delete on reboot. HKLM\SOFTWARE\CLASSES\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Delete on reboot. HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660066226658} (Adware.GamePlayLab) -> Delete on reboot. HKLM\SOFTWARE\CLASSES\INTERFACE\{77777777-7777-7777-7777-770077227758} (Adware.GamePlayLab) -> Delete on reboot. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 Java version: 1.6.0_35 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, Z:\ DRIVE_FIXED CPU speed: 2.993000 GHz Memory total: 13940248576, free: 5874065408 Downloaded database version: v2013.09.13.11 Downloaded database version: v2013.08.06.01 ======================================= Initializing... ------------ Kernel report ------------ 09/13/2013 21:02:39 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\System32\Drivers\SCDEmu.SYS \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\bcmwl664.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\k57nd60a.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\MarvinBus64.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\AtihdW76.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\drivers\usbaudio.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\Drivers\nx6000.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \??\c:\program files\my dell\pcdsrvc_x64.pkms \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\usp10.dll \Windows\System32\setupapi.dll \Windows\System32\gdi32.dll \Windows\System32\urlmon.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk4\DR4 Upper Device Object: 0xfffffa800ebe9060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000083\ Lower Device Object: 0xfffffa800e441b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk3\DR3 Upper Device Object: 0xfffffa800d895060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000082\ Lower Device Object: 0xfffffa800e431980 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk2\DR2 Upper Device Object: 0xfffffa800d894060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000081\ Lower Device Object: 0xfffffa800e42ab60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa800ebf6060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000080\ Lower Device Object: 0xfffffa800e420b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa800d032060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800b375050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa800d032060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800ce278a0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800d032060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800b375050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 10DF4266 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 80262 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 81920 Numsec = 27783168 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 27865088 Numsec = 1794733750 Partition 3 type is Extended with CSH (0x5) Partition is NOT ACTIVE. Partition starts at LBA: 1822599166 Numsec = 130924546 Disk Size: 1000204886016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)... Done! Physical Sector Size: 0 Drive: 1, DevicePointer: 0xfffffa800ebf6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800e43f910, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800ebf6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800e420b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 2, DevicePointer: 0xfffffa800d894060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800ebf6b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800d894060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800e42ab60, DeviceName: \Device\00000081\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 3, DevicePointer: 0xfffffa800d895060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800d895b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800d895060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800e431980, DeviceName: \Device\00000082\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 4, DevicePointer: 0xfffffa800ebe9060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800d894b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800ebe9060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800e441b60, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550055225558} --> [Adware.GamePlayLab] Infected: HKLM\SOFTWARE\CLASSES\TypeLib\{44444444-4444-4444-4444-440044224458} --> [Adware.GamePlayLab] Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660066226658} --> [Adware.GamePlayLab] Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{77777777-7777-7777-7777-770077227758} --> [Adware.GamePlayLab] Scan finished Creating System Restore point... Cleaning up... Removal scheduling successful. System shutdown needed. System shutdown occurred ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 Java version: 1.6.0_35 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, Z:\ DRIVE_FIXED CPU speed: 2.993000 GHz Memory total: 13940248576, free: 12341850112 ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 Java version: 1.6.0_35 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, Z:\ DRIVE_FIXED CPU speed: 2.993000 GHz Memory total: 13940248576, free: 11070074880 ======================================= Initializing... ------------ Kernel report ------------ 09/13/2013 21:46:07 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\System32\drivers\imofugc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\System32\Drivers\SCDEmu.SYS \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\bcmwl664.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\k57nd60a.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\MarvinBus64.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\AtihdW76.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\system32\drivers\usbaudio.sys \SystemRoot\System32\Drivers\nx6000.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\system32\drivers\spsys.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\Wldap32.dll \Windows\System32\urlmon.dll \Windows\System32\iertutil.dll \Windows\System32\shlwapi.dll \Windows\System32\clbcatq.dll \Windows\System32\sechost.dll \Windows\System32\ws2_32.dll \Windows\System32\user32.dll \Windows\System32\rpcrt4.dll \Windows\System32\difxapi.dll \Windows\System32\usp10.dll \Windows\System32\advapi32.dll \Windows\System32\ole32.dll \Windows\System32\imm32.dll \Windows\System32\comdlg32.dll \Windows\System32\oleaut32.dll \Windows\System32\setupapi.dll \Windows\System32\normaliz.dll \Windows\System32\msvcrt.dll \Windows\System32\gdi32.dll \Windows\System32\wininet.dll \Windows\System32\lpk.dll \Windows\System32\msctf.dll \Windows\System32\imagehlp.dll \Windows\System32\psapi.dll \Windows\System32\shell32.dll \Windows\System32\nsi.dll \Windows\System32\kernel32.dll \Windows\System32\comctl32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\wintrust.dll \Windows\System32\devobj.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\crypt32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk4\DR4 Upper Device Object: 0xfffffa800ea5a060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007f\ Lower Device Object: 0xfffffa800e498b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk3\DR3 Upper Device Object: 0xfffffa800ea5b060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007e\ Lower Device Object: 0xfffffa800e49db60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk2\DR2 Upper Device Object: 0xfffffa800ea5c060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007d\ Lower Device Object: 0xfffffa800e499b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa800ea4b060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007c\ Lower Device Object: 0xfffffa800d8bab60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa800d012060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800b08a050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa800d012060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800d012ab0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800d012060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800b08a050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 10DF4266 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 80262 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 81920 Numsec = 27783168 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 27865088 Numsec = 1794733750 Partition 3 type is Extended with CSH (0x5) Partition is NOT ACTIVE. Partition starts at LBA: 1822599166 Numsec = 130924546 Disk Size: 1000204886016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)... Done! Physical Sector Size: 0 Drive: 1, DevicePointer: 0xfffffa800ea4b060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800e49c910, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800ea4b060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800d8bab60, DeviceName: \Device\0000007c\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 2, DevicePointer: 0xfffffa800ea5c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800ea4bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800ea5c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800e499b60, DeviceName: \Device\0000007d\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 3, DevicePointer: 0xfffffa800ea5b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800ea5cb90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800ea5b060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800e49db60, DeviceName: \Device\0000007e\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 4, DevicePointer: 0xfffffa800ea5a060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800ea5bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800ea5a060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800e498b60, DeviceName: \Device\0000007f\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_81920_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removal finished
  6. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04 Ran by Owner at 2013-09-13 19:08:12 Running from C:\Users\Owner\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) Ace of Spades (x32 Version: 0.75.015) Ace of Spades (x32) Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.7) Adobe AIR (x32 Version: 3.1.0.4880) Adobe Content Viewer (x32 Version: 1.4.0) Adobe Creative Suite 5.5 Design Premium (x32 Version: 5.5) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Help Manager (x32 Version: 4.0.244) Adobe Premiere Pro CS6 (x32 Version: 6.0) Adobe Reader X MUI (x32 Version: 10.0.0) Adobe Widget Browser (x32 Version: 2.0 Build 230) Adobe Widget Browser (x32 Version: 2.0.230) Alan Wake (x32) AMD Accelerated Video Transcoding (Version: 12.10.100.30328) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Install Manager (Version: 8.0.911.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.80328.2204) AMD Wireless Display v3.0 (Version: 1.0.0.10) Amnesia: The Dark Descent (x32) And Yet It Moves (x32) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Applian FLV and Media Player 3.1.1.12 (x32 Version: 3.1.1.12) ASPCA Reminder by We-Care.com v5.0.5.1 (x32 Version: 5.0.5.1) ATI AVIVO64 Codecs (Version: 11.6.0.10104) Awesomenauts (x32) Batman: Arkham Asylum GOTY Edition (x32) Battlefield 3™ (x32 Version: 1.6.0.0) Battlelog Web Plugins (x32 Version: 2.1.7) BIT.TRIP RUNNER (x32) bl (x32 Version: 1.0.0) Bonjour (Version: 3.0.0.10) Braid (x32) Breath of Death VII (x32) Burnout Paradise: The Ultimate Box (x32) Camtasia Studio 7 (x32 Version: 7.1.1) Castle Crashers (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center (x32 Version: 2013.0328.2218.38225) Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225) Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225) Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225) Cave Story+ (x32) CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225) CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225) CCC Help Czech (x32 Version: 2013.0328.2217.38225) CCC Help Danish (x32 Version: 2013.0328.2217.38225) CCC Help Dutch (x32 Version: 2013.0328.2217.38225) CCC Help English (x32 Version: 2013.0328.2217.38225) CCC Help Finnish (x32 Version: 2013.0328.2217.38225) CCC Help French (x32 Version: 2013.0328.2217.38225) CCC Help German (x32 Version: 2013.0328.2217.38225) CCC Help Greek (x32 Version: 2013.0328.2217.38225) CCC Help Hungarian (x32 Version: 2013.0328.2217.38225) CCC Help Italian (x32 Version: 2013.0328.2217.38225) CCC Help Japanese (x32 Version: 2013.0328.2217.38225) CCC Help Korean (x32 Version: 2013.0328.2217.38225) CCC Help Norwegian (x32 Version: 2013.0328.2217.38225) CCC Help Polish (x32 Version: 2013.0328.2217.38225) CCC Help Portuguese (x32 Version: 2013.0328.2217.38225) CCC Help Russian (x32 Version: 2013.0328.2217.38225) CCC Help Spanish (x32 Version: 2013.0328.2217.38225) CCC Help Swedish (x32 Version: 2013.0328.2217.38225) CCC Help Thai (x32 Version: 2013.0328.2217.38225) CCC Help Turkish (x32 Version: 2013.0328.2217.38225) ccc-utility64 (Version: 2013.0328.2218.38225) Cheat Engine 6.2 (x32) Clownfish for Skype (x32) Cogs (x32) Combined Community Codec Pack 2011-11-11 (x32 Version: 2011.11.11.0) Command and Conquer: Red Alert 3 - Uprising (x32) Company of Heroes (x32) Cozi (x32 Version: 1.0.6505.38692) Crayon Physics Deluxe (x32) Crysis 2 Maximum Edition (x32) Cthulhu Saves the World (x32) Cubemen (x32) D3DX10 (x32 Version: 15.4.2368.0902) DarksidersInstaller (x32 Version: 1.00.1000) Day of Defeat: Source (x32) dBpoweramp FLAC Codec (x32 Version: Release 14 (FLAC 1.2.1)) dBpoweramp m4a Codec (x32 Version: Release 14 r2) dBpoweramp Music Converter (x32 Version: Release 14.4) Dead Space (x32) Dead Space™ 3 (x32 Version: 1.0.0.0) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.57) Dell DataSafe Local Backup (x32 Version: 9.4.57) Dell Edoc Viewer (Version: 1.0.0) Dell Getting Started Guide (x32 Version: 1.00.0000) Dell MusicStage (x32 Version: 1.5.201.0) Dell PhotoStage (x32 Version: 1.5.0.65) Dell Stage (x32 Version: 1.5.201.0) Dell VideoStage (x32 Version: 1.2.0.1712) Derpys Lamp (x32) DEVIL MAY CRY 4 (x32 Version: 1.00.000) DirectX 9 Runtime (x32 Version: 1.00.0000) DivX Setup (x32 Version: 2.6.1.9) Don't Starve (x32) Dota 2 (x32) Dungeon Defenders (x32) DW WLAN Card (Version: 5.60.48.35) Entity Framework Designer for Visual Studio 2012 - enu (x32 Version: 11.1.20810.00) ESN Sonar (x32 Version: 0.70.4) Far Cry (x32) Far Cry 2 (x32) Fliqlo Screen Saver (x32) Fraps (remove only) (x32) Free DVD Video Burner version 3.1.4.412 (x32 Version: 3.1.4.412) Free Video to DVD Converter version 5.0.9.412 (x32 Version: 5.0.9.412) Fusion's Chao Editor (Version: 2.0) GameRanger (HKCU) GCFScape 1.8.2 Google Chrome (HKCU Version: 29.0.1547.66) Gotham City Impostors: Free To Play (x32) Guild Wars 2 (x32) Guitar Hero - World Tour v1.0 (x32) Guitar Hero III (x32 Version: 1.3) Guitar Hero Three Control Panel (x32 Version: 2.0.4) Haali Media Splitter (x32) Hammerfight (x32) Hammerwatch (x32) Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0) iCloud (Version: 2.1.2.8) iFunbox (v2.1.2228.731), iFunbox DevTeam (x32 Version: v2.1.2228.731) ImgBurn (x32 Version: 2.5.7.0) Impulse® (x32 Version: 3.29) Intel® Rapid Storage Technology (x32 Version: 10.0.0.1046) iTunes (Version: 11.0.4.4) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Java 6 Update 24 (64-bit) (Version: 6.0.240) Java 6 Update 35 (x32 Version: 6.0.350) Junk Mail filter update (x32 Version: 15.4.3502.0922) Key Mapper (x32 Version: 1.0.2) Killing Floor (x32) L.A. Noire (x32) League of Legends (x32 Version: 1.3) Left 4 Dead 2 (x32) Left 4 Dead 2 Authoring Tools (x32) LG United Mobile Drivers (x32 Version: 3.3.0.0) LIMBO (x32) Lone Survivor (x32) LOVE (remove only) (x32) Magicka (x32) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Matroska Pack (x32) Medal of Honor Multiplayer (x32) Medal of Honor Single Player (x32) Mesh Runtime (x32 Version: 15.4.5722.2) Metro 2033 (x32) Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709) Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0) Microsoft Corporation (Version: 9.1.0.0) Microsoft Corporation (x32 Version: 9.1.0.0) Microsoft Games for Windows - LIVE (x32 Version: 3.0.86.0) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Help Viewer 1.0 (Version: 1.0.30319) Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727) Microsoft LifeCam (Version: 3.60.253.0) Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (x32 Version: 2.0.30717.9005) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Publisher 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Publisher 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4) Microsoft SQL Server 2012 Command Line Utilities (Version: 11.0.2100.60) Microsoft SQL Server 2012 Data-Tier App Framework (Version: 11.0.2316.0) Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.0.2316.0) Microsoft SQL Server 2012 Express LocalDB (Version: 11.0.2100.60) Microsoft SQL Server 2012 Management Objects (x32 Version: 11.0.2100.60) Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60) Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60) Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2100.60) Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60) Microsoft SQL Server 2012 T-SQL Language Service (x32 Version: 11.0.2100.60) Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1) Microsoft SQL Server Data Tools - enu (11.1.20828.01) (x32 Version: 11.1.20828.01) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (x32 Version: 11.1.20828.01) Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4) Microsoft System CLR Types for SQL Server 2012 (x32 Version: 11.0.2100.60) Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60) Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727) Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.50727) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319) Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319) Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU (Version: 11.0.50727) Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727) Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727) Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727) Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727) Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1) Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (x32 Version: 11.0.50727) Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (x32 Version: 11.0.50727.42) Microsoft Visual Studio Express 2012 for Windows Desktop (x32 Version: 11.0.50727) Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727) Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727) Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727) Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727) Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727) Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727) Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0) Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0) Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio 4.0 (ARP entry) (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio 4.0 (Redists) (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio 4.0 (Shared Components) (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio 4.0 (Visual Studio) (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio 4.0 (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio 4.0 Documentation (x32 Version: 4.0.20823.0) Microsoft XNA Game Studio Platform Tools (x32 Version: 1.3.0.0) Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053) Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000) Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000) Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000) Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000) Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000) Mirror's Edge (x32) Mozilla Firefox 16.0.2 (x86 en-US) (x32 Version: 16.0.2) Mozilla Maintenance Service (x32 Version: 16.0.2) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT Redists (Version: 1.0) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Multimedia Card Reader (x32 Version: 1.7.915.93) Mumble 1.2.3 (x32 Version: 1.2.3) My Dell (Version: 3.3.6280.92) MyMenu 1.2 (x32) No-IP DUC (x32 Version: 3.0.4) Notepad++ (x32 Version: 5.9.8) NVIDIA PhysX (x32 Version: 9.12.0613) OpenAL (x32) Origin (x32 Version: 9.3.1.4482) Paint.NET v3.5.10 (Version: 3.60.0) Pando Media Booster (x32 Version: 2.6.0.8) PDF Settings CS5 (x32 Version: 10.0) PFConfig 1.0.296 (x32 Version: 1.0.296) ph (x32 Version: 1.0.0) PHANTASY STAR ONLINE 2 (x32) PhotoShowExpress (x32 Version: 2.0.063) Pinnacle Studio 15 (x32 Version: 15.0.0.7593) Pinnacle Studio Bonus Content (x32 Version: 15.0.0.51) Pinnacle Video Driver (Version: 12.1.0.030) Pitiri 1977 (x32) Plants vs. Zombies: Game of the Year (x32) Poker Night at the Inventory (x32) Populous (x32 Version: 1.0.0.0) Portal 2 (x32) Portforward Static IP Address 1.0.47 (x32 Version: 1.0.47) Power Sound Editor Free (x32) PowerISO (x32 Version: 4.9) Prerequisites for SSDT (x32 Version: 11.0.2100.60) Psychonauts (x32) PunkBuster Services (x32 Version: 0.991) puush (x32 Version: 1.0.0.0) QuickTime (x32 Version: 7.74.80.86) Rainmeter (x32 Version: 2.4 beta r1593) RBVirtualFolder64Inst (Version: 1.00.0000) Real Alternative 2.0.2 (x32 Version: 2.0.2) Really Big Sky (x32) Realm of the Mad God (x32) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6449) Red Faction: Armageddon (x32) Rockstar Games Social Club (x32 Version: 1.0.6.1) RollerCoaster Tycoon 3 Platinum (x32 Version: 1.00.000) Roxio Activation Module (x32 Version: 1.0) Roxio BackOnTrack (x32 Version: 1.3.3) Roxio Burn (x32 Version: 1.8) Roxio Creator Starter (x32 Version: 1.0.439) Roxio Creator Starter (x32 Version: 12.1.77.0) Roxio Creator Starter (x32 Version: 5.0.0) Roxio Express Labeler 3 (x32 Version: 3.2.2) Roxio File Backup (Version: 1.3.2) Saints Row: The Third (x32) SDFormatter (x32 Version: 3.1.0) Sendori (x32 Version: 2.0.15) Shoot Many Robots (x32) Skype Click to Call (x32 Version: 6.11.13348) Skype™ 6.6 (x32 Version: 6.6.106) Smite (x32 Version: 0.1.1642.3) Snuggle Truck (x32) Sonic Adventure™ 2 (x32) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0) Source SDK (x32) Source SDK Base 2006 (x32) Source SDK Base 2007 (x32) Star Wars - Battlefront II (x32) Star Wars Empire at War (x32 Version: 1.0) Star Wars Empire at War Forces of Corruption (x32 Version: 1.0) Steam (x32 Version: 1.0.0.0) StepMania v5.0 alpha 2 (remove only) (x32 Version: ) Super Mario Bros. X version 1.3 (x32 Version: 1.3) Super Meat Boy (x32) Super Meat Boy Editor (x32) Superbrothers: Sword & Sworcery EP (x32) System Requirements Lab CYRI (x32 Version: 6.0.7.0) System Requirements Lab Detection (x32 Version: 1.0.5.0) System Requirements Lab for Intel (x32 Version: 4.5.15.0) TeamSpeak 3 Client TeamViewer 8 (x32 Version: 8.0.19617) TERA (x32 Version: 1.5) Terraria (x32) The Binding Of Isaac (x32) The Sims™ 3 (x32 Version: 1.42.130) The Sims™ 3 High-End Loft Stuff (x32 Version: 3.0.38) The Sims™ 3 Late Night (x32 Version: 6.0.81) THX TruStudio PC (x32 Version: 1.0) TightVNC 1.3.10 (x32 Version: 1.3.10) Titan Quest (x32) TrackMania² Stadium Open Beta (x32) Ulead GIF Animator 5 TBYB (x32) Ultima PsOBB (x32) Unreal Development Kit: 2012-02 Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1) Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office Excel 2007 Help (KB963678) (x32) Update for Microsoft Office OneNote 2007 Help (KB963670) (x32) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update for Microsoft Office Script Editor Help (KB963671) (x32) Update for Microsoft Office Word 2007 Help (KB963665) (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0) Ventrilo Client for Windows x64 (Version: 3.0.8.0) Verbatim (Version: 1.0.0.8) Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (x32 Version: 4.0.8080.0) VTFEdit 1.2.5 (x32) VVVVVV (x32) Winamp (x32 Version: 5.63 ) Winamp Detector Plug-in (HKCU Version: 1.0.0.1) Windows 7 Logon Background Changer (x32 Version: 1.5.2) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Software Development Kit (x32 Version: 8.59.25584) Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584) Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584) Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584) Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584) Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584) WinRAR 5.00 beta 8 (64-bit) (Version: 5.00.8) WinSCP 5.1 (x32 Version: 5.1) ==================== Restore Points ========================= 05-09-2013 05:54:38 Scheduled Checkpoint 05-09-2013 18:27:26 Removed AVG 2012 05-09-2013 18:28:48 Removed AVG 2012 06-09-2013 19:48:47 Microsoft Visual Studio Express 2012 for Windows Desktop - ENU 06-09-2013 19:49:27 Windows Update 07-09-2013 07:00:10 Windows Update 07-09-2013 07:28:43 Microsoft Visual Studio Express 2012 for Windows Desktop - ENU ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {1162AF64-A32C-495A-8092-2E62D6AD4820} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {121113A0-5B94-4D48-AAE5-DF7CD5901A60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16] (Google Inc.) Task: {17B78F39-1EAE-4A17-BFD9-3FF7D9F9BA72} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16] (Google Inc.) Task: {1AF91F64-CE46-43D7-A4B7-4E545D938691} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {20864E5A-F3C6-4C72-9703-11EAAC4A3F47} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.) Task: {5AD53C59-27BD-4512-AE26-EAB2BA3EE8BA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated) Task: {68410B5C-1C83-4CDC-8872-FF401AB2D2BC} - System32\Tasks\{9C7234AC-3983-483F-AF95-BAD5EE791D25} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.) Task: {6B85B703-AF4C-4E5A-83CD-C0B6939E9A22} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () Task: {9046EDA3-C787-44BD-9D1B-F16AAE8731F8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {CAA22124-755E-4DD8-9E7A-3DC3B9C1CC06} - System32\Tasks\AdobeAAMUpdater-1.0-Owner-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {DC42CB43-91E6-48D1-8A23-CAA636D7A81E} - System32\Tasks\{2F628C03-D09B-4EBF-85D8-00E7AA18D331} => Chrome.exe http://ui.skype.com/ui/0/4.2.0.169/en/go/help.faq.installer?LastError=1603 Task: {DCB6CD21-E262-43BB-9A57-CE1D2CCA821E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-07-17] (PC-Doctor, Inc.) Task: {F5151AA2-BB87-4B48-9B56-BB72A4EFF79B} - System32\Tasks\{85EF0623-8253-46B2-BE8A-BE9D67FE6D9E} => Chrome.exe http://ui.skype.com/ui/0/4.2.0.169/en/go/help.faq.installer?LastError=1603 Task: {F7ED70DF-ADBD-4CC8-8B50-EDC23962F84F} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe ==================== Loaded Modules (whitelisted) ============= 2013-01-08 15:53 - 2012-11-22 23:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2009-07-13 19:37 - 2009-07-13 21:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe 2011-10-15 03:28 - 2011-10-15 03:28 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE 2012-10-31 17:03 - 2012-09-24 10:49 - 00206544 _____ (Martin Prikryl) C:\Program Files (x86)\WinSCP\DragExt64.dll 2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll 2010-11-10 23:53 - 2010-11-10 23:53 - 00817136 _____ () C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll 2012-01-18 19:31 - 2013-08-22 18:09 - 00214104 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll 2010-11-10 23:54 - 2010-11-10 23:54 - 00177136 _____ (TODO: <Company name>) C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll 2011-11-14 23:50 - 2011-11-14 23:50 - 00228408 _____ (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOSH.DLL 2011-07-18 17:04 - 2011-07-18 17:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll 2011-10-15 01:48 - 2011-07-08 11:12 - 02749248 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2009-07-13 19:57 - 2009-07-13 21:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\rundll32.exe 2011-10-15 01:52 - 2009-10-15 14:38 - 00017920 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.dll 2011-10-15 01:52 - 2009-10-15 14:32 - 00021504 ____N (Creative Technology Ltd.) C:\Windows\system32\EptMon64.dll 2012-01-21 00:52 - 2011-08-26 19:18 - 12681320 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2008-09-17 13:27 - 2008-09-17 13:27 - 00318464 _____ () C:\Program Files\LTONHIS\Verbatim\SKDaemon.exe 2008-09-15 19:00 - 2008-09-15 19:00 - 00054272 _____ (LITE-ON TECHNOLOGY CORP.) C:\Program Files\LTONHIS\Verbatim\SKUsbKbd.dll 2008-01-16 09:18 - 2008-01-16 09:18 - 00260096 _____ () C:\Program Files\LTONHIS\Verbatim\SKHooks.dll 2007-11-05 11:30 - 2007-11-05 11:30 - 00154624 _____ (LITE-ON TECHNOLOGY CORP.) C:\Program Files\LTONHIS\Verbatim\Skutil.dll 2013-07-12 20:25 - 2013-07-12 20:25 - 00217992 ____T (Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe 2013-07-12 20:25 - 2013-07-12 20:25 - 00290696 ____T (Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe 2012-01-10 14:41 - 2013-07-14 15:03 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe 2013-01-29 22:20 - 2012-11-20 02:03 - 00812544 _____ () C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe 2013-05-13 03:49 - 2013-05-13 03:49 - 01268472 _____ (Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe 2013-06-21 09:58 - 2013-06-21 09:58 - 19875432 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe 2009-07-13 19:43 - 2009-07-13 21:14 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe 2012-08-05 10:49 - 2012-08-05 10:49 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe 2012-08-05 10:49 - 2012-08-05 10:49 - 00736968 _____ () C:\Program Files\Rainmeter\Rainmeter.dll 2010-03-10 17:26 - 2010-03-10 17:26 - 00237568 _____ (Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe 2010-11-17 11:35 - 2010-11-17 11:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe 2011-11-14 23:50 - 2011-11-14 23:50 - 00312376 _____ (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE 2011-07-28 19:08 - 2011-07-28 19:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2012-06-28 11:40 - 2012-06-28 11:40 - 00074752 _____ (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe 2013-07-01 12:49 - 2013-07-01 12:49 - 00083232 _____ (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe 2013-01-08 15:53 - 2012-11-29 23:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2012-01-16 23:11 - 2013-09-02 16:35 - 00829392 _____ (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe 2013-05-14 17:26 - 2013-04-13 01:49 - 00308736 _____ (Microsoft Corporation) C:\Windows\AppPatch\AppPatch64\AcGenral.DLL 2013-05-23 15:56 - 2013-05-23 15:56 - 00273920 _____ () C:\Users\Owner\Games\FTB\Ultimate\minecraft\bin\natives\lwjgl64.dll 2013-05-23 15:56 - 2013-05-23 15:56 - 00195072 _____ () C:\Users\Owner\Games\FTB\Ultimate\minecraft\bin\natives\OpenAL64.dll 2010-11-20 23:23 - 2010-11-20 23:23 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe 2011-10-15 01:44 - 2011-10-15 01:44 - 00171808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe 2012-01-16 16:05 - 2011-05-04 01:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2013-09-13 19:07 - 2013-09-13 19:07 - 01950312 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe 2009-07-13 19:59 - 2009-07-13 21:39 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\DllHost.exe 2013-01-29 22:20 - 2012-04-26 15:38 - 20758016 _____ () C:\Program Files (x86)\i-Funbox DevTeam\libcef.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll 2010-11-20 23:24 - 2010-11-20 23:24 - 01435648 _____ (Microsoft Corporation) C:\Windows\System32\Speech\Common\sapi.dll 2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll 2013-09-11 07:34 - 2013-09-11 07:34 - 16242568 ____N (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_168.ocx 2013-08-15 12:24 - 2013-08-15 12:24 - 00475136 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ebdb3050959d9be47d33d2c77d6cc291\IAStorUtil.ni.dll 2013-07-13 14:20 - 2013-07-13 14:20 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\34002b75cd0faab68bf8079299c1aa46\IAStorCommon.ni.dll 2010-11-22 14:27 - 2010-11-22 14:27 - 00190960 _____ (Roxio, Inc.) c:\program files (x86)\common files\roxio shared\dllshared\rsl.dll 2010-11-24 23:44 - 2010-11-24 23:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll 2011-07-28 19:09 - 2011-07-28 19:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2013-07-01 12:49 - 2013-07-01 12:49 - 00275744 _____ (Sendori, Inc.) C:\Program Files (x86)\Sendori\DynLib.dll 2013-03-12 17:10 - 2013-08-21 18:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2012-01-17 16:38 - 2013-09-06 16:55 - 01120680 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2012-01-17 16:38 - 2013-08-07 15:31 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2012-03-15 21:06 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll 2012-03-15 21:06 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll 2012-03-15 21:06 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll 2013-09-03 22:33 - 2013-09-02 16:34 - 47074256 _____ (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 09962960 _____ (The ICU Project) C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll 2013-09-03 22:33 - 2013-09-02 14:46 - 03231688 _____ (Microsoft Corporation) C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 00709584 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 00099792 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 04053456 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 00410576 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 02110928 _____ (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 01604560 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll 2013-09-03 22:33 - 2013-09-02 16:35 - 13599184 _____ () C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll 2013-05-31 11:55 - 2013-05-31 11:55 - 03008536 _____ (Gracenote, Inc.) C:\Program Files (x86)\iTunes\GNSDK_DSP.DLL 2013-05-31 11:55 - 2013-05-31 11:55 - 00776216 _____ (Gracenote, Inc.) C:\Program Files (x86)\iTunes\GNSDK_SDKMANAGER.DLL 2013-05-31 11:55 - 2013-05-31 11:55 - 00219672 _____ (Gracenote, Inc.) C:\Program Files (x86)\iTunes\GNSDK_MUSICID.DLL 2013-05-31 11:55 - 2013-05-31 11:55 - 00262680 _____ (Gracenote, Inc.) C:\Program Files (x86)\iTunes\GNSDK_SUBMIT.DLL ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Users\Owner\Cookies:3iIxjmZssPF6yKyRB8z AlternateDataStreams: C:\Users\Owner\AppData\Local\DlNTffEyXb3WT9:uV8Sj0tQ5ibfxx5kro45q3zYE ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/13/2013 03:40:05 PM) (Source: .NET Runtime) (User: ) Description: Shim database version C:\Windows\Microsoft.NET\Framework\v4.0 doesn't have a matching runtime directory Error: (09/13/2013 00:22:30 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/13/2013 03:36:20 AM) (Source: SendoriService) (User: ) Description: In the enable methodObject reference not set to an instance of an object. Error: (09/13/2013 03:36:15 AM) (Source: Application Error) (User: ) Description: Faulting application name: CCC.exe, version: 3.5.0.0, time stamp: 0x4f8350e0 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b Exception code: 0xc000041d Fault offset: 0x0000000000009e5d Faulting process id: 0x109c Faulting application start time: 0xCCC.exe0 Faulting application path: CCC.exe1 Faulting module path: CCC.exe2 Report Id: CCC.exe3 Error: (09/13/2013 03:35:54 AM) (Source: Application Error) (User: ) Description: Faulting application name: CCC.exe, version: 3.5.0.0, time stamp: 0x4f8350e0 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b Exception code: 0xe0434352 Fault offset: 0x0000000000009e5d Faulting process id: 0x109c Faulting application start time: 0xCCC.exe0 Faulting application path: CCC.exe1 Faulting module path: CCC.exe2 Report Id: CCC.exe3 Error: (09/13/2013 03:35:38 AM) (Source: .NET Runtime) (User: ) Description: Application: CCC.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Windows.Markup.XamlParseException Stack: at System.Windows.FrameworkTemplate.LoadTemplateXaml(System.Xaml.XamlReader, System.Xaml.XamlObjectWriter) at System.Windows.FrameworkTemplate.LoadTemplateXaml(System.Xaml.XamlObjectWriter) at System.Windows.FrameworkTemplate.LoadOptimizedTemplateContent(System.Windows.DependencyObject, System.Windows.Markup.IComponentConnector, System.Windows.Markup.IStyleConnector, System.Collections.Generic.List`1<System.Windows.DependencyObject>, System.Windows.UncommonField`1<System.Collections.Hashtable>) at System.Windows.FrameworkTemplate.LoadContent(System.Windows.DependencyObject, System.Collections.Generic.List`1<System.Windows.DependencyObject>) at System.Windows.StyleHelper.ApplyTemplateContent(System.Windows.UncommonField`1<System.Collections.Specialized.HybridDictionary[]>, System.Windows.DependencyObject, System.Windows.FrameworkElementFactory, Int32, System.Collections.Specialized.HybridDictionary, System.Windows.FrameworkTemplate) at System.Windows.FrameworkTemplate.ApplyTemplateContent(System.Windows.UncommonField`1<System.Collections.Specialized.HybridDictionary[]>, System.Windows.FrameworkElement) at System.Windows.FrameworkElement.ApplyTemplate() at System.Windows.FrameworkElement.MeasureCore(System.Windows.Size) at System.Windows.UIElement.Measure(System.Windows.Size) at System.Windows.ContextLayoutManager.UpdateLayout() at System.Windows.Interop.HwndSource.Process_WM_SIZE(System.Windows.UIElement, IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr) at System.Windows.Interop.HwndSource.LayoutFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.ShowWindow(System.Runtime.InteropServices.HandleRef, Int32) at MS.Win32.UnsafeNativeMethods.ShowWindow(System.Runtime.InteropServices.HandleRef, Int32) at System.Windows.Window.ShowHelper(System.Object) at ATI.ACE.CLI.Component.Dashboard.Dashboard.DerivedRun() at ATI.ACE.CLI.Component.Client.Shared.Private.ClientUIComponent.DoRun() at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart(System.Object) Error: (09/13/2013 03:34:44 AM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 24 Error: (09/13/2013 03:34:44 AM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 23 Error: (09/13/2013 03:34:44 AM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 22 Error: (09/13/2013 03:34:44 AM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 21 System errors: ============= Error: (09/13/2013 05:08:23 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (09/13/2013 03:38:48 PM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (09/13/2013 03:34:33 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service. Error: (09/13/2013 11:37:39 AM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (09/13/2013 07:36:20 AM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (09/13/2013 03:36:16 AM) (Source: Service Control Manager) (User: ) Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 Error: (09/13/2013 03:36:16 AM) (Source: Service Control Manager) (User: ) Description: The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 Error: (09/13/2013 03:36:13 AM) (Source: DCOM) (User: ) Description: {CC957078-B838-47C4-A7CF-626E7A82FC58} Error: (09/13/2013 03:35:57 AM) (Source: Service Control Manager) (User: ) Description: The Skype Updater service terminated unexpectedly. It has done this 1 time(s). Error: (09/13/2013 03:35:56 AM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service hung on starting. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2012-04-16 15:00:58.532 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-04-16 15:00:58.518 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 52% Total physical RAM: 13294.46 MB Available physical RAM: 6377.38 MB Total Pagefile: 26587.1 MB Available Pagefile: 15063.64 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:855.8 GB) (Free:145.14 GB) NTFS Drive d: (VS2012_WDX_ENU) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS Drive z: (Media) (Fixed) (Total:62.43 GB) (Free:9.65 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 10DF4266) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=13 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=856 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=62 GB) - (Type=05) ==================== End Of Log ============================
  7. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04 Ran by Owner (administrator) on OWNER-PC on 13-09-2013 19:07:28 Running from C:\Users\Owner\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe () C:\Windows\SysWOW64\PnkBstrA.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\LTONHIS\Verbatim\SKDaemon.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe () C:\Program Files (x86)\puush\puush.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe () C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe (Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe () C:\Program Files\Rainmeter\Rainmeter.exe (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe (Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\javaw.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\javaw.exe (Microsoft Corporation) C:\Windows\system32\cmd.exe (Sun Microsystems, Inc.) C:\Windows\system32\java.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RunDLLEntry_THXCfg] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [RunDLLEntry_EptMon] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [207845 2011-04-29] () HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [sKDaemon.exe] - C:\Program Files\LTONHIS\Verbatim\SKDaemon.exe [318464 2008-09-17] () HKLM\...\Policies\Explorer: [NoStrCmpLogical] 1 HKCU\...\Run: [Google Update] - C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-16] (Google Inc.) HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1811368 2013-09-06] (Valve Corporation) HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background HKCU\...\Run: [AdobeBridge] - [x] HKCU\...\Run: [puush] - C:\Program Files (x86)\puush\puush.exe [567880 2013-07-14] () HKCU\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] () HKCU\...\Run: [ROC_ROC_APR2013_AV] - C:\Users\Owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1268472 2013-05-13] (Bogdan Sharkov) HKCU\...\Run: [AVG-Secure-Search-Update_0913a] - C:\Users\Owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID 0913a HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 MountPoints2: I - I:\Autorun.exe MountPoints2: {0b2c84ad-2116-11e2-a34f-180373d24315} - J:\TL_Bootstrap.exe HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [shwiconXP9106] - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.) HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd) HKLM-x32\...\Run: [updReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] () HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2825741 2011-04-29] () HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.) HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2011-11-14] (Power Software Ltd) HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-05-07] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] () HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.) HKLM-x32\...\Run: [sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation) HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.) Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1 URLSearchHook: (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File SearchScopes: HKLM - DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox SearchScopes: HKCU - DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 15 C:\Windows\system32\Sendori.dll File Not found () Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{215759C3-A3D4-4BF2-9F09-F1BC2B23C784}: [NameServer]8.8.8.8 FireFox: ======== FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default FF Homepage: about:home FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Extension: Просмотр HTTP заголовков - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} FF Extension: No Name - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.) CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) CHR Plugin: (Java Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Google Update) - C:\Users\Owner\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (James White) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0 CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (YouTube\u2122 Ratings Preview) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank\2.3.3_0 CHR Extension: (AdBlock) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0 CHR Extension: (Stealthy) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0 CHR Extension: (Auto Replay for YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (4chan Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\3.0.0_0 CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Owner\AppData\Local\Temp\ccex.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM-x32\...\Chrome\Extension: [lkpmjnommfoljgjbckjmjhkmnhfmcmon] - C:\ProgramData\WeCareReminder\\wecarereminderro.crx CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx CHR StartMenuInternet: Google Chrome - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5180032 2012-12-23] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-08-15] () R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori) R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori) ==================== Drivers (Whitelisted) ==================== S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1101600 2010-06-11] (Ralink Technology Corp.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2011-02-14] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2011-02-14] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2011-02-14] (LG Electronics Inc.) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] R3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-13 19:07 - 2013-09-13 19:07 - 01950312 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe 2013-09-13 19:07 - 2013-09-13 19:07 - 00000000 ____D C:\FRST 2013-09-13 17:09 - 2013-09-13 17:09 - 00006806 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_170954.txt 2013-09-13 16:04 - 2013-09-13 16:04 - 00006799 _____ C:\Users\Owner\Desktop\attach.zip 2013-09-13 16:02 - 2013-09-13 16:02 - 00028006 _____ C:\Users\Owner\Desktop\dds.txt 2013-09-13 16:02 - 2013-09-13 16:02 - 00024804 _____ C:\Users\Owner\Desktop\attach.txt 2013-09-13 15:59 - 2013-09-13 15:59 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.com 2013-09-13 15:10 - 2013-09-13 15:10 - 00007296 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_151032.txt 2013-09-13 15:06 - 2013-09-13 15:28 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine 2013-09-13 15:06 - 2013-09-13 15:06 - 03787776 _____ C:\Users\Owner\Desktop\RogueKillerX64.exe 2013-09-13 00:05 - 2013-09-13 00:05 - 00000000 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_52328ef3.dmp 2013-09-12 12:58 - 2013-09-12 12:58 - 00354042 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5230db24.dmp 2013-09-11 17:02 - 2013-09-11 17:04 - 00000000 ____D C:\AdwCleaner 2013-09-11 17:01 - 2013-09-11 17:01 - 01037278 _____ C:\Users\Owner\Desktop\adwcleaner.exe 2013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Users\Owner\Documents\Visual Studio 2012 2013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Program Files (x86)\NuGet 2013-09-07 03:34 - 2013-09-07 03:34 - 00000000 ____D C:\Windows\symbols 2013-09-07 03:33 - 2013-09-07 03:33 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2013-09-07 03:32 - 2013-09-07 03:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\SysWOW64\1033 2013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\system32\1033 2013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2013-09-07 03:30 - 2013-09-07 03:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2013-09-07 03:27 - 2013-09-07 03:27 - 00336750 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522ad53f.dmp 2013-09-07 03:25 - 2013-09-07 03:25 - 00302988 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522903d0.dmp 2013-09-06 20:02 - 2013-09-06 20:02 - 00268140 _____ C:\Users\Owner\Desktop\test.rar 2013-09-06 15:48 - 2013-09-06 15:51 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-05 22:23 - 2013-09-05 22:23 - 21609810 _____ C:\Users\Owner\Desktop\Sphax PureBDCraft 128x MC14.zip 2013-09-05 22:21 - 2013-09-05 22:21 - 62166237 _____ C:\Users\Owner\Desktop\Feed The Beast 128x Sphax Addon 122.zip 2013-09-05 14:46 - 2013-09-05 14:46 - 00302088 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522390ce.dmp 2013-09-05 14:42 - 2013-09-05 14:42 - 00015671 _____ C:\Users\Owner\Desktop\RestartEvolution_3.1.zip 2013-09-05 14:33 - 2013-09-05 14:33 - 00504856 _____ C:\Users\Owner\Desktop\mcrtoolkit10a14_5 (1).zip 2013-09-05 14:28 - 2013-09-05 14:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TuneUp Software 2013-09-03 14:40 - 2013-09-03 14:40 - 00066566 _____ C:\Users\Owner\Desktop\download.htm 2013-09-03 10:49 - 2013-09-03 10:49 - 00000963 _____ C:\Users\Owner\Desktop\ruined_Cottage.schematic 2013-09-02 19:13 - 2013-09-02 19:14 - 01979566 _____ C:\Users\Owner\Desktop\screenshots.rar 2013-09-02 12:59 - 2013-09-07 00:02 - 00000000 ____D C:\Users\Owner\AppData\Roaming\skypePM 2013-09-02 12:59 - 2013-09-02 12:59 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat 2013-09-02 12:58 - 2013-09-11 19:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-02 12:58 - 2013-09-02 12:58 - 00002866 _____ C:\Windows\System32\Tasks\{9C7234AC-3983-483F-AF95-BAD5EE791D25} 2013-09-02 12:56 - 2013-09-02 12:56 - 00003122 _____ C:\Windows\System32\Tasks\{2F628C03-D09B-4EBF-85D8-00E7AA18D331} 2013-09-02 12:49 - 2013-09-02 12:49 - 00003122 _____ C:\Windows\System32\Tasks\{85EF0623-8253-46B2-BE8A-BE9D67FE6D9E} 2013-09-01 15:53 - 2013-09-01 15:53 - 00000413 _____ C:\wakeuptoken.info 2013-08-30 18:34 - 2013-08-30 18:34 - 00000000 ____D C:\Windows\Sun 2013-08-29 15:40 - 2013-08-29 15:40 - 00338032 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_521f716d.dmp 2013-08-29 13:47 - 2013-08-29 14:25 - 00000000 ____D C:\Users\Owner\Desktop\STTBTLL-v1.2 2013-08-29 13:44 - 2013-08-29 13:44 - 36516252 _____ C:\Users\Owner\Desktop\STTBTLL-Patch1.2.zip 2013-08-29 13:14 - 2013-08-29 13:17 - 453365629 _____ C:\Users\Owner\Desktop\STTBTLL-v1.2.zip 2013-08-29 12:40 - 2013-08-29 12:40 - 00000000 ____D C:\SMBX 2013-08-29 11:22 - 2013-08-29 11:22 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes 2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-29 11:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-29 11:18 - 2013-08-29 11:24 - 00008564 _____ C:\Users\Owner\Desktop\Rkill.txt 2013-08-29 11:18 - 2013-08-29 11:18 - 00000000 ____D C:\Users\Owner\Desktop\rkill 2013-08-29 11:11 - 2013-09-13 03:34 - 00002040 _____ C:\Windows\SysWOW64\debug.log 2013-08-29 07:31 - 2013-08-29 11:12 - 00000000 ____D C:\ProgramData\ahrpDn37 2013-08-29 07:31 - 2013-08-29 07:31 - 00000000 ____D C:\Program Files (x86)\Google 2013-08-28 18:22 - 2013-08-28 18:23 - 00000000 ____D C:\ProgramData\nklc 2013-08-28 18:09 - 2013-09-05 14:57 - 00000000 ____D C:\ProgramData\ggab 2013-08-27 20:08 - 2013-08-27 20:08 - 00729778 _____ C:\Users\Owner\Desktop\Burnout_Paradise_SaveGame_Patcher.zip 2013-08-24 22:15 - 2013-08-24 22:15 - 42167034 _____ C:\Users\Owner\Desktop\divinerpg_server.zip 2013-08-23 08:16 - 2013-08-23 08:16 - 01331819 _____ C:\Users\Owner\Desktop\Essentials.zip 2013-08-22 20:01 - 2013-08-22 20:01 - 00342510 _____ C:\Users\Owner\Desktop\OptiFine_1.4.6_HD_D5.zip 2013-08-22 19:46 - 2013-08-22 19:46 - 00095796 _____ C:\Users\Owner\Desktop\OptiFine_1.4.6_L_B5.zip 2013-08-21 21:02 - 2013-08-21 21:18 - 00000000 ____D C:\Users\Owner\Desktop\VIDEO_TS 2013-08-21 21:02 - 2013-08-21 21:02 - 00000000 ____D C:\Users\Owner\Desktop\AUDIO_TS 2013-08-20 23:48 - 2013-08-20 23:48 - 34103034 _____ C:\Users\Owner\Desktop\Ultimate_Server.zip 2013-08-20 23:48 - 2013-08-20 23:48 - 11415431 _____ C:\Users\Owner\Desktop\world.zip 2013-08-20 18:57 - 2013-08-20 18:57 - 10012564 _____ C:\Users\Owner\Desktop\spelunky_1_1.zip 2013-08-20 15:30 - 2013-08-20 15:30 - 00504856 _____ C:\Users\Owner\Desktop\mcrtoolkit10a14_5.zip 2013-08-17 21:08 - 2013-08-17 21:08 - 00000000 ____D C:\Users\Owner\AppData\Local\Electronic Arts 2013-08-17 21:07 - 2013-08-17 21:07 - 00000000 ____D C:\Users\Owner\Documents\Electrontic Arts 2013-08-16 19:45 - 2013-08-16 19:45 - 00000000 ____D C:\ProgramData\ATI 2013-08-16 19:44 - 2013-08-16 19:44 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-08-16 13:50 - 2013-08-16 13:50 - 00000000 ____D C:\Users\Owner\Documents\EA Games 2013-08-16 00:32 - 2013-08-16 00:32 - 00000000 ____D C:\Users\Owner\AppData\Local\Criterion Games 2013-08-15 22:46 - 2013-08-15 22:46 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2013-08-15 22:33 - 2013-08-15 22:34 - 00000000 ____D C:\Users\Owner\Documents\Battlefield 3 2013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Users\Owner\AppData\Local\ESN 2013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-08-15 22:28 - 2013-08-15 22:28 - 00000000 ____D C:\ProgramData\EA Core 2013-08-15 22:27 - 2013-08-17 21:08 - 00000000 ____D C:\Users\Owner\Documents\Electronic Arts 2013-08-15 22:26 - 2013-08-17 01:22 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2013-08-15 19:58 - 2013-08-22 19:51 - 00000000 ____D C:\Program Files (x86)\Origin Games 2013-08-15 19:52 - 2013-08-15 22:28 - 00000000 ____D C:\Users\Owner\AppData\Local\Origin 2013-08-15 19:52 - 2013-08-15 22:18 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Origin 2013-08-15 19:51 - 2013-08-27 20:13 - 00000000 ____D C:\Program Files (x86)\Origin 2013-08-15 19:51 - 2013-08-15 22:28 - 00000000 ____D C:\ProgramData\Electronic Arts 2013-08-15 19:51 - 2013-08-15 20:01 - 00000000 ____D C:\ProgramData\Origin 2013-08-15 01:37 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-15 01:37 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-15 01:37 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-15 01:37 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-15 01:37 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-15 01:37 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-15 01:37 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-15 01:37 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-15 01:37 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-15 01:37 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-15 01:37 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-15 01:37 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-15 01:37 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-15 01:37 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-15 01:37 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-15 01:37 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-15 01:37 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-15 01:37 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-15 01:37 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-15 01:37 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-15 01:37 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 01:37 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-15 01:36 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-15 01:36 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-15 01:36 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-15 01:36 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-15 01:36 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-15 01:36 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-15 01:36 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-15 01:36 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-15 01:36 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-15 01:31 - 2013-08-15 01:33 - 00000000 ____D C:\Windows\system32\MRT 2013-08-14 12:48 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-14 12:48 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-14 12:48 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 12:48 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 12:48 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 12:48 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-14 12:48 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-14 12:48 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-14 12:48 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-14 12:48 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-14 12:47 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-14 12:47 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-14 12:47 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-14 12:47 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-14 12:47 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-08-14 12:47 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 12:47 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-14 12:47 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-14 12:47 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-08-14 12:47 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-14 12:47 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-08-14 12:47 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-08-14 12:47 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-08-14 12:47 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-08-14 12:47 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-08-14 12:47 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 12:47 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-14 00:55 - 2013-08-14 00:56 - 00000063 _____ C:\Users\Owner\Documents\minecraft locations.txt ==================== One Month Modified Files and Folders ======= 2013-09-13 19:07 - 2013-09-13 19:07 - 01950312 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe 2013-09-13 19:07 - 2013-09-13 19:07 - 00000000 ____D C:\FRST 2013-09-13 19:05 - 2012-01-17 17:12 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype 2013-09-13 18:34 - 2012-04-18 21:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-13 18:32 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-13 18:32 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-13 18:30 - 2012-01-16 23:11 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA.job 2013-09-13 17:45 - 2012-08-02 21:45 - 00000000 ____D C:\Users\Owner\AppData\Local\PMB Files 2013-09-13 17:45 - 2012-08-02 21:45 - 00000000 ____D C:\ProgramData\PMB Files 2013-09-13 17:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF 2013-09-13 17:09 - 2013-09-13 17:09 - 00006806 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_170954.txt 2013-09-13 16:26 - 2012-01-17 16:18 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-13 16:04 - 2013-09-13 16:04 - 00006799 _____ C:\Users\Owner\Desktop\attach.zip 2013-09-13 16:02 - 2013-09-13 16:02 - 00028006 _____ C:\Users\Owner\Desktop\dds.txt 2013-09-13 16:02 - 2013-09-13 16:02 - 00024804 _____ C:\Users\Owner\Desktop\attach.txt 2013-09-13 16:00 - 2012-01-18 22:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\uTorrent 2013-09-13 15:59 - 2013-09-13 15:59 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.com 2013-09-13 15:28 - 2013-09-13 15:06 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine 2013-09-13 15:10 - 2013-09-13 15:10 - 00007296 _____ C:\Users\Owner\Desktop\RKreport[0]_S_09132013_151032.txt 2013-09-13 15:06 - 2013-09-13 15:06 - 03787776 _____ C:\Users\Owner\Desktop\RogueKillerX64.exe 2013-09-13 15:04 - 2011-10-15 01:36 - 01396707 _____ C:\Windows\WindowsUpdate.log 2013-09-13 15:02 - 2013-05-23 16:20 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2013-09-13 11:34 - 2013-03-12 17:42 - 04751752 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-09-13 11:34 - 2012-04-18 21:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-13 11:34 - 2012-04-18 21:05 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-13 11:34 - 2011-10-15 01:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-13 03:44 - 2012-01-22 21:29 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe 2013-09-13 03:34 - 2013-08-29 11:11 - 00002040 _____ C:\Windows\SysWOW64\debug.log 2013-09-13 03:34 - 2012-01-16 13:47 - 00000000 ____D C:\Users\Owner\AppData\Local\SoftThinks 2013-09-13 03:34 - 2011-10-15 01:48 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup 2013-09-13 03:33 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-13 03:33 - 2009-07-14 00:51 - 00090915 _____ C:\Windows\setupact.log 2013-09-13 00:05 - 2013-09-13 00:05 - 00000000 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_52328ef3.dmp 2013-09-13 00:04 - 2010-11-20 23:47 - 00293802 _____ C:\Windows\PFRO.log 2013-09-12 20:30 - 2012-01-16 23:11 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core.job 2013-09-12 19:43 - 2012-11-16 23:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\ftblauncher 2013-09-12 12:58 - 2013-09-12 12:58 - 00354042 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_5230db24.dmp 2013-09-11 23:17 - 2012-09-12 20:09 - 00000000 ____D C:\Users\Owner\Downloads\PFConfig 1.0.296+working serial 2013-09-11 19:33 - 2013-09-02 12:58 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-11 19:33 - 2011-10-15 01:50 - 00000000 ____D C:\ProgramData\Skype 2013-09-11 17:04 - 2013-09-11 17:02 - 00000000 ____D C:\AdwCleaner 2013-09-11 17:04 - 2012-01-21 00:34 - 00000000 ____D C:\ProgramData\Uniblue 2013-09-11 17:01 - 2013-09-11 17:01 - 01037278 _____ C:\Users\Owner\Desktop\adwcleaner.exe 2013-09-09 17:01 - 2012-01-19 19:52 - 00000000 ____D C:\Users\Owner\Games 2013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Users\Owner\Documents\Visual Studio 2012 2013-09-07 03:36 - 2013-09-07 03:36 - 00000000 ____D C:\Program Files (x86)\NuGet 2013-09-07 03:36 - 2012-04-18 21:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2013-09-07 03:35 - 2013-09-07 03:32 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2013-09-07 03:35 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-09-07 03:34 - 2013-09-07 03:34 - 00000000 ____D C:\Windows\symbols 2013-09-07 03:33 - 2013-09-07 03:33 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2013-09-07 03:33 - 2013-09-07 03:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\SysWOW64\1033 2013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Windows\system32\1033 2013-09-07 03:32 - 2013-09-07 03:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2013-09-07 03:32 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-09-07 03:31 - 2012-04-18 21:09 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2013-09-07 03:31 - 2011-10-15 01:57 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2013-09-07 03:27 - 2013-09-07 03:27 - 00336750 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522ad53f.dmp 2013-09-07 03:25 - 2013-09-07 03:25 - 00302988 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522903d0.dmp 2013-09-07 03:07 - 2011-02-10 12:10 - 00774402 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-07 03:07 - 2009-07-14 01:13 - 00774402 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-07 00:02 - 2013-09-02 12:59 - 00000000 ____D C:\Users\Owner\AppData\Roaming\skypePM 2013-09-06 20:02 - 2013-09-06 20:02 - 00268140 _____ C:\Users\Owner\Desktop\test.rar 2013-09-06 15:51 - 2013-09-06 15:48 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-05 22:23 - 2013-09-05 22:23 - 21609810 _____ C:\Users\Owner\Desktop\Sphax PureBDCraft 128x MC14.zip 2013-09-05 22:21 - 2013-09-05 22:21 - 62166237 _____ C:\Users\Owner\Desktop\Feed The Beast 128x Sphax Addon 122.zip 2013-09-05 18:28 - 2013-02-10 15:33 - 00000000 ____D C:\ProgramData\Sendori 2013-09-05 14:57 - 2013-08-28 18:09 - 00000000 ____D C:\ProgramData\ggab 2013-09-05 14:46 - 2013-09-05 14:46 - 00302088 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_522390ce.dmp 2013-09-05 14:42 - 2013-09-05 14:42 - 00015671 _____ C:\Users\Owner\Desktop\RestartEvolution_3.1.zip 2013-09-05 14:33 - 2013-09-05 14:33 - 00504856 _____ C:\Users\Owner\Desktop\mcrtoolkit10a14_5 (1).zip 2013-09-05 14:29 - 2012-01-18 00:21 - 00000000 ____D C:\ProgramData\MFAData 2013-09-05 14:28 - 2013-09-05 14:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TuneUp Software 2013-09-05 13:13 - 2012-08-26 04:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-03 23:15 - 2012-01-16 23:21 - 00000000 ____D C:\Users\Owner\AppData\Roaming\.minecraft 2013-09-03 14:40 - 2013-09-03 14:40 - 00066566 _____ C:\Users\Owner\Desktop\download.htm 2013-09-03 10:49 - 2013-09-03 10:49 - 00000963 _____ C:\Users\Owner\Desktop\ruined_Cottage.schematic 2013-09-02 19:14 - 2013-09-02 19:13 - 01979566 _____ C:\Users\Owner\Desktop\screenshots.rar 2013-09-02 12:59 - 2013-09-02 12:59 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat 2013-09-02 12:58 - 2013-09-02 12:58 - 00002866 _____ C:\Windows\System32\Tasks\{9C7234AC-3983-483F-AF95-BAD5EE791D25} 2013-09-02 12:56 - 2013-09-02 12:56 - 00003122 _____ C:\Windows\System32\Tasks\{2F628C03-D09B-4EBF-85D8-00E7AA18D331} 2013-09-02 12:49 - 2013-09-02 12:49 - 00003122 _____ C:\Windows\System32\Tasks\{85EF0623-8253-46B2-BE8A-BE9D67FE6D9E} 2013-09-01 15:53 - 2013-09-01 15:53 - 00000413 _____ C:\wakeuptoken.info 2013-09-01 15:07 - 2012-01-18 19:31 - 00000000 ____D C:\Program Files\WinRAR 2013-08-30 18:34 - 2013-08-30 18:34 - 00000000 ____D C:\Windows\Sun 2013-08-29 15:40 - 2013-08-29 15:40 - 00338032 _____ C:\Windows\SysWOW64\iFBConn_Build_2228_0731_521f716d.dmp 2013-08-29 14:25 - 2013-08-29 13:47 - 00000000 ____D C:\Users\Owner\Desktop\STTBTLL-v1.2 2013-08-29 13:44 - 2013-08-29 13:44 - 36516252 _____ C:\Users\Owner\Desktop\STTBTLL-Patch1.2.zip 2013-08-29 13:17 - 2013-08-29 13:14 - 453365629 _____ C:\Users\Owner\Desktop\STTBTLL-v1.2.zip 2013-08-29 12:58 - 2012-01-18 17:20 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-08-29 12:40 - 2013-08-29 12:40 - 00000000 ____D C:\SMBX 2013-08-29 12:27 - 2012-01-18 19:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-29 12:11 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration 2013-08-29 11:24 - 2013-08-29 11:18 - 00008564 _____ C:\Users\Owner\Desktop\Rkill.txt 2013-08-29 11:22 - 2013-08-29 11:22 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes 2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-29 11:22 - 2013-08-29 11:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-29 11:18 - 2013-08-29 11:18 - 00000000 ____D C:\Users\Owner\Desktop\rkill 2013-08-29 11:12 - 2013-08-29 07:31 - 00000000 ____D C:\ProgramData\ahrpDn37 2013-08-29 11:11 - 2013-01-29 22:20 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam 2013-08-29 07:31 - 2013-08-29 07:31 - 00000000 ____D C:\Program Files (x86)\Google 2013-08-29 07:31 - 2013-01-11 22:23 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2013-08-28 18:23 - 2013-08-28 18:22 - 00000000 ____D C:\ProgramData\nklc 2013-08-27 20:13 - 2013-08-15 19:51 - 00000000 ____D C:\Program Files (x86)\Origin 2013-08-27 20:08 - 2013-08-27 20:08 - 00729778 _____ C:\Users\Owner\Desktop\Burnout_Paradise_SaveGame_Patcher.zip 2013-08-24 22:15 - 2013-08-24 22:15 - 42167034 _____ C:\Users\Owner\Desktop\divinerpg_server.zip 2013-08-23 08:16 - 2013-08-23 08:16 - 01331819 _____ C:\Users\Owner\Desktop\Essentials.zip 2013-08-22 20:01 - 2013-08-22 20:01 - 00342510 _____ C:\Users\Owner\Desktop\OptiFine_1.4.6_HD_D5.zip 2013-08-22 19:51 - 2013-08-15 19:58 - 00000000 ____D C:\Program Files (x86)\Origin Games 2013-08-22 19:46 - 2013-08-22 19:46 - 00095796 _____ C:\Users\Owner\Desktop\OptiFine_1.4.6_L_B5.zip 2013-08-22 00:14 - 2012-05-26 19:58 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2013-08-22 00:14 - 2012-05-26 19:58 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2013-08-22 00:14 - 2012-05-26 19:58 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2013-08-22 00:14 - 2012-05-26 19:57 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2013-08-21 21:18 - 2013-08-21 21:02 - 00000000 ____D C:\Users\Owner\Desktop\VIDEO_TS 2013-08-21 21:02 - 2013-08-21 21:02 - 00000000 ____D C:\Users\Owner\Desktop\AUDIO_TS 2013-08-20 23:48 - 2013-08-20 23:48 - 34103034 _____ C:\Users\Owner\Desktop\Ultimate_Server.zip 2013-08-20 23:48 - 2013-08-20 23:48 - 11415431 _____ C:\Users\Owner\Desktop\world.zip 2013-08-20 18:57 - 2013-08-20 18:57 - 10012564 _____ C:\Users\Owner\Desktop\spelunky_1_1.zip 2013-08-20 15:30 - 2013-08-20 15:30 - 00504856 _____ C:\Users\Owner\Desktop\mcrtoolkit10a14_5.zip 2013-08-18 20:57 - 2012-01-25 15:57 - 00000132 _____ C:\Users\Owner\AppData\Roaming\Adobe PNG Format CS5 Prefs 2013-08-18 03:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2013-08-17 21:08 - 2013-08-17 21:08 - 00000000 ____D C:\Users\Owner\AppData\Local\Electronic Arts 2013-08-17 21:08 - 2013-08-15 22:27 - 00000000 ____D C:\Users\Owner\Documents\Electronic Arts 2013-08-17 21:08 - 2011-10-15 01:55 - 00345609 _____ C:\Windows\DirectX.log 2013-08-17 21:07 - 2013-08-17 21:07 - 00000000 ____D C:\Users\Owner\Documents\Electrontic Arts 2013-08-17 01:28 - 2011-10-15 01:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-08-17 01:22 - 2013-08-15 22:26 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2013-08-16 19:45 - 2013-08-16 19:45 - 00000000 ____D C:\ProgramData\ATI 2013-08-16 19:45 - 2012-06-09 18:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SystemRequirementsLab 2013-08-16 19:45 - 2012-06-09 18:08 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab 2013-08-16 19:44 - 2013-08-16 19:44 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2013-08-16 19:44 - 2012-08-01 13:35 - 00000000 ____D C:\ProgramData\AMD 2013-08-16 19:44 - 2012-08-01 13:33 - 00000000 ____D C:\Program Files\ATI Technologies 2013-08-16 13:50 - 2013-08-16 13:50 - 00000000 ____D C:\Users\Owner\Documents\EA Games 2013-08-16 00:32 - 2013-08-16 00:32 - 00000000 ____D C:\Users\Owner\AppData\Local\Criterion Games 2013-08-15 22:46 - 2013-08-15 22:46 - 00000000 ____D C:\ProgramData\SystemRequirementsLab 2013-08-15 22:34 - 2013-08-15 22:33 - 00000000 ____D C:\Users\Owner\Documents\Battlefield 3 2013-08-15 22:33 - 2012-05-27 02:08 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-08-15 22:33 - 2012-05-27 02:08 - 00000000 ____D C:\Users\Owner\AppData\Local\PunkBuster 2013-08-15 22:33 - 2012-05-27 02:06 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Users\Owner\AppData\Local\ESN 2013-08-15 22:30 - 2013-08-15 22:30 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-08-15 22:28 - 2013-08-15 22:28 - 00000000 ____D C:\ProgramData\EA Core 2013-08-15 22:28 - 2013-08-15 19:52 - 00000000 ____D C:\Users\Owner\AppData\Local\Origin 2013-08-15 22:28 - 2013-08-15 19:51 - 00000000 ____D C:\ProgramData\Electronic Arts 2013-08-15 22:18 - 2013-08-15 19:52 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Origin 2013-08-15 22:12 - 2012-05-27 02:06 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-08-15 22:12 - 2012-05-27 02:06 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-08-15 20:01 - 2013-08-15 19:51 - 00000000 ____D C:\ProgramData\Origin 2013-08-15 14:26 - 2013-01-16 15:38 - 00000000 ____D C:\ProgramData\InstallMate 2013-08-15 01:33 - 2013-08-15 01:31 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 01:33 - 2012-02-08 17:33 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-15 01:31 - 2012-01-16 16:17 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-14 00:56 - 2013-08-14 00:55 - 00000063 _____ C:\Users\Owner\Documents\minecraft locations.txt Files to move or delete: ==================== ZeroAccess: C:\Program Files (x86)\Google\Desktop\Install Some content of TEMP: ==================== C:\Users\Owner\AppData\Local\Temp\12-6_vista_win7_64_dd_ccc.exe C:\Users\Owner\AppData\Local\Temp\13-4_win7_win8_64_dd_ccc_whql.exe C:\Users\Owner\AppData\Local\Temp\8521a6520479d9e2be54ebe5a2aa1fd0.dll C:\Users\Owner\AppData\Local\Temp\contentDATs.exe C:\Users\Owner\AppData\Local\Temp\FastDownload.exe C:\Users\Owner\AppData\Local\Temp\Gw2.exe C:\Users\Owner\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-42-g3b7c805-b2831jnks.dll C:\Users\Owner\AppData\Local\Temp\jansi-32-git-Bukkit-jenkins-CraftBukkit-173.dll C:\Users\Owner\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-42-g3b7c805-b2831jnks.dll C:\Users\Owner\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll C:\Users\Owner\AppData\Local\Temp\jansi-64-git-Bukkit-jenkins-CraftBukkit-173.dll C:\Users\Owner\AppData\Local\Temp\jansi-64.dll C:\Users\Owner\AppData\Local\Temp\jline_git-Bukkit-1_2_5-R1_0-b2149jnks.dll C:\Users\Owner\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe C:\Users\Owner\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe C:\Users\Owner\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Owner\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe C:\Users\Owner\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Owner\AppData\Local\Temp\MSN3131.exe C:\Users\Owner\AppData\Local\Temp\mssinstaller.exe C:\Users\Owner\AppData\Local\Temp\ose00000.exe C:\Users\Owner\AppData\Local\Temp\ose00001.exe C:\Users\Owner\AppData\Local\Temp\Quarantine.exe C:\Users\Owner\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\Owner\AppData\Local\Temp\SkypeSetup.exe C:\Users\Owner\AppData\Local\Temp\sonarinst.exe C:\Users\Owner\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll C:\Users\Owner\AppData\Local\Temp\SRLDetectionLibrary5759931914750588048.dll C:\Users\Owner\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Owner\AppData\Local\Temp\tbuTor.dll C:\Users\Owner\AppData\Local\Temp\tmp82A.exe C:\Users\Owner\AppData\Local\Temp\tmpA218.exe C:\Users\Owner\AppData\Local\Temp\tmpED4A.exe C:\Users\Owner\AppData\Local\Temp\xmlUpdater.exe C:\Users\Owner\AppData\Local\Temp\YontooSetup-S.exe C:\Users\Owner\AppData\Local\Temp\_is1A91.exe C:\Users\Owner\AppData\Local\Temp\_is27F.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender LastRegBack: 2013-09-11 02:40 ==================== End Of Log ============================
  8. My apologies, I completely forgot that I did that. I uninstalled the pirated programs and removed the host file. Hopefullly this new log will back up my story. RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Owner [Admin rights]Mode : Scan -- Date : 09/13/2013 17:09:54| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 15 ¤¤¤[RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND[RUN][sUSP PATH] HKCU\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [x][x][x][x]) -> FOUND[RUN][sUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID 0913a [x][x][x]) -> FOUND[RUN][ZeroAccess] HKUS\.DEFAULT\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\?��?��?��\?��?��?��\???ﯹ๛\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\GoogleUpdate.exe" >) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [x][x][x][x]) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID 0913a [x][x][x]) -> FOUND[RUN][ZeroAccess] HKUS\S-1-5-18\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\?��?��?��\?��?��?��\???ﯹ๛\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\GoogleUpdate.exe" >) -> FOUND[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 6 ¤¤¤[V1][sUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND[V2][sUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤[ZeroAccess][Junction] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> FOUND ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD10EALX-759BA1 +++++--- User ---[MBR] 3676249455b64b91538b69be8c59c4d6[bSP] d53b0be2a56687c8690d9092ce5b8143 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 876334 Mo3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 1822599166 | Size: 63928 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_09132013_170954.txt >>RKreport[0]_S_09132013_151032.txt
  9. RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 09/13/2013 16:13:29 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 15 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [RUN][sUSP PATH] HKCU\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [x][x][x][x]) -> FOUND [RUN][sUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID 0913a [x][x][x]) -> FOUND [RUN][ZeroAccess] HKUS\.DEFAULT\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\?��?��?��\?��?��?��\???ﯹ๛\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\GoogleUpdate.exe" >) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : ROC_ROC_APR2013_AV (C:\Users\Owner\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [x][x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2754525585-2667275184-1495631457-1000\[...]\Run : AVG-Secure-Search-Update_0913a (C:\Users\Owner\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 86f7f2cf779747d18540c94a3536aae6-543305670ea17b9b473f75a87a88cdc294869005 --CMPID 0913a [x][x][x]) -> FOUND [RUN][ZeroAccess] HKUS\S-1-5-18\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\?��?��?��\?��?��?��\???ﯹ๛\{577fc01d-903c-e16a-2b3d-a339c196ba5c}\GoogleUpdate.exe" >) -> FOUND [HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 6 ¤¤¤ [V1][sUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000Core : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2754525585-2667275184-1495631457-1000UA : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V2][sUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][Junction] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> FOUND ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com ::1 localhost 74.208.10.249 gs.apple.com ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD10EALX-759BA1 +++++ --- User --- [MBR] 3676249455b64b91538b69be8c59c4d6 [bSP] d53b0be2a56687c8690d9092ce5b8143 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 876334 Mo 3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 1822599166 | Size: 63928 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_09132013_161329.txt >> RKreport[0]_S_09132013_151032.txt That should be all the reports you need.
  10. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2 Run by Owner at 16:01:55 on 2013-09-13 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.13294.4890 [GMT -4:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\LTONHIS\Verbatim\SKDaemon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe C:\Program Files (x86)\Sendori\SendoriSvc.exe C:\Program Files (x86)\puush\puush.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe C:\Program Files (x86)\Clownfish\Clownfish.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Sendori\SendoriUp.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Sendori\SendoriTray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe C:\Program Files (x86)\Sendori\sndappv2.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\java.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files\Java\jre6\bin\javaw.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Program Files\Java\jre6\bin\javaw.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\Sendori\Sendori.Service.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [AdobeBridge] <no file> mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoStrCmpLogical = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: EnableVirtualization = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-Windows\System: UseOEMBackground = dword:1 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: C:\Windows\System32\Sendori.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.1 TCP: Interfaces\{215759C3-A3D4-4BF2-9F09-F1BC2B23C784} : NameServer = 8.8.8.8 TCP: Interfaces\{321067B6-3DCC-4FB8-8DBB-57FA24BF535B} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{34C136D0-1A71-4C60-B7A7-C464D88210F6} : DHCPNameServer = 192.168.1.1 Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64 x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [sKDaemon.exe] C:\Program Files\LTONHIS\Verbatim\SKDaemon.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> Hosts: 74.208.10.249 gs.apple.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-07-22 21:39; {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4spvckgf.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} FF - ExtSQL: 2013-09-02 12:58; {AB2CE124-6272-4b12-94A9-7303C7397BD1}; C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-15 56208] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152] R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-15 13336] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-29 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-29 701512] R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-15 1692480] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008] R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-7-17 4153184] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-15 317440] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-10-15 406056] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-29 25928] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-2 31744] R3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0;PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\My Dell\pcdsrvc_x64.pkms [2013-5-3 25584] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-8-5 9216] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S3 AE1000;Linksys AE1000 Driver;C:\Windows\System32\drivers\ae1000w7.sys [2010-6-11 1101600] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-10-15 158976] S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-16 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-09-11 21:02:02 -------- d-----w- C:\AdwCleaner 2013-09-07 07:36:46 1075424 ----a-w- C:\ProgramData\Microsoft\WDExpress\11.0\1033\ResourceCache.dll 2013-09-07 07:36:22 -------- d-----w- C:\Program Files (x86)\NuGet 2013-09-07 07:34:52 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules 2013-09-07 07:33:47 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft 2013-09-07 07:33:46 -------- d-----w- C:\Program Files (x86)\Windows Kits 2013-09-07 07:32:49 -------- d-----w- C:\Program Files (x86)\Microsoft Help Viewer 2013-09-07 07:32:23 -------- d-----w- C:\Windows\SysWow64\1033 2013-09-07 07:32:23 -------- d-----w- C:\Windows\System32\1033 2013-09-07 07:32:17 -------- d-----w- C:\Program Files\Microsoft SQL Server 2013-09-07 07:30:43 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 11.0 2013-09-06 19:48:54 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft 2013-09-06 19:48:54 -------- d-----w- C:\ProgramData\Package Cache 2013-09-05 18:28:08 -------- d-----w- C:\Users\Owner\AppData\Roaming\TuneUp Software 2013-09-02 16:58:32 -------- d-----r- C:\Program Files (x86)\Skype 2013-08-29 16:40:06 -------- d-----w- C:\SMBX 2013-08-29 15:22:37 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes 2013-08-29 15:22:08 -------- d-----w- C:\ProgramData\Malwarebytes 2013-08-29 15:22:07 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-08-29 15:22:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-29 15:21:51 -------- d-----w- C:\Users\Owner\AppData\Local\Programs 2013-08-29 11:31:58 -------- d-----w- C:\ProgramData\ahrpDn37 2013-08-28 22:22:34 -------- d-----w- C:\ProgramData\nklc 2013-08-28 22:09:56 -------- d-----w- C:\ProgramData\ggab 2013-08-18 01:08:22 -------- d-----w- C:\Users\Owner\AppData\Local\Electronic Arts 2013-08-16 23:44:54 -------- d-----w- C:\Program Files (x86)\AMD AVT 2013-08-16 04:32:12 -------- d-----w- C:\Users\Owner\AppData\Local\Criterion Games 2013-08-16 02:46:30 -------- d-----w- C:\ProgramData\SystemRequirementsLab 2013-08-16 02:30:14 -------- d-----w- C:\Users\Owner\AppData\Local\ESN 2013-08-16 02:30:12 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins 2013-08-16 02:28:32 -------- d-----w- C:\ProgramData\EA Logs 2013-08-16 02:28:32 -------- d-----w- C:\ProgramData\EA Core 2013-08-16 02:26:17 447752 ----a-w- C:\Windows\SysWow64\vp6vfw.dll 2013-08-16 02:09:45 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller 2013-08-15 23:58:56 -------- d-----w- C:\Program Files (x86)\Origin Games 2013-08-15 23:52:40 -------- d-----w- C:\Users\Owner\AppData\Roaming\Origin 2013-08-15 23:52:35 -------- d-----w- C:\Users\Owner\AppData\Local\Origin 2013-08-15 23:51:40 -------- d-----w- C:\ProgramData\Origin 2013-08-15 23:51:40 -------- d-----w- C:\ProgramData\Electronic Arts 2013-08-15 23:51:38 -------- d-----w- C:\Program Files (x86)\Origin 2013-08-15 05:36:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-08-15 05:36:59 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-08-15 05:36:59 1084928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-08-15 05:36:59 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll 2013-08-15 05:36:58 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-08-15 05:31:21 -------- d-----w- C:\Windows\System32\MRT . ==================== Find3M ==================== . 2013-09-13 15:34:07 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-13 15:34:07 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-13 15:34:01 4751752 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-08-22 04:14:32 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2013-08-22 04:14:32 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2013-08-22 04:14:32 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2013-08-22 04:14:32 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2013-08-16 02:33:57 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-08-16 02:33:57 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-08-16 02:12:07 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-08-16 02:12:00 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-07-01 16:49:06 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll 2013-06-28 21:01:13 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-28 21:01:12 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-06-28 21:01:12 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll . ============= FINISH: 16:02:34.53 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 1/16/2012 12:47:09 PM System Uptime: 9/13/2013 3:33:43 AM (13 hours ago) . Motherboard: Dell Inc. | | 0Y2MRG Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 856 GiB total, 143.897 GiB free. D: is CDROM (CDFS) E: is Removable F: is Removable G: is Removable H: is Removable I: is CDROM () Z: is FIXED (NTFS) - 62 GiB total, 9.647 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP227: 9/5/2013 1:54:38 AM - Scheduled Checkpoint RP228: 9/5/2013 2:27:26 PM - Removed AVG 2012 RP229: 9/5/2013 2:28:48 PM - Removed AVG 2012 RP230: 9/6/2013 3:48:47 PM - Microsoft Visual Studio Express 2012 for Windows Desktop - ENU RP231: 9/6/2013 3:49:27 PM - Windows Update RP232: 9/7/2013 3:00:10 AM - Windows Update RP233: 9/7/2013 3:28:43 AM - Microsoft Visual Studio Express 2012 for Windows Desktop - ENU . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Ace of Spades Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Content Viewer Adobe Creative Suite 5.5 Design Premium Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Help Manager Adobe Premiere Pro CS6 Adobe Reader X MUI Adobe Widget Browser Alan Wake AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders AMD Wireless Display v3.0 Amnesia: The Dark Descent And Yet It Moves Apple Application Support Apple Mobile Device Support Apple Software Update Applian FLV and Media Player 3.1.1.12 ASPCA Reminder by We-Care.com v5.0.5.1 ATI AVIVO64 Codecs Awesomenauts Batman: Arkham Asylum GOTY Edition Battlefield 3™ Battlelog Web Plugins BIT.TRIP RUNNER bl Bonjour Braid Breath of Death VII Burnout Paradise: The Ultimate Box Camtasia Studio 7 Castle Crashers Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Cave Story+ ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cheat Engine 6.2 Clownfish for Skype Cogs Combined Community Codec Pack 2011-11-11 Command and Conquer: Red Alert 3 - Uprising Company of Heroes Cozi Crayon Physics Deluxe Crysis 2 Maximum Edition Cthulhu Saves the World Cubemen D3DX10 DarksidersInstaller Day of Defeat: Source dBpoweramp FLAC Codec dBpoweramp m4a Codec dBpoweramp Music Converter Dead Space Dead Space™ 3 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Edoc Viewer Dell Getting Started Guide Dell MusicStage Dell PhotoStage Dell Stage Dell VideoStage Derpys Lamp DEVIL MAY CRY 4 DirectX 9 Runtime DivX Setup Don't Starve Dota 2 Dungeon Defenders DW WLAN Card Entity Framework Designer for Visual Studio 2012 - enu ESN Sonar Far Cry Far Cry 2 Fliqlo Screen Saver Fraps (remove only) Free DVD Video Burner version 3.1.4.412 Free Video to DVD Converter version 5.0.9.412 Fusion's Chao Editor GameRanger GCFScape 1.8.2 Google Chrome Gotham City Impostors: Free To Play Guild Wars 2 Guitar Hero - World Tour v1.0 Guitar Hero III Guitar Hero Three Control Panel Haali Media Splitter Hammerfight Hammerwatch Hi-Rez Studios Authenticate and Update Service iCloud iFunbox (v2.1.2228.731), iFunbox DevTeam ImgBurn Impulse® Intel® Rapid Storage Technology iTunes Java 7 Update 25 Java Auto Updater Java 6 Update 24 (64-bit) Java 6 Update 35 Junk Mail filter update Key Mapper Killing Floor L.A. Noire League of Legends Left 4 Dead 2 Left 4 Dead 2 Authoring Tools LG United Mobile Drivers LIMBO Lone Survivor LOVE (remove only) Magicka Malwarebytes Anti-Malware version 1.75.0.1300 Matroska Pack Medal of Honor Multiplayer Medal of Honor Single Player Mesh Runtime Metro 2033 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft Application Error Reporting Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Corporation Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Help Viewer 1.0 Microsoft Help Viewer 2.0 Microsoft LifeCam Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2007 Microsoft Publisher 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft SQL Server Data Tools - enu (11.1.20828.01) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) Microsoft SQL Server System CLR Types Microsoft System CLR Types for SQL Server 2012 Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Visual C# 2010 Express - ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 32bit Compilers - ENU Resources Microsoft Visual C++ 2012 Core Libraries Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86-x64 Compilers Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU Microsoft Visual Studio 2012 Preparation Microsoft Visual Studio 2012 Shell (Minimum) Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2012 Shell (Minimum) Resources Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU Microsoft Visual Studio Express 2012 for Windows Desktop Microsoft Visual Studio Express 2012 for Windows Desktop - ENU Microsoft Visual Studio Team Foundation Server 2012 Object Model Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources Microsoft Xbox 360 Accessories 1.2 Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Microsoft XNA Game Studio 4.0 Microsoft XNA Game Studio 4.0 (ARP entry) Microsoft XNA Game Studio 4.0 (Redists) Microsoft XNA Game Studio 4.0 (Shared Components) Microsoft XNA Game Studio 4.0 (Visual Studio) Microsoft XNA Game Studio 4.0 (XnaLiveProxy) Microsoft XNA Game Studio 4.0 Documentation Microsoft XNA Game Studio Platform Tools Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 Mirror's Edge Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT Redists MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia Card Reader Mumble 1.2.3 My Dell MyMenu 1.2 No-IP DUC Notepad++ NVIDIA PhysX OpenAL Origin Paint.NET v3.5.10 Pando Media Booster PDF Settings CS5 PFConfig 1.0.296 ph PHANTASY STAR ONLINE 2 PhotoShowExpress Pinnacle Studio 15 Pinnacle Studio Bonus Content Pinnacle Video Driver Pitiri 1977 Plants vs. Zombies: Game of the Year Poker Night at the Inventory Populous Portal 2 Portforward Static IP Address 1.0.47 Power Sound Editor Free PowerISO Prerequisites for SSDT Psychonauts PunkBuster Services puush QuickTime Rainmeter RBVirtualFolder64Inst Real Alternative 2.0.2 Really Big Sky Realm of the Mad God Realtek High Definition Audio Driver Red Faction: Armageddon Rockstar Games Social Club RollerCoaster Tycoon 3 Platinum Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup Saints Row: The Third SDFormatter Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft .NET Framework 4.5 (KB2804582) Security Update for Microsoft .NET Framework 4.5 (KB2833957) Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489) Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Sendori Shoot Many Robots Skype Click to Call Skype™ 6.6 Smite Snuggle Truck Sonic Adventure™ 2 Sonic CinePlayer Decoder Pack Source SDK Source SDK Base 2006 Source SDK Base 2007 Star Wars - Battlefront II Star Wars Empire at War Star Wars Empire at War Forces of Corruption Steam StepMania v5.0 alpha 2 (remove only) Super Mario Bros. X version 1.3 Super Meat Boy Super Meat Boy Editor Superbrothers: Sword & Sworcery EP System Requirements Lab CYRI System Requirements Lab Detection System Requirements Lab for Intel TeamSpeak 3 Client TeamViewer 8 TERA Terraria The Binding Of Isaac The Sims™ 3 The Sims™ 3 High-End Loft Stuff The Sims™ 3 Late Night THX TruStudio PC TightVNC 1.3.10 Titan Quest TrackMania² Stadium Open Beta Ulead GIF Animator 5 TBYB Ultima PsOBB Unreal Development Kit: 2012-02 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft .NET Framework 4.5 (KB2805221) Update for Microsoft .NET Framework 4.5 (KB2805226) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 Ventrilo Client for Windows x64 Verbatim Visual Studio 2008 x64 Redistributables Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VTFEdit 1.2.5 VVVVVV Winamp Winamp Detector Plug-in Windows 7 Logon Background Changer Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote WinRAR 5.00 beta 8 (64-bit) WinSCP 5.1 . ==== Event Viewer Messages From Past Week ======== . 9/13/2013 3:38:48 PM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 9/13/2013 3:36:16 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 9/13/2013 3:36:16 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 9/13/2013 3:35:57 AM, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s). 9/13/2013 3:35:56 AM, Error: Service Control Manager [7022] - The Service Sendori service hung on starting. 9/13/2013 3:34:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service. 9/13/2013 3:34:15 AM, Error: Service Control Manager [7023] - The sndappv2 service terminated with the following error: %%-2147467243 9/13/2013 3:34:03 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 9/13/2013 3:34:02 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 9/13/2013 12:50:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service sndappv2 with arguments "-Service" in order to run the server: {B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} 9/13/2013 12:49:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2013 12:49:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 9/13/2013 12:49:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 9/13/2013 12:49:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 9/13/2013 12:49:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 9/13/2013 12:49:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 9/13/2013 12:49:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 9/13/2013 12:49:00 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/13/2013 12:48:58 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 9/10/2013 4:42:51 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. . ==== End Of File ===========================
  11. Howdy. I joined this forum so that I could find help with this annoying virus. The culprit is this thing called "Search Assist" that seems to have gotten into all of my browsers. What happens is that it finds keywords on any website I visit, highlights them in an orange color, and displays an ad when I hover over them. It even happens on this site. Here are some screens of the problem: I have done numerous scans with Malwarebytes, including ones with my computer in safe mode, and it tells me my pc is clean. There are no new toolbars or extensions in the browsers that could've been installed, and other sites have been less than helpful. Any ideas, guys?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.