Here's the Farbar FRST.txt log Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-11-2013 Ran by EG3 (administrator) on ELECTRIFYING on 29-11-2013 16:00:27 Running from C:\Users\EG3\Desktop\New folder Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI BackUp Freeware\GFIFInst.exe (GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI BackUp Freeware\GFIFSched.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe (Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe (http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (Alcatel-Lucent) C:\Program Files\Comcast\pcTrayApp.exe (GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI BackUp Freeware\GFIAgent.exe (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation) HKLM\...\Run: [intelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [Comcast_McciTrayApp] - C:\Program Files\Comcast\pcTrayApp.exe [2792448 2012-12-10] (Alcatel-Lucent) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-19] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [GFI BackUp Freeware] - C:\Program Files (x86)\GFI\GFI BackUp Freeware\GFIAgent.exe [2318704 2012-02-16] (GFI Software Ltd.) HKCU\...\Run: [GoogleChromeAutoLaunch_9906C968D54DA39BC8CC1C6F1769BC59] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.) MountPoints2: {b8f13493-1f56-11e2-a9d8-ffb70dafbe7e} - N:\LaunchU3.exe MountPoints2: {dc4f75fe-5ed7-11e1-82f8-386077b91d69} - L:\LaunchU3.exe -a HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc) HKLM-x32\...\Run: [HTC Sync Loader] - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [655360 2012-12-12] () HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) AppInit_DLLs: C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(3).dll [88376 2013-07-24] (Zemana Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL [81160 2013-07-24] (Zemana Ltd.) ==================== Internet (Whitelisted) ==================== StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Constant Guard Protection Suite - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.1030.3\NativeBHO.dll (WhiteSky) BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\coieplg.dll (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\EG3\AppData\Roaming\Mozilla\Firefox\Profiles\hiw9kyyl.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent) FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\EG3\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\EG3\AppData\Roaming\Mozilla\Firefox\Profiles\hiw9kyyl.default\searchplugins\safeguard-secure-search.xml FF Extension: XFINITY Constant Guard Protection Suite - C:\Users\EG3\AppData\Roaming\Mozilla\Firefox\Profiles\hiw9kyyl.default\Extensions\idvaultaddin@whitesky FF Extension: WordOv - C:\Program Files (x86)\Mozilla Firefox\extensions\ynpyqfjjnuhyzc@hjtvvpagbmyud.com FF Extension: mcciwbch - C:\Program Files (x86)\Mozilla Firefox\extensions\mcciwbch@motive.com.xpi FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\ FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\ FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF Chrome: ======= CHR DefaultSearchURL: (Conduit) - http://www.google.com CHR DefaultSuggestURL: (Conduit) - http://www.google.com CHR Extension: (Motive Extension) - C:\Users\EG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.0_0 CHR Extension: (Norton Identity Protection) - C:\Users\EG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0 CHR Extension: (Google Wallet) - C:\Users\EG3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\EG3\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\Exts\Chrome.crx ==================== Services (Whitelisted) ================= R2 GFIBckFAtt; C:\Program Files (x86)\GFI\GFI BackUp Freeware\GFIFInst.exe [1011056 2012-02-16] (GFI Software Ltd.) R2 GFIBckFSched; C:\Program Files (x86)\GFI\GFI BackUp Freeware\GFIFSched.exe [2664816 2012-02-16] (GFI Software Ltd.) R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [512504 2013-11-25] () R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2012-12-10] (Alcatel-Lucent) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc) R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [81552 2012-12-02] (Symantec Corporation) ==================== Drivers (Whitelisted) ==================== R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2013-11-15] (Zemana Ltd.) R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131128.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation) R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25056 2013-07-24] (Zemana Ltd.) S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.sys [43008 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.sys [40960 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131126.016\ENG64.SYS [126040 2013-11-02] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131126.016\EX64.SYS [2099288 2013-11-02] (Symantec Corporation) S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-12-19] () R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-16] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation) S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x] S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x] S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [x] S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-29 16:00 - 2013-11-29 16:00 - 00000000 ____D C:\FRST 2013-11-29 15:58 - 2013-11-29 16:00 - 00000000 ____D C:\Users\EG3\Desktop\New folder 2013-11-29 15:39 - 2013-11-29 15:39 - 01091882 _____ C:\Users\EG3\Desktop\AdwCleaner(1).exe 2013-11-29 12:57 - 2013-11-29 12:57 - 00023171 _____ C:\Users\EG3\Desktop\dds.txt 2013-11-29 12:57 - 2013-11-29 12:57 - 00014208 _____ C:\Users\EG3\Desktop\attach.txt 2013-11-29 12:53 - 2013-11-29 12:53 - 00688992 ____R (Swearware) C:\Users\EG3\Desktop\dds.scr 2013-11-29 11:37 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\Windows\system32\AdpeakProxy64.dll 2013-11-29 11:37 - 2013-10-16 10:18 - 00338944 _____ (Adpeak, Inc.) C:\Windows\SysWOW64\AdpeakProxy.dll 2013-11-26 21:39 - 2013-11-26 21:39 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-25 22:46 - 2013-11-25 22:46 - 01034531 _____ (Thisisu) C:\Users\EG3\Downloads\JRT.exe 2013-11-25 22:46 - 2013-11-25 22:46 - 00000000 ____D C:\Windows\ERUNT 2013-11-25 22:23 - 2013-11-25 22:23 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-25 22:23 - 2013-11-25 22:23 - 00000000 ____D C:\Users\EG3\AppData\Roaming\Malwarebytes 2013-11-25 22:23 - 2013-11-25 22:23 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-25 22:23 - 2013-11-25 22:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-25 22:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-11-25 22:22 - 2013-11-25 22:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\EG3\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-25 19:51 - 2013-11-29 15:57 - 00013204 _____ C:\Windows\PFRO.log 2013-11-25 19:43 - 2013-11-25 19:45 - 00000000 ____D C:\Program Files (x86)\SuperAdBlocker.com 2013-11-25 19:43 - 2013-11-25 19:43 - 00000000 ____D C:\Users\EG3\AppData\Roaming\SuperAdBlocker.com 2013-11-25 19:42 - 2013-11-25 19:42 - 00000000 ____D C:\Users\EG3\AppData\Local\NativeMessaging 2013-11-25 19:08 - 2013-11-29 15:57 - 00000448 _____ C:\Windows\setupact.log 2013-11-25 19:08 - 2013-11-25 19:08 - 00000000 _____ C:\Windows\setuperr.log 2013-11-15 17:23 - 2013-11-15 17:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 03:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-15 03:03 - 2013-11-15 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-15 03:03 - 2013-11-15 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-15 03:03 - 2013-11-15 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-15 03:03 - 2013-11-15 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-15 03:03 - 2013-11-15 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-15 03:03 - 2013-11-15 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-15 03:03 - 2013-11-15 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-15 03:03 - 2013-11-15 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-15 03:03 - 2013-11-15 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-15 03:03 - 2013-11-15 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-15 03:03 - 2013-11-15 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-14 19:26 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 19:26 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 19:26 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 19:26 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-14 19:26 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 19:26 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 19:26 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-14 19:26 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 19:26 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 19:26 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 19:26 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-14 19:26 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-14 19:26 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-14 19:26 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 19:26 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-14 19:26 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-14 19:26 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 19:26 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 19:26 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 19:26 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 19:26 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 19:26 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 19:26 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 19:26 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 19:26 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-14 19:26 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-14 19:26 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-14 19:26 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 19:26 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 19:26 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-10 15:43 - 2013-11-29 15:45 - 00000000 ____D C:\AdwCleaner 2013-11-10 15:10 - 2013-11-10 15:10 - 00000006 _____ C:\Users\EG3\AppData\Roaming\smw_inst 2013-11-10 15:10 - 2013-11-10 15:10 - 00000000 ____D C:\Users\EG3\AppData\Local\Opera 2013-11-10 15:10 - 2013-11-10 15:10 - 00000000 ____D C:\Program Files (x86)\fnex 2013-11-10 15:01 - 2013-11-10 15:14 - 00000000 ____D C:\Users\EG3\AppData\Local\WordOv 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\Windows\SysWOW64\AdpeakProxy.ini 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\Windows\system32\AdpeakProxy.ini 2013-11-06 15:32 - 2013-11-06 15:32 - 00002312 _____ C:\Windows\SysWOW64\AdpeakProxyOff.ini 2013-11-06 15:32 - 2013-11-06 15:32 - 00002312 _____ C:\Windows\system32\AdpeakProxyOff.ini 2013-11-05 13:17 - 2013-11-05 13:17 - 04379048 _____ (Piriform Ltd) C:\Users\EG3\Downloads\ccsetup407.exe 2013-11-04 09:41 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-11-04 09:41 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-11-04 09:41 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-11-04 09:41 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-11-04 09:41 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-11-04 09:41 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-11-04 09:41 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-11-04 06:19 - 2013-08-23 22:06 - 06631458 _____ C:\Users\EG3\Documents\Dead Trigger 2 ULTIMATE Hack Tool v.3.3.diz 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\modules 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\js 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\images 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\html 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\css 2013-11-03 14:51 - 2013-11-27 06:16 - 00000000 ____D C:\ProgramData\RHelpers 2013-11-03 14:51 - 2013-11-25 22:29 - 00000000 ____D C:\ProgramData\Updater 2013-11-03 14:51 - 2013-11-05 05:50 - 00000000 ____D C:\ProgramData\Yahoo! ==================== One Month Modified Files and Folders ======= 2013-11-29 16:00 - 2013-11-29 16:00 - 00000000 ____D C:\FRST 2013-11-29 16:00 - 2013-11-29 15:58 - 00000000 ____D C:\Users\EG3\Desktop\New folder 2013-11-29 16:00 - 2012-02-23 19:23 - 01426748 _____ C:\Windows\WindowsUpdate.log 2013-11-29 15:58 - 2012-02-24 17:07 - 00000000 ____D C:\Users\EG3\AppData\Roaming\ID Vault 2013-11-29 15:57 - 2013-11-25 19:51 - 00013204 _____ C:\Windows\PFRO.log 2013-11-29 15:57 - 2013-11-25 19:08 - 00000448 _____ C:\Windows\setupact.log 2013-11-29 15:57 - 2013-05-26 07:16 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-29 15:57 - 2013-02-20 21:18 - 00000000 ____D C:\Users\EG3\AppData\Local\Htc 2013-11-29 15:57 - 2013-02-04 19:27 - 00000000 ____D C:\Users\EG3\AppData\Local\TSVNCache 2013-11-29 15:57 - 2011-12-19 17:05 - 00000000 ____D C:\ProgramData\PDFC 2013-11-29 15:57 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-29 15:54 - 2013-05-26 07:16 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-29 15:53 - 2012-02-23 19:31 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1CC8CD34-B65B-460D-9BD9-C0F83AD81DB3} 2013-11-29 15:53 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-29 15:53 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-29 15:52 - 2009-07-14 00:13 - 00779724 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-29 15:45 - 2013-11-10 15:43 - 00000000 ____D C:\AdwCleaner 2013-11-29 15:39 - 2013-11-29 15:39 - 01091882 _____ C:\Users\EG3\Desktop\AdwCleaner(1).exe 2013-11-29 15:38 - 2012-04-12 04:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-29 14:41 - 2012-03-28 05:00 - 00000000 ____D C:\Users\EG3\AppData\Local\CrashDumps 2013-11-29 12:57 - 2013-11-29 12:57 - 00023171 _____ C:\Users\EG3\Desktop\dds.txt 2013-11-29 12:57 - 2013-11-29 12:57 - 00014208 _____ C:\Users\EG3\Desktop\attach.txt 2013-11-29 12:53 - 2013-11-29 12:53 - 00688992 ____R (Swearware) C:\Users\EG3\Desktop\dds.scr 2013-11-27 06:16 - 2013-11-03 14:51 - 00000000 ____D C:\ProgramData\RHelpers 2013-11-26 21:39 - 2013-11-26 21:39 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-25 22:46 - 2013-11-25 22:46 - 01034531 _____ (Thisisu) C:\Users\EG3\Downloads\JRT.exe 2013-11-25 22:46 - 2013-11-25 22:46 - 00000000 ____D C:\Windows\ERUNT 2013-11-25 22:29 - 2013-11-03 14:51 - 00000000 ____D C:\ProgramData\Updater 2013-11-25 22:23 - 2013-11-25 22:23 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-25 22:23 - 2013-11-25 22:23 - 00000000 ____D C:\Users\EG3\AppData\Roaming\Malwarebytes 2013-11-25 22:23 - 2013-11-25 22:23 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-25 22:23 - 2013-11-25 22:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-25 22:22 - 2013-11-25 22:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\EG3\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-25 19:53 - 2012-02-23 19:31 - 00000000 ____D C:\Users\EG3\AppData\Local\VirtualStore 2013-11-25 19:51 - 2012-02-24 20:52 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForEG3.job 2013-11-25 19:50 - 2012-02-23 19:31 - 00000000 ___RD C:\Users\EG3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-25 19:45 - 2013-11-25 19:43 - 00000000 ____D C:\Program Files (x86)\SuperAdBlocker.com 2013-11-25 19:43 - 2013-11-25 19:43 - 00000000 ____D C:\Users\EG3\AppData\Roaming\SuperAdBlocker.com 2013-11-25 19:42 - 2013-11-25 19:42 - 00000000 ____D C:\Users\EG3\AppData\Local\NativeMessaging 2013-11-25 19:41 - 2012-02-24 20:52 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForEG3 2013-11-25 19:41 - 2012-02-24 20:29 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2013-11-25 19:40 - 2012-05-12 07:19 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-11-25 19:38 - 2012-02-24 20:28 - 00000000 ____D C:\Users\EG3\AppData\Roaming\HP Support Assistant 2013-11-25 19:38 - 2012-02-24 20:25 - 00000000 ____D C:\Users\EG3\AppData\Roaming\HpUpdate 2013-11-25 19:08 - 2013-11-25 19:08 - 00000000 _____ C:\Windows\setuperr.log 2013-11-22 19:20 - 2011-02-11 12:00 - 00000000 ____D C:\Windows\Panther 2013-11-22 09:35 - 2013-05-26 07:16 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-18 17:25 - 2012-05-12 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-15 17:23 - 2013-11-15 17:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 03:26 - 2012-02-24 17:07 - 00000000 ____D C:\Users\EG3\AppData\Local\ID Vault 2013-11-15 03:25 - 2013-10-20 07:48 - 00001166 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-11-15 03:25 - 2013-01-20 10:17 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys 2013-11-15 03:25 - 2013-01-20 10:17 - 00000000 ____D C:\Windows\SysWOW64\ZALSDK_uninst 2013-11-15 03:25 - 2013-01-20 10:17 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2013-11-15 03:25 - 2012-02-24 17:06 - 00002191 _____ C:\Users\Public\Desktop\Constant Guard.lnk 2013-11-15 03:25 - 2012-02-24 17:06 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite 2013-11-15 03:22 - 2012-02-23 19:31 - 00001313 _____ C:\Users\EG3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-15 03:20 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-15 03:03 - 2013-11-15 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-15 03:03 - 2013-11-15 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-15 03:03 - 2013-11-15 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-15 03:03 - 2013-11-15 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-15 03:03 - 2013-11-15 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-15 03:03 - 2013-11-15 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-15 03:03 - 2013-11-15 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-15 03:03 - 2013-11-15 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-15 03:03 - 2013-11-15 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-15 03:03 - 2013-11-15 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-15 03:03 - 2013-11-15 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-15 03:03 - 2013-11-15 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-15 03:03 - 2013-11-15 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-15 03:02 - 2013-08-02 02:01 - 00000000 ____D C:\Windows\system32\MRT 2013-11-15 03:00 - 2012-02-26 07:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-10 19:16 - 2012-03-10 21:22 - 00000000 ___RD C:\Users\EG3\Dropbox 2013-11-10 19:16 - 2012-03-10 21:20 - 00000000 ____D C:\Users\EG3\AppData\Roaming\Dropbox 2013-11-10 15:47 - 2012-02-24 05:55 - 00001055 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-11-10 15:14 - 2013-11-10 15:01 - 00000000 ____D C:\Users\EG3\AppData\Local\WordOv 2013-11-10 15:10 - 2013-11-10 15:10 - 00000006 _____ C:\Users\EG3\AppData\Roaming\smw_inst 2013-11-10 15:10 - 2013-11-10 15:10 - 00000000 ____D C:\Users\EG3\AppData\Local\Opera 2013-11-10 15:10 - 2013-11-10 15:10 - 00000000 ____D C:\Program Files (x86)\fnex 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\Windows\SysWOW64\AdpeakProxy.ini 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\Windows\system32\AdpeakProxy.ini 2013-11-06 15:32 - 2013-11-06 15:32 - 00002312 _____ C:\Windows\SysWOW64\AdpeakProxyOff.ini 2013-11-06 15:32 - 2013-11-06 15:32 - 00002312 _____ C:\Windows\system32\AdpeakProxyOff.ini 2013-11-05 13:17 - 2013-11-05 13:17 - 04379048 _____ (Piriform Ltd) C:\Users\EG3\Downloads\ccsetup407.exe 2013-11-05 13:17 - 2012-12-05 22:28 - 00000000 ____D C:\Program Files\CCleaner 2013-11-05 05:50 - 2013-11-03 14:51 - 00000000 ____D C:\ProgramData\Yahoo! 2013-11-04 17:39 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Resources 2013-11-04 06:10 - 2012-03-02 17:24 - 00000000 ____D C:\Users\EG3\AppData\Roaming\SoftGrid Client 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\modules 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\js 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\images 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\html 2013-11-03 14:52 - 2013-11-03 14:52 - 00000000 ____D C:\Windows\SysWOW64\css Some content of TEMP: ==================== C:\Users\EG3\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-01 21:55 ==================== End Of Log ============================ Here's the Farbar Addition.txt log Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-11-2013 Ran by EG3 at 2013-11-29 16:01:16 Running from C:\Users\EG3\Desktop\New folder Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== Adobe AIR (x32 Version: 3.5.0.880) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Reader XI (11.0.05) (x32 Version: 11.0.05) Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112) AntiLogger SDK version 1.6.6.296 (x32 Version: 1.6.6.296) Bejeweled 3 (x32 Version: 2.2.0.97) Bing Bar (x32 Version: 7.0.826.0) Blackhawk Striker 2 (x32 Version: 2.2.0.95) Blio (x32 Version: 2.2.8188) Bubble Wrap (x32 Version: 1.0.0.0) CCleaner (Version: 4.07) Chuzzle Deluxe (x32 Version: 2.2.0.95) Constant Guard Protection Suite (x32 Version: 1.13.1030.3) Cradle of Rome 2 (x32 Version: 2.2.0.98) D3DX10 (x32 Version: 15.4.2368.0902) DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904) Dora's World Adventure (x32 Version: 2.2.0.95) Dropbox (HKCU Version: 2.2.13) EasySolve (x32) Facebook (x32 Version: 1.1.0004) Farm Frenzy (x32 Version: 2.2.0.98) Farmscapes (x32 Version: 2.2.0.98) FATE (x32 Version: 2.2.0.97) Final Drive Fury (x32 Version: 2.2.0.95) GFI BackUp Freeware (x32 Version: 4.0) Google Chrome (x32 Version: 31.0.1650.57) Google Update Helper (x32 Version: 1.3.21.165) HappyAddon version 8.58 (x32 Version: 8.58) Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000) Hoyle Card Games (x32 Version: 2.2.0.95) HP Application Assistant (Version: 1.0.393.3870) HP Auto (Version: 1.0.12935.3667) HP Calendar (x32 Version: 5.1.4245.23508) HP Client Services (Version: 1.1.12938.3539) HP Clock (x32 Version: 5.1.4244.16367) HP Customer Experience Enhancements (x32 Version: 6.0.1.8) HP Games (x32 Version: 1.0.2.5) HP LinkUp (x32 Version: 2.01.029) HP Magic Canvas (x32 Version: 5.1.15.0) HP Magic Canvas Tutorials (x32 Version: 5.0.0.3) HP Notes (x32 Version: 5.1.4274.30382) HP Odometer (x32 Version: 2.10.0000) HP RSS (x32 Version: 5.1.4301.21494) HP Setup (x32 Version: 9.0.15130.3904) HP Setup Manager (x32 Version: 1.2.15145.3905) HP Support Assistant (x32 Version: 7.0.39.15) HP Support Information (x32 Version: 11.00.0001) HP TouchSmart RecipeBox (x32 Version: 3.0.3830.27730) HP Update (x32 Version: 5.003.001.001) HP Vision Hardware Diagnostics (Version: 2.12.1.0) HP Weather (x32 Version: 5.1.4295.16450) HTC BMP USB Driver (x32 Version: 1.0.5375) HTC Driver Installer (x32 Version: 4.0.1.001) HTC Sync (x32 Version: 3.3.21) Intel® Identity Protection Technology 1.1.2.0 (x32 Version: 1.1.2.0) Intel® Management Engine Components (x32 Version: 7.0.0.1144) Intel® Processor Graphics (x32 Version: 8.15.10.2291) Intel® Rapid Storage Technology (x32 Version: 10.5.0.1026) IPTInstaller (x32 Version: 4.0.8) iSEEK AnswerWorks English Runtime (x32 Version: 010.000.0101) Java 7 Update 11 (64-bit) (Version: 7.0.110) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9.8) Jewel Match 3 (x32 Version: 2.2.0.98) Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98) John Deere Drive Green (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 15.4.3502.0922) LabelPrint (x32 Version: 2.5.4507) Letters from Nowhere 2 (x32 Version: 2.2.0.97) Luxor HD (x32 Version: 2.2.0.98) Mah Jong Medley (x32 Version: 2.2.0.95) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Mesh Runtime (x32 Version: 15.4.5722.2) Metric Converter (x32 Version: 1.0.0.0) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft IntelliPoint 8.2 (Version: 8.20.468.0) Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0) Microsoft Mathematics (x32 Version: 4.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Starter 2010 - English (x32 Version: 14.0.5139.5005) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Norton Security Suite (x32 Version: 20.4.0.40) opensource (x32 Version: 1.0.14960.3876) PDF Complete Special Edition (x32 Version: 4.0.65) Penguins! (x32 Version: 2.2.0.98) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98) PlayReady PC Runtime amd64 (Version: 1.3.0) PlayReady PC Runtime x86 (x32 Version: 1.3.0) Poker Superstars III (x32 Version: 2.2.0.95) Polar Bowler (x32 Version: 2.2.0.97) Polar Golfer (x32 Version: 2.2.0.98) Power2Go (x32 Version: 6.1.5705) Quicken 2011 (x32 Version: 20.1.8.6) Ralink 802.11n Wireless LAN Card (x32 Version: 4.0.3.0) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6387) Recovery Manager (x32 Version: 5.5.0.4424) Remote Graphics Receiver (x32 Version: 5.4.5) RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98) ScorpionSaver Services (Version: 1.0.0.0) <==== ATTENTION Spot (x32 Version: 1.0.0.0) swMSM (x32 Version: 12.0.0.1) Tap Tap Bear (x32 Version: 1.0.0.0) The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98) Torchlight (x32 Version: 2.2.0.98) TortoiseSVN 1.7.11.23600 (64 bit) (Version: 1.7.23600) TSHostedAppLauncher (x32 Version: 5.1.15.0) Unity Web Player (HKCU Version: ) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) Update Installer for WildTangent Games App (x32) Updater (x32 Version: 2.6.43) VIP Access (x32 Version: 2.1.1.34) VIP Access SDK (1.0.1.4) (x32 Version: 1.0.1.4) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98) WildTangent Games App (HP Games) (x32 Version: 4.0.5.32) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) WinRAR 4.20 (64-bit) (Version: 4.20.0) WinZip 17.0 (Version: 17.0.10381) Zuma's Revenge (x32 Version: 2.2.0.98) ==================== Restore Points ========================= 31-10-2013 01:21:33 Scheduled Checkpoint 03-11-2013 20:04:54 Removed CWA Reminder by We-Care.com v4.1.24.3 05-11-2013 08:00:34 Windows Update 05-11-2013 10:54:34 Removed ScorpionSaver 05-11-2013 10:55:03 Removed ScorpionSaver 10-11-2013 20:32:07 Removed ScorpionSaver 10-11-2013 20:32:39 Removed ScorpionSaver 10-11-2013 20:34:49 Removed ScorpionSaver 15-11-2013 08:00:35 Windows Update 23-11-2013 00:15:55 Removed ScorpionSaver 26-11-2013 00:43:14 Installed Super Ad Blocker 26-11-2013 01:36:06 Removed Super Ad Blocker 27-11-2013 02:46:11 Removed ScorpionSaver ==================== Hosts content: ========================== 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {06617194-6520-4508-9078-3DDB19EFCA07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated) Task: {100C534B-1F80-42DF-A610-911C98C059C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company) Task: {11F39DFE-9D08-4296-A720-DBF7CEEF514E} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-12-12] () Task: {1243A118-88F9-494D-958E-C3986ACA7205} - System32\Tasks\HPCeeScheduleForEG3 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {1BA41B41-A99E-4049-A3C2-9222CC764357} - \BackgroundContainer Startup Task No Task File Task: {2CE953F0-5169-4CD1-89D1-69EC0A05A3EF} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation) Task: {3B8B906F-F994-45BF-BA1B-6DDE089782DF} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10] (Microsoft Corporation) Task: {3D5B0E36-406C-4076-A13F-8DDFB5F165E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {46FD9636-0D67-41EB-AE3C-E22F82674E9E} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation) Task: {529FAE0B-537B-46EA-AEA1-4EA546DF5E1A} - System32\Tasks\IHUninstallTrackingTASK => CMD Task: {5C3C0755-267C-42DB-93B1-F03D61DACA67} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\wscstub.exe [2013-06-03] (Symantec Corporation) Task: {7E041F13-2BD4-48EB-859C-73EB2E968617} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01] (Microsoft Corporation) Task: {9834C940-0FD4-4D56-8DC0-8EE508A9ADED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-26] (Google Inc.) Task: {A1E2C1CA-85A9-4198-827F-9E663BB3EA55} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {A26900D1-0100-4189-9A70-42C47FB12A70} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd) Task: {A3289A0B-6911-4665-BED2-2D67E1B0F41F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {A4ACAE9E-4CE6-4EA5-A036-2F24AF677200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-26] (Google Inc.) Task: {BB4BBF91-17E4-4ECA-8D80-CB5589E4492A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard) Task: {CF41C5D5-7059-4927-B8C8-31738B39BA80} - \AmiUpdXp No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForEG3.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2012-12-12 21:37 - 2012-12-12 21:37 - 00088968 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll 2011-12-19 16:44 - 2011-09-19 02:50 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-12-12 20:30 - 2012-12-12 20:30 - 00070536 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll 2013-07-16 17:45 - 2012-05-30 09:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON SECURITY SUITE\ENGINE\20.4.0.40\wincfi39.dll 2013-10-31 14:50 - 2013-10-31 14:50 - 00549272 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL 2012-12-12 14:56 - 2012-12-12 14:56 - 00028672 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00516599 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00094208 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00405504 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00159744 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00172032 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00559244 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 01515520 _____ () C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll 2013-11-15 17:23 - 2013-11-15 17:23 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-10-08 18:14 - 2013-10-08 18:14 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service" ==================== Faulty Device Manager Devices ============= Name: 802.11n Wireless LAN Card Description: 802.11n Wireless LAN Card Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/29/2013 03:46:43 PM) (Source: IDVault) (User: ) Description: StarServiceAndWait failed to start for W32TimeCannot start service W32Time on computer '.'. at System.ServiceProcess.ServiceController.Start(String[] args) at System.ServiceProcess.ServiceController.Start() at GuardId.IdVaultCore.Utils.ServiceHelper.StarServiceAndWait(String serviceName, Int32 timeoutSec) Error: (11/29/2013 02:41:14 PM) (Source: Application Error) (User: ) Description: Faulting application name: plugin-container.exe, version: 25.0.1.5064, time stamp: 0x5282f18a Faulting module name: mozalloc.dll, version: 25.0.1.5064, time stamp: 0x5282c493 Exception code: 0x80000003 Fault offset: 0x0000119c Faulting process id: 0x1754 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (11/29/2013 02:41:12 PM) (Source: Application Error) (User: ) Description: Faulting application name: firefox.exe, version: 25.0.1.5064, time stamp: 0x5282f204 Faulting module name: clr.dll, version: 4.0.30319.1008, time stamp: 0x517a1be7 Exception code: 0xc0000005 Fault offset: 0x00510064 Faulting process id: 0x2d40 Faulting application start time: 0xfirefox.exe0 Faulting application path: firefox.exe1 Faulting module path: firefox.exe2 Report Id: firefox.exe3 Error: (11/29/2013 02:41:11 PM) (Source: .NET Runtime) (User: ) Description: Application: firefox.exe Framework Version: v4.0.30319 Description: The process was terminated due to an internal error in the .NET Runtime at IP 72540064 (72030000) with exit code 80131506. Error: (11/29/2013 02:04:51 PM) (Source: Application Error) (User: ) Description: Faulting application name: firefox.exe, version: 25.0.1.5064, time stamp: 0x5282f204 Faulting module name: clr.dll, version: 4.0.30319.1008, time stamp: 0x517a1be7 Exception code: 0xc0000005 Fault offset: 0x0017da7e Faulting process id: 0x2ce0 Faulting application start time: 0xfirefox.exe0 Faulting application path: firefox.exe1 Faulting module path: firefox.exe2 Report Id: firefox.exe3 Error: (11/29/2013 02:04:50 PM) (Source: .NET Runtime) (User: ) Description: Application: firefox.exe Framework Version: v4.0.30319 Description: The process was terminated due to an internal error in the .NET Runtime at IP 721ADA7E (72030000) with exit code 80131506. Error: (11/29/2013 00:36:14 PM) (Source: Application Error) (User: ) Description: Faulting application name: plugin-container.exe, version: 25.0.1.5064, time stamp: 0x5282f18a Faulting module name: mozalloc.dll, version: 25.0.1.5064, time stamp: 0x5282c493 Exception code: 0x80000003 Fault offset: 0x0000119c Faulting process id: 0x1960 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (11/29/2013 00:36:10 PM) (Source: Application Error) (User: ) Description: Faulting application name: firefox.exe, version: 25.0.1.5064, time stamp: 0x5282f204 Faulting module name: clr.dll, version: 4.0.30319.1008, time stamp: 0x517a1be7 Exception code: 0xc0000005 Fault offset: 0x0022e062 Faulting process id: 0x18b0 Faulting application start time: 0xfirefox.exe0 Faulting application path: firefox.exe1 Faulting module path: firefox.exe2 Report Id: firefox.exe3 Error: (11/29/2013 00:36:08 PM) (Source: .NET Runtime) (User: ) Description: Application: firefox.exe Framework Version: v4.0.30319 Description: The process was terminated due to an internal error in the .NET Runtime at IP 7225E062 (72030000) with exit code 80131506. Error: (11/29/2013 11:36:19 AM) (Source: CVHSVC) (User: ) Description: Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. System errors: ============= Error: (11/29/2013 03:57:23 PM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: SABKUTIL Error: (11/29/2013 03:46:43 PM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: SABKUTIL Error: (11/29/2013 03:39:03 PM) (Source: Disk) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/29/2013 03:39:02 PM) (Source: Disk) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/29/2013 03:38:11 PM) (Source: Disk) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/29/2013 11:37:00 AM) (Source: Service Control Manager) (User: ) Description: The AdpeakProxy service terminated unexpectedly. It has done this 1 time(s). Error: (11/29/2013 11:36:26 AM) (Source: Disk) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/27/2013 06:18:04 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: SABKUTIL Error: (11/27/2013 06:12:01 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (11/27/2013 06:12:01 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= Error: (11/29/2013 03:46:43 PM) (Source: IDVault)(User: ) Description: StarServiceAndWait failed to start for W32TimeCannot start service W32Time on computer '.'. at System.ServiceProcess.ServiceController.Start(String[] args) at System.ServiceProcess.ServiceController.Start() at GuardId.IdVaultCore.Utils.ServiceHelper.StarServiceAndWait(String serviceName, Int32 timeoutSec) Error: (11/29/2013 02:41:14 PM) (Source: Application Error)(User: ) Description: plugin-container.exe25.0.1.50645282f18amozalloc.dll25.0.1.50645282c493800000030000119c175401ceed3a7000b78aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll34c498f5-592e-11e3-bf2e-386077b91d69 Error: (11/29/2013 02:41:12 PM) (Source: Application Error)(User: ) Description: firefox.exe25.0.1.50645282f204clr.dll4.0.30319.1008517a1be7c0000005005100642d4001ceed3a6eb287c5C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll33211c00-592e-11e3-bf2e-386077b91d69 Error: (11/29/2013 02:41:11 PM) (Source: .NET Runtime)(User: ) Description: Application: firefox.exe Framework Version: v4.0.30319 Description: The process was terminated due to an internal error in the .NET Runtime at IP 72540064 (72030000) with exit code 80131506. Error: (11/29/2013 02:04:51 PM) (Source: Application Error)(User: ) Description: firefox.exe25.0.1.50645282f204clr.dll4.0.30319.1008517a1be7c00000050017da7e2ce001ceed2e6d3fe65fC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll1f24fc5d-5929-11e3-bf2e-386077b91d69 Error: (11/29/2013 02:04:50 PM) (Source: .NET Runtime)(User: ) Description: Application: firefox.exe Framework Version: v4.0.30319 Description: The process was terminated due to an internal error in the .NET Runtime at IP 721ADA7E (72030000) with exit code 80131506. Error: (11/29/2013 00:36:14 PM) (Source: Application Error)(User: ) Description: plugin-container.exe25.0.1.50645282f18amozalloc.dll25.0.1.50645282c493800000030000119c196001ceed244a2548d9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllbdf1723c-591c-11e3-bf2e-386077b91d69 Error: (11/29/2013 00:36:10 PM) (Source: Application Error)(User: ) Description: firefox.exe25.0.1.50645282f204clr.dll4.0.30319.1008517a1be7c00000050022e06218b001ceed2145dbcfb3C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dllbbcf2e4a-591c-11e3-bf2e-386077b91d69 Error: (11/29/2013 00:36:08 PM) (Source: .NET Runtime)(User: ) Description: Application: firefox.exe Framework Version: v4.0.30319 Description: The process was terminated due to an internal error in the .NET Runtime at IP 7225E062 (72030000) with exit code 80131506. Error: (11/29/2013 11:36:19 AM) (Source: CVHSVC)(User: ) Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. CodeIntegrity Errors: =================================== Date: 2013-11-25 19:51:41.828 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:51:41.766 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:51:41.672 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:51:41.578 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:43:34.467 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:43:34.420 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:43:29.381 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:43:29.334 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:43:28.929 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-25 19:43:28.882 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 30% Total physical RAM: 8098.52 MB Available physical RAM: 5652.75 MB Total Pagefile: 16195.21 MB Available Pagefile: 13040.9 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:914.98 GB) (Free:826.73 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:16.44 GB) (Free:2.05 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive l: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS Drive m: () (Removable) (Total:3.81 GB) (Free:3.02 GB) FAT32 Drive o: (EXTERNAL) (Fixed) (Total:698.64 GB) (Free:397.79 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5266F27B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=915 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 4 GB) (Disk ID: E470E470) Partition 1: (Not Active) - (Size=4 GB) - (Type=0B) ======================================================== Disk: 7 (Size: 699 GB) (Disk ID: 02180A83) Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS) ==================== End Of Log ============================