Jump to content

SammyWaters

Members
  • Posts

    7
  • Joined

  • Last visited

Everything posted by SammyWaters

  1. I just tried a clean install and that fixed it! That's strange because I had already done a clean install before and it didn't work. I guess the 2nd time is a charm.
  2. I can't update my Malware Bytes Anti-Malware (FREE). I've read several threads with the same issue. It looks like the recommended steps are usually: Please uninstall your current version of MBAM and reinstall the latest build - MBAM Clean Removal Process 2xIf that does not correct the issue, then please read the following and post back the requested logs - Diagnostic LogsNOTE: There is an FAQ section with valuable information located here - Common Questions, Issues, and their Solutions I've already tried step number 1 and it didn't help. I still can't update my Malware Bytes. I've attached the log files in this post. If someone could help, it'd would be greatly appreciated. CheckResults.txt Addition.txt FRST.txt
  3. Looks like that did the job! Here is the log: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 4/8/2014Scan Time: 8:05:40 PMLogfile: EXPORT.txtAdministrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.08.09Rootkit Database: v2014.03.27.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledChameleon: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Andy Scan Type: Threat ScanResult: CompletedObjects Scanned: 239562Time Elapsed: 2 min, 19 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledShuriken: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)
  4. It looks like it's still there, here is the log. www.malwarebytes.org Scan Date: 4/7/2014Scan Time: 6:10:46 PMLogfile: lolol.txtAdministrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.07.14Rootkit Database: v2014.03.27.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledChameleon: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Andy Scan Type: Threat ScanResult: CompletedObjects Scanned: 238342Time Elapsed: 2 min, 46 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledShuriken: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.Conduit.A, C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.conduit.com/?ctid=CT3323891&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP4C0E7008-BEEC-4FE7-A6BD-FE4B0F8F04A2&SSPV=" ],), ,[0387a681cbb050e69990390ab84ccd33] Physical Sectors: 0(No malicious items detected) (end)
  5. Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Andy on Sun 04/06/2014 at 19:58:53.38. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Andy\Desktop\zoek\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-04-07-025751.log 28643 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\WINDOWS\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\Andy\AppData\Local\FluxSoftware\Flux\flux.exe C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Andy\AppData\Roaming\Spotify\spotify.exe C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\XFastUSB\XFastUsb.exe C:\Users\Andy\Desktop\zoek\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ==== Deleting Services ====================== ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8123 MB CPU Info: Intel® Core i5-4670K CPU @ 3.40GHz CPU Speed: 3452.0 MHz Sound Card: ASUS VN248-4 (NVIDIA High Defin | Realtek HD Audio 2nd output (Re | Headset Earphone (Logitech USB | Display Adapters: NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | 802.11n USB Wireless LAN Card CD / DVD Drives: No optical drives found. Ports: COM1 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 238.0GB | D: 931.4GB Hard Disks - Free: C: 126.3GB | D: 807.0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ALASKA - 1072009 Time Zone: US Mountain Standard Time Motherboard *: ASRock Z87 Killer Country: United States Language: ENU ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 33.0.1750.154 Internet Explorer Version: 11.0.9600.16521 Google Chrome version: 33.0.1750.154 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Andy\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-03-25 03:34:34 03F4527F7989F3C0A32CC8250353521E 599840 ----a-w- C:\WINDOWS\SysWOW64\nvStreaming.exe 2014-03-25 03:33:21 F2629C63EBB10DC8023D6C9F91E5EAF4 305600 ----a-w- C:\WINDOWS\SysWOW64\nvoglshim32.dll 2014-03-25 03:33:21 F251000405901AF2D072F8DAA2E20052 333600 ----a-w- C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2014-03-25 03:33:21 D1E06161D1CFCB9EE09DE83F933FEEB0 863064 ----a-w- C:\WINDOWS\SysWOW64\NvIFR.dll 2014-03-25 03:33:21 840D0A13CE31A6B77F462A3A7635C346 832936 ----a-w- C:\WINDOWS\SysWOW64\nvumdshim.dll 2014-03-25 03:33:21 6B52E3F4F83281FEA61A64B49DA28A36 2958792 ----a-w- C:\WINDOWS\SysWOW64\nvcuvid.dll 2014-03-25 03:33:21 61E9A874C8C9D37CB1C16FC8CD188219 409544 ----a-w- C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2014-03-25 03:33:21 4586B6778AB37073C6F9299A8ED9911C 2411976 ----a-w- C:\WINDOWS\SysWOW64\nvcuvenc.dll 2014-03-25 03:33:21 2999B2D007E85C0CAE4E924B5A968E5F 15783992 ----a-w- C:\WINDOWS\SysWOW64\nvwgf2um.dll 2014-03-25 03:33:21 2794CD0B5D3E1E58924F91F5B9090A00 23716640 ----a-w- C:\WINDOWS\SysWOW64\nvoglv32.dll 2014-03-25 03:33:21 233E9358B1CB24DA6EC8E4F9A92E8351 9690424 ----a-w- C:\WINDOWS\SysWOW64\nvopencl.dll 2014-03-25 03:33:21 16CE5F4841E5B9B439CB14D2055C7729 846168 ----a-w- C:\WINDOWS\SysWOW64\NvFBC.dll 2014-03-25 03:33:21 14609E9416E50FBF3FC2E503A6080540 148016 ----a-w- C:\WINDOWS\SysWOW64\nvinit.dll 2014-03-25 03:33:20 BDB449FF917D70D19674E0897AB6FB70 9728064 ----a-w- C:\WINDOWS\SysWOW64\nvcuda.dll 2014-03-25 03:33:20 BC391AFA1276949508044E3E04FBAEE3 17561544 ----a-w- C:\WINDOWS\SysWOW64\nvcompiler.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-03-25 03:33:21 D1DE017D96E03ED7D3B7FA2177F18CC4 11589272 ----a-w- C:\WINDOWS\Sysnative\nvopencl.dll 2014-03-25 03:33:21 C1D6FFF46028D72D52325E79537EBAD0 174296 ----a-w- C:\WINDOWS\Sysnative\nvinitx.dll 2014-03-25 03:33:21 AE8DEB3B016B10C15F9317656AA503D0 877856 ----a-w- C:\WINDOWS\Sysnative\NvFBC64.dll 2014-03-25 03:33:21 A7F85855BA07B5863F4F825DC0D13B23 1516488 ----a-w- C:\WINDOWS\Sysnative\nvdispgenco6433523.dll 2014-03-25 03:33:21 A7B21E5A7F2FBED2C0EBCEB132F5053A 1885472 ----a-w- C:\WINDOWS\Sysnative\nvdispco6433523.dll 2014-03-25 03:33:21 8FCD2647A7EC387CC042FDEF1E613A45 353504 ----a-w- C:\WINDOWS\Sysnative\nvoglshim64.dll 2014-03-25 03:33:21 713847FFF1C21AB146EC4BC77313E09C 3143456 ----a-w- C:\WINDOWS\Sysnative\nvcuvid.dll 2014-03-25 03:33:21 593F9F97F6EEACA8EEE9E86FF037DC89 892704 ----a-w- C:\WINDOWS\Sysnative\NvIFR64.dll 2014-03-25 03:33:21 56C4C713B243C63A8631CD49B75BCE30 484296 ----a-w- C:\WINDOWS\Sysnative\nvEncodeAPI64.dll 2014-03-25 03:33:21 3D6A11AFC01C64967DEE3114BBA15CF8 17755424 ----a-w- C:\WINDOWS\Sysnative\nvd3dumx.dll 2014-03-25 03:33:21 15B44E20796692FD787133F1A9B2785A 2783008 ----a-w- C:\WINDOWS\Sysnative\nvcuvenc.dll 2014-03-25 03:33:21 14269F531D6D894583FC2AB56B345698 377688 ----a-w- C:\WINDOWS\Sysnative\NvIFROpenGL.dll 2014-03-25 03:33:21 0DE740225F2FD43C45BA6D4A3378C3C1 31474976 ----a-w- C:\WINDOWS\Sysnative\nvoglv64.dll 2014-03-25 03:33:21 073FA5999FC8C2852F0667558D91049D 11636176 ----a-w- C:\WINDOWS\Sysnative\nvcuda.dll 2014-03-25 03:33:20 D83E3F4CDDA74D3493C818EDFD64FADA 25255256 ----a-w- C:\WINDOWS\Sysnative\nvcompiler.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-04-06 00:30:39 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2014-04-06 00:30:29 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2014-04-06 00:30:29 4A1356200B82B852E137B687F03E8054 88280 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2014-04-06 00:30:29 3FFFB7F54CD7A792099C10402FCF8F56 63192 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2014-03-29 21:22:20 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf 2014-03-29 21:22:20 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_WinUSB_01009.Wdf 2014-03-25 03:33:21 757ACE4D4C9FF0571F86AA5D586B45E8 12708128 ----a-w- C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys 2014-03-19 00:16:11 13B160C1913F012BD1615EB1398D3779 1530712 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2014-03-19 00:16:10 D22EB844EB57D016CC34178AC86456DF 325464 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2014-03-19 00:16:10 22EDC0DE06A0272DFA4C7B47B5D8E377 382808 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2014-03-19 00:16:09 A1A5E79C0D1352AFDC08328A623DA051 408576 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys 2014-03-19 00:16:08 DF355EB0199198728027962DCFCDE5FB 121088 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBAUDIO.sys 2014-03-13 05:02:22 ECC68BD5347BDE9631EE68274858A41F 2543960 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-03-13 05:02:21 C85C075DE5B6D0FE116043054DE8EE02 311640 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-03-13 05:02:19 C52148456E0F6EAD9E903020A79207FC 236888 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2014-03-13 05:02:19 57F22324FAAF92ADF957B281E88F1743 124760 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2014-03-13 05:02:19 241895E8A9C158DF86E12FDD21033A32 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys ====== C:\WINDOWS\Tasks ====== 2014-04-07 02:53:03 F02649240A3BAF882FC4FB112612CCF9 3144 ----a-w- C:\WINDOWS\Sysnative\Tasks\{F670771D-777A-43A0-8CD4-3F8B30EB6D85} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-04-06 00:27:51 -------- d-----w- C:\Program Files\PeerBlock 2014-03-29 20:03:23 -------- d-----w- C:\Program Files\Zune ======= C:\PROGRA~2 ===== 2014-03-17 01:56:18 -------- d--h--w- C:\PROGRA~2\COMMON~1\EAInstaller 2014-03-17 00:10:55 -------- d-----w- C:\PROGRA~2\Origin Games 2014-03-16 04:56:38 -------- d-----w- C:\PROGRA~2\Origin 2014-03-16 03:55:29 -------- d-----w- C:\PROGRA~2\MSI Afterburner ======= C: ===== ====== C:\Users\Andy\AppData\Roaming ====== 2014-04-07 02:57:52 -------- d-----w- C:\Users\Andy\AppData\Local\VirtualStore 2014-04-07 02:57:12 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2014-04-07 02:57:12 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2014-04-07 02:57:12 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-04-07 02:57:12 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-04-07 02:57:12 -------- d-----w- C:\Users\Andy\AppData\Local\Temp 2014-03-29 21:48:14 -------- d-----w- C:\Users\Andy\AppData\Local\Spotify 2014-03-29 21:47:55 -------- d-----w- C:\Users\Andy\AppData\Roaming\Spotify 2014-03-16 04:57:41 -------- d-----w- C:\Users\Andy\AppData\Roaming\Origin 2014-03-16 04:57:40 -------- d-----w- C:\Users\Andy\AppData\Local\Origin 2014-03-16 03:55:37 -------- d-----w- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner ====== C:\Users\Andy ====== 2014-04-06 18:09:40 6655936E40C43120145A11547734F01F 2157056 ----a-w- C:\Users\Andy\Downloads\FRST64.exe 2014-04-06 18:06:30 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Andy\Desktop\JRT_NEW.exe 2014-04-06 02:25:37 519A940A2CDAADE35F1EC164CB81DD82 1038974 ----a-w- C:\Users\Andy\Downloads\JRT.exe 2014-04-06 02:17:12 04B47DEEB298AE90A0C42DEAED71F8BA 1426178 ----a-w- C:\Users\Andy\Downloads\adwcleaner.exe 2014-04-06 02:14:04 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\Andy\Downloads\TFC.exe 2014-04-06 00:28:38 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Andy\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-06 00:27:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock 2014-03-29 20:04:15 -------- d-----r- C:\Users\Andy\Podcasts 2014-03-29 20:03:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune 2014-03-16 04:56:43 -------- d-----w- C:\ProgramData\Origin ====== C: exe-files == 2014-04-06 18:09:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Andy\AppData\Local\Microsoft\Windows\INetCache\IE\M4XQJ9OZ\FRST64[1].exe 2014-04-06 18:09:40 6655936E40C43120145A11547734F01F 2157056 ----a-w- C:\Users\Andy\Downloads\FRST64.exe 2014-04-06 18:06:30 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Andy\Desktop\JRT_NEW.exe 2014-04-06 02:25:37 519A940A2CDAADE35F1EC164CB81DD82 1038974 ----a-w- C:\Users\Andy\Downloads\JRT.exe 2014-04-06 02:17:12 04B47DEEB298AE90A0C42DEAED71F8BA 1426178 ----a-w- C:\Users\Andy\Downloads\adwcleaner.exe 2014-04-06 02:14:04 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\Andy\Downloads\TFC.exe 2014-04-06 00:28:38 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Andy\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-06 00:27:52 BA00E1FCDD7FDCA70024BE182EB2C158 2513992 ----a-w- C:\Program Files\PeerBlock\peerblock.exe 2014-04-06 00:27:51 E73A938DD7C05D41917F9D5C4D43CE0F 1194775 ----a-w- C:\Program Files\PeerBlock\unins000.exe 2014-04-04 05:52:04 0A0D5A3AA1A5CBC27EBE0A985B9DB900 3443872 ----a-w- C:\Users\Andy\AppData\Local\NVIDIA\NvBackend\Packages\000059bd\DAO.18192802.exe 2014-04-04 03:09:30 E093151047BBFFC0CD78D52F36490206 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateOnDemand.exe 2014-04-04 03:09:30 7E6B107120108B3A15BFECE0DE3201DB 228744 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe 2014-04-04 03:09:30 6EFC5F64258FE0D9DA3CCFA7FF4D84BD 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe 2014-04-04 03:09:30 398F40FAE5ADA9521544393F1F67A17E 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateBroker.exe 2014-04-04 03:09:30 0D5CE0E5AEC3ACC7930AB955334B8533 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe 2014-04-04 03:09:30 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateSetup.exe 2014-04-04 03:09:29 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdate.exe 2014-04-04 03:09:28 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.23.9\GoogleUpdateSetup.exe 2014-04-02 03:43:43 4C67B0A9D9D17BF19ED4A3724D1D4628 3428656 ----a-w- C:\Users\Andy\AppData\Local\NVIDIA\NvBackend\Packages\000059a4\DAO.18179243.exe 2014-04-01 03:42:45 5F27312A2C998C1B29773E23321D36A4 3428584 ----a-w- C:\Users\Andy\AppData\Local\NVIDIA\NvBackend\Packages\0000598f\DAO.18171778.exe 2014-04-01 03:42:43 94BF0D309CE93DC72734423107F53F93 304536 ----a-w- C:\Users\Andy\AppData\Local\NVIDIA\NvBackend\Packages\0000593b\drsupdate.18115115_RUNASUSER.exe === C: other files == 2014-04-06 00:30:39 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-04-06 00:30:29 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-04-06 00:30:29 4A1356200B82B852E137B687F03E8054 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-04-06 00:30:29 3FFFB7F54CD7A792099C10402FCF8F56 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-04-06 00:27:52 D1F41F0CED2BDD82148D4E5269EE01B9 22600 ----a-w- C:\Program Files\PeerBlock\pbfilter.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2277182145-3031813170-2803461784-1001\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"="C:\Users\Andy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "Spotify Web Helper"="C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Andy\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" [HKEY_USERS\S-1-5-21-2277182145-3031813170-2803461784-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "XFastUSB"="C:\Program Files (x86)\XFastUSB\XFastUsb.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"="C:\Users\Andy\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "Spotify Web Helper"="C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Andy\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Classic Start Menu"="D:\ClassicStartMenu.exe -autorun" "Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2014 03:58 AM] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2014 03:58 AM] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\AsrKM" [C:\Program Files (x86)\ASRock Utility\Key Master\AsrKM.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HDMISwitch" [C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe] ==== Chrome Look ====================== Google Docs - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf James White - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm YouTube - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Facebook Unseen - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop Imagus - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab Reddit Enhancement Suite - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb Chromium Wheel Smooth Scroller - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb Google Maps - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Google Wallet - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Auto Refresh Plus - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih Gmail - Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - D:\ClassicExplorer32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\ClassicExplorer32.dll O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" O4 - HKCU\..\Run: [f.lux] "C:\Users\Andy\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\Andy\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: ASRock IO Monitor Service (ASRockIOMon) - Unknown owner - C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Andy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== Empty Temp Folders ====================== C:\Users\Andy\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Andy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sun 04/06/2014 at 20:03:08.74 ======================
  6. The exported Malwarebytes log and addition.txt are attached. Here is the contents of the text file for ADWCleaner: # AdwCleaner v3.023 - Report created 06/04/2014 at 11:01:27# Updated 01/04/2014 by Xplode# Operating System : Windows 8.1 Pro (64 bits)# Username : Andy - ANDYSGAMINGPC# Running from : C:\Users\Andy\Downloads\adwcleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v0.0.0.0 -\\ Google Chrome v33.0.1750.154 [ File : C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [913 octets] - [05/04/2014 19:17:32]AdwCleaner[R1].txt - [854 octets] - [05/04/2014 19:29:34]AdwCleaner[R2].txt - [972 octets] - [06/04/2014 11:01:04]AdwCleaner[s0].txt - [983 octets] - [05/04/2014 19:18:28]AdwCleaner[s1].txt - [914 octets] - [05/04/2014 19:29:54]AdwCleaner[s2].txt - [894 octets] - [06/04/2014 11:01:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [953 octets] ########## --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Here are the contents of the JRT text: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 8.1 Pro x64Ran by Andy on Sun 04/06/2014 at 11:07:10.87~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sun 04/06/2014 at 11:09:02.28End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Here are the contents for the FRST scans: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014Ran by Andy (administrator) on ANDYSGAMINGPC on 06-04-2014 11:10:08Running from C:\Users\Andy\DownloadsWindows 8.1 Pro (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe() C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\WINDOWS\SysWOW64\PnkBstrA.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe() C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(IvoSoft) D:\ClassicStartMenu.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe(Flux Software LLC) C:\Users\Andy\AppData\Local\FluxSoftware\Flux\flux.exe(Spotify Ltd) C:\Users\Andy\AppData\Roaming\Spotify\spotify.exe() C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyHelper.exe(Spotify Ltd) C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-25] (Realtek Semiconductor)HKLM\...\Run: [Classic Start Menu] - D:\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [6226624 2014-02-02] (FNet Co., Ltd.)HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\Run: [f.lux] - C:\Users\Andy\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\Run: [Fatal1tySTU] - [X]HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\Run: [ASRockHDMISwitch] - [X]HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\Run: [spotify Web Helper] - C:\Users\Andy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-03-29] (Spotify Ltd)HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\Run: [GoogleChromeAutoLaunch_D9C6B67A63EF2C294D4A204374B6A795] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-14] (Google Inc.)HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\Run: [spotify] - C:\Users\Andy\AppData\Roaming\Spotify\spotify.exe [6118400 2014-03-29] (Spotify Ltd)HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\RunOnce: [AsrOMG_Day0] - 0x00000000HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\RunOnce: [AsrOMG_Day1] - 0x00000000HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\RunOnce: [AsrOMG_Day2] - 0x00000000HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\RunOnce: [AsrOMG_Day3] - 0x00000000HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\RunOnce: [AsrOMG_Day4] - 0x00000000HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\RunOnce: [AsrOMG_Day5] - 0x00000000HKU\S-1-5-21-2277182145-3031813170-2803461784-1001\...\RunOnce: [AsrOMG_Day6] - 0x00000000 ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAF813D970520CF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USBHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - D:\ClassicExplorer64.dll (IvoSoft)BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - D:\ClassicExplorer32.dll (IvoSoft)Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\ClassicExplorer64.dll (IvoSoft)Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\ClassicExplorer32.dll (IvoSoft)Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Chrome: =======CHR HomePage: https://www.google.com/CHR Extension: (Google Docs) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-02]CHR Extension: (Google Drive) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-02]CHR Extension: (James White) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-02-01]CHR Extension: (YouTube) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-02]CHR Extension: (Google Search) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-02]CHR Extension: (AdBlock) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-01]CHR Extension: (Facebook Unseen) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2014-02-01]CHR Extension: (Deathamns) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2014-02-01]CHR Extension: (Reddit Enhancement Suite) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-02-01]CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2014-02-01]CHR Extension: (Google Maps) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-01]CHR Extension: (Google Wallet) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-02]CHR Extension: (Auto Refresh Plus) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-02-01]CHR Extension: (Gmail) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-02] ==================== Services (Whitelisted) ================= R2 ASRockIOMon; C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] ()R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-03-05] ()R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-02-02] (ASRock Incorporation)S3 AsrHidFilter; C:\Windows\system32\DRIVERS\AsrHidFilter.sys [20232 2013-09-09] (ASRock Inc.)R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-09] (ASRock Inc.)S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-03-29] (FNet Co., Ltd.)R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-02-02] (FNet Co., Ltd.)S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-01] (Microsoft Corporation)R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-01-19] ()S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-11-14] (Microsoft Corporation)S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-06] (Malwarebytes Corporation)R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-01] (Microsoft Corporation)S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-06 11:10 - 2014-04-06 11:10 - 00012248 _____ () C:\Users\Andy\Downloads\FRST.txt2014-04-06 11:09 - 2014-04-06 11:10 - 00000000 ____D () C:\FRST2014-04-06 11:09 - 2014-04-06 11:09 - 02157056 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe2014-04-06 11:09 - 2014-04-06 11:09 - 00000625 _____ () C:\Users\Andy\Desktop\JRT.txt2014-04-06 11:06 - 2014-04-05 23:36 - 01016261 _____ (Thisisu) C:\Users\Andy\Desktop\JRT_NEW.exe2014-04-06 11:04 - 2014-04-06 11:04 - 00001032 _____ () C:\Users\Andy\Desktop\adwcleaner.txt2014-04-06 10:59 - 2014-04-06 10:59 - 00001332 _____ () C:\Users\Andy\Desktop\EXPORT.txt2014-04-05 19:27 - 2014-04-05 19:27 - 00000000 ____D () C:\WINDOWS\ERUNT2014-04-05 19:25 - 2014-04-05 19:25 - 01038974 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe2014-04-05 19:17 - 2014-04-06 11:01 - 00000000 ____D () C:\AdwCleaner2014-04-05 19:17 - 2014-04-05 19:17 - 01426178 _____ () C:\Users\Andy\Downloads\adwcleaner.exe2014-04-05 19:14 - 2014-04-05 19:14 - 00448512 _____ (OldTimer Tools) C:\Users\Andy\Downloads\TFC.exe2014-04-05 17:30 - 2014-04-06 10:54 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-04-05 17:30 - 2014-04-05 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-05 17:30 - 2014-04-05 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-05 17:30 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-05 17:30 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-04-05 17:30 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-04-05 17:28 - 2014-04-05 17:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.0.1.1004.exe2014-04-05 17:27 - 2014-04-05 18:56 - 00000000 ____D () C:\Program Files\PeerBlock2014-04-05 17:23 - 2014-04-05 17:54 - 00000000 ____D () C:\Users\Andy\Downloads\Apocalypto [2006] 720p BRRip H264 AC3 - CODY2014-04-04 21:28 - 2014-04-04 21:37 - 00000000 ____D () C:\Users\Andy\Downloads\Usher Complete Discography (iTunes Edition) [theLEAK]2014-03-31 20:42 - 2014-04-06 11:07 - 00524978 _____ () C:\WINDOWS\WindowsUpdate.log2014-03-29 14:48 - 2014-03-29 17:50 - 00000000 ____D () C:\Users\Andy\AppData\Local\Spotify2014-03-29 14:48 - 2014-03-29 14:48 - 00001794 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk2014-03-29 14:47 - 2014-04-06 11:08 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Spotify2014-03-29 14:22 - 2014-03-29 14:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf2014-03-29 14:22 - 2014-03-29 14:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf2014-03-29 13:04 - 2014-03-29 13:04 - 00000000 ___RD () C:\Users\Andy\Podcasts2014-03-29 13:03 - 2014-03-29 13:03 - 00000000 ____D () C:\WINDOWS\PCHEALTH2014-03-29 13:03 - 2014-03-29 13:03 - 00000000 ____D () C:\Program Files\Zune2014-03-24 20:34 - 2014-03-24 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies2014-03-24 20:34 - 2014-03-04 04:32 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe2014-03-24 20:33 - 2014-03-04 07:35 - 31474976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll2014-03-24 20:33 - 2014-03-04 07:35 - 25255256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll2014-03-24 20:33 - 2014-03-04 07:35 - 23716640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll2014-03-24 20:33 - 2014-03-04 07:35 - 17755424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll2014-03-24 20:33 - 2014-03-04 07:35 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll2014-03-24 20:33 - 2014-03-04 07:35 - 15783992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll2014-03-24 20:33 - 2014-03-04 07:35 - 12708128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys2014-03-24 20:33 - 2014-03-04 07:35 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll2014-03-24 20:33 - 2014-03-04 07:35 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll2014-03-24 20:33 - 2014-03-04 07:35 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll2014-03-24 20:33 - 2014-03-04 07:35 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll2014-03-24 20:33 - 2014-03-04 07:35 - 03143456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll2014-03-24 20:33 - 2014-03-04 07:35 - 02958792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll2014-03-24 20:33 - 2014-03-04 07:35 - 02783008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll2014-03-24 20:33 - 2014-03-04 07:35 - 02411976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll2014-03-24 20:33 - 2014-03-04 07:35 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433523.dll2014-03-24 20:33 - 2014-03-04 07:35 - 01516488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433523.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00877856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00863064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00846168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00832936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00484296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00409544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00377688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll2014-03-24 20:33 - 2014-03-04 07:35 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll2014-03-24 20:32 - 2014-03-24 20:32 - 00000000 ____D () C:\WINDOWS\system32\appmgmt2014-03-18 17:16 - 2014-01-07 18:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS2014-03-18 17:16 - 2014-01-07 18:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2014-03-18 17:16 - 2014-01-07 18:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys2014-03-18 17:16 - 2014-01-04 08:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll2014-03-18 17:16 - 2014-01-04 08:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll2014-03-18 17:16 - 2014-01-04 07:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll2014-03-18 17:16 - 2014-01-04 06:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll2014-03-18 17:16 - 2014-01-02 16:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll2014-03-18 17:16 - 2014-01-02 16:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll2014-03-18 17:16 - 2013-12-31 18:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2014-03-18 17:16 - 2013-12-31 18:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll2014-03-18 17:16 - 2013-12-31 17:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll2014-03-18 17:16 - 2013-12-31 17:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll2014-03-18 17:16 - 2013-12-31 16:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll2014-03-18 17:16 - 2013-12-31 16:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll2014-03-18 17:16 - 2013-12-31 16:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll2014-03-18 17:16 - 2013-12-30 16:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll2014-03-18 17:16 - 2013-12-30 16:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll2014-03-18 17:16 - 2013-12-30 16:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll2014-03-18 17:16 - 2013-12-30 16:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll2014-03-18 17:16 - 2013-12-30 16:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll2014-03-18 17:16 - 2013-12-27 08:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll2014-03-18 17:16 - 2013-12-27 01:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll2014-03-18 17:16 - 2013-12-27 01:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe2014-03-18 17:16 - 2013-12-27 01:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll2014-03-18 17:16 - 2013-12-27 00:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll2014-03-18 17:16 - 2013-12-27 00:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe2014-03-18 17:16 - 2013-12-26 23:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll2014-03-18 17:16 - 2013-12-21 00:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll2014-03-18 17:16 - 2013-12-17 00:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys2014-03-18 17:16 - 2013-12-13 23:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll2014-03-18 17:16 - 2013-12-13 23:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2014-03-18 17:16 - 2013-12-13 03:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe2014-03-18 17:16 - 2013-12-13 00:24 - 00121088 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys2014-03-18 17:16 - 2013-12-12 23:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll2014-03-18 17:16 - 2013-12-12 22:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll2014-03-18 17:16 - 2013-12-09 01:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll2014-03-18 17:16 - 2013-12-08 21:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll2014-03-16 17:10 - 2014-03-16 17:24 - 00000000 ____D () C:\Program Files (x86)\Origin Games2014-03-15 21:57 - 2014-03-16 17:10 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Origin2014-03-15 21:57 - 2014-03-16 17:10 - 00000000 ____D () C:\Users\Andy\AppData\Local\Origin2014-03-15 21:56 - 2014-03-30 15:59 - 00000000 ____D () C:\ProgramData\Origin2014-03-15 21:56 - 2014-03-27 17:52 - 00000000 ____D () C:\Program Files (x86)\Origin2014-03-15 20:55 - 2014-03-24 20:39 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner2014-03-15 20:55 - 2014-03-15 20:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx2014-03-15 20:55 - 2014-03-15 20:55 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner2014-03-13 06:07 - 2014-02-22 05:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe2014-03-13 06:07 - 2014-02-22 04:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe2014-03-12 22:02 - 2014-02-28 23:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-03-12 22:02 - 2014-02-28 21:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-03-12 22:02 - 2014-02-28 21:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-03-12 22:02 - 2014-02-28 21:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-03-12 22:02 - 2014-02-28 20:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-03-12 22:02 - 2014-02-28 20:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-03-12 22:02 - 2014-02-28 20:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-03-12 22:02 - 2014-02-28 20:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-03-12 22:02 - 2014-02-28 20:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-03-12 22:02 - 2014-02-28 20:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-03-12 22:02 - 2014-02-28 20:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-03-12 22:02 - 2014-02-28 19:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-03-12 22:02 - 2014-02-28 19:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-03-12 22:02 - 2014-02-28 19:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-03-12 22:02 - 2014-02-28 19:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-03-12 22:02 - 2014-02-28 19:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-03-12 22:02 - 2014-02-28 19:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-03-12 22:02 - 2014-02-10 20:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-03-12 22:02 - 2014-02-10 19:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll2014-03-12 22:02 - 2014-02-10 19:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll2014-03-12 22:02 - 2014-01-31 09:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys2014-03-12 22:02 - 2014-01-31 09:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll2014-03-12 22:02 - 2014-01-31 09:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll2014-03-12 22:02 - 2014-01-31 06:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll2014-03-12 22:02 - 2014-01-31 02:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll2014-03-12 22:02 - 2014-01-29 02:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll2014-03-12 22:02 - 2014-01-29 01:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe2014-03-12 22:02 - 2014-01-29 01:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll2014-03-12 22:02 - 2014-01-29 01:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll2014-03-12 22:02 - 2014-01-29 01:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2014-03-12 22:02 - 2014-01-29 00:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll2014-03-12 22:02 - 2014-01-29 00:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe2014-03-12 22:02 - 2014-01-29 00:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll2014-03-12 22:02 - 2014-01-28 23:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll2014-03-12 22:02 - 2014-01-28 17:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll2014-03-12 22:02 - 2014-01-27 12:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll2014-03-12 22:02 - 2014-01-27 12:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll2014-03-12 22:02 - 2014-01-27 12:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE2014-03-12 22:02 - 2014-01-27 11:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll2014-03-12 22:02 - 2014-01-27 11:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll2014-03-12 22:02 - 2014-01-27 11:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll2014-03-12 22:02 - 2014-01-27 11:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE2014-03-12 22:02 - 2014-01-27 11:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll2014-03-12 22:02 - 2014-01-27 10:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll2014-03-12 22:02 - 2014-01-27 10:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll2014-03-12 22:02 - 2014-01-27 10:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll2014-03-12 22:02 - 2014-01-27 08:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll2014-03-12 22:02 - 2014-01-27 08:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll2014-03-12 22:02 - 2014-01-27 04:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml2014-03-12 22:02 - 2014-01-17 16:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll2014-03-12 22:02 - 2014-01-17 14:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll2014-03-12 22:02 - 2013-12-21 07:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe2014-03-12 22:02 - 2013-12-21 01:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll2014-03-12 22:02 - 2013-12-20 03:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi2014-03-12 22:02 - 2013-12-20 03:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe2014-03-12 22:02 - 2013-10-30 17:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys2014-03-12 22:02 - 2013-10-30 17:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys2014-03-12 22:02 - 2013-10-30 17:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys ==================== One Month Modified Files and Folders ======= 2014-04-06 11:10 - 2014-04-06 11:10 - 00012248 _____ () C:\Users\Andy\Downloads\FRST.txt2014-04-06 11:10 - 2014-04-06 11:09 - 00000000 ____D () C:\FRST2014-04-06 11:09 - 2014-04-06 11:09 - 02157056 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe2014-04-06 11:09 - 2014-04-06 11:09 - 00000625 _____ () C:\Users\Andy\Desktop\JRT.txt2014-04-06 11:08 - 2014-03-29 14:47 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Spotify2014-04-06 11:07 - 2014-03-31 20:42 - 00524978 _____ () C:\WINDOWS\WindowsUpdate.log2014-04-06 11:07 - 2013-11-14 00:29 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-04-06 11:05 - 2014-02-09 18:34 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\ClassicShell2014-04-06 11:04 - 2014-04-06 11:04 - 00001032 _____ () C:\Users\Andy\Desktop\adwcleaner.txt2014-04-06 11:03 - 2014-02-02 11:24 - 00003048 _____ () C:\WINDOWS\System32\Tasks\AsrKM2014-04-06 11:03 - 2014-02-02 11:24 - 00002988 _____ () C:\WINDOWS\System32\Tasks\HDMISwitch2014-04-06 11:03 - 2014-02-02 03:58 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-04-06 11:01 - 2014-04-05 19:17 - 00000000 ____D () C:\AdwCleaner2014-04-06 11:01 - 2014-02-01 17:21 - 00000000 ____D () C:\ProgramData\NVIDIA2014-04-06 11:01 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-04-06 11:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-04-06 10:59 - 2014-04-06 10:59 - 00001332 _____ () C:\Users\Andy\Desktop\EXPORT.txt2014-04-06 10:54 - 2014-04-05 17:30 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-04-06 10:53 - 2014-02-11 17:53 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\uTorrent2014-04-06 00:14 - 2014-02-02 03:58 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-04-05 23:36 - 2014-04-06 11:06 - 01016261 _____ (Thisisu) C:\Users\Andy\Desktop\JRT_NEW.exe2014-04-05 23:36 - 2014-02-02 03:57 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2277182145-3031813170-2803461784-10012014-04-05 23:27 - 2014-02-23 20:50 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\vlc2014-04-05 19:27 - 2014-04-05 19:27 - 00000000 ____D () C:\WINDOWS\ERUNT2014-04-05 19:25 - 2014-04-05 19:25 - 01038974 _____ (Thisisu) C:\Users\Andy\Downloads\JRT.exe2014-04-05 19:18 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI2014-04-05 19:17 - 2014-04-05 19:17 - 01426178 _____ () C:\Users\Andy\Downloads\adwcleaner.exe2014-04-05 19:14 - 2014-04-05 19:14 - 00448512 _____ (OldTimer Tools) C:\Users\Andy\Downloads\TFC.exe2014-04-05 19:01 - 2014-02-01 14:53 - 00000000 ____D () C:\Program Files (x86)\Steam2014-04-05 18:56 - 2014-04-05 17:27 - 00000000 ____D () C:\Program Files\PeerBlock2014-04-05 17:54 - 2014-04-05 17:23 - 00000000 ____D () C:\Users\Andy\Downloads\Apocalypto [2006] 720p BRRip H264 AC3 - CODY2014-04-05 17:30 - 2014-04-05 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-05 17:30 - 2014-04-05 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-05 17:28 - 2014-04-05 17:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Andy\Downloads\mbam-setup-2.0.1.1004.exe2014-04-04 21:37 - 2014-04-04 21:28 - 00000000 ____D () C:\Users\Andy\Downloads\Usher Complete Discography (iTunes Edition) [theLEAK]2014-04-03 20:09 - 2014-02-02 03:58 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-04-03 20:09 - 2014-02-02 03:58 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-04-03 09:51 - 2014-04-05 17:30 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-03 09:51 - 2014-04-05 17:30 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-04-03 09:50 - 2014-04-05 17:30 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-04-02 19:24 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-03-30 15:59 - 2014-03-15 21:56 - 00000000 ____D () C:\ProgramData\Origin2014-03-29 17:50 - 2014-03-29 14:48 - 00000000 ____D () C:\Users\Andy\AppData\Local\Spotify2014-03-29 14:48 - 2014-03-29 14:48 - 00001794 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk2014-03-29 14:22 - 2014-03-29 14:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf2014-03-29 14:22 - 2014-03-29 14:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf2014-03-29 13:04 - 2014-03-29 13:04 - 00000000 ___RD () C:\Users\Andy\Podcasts2014-03-29 13:04 - 2014-02-01 17:25 - 00000000 ____D () C:\Users\Andy2014-03-29 13:03 - 2014-03-29 13:03 - 00000000 ____D () C:\WINDOWS\PCHEALTH2014-03-29 13:03 - 2014-03-29 13:03 - 00000000 ____D () C:\Program Files\Zune2014-03-29 13:03 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared2014-03-29 12:57 - 2014-02-02 11:26 - 00032320 _____ (FNet Co., Ltd.) C:\WINDOWS\system32\Drivers\FNETTBOH_305.SYS2014-03-29 12:44 - 2014-02-24 21:27 - 00000000 ____D () C:\Users\Andy\Documents\TurboTax2014-03-27 17:52 - 2014-03-15 21:56 - 00000000 ____D () C:\Program Files (x86)\Origin2014-03-24 20:39 - 2014-03-15 20:55 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner2014-03-24 20:34 - 2014-03-24 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies2014-03-24 20:34 - 2014-02-01 17:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-03-24 20:32 - 2014-03-24 20:32 - 00000000 ____D () C:\WINDOWS\system32\appmgmt2014-03-24 20:16 - 2014-02-02 13:39 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\NVIDIA2014-03-22 22:06 - 2014-02-10 19:26 - 00000000 ____D () C:\Users\Andy\Documents\My Games2014-03-21 21:57 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache2014-03-20 22:13 - 2014-02-02 03:51 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-03-20 22:13 - 2014-02-02 03:51 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-03-20 22:12 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-03-18 17:27 - 2014-02-01 12:19 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-03-18 17:26 - 2014-02-01 12:19 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-03-16 17:24 - 2014-03-16 17:10 - 00000000 ____D () C:\Program Files (x86)\Origin Games2014-03-16 17:10 - 2014-03-15 21:57 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Origin2014-03-16 17:10 - 2014-03-15 21:57 - 00000000 ____D () C:\Users\Andy\AppData\Local\Origin2014-03-15 20:56 - 2014-03-15 20:55 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx2014-03-15 20:55 - 2014-03-15 20:55 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner2014-03-15 20:36 - 2014-02-04 21:19 - 00000000 ____D () C:\Users\Andy\Documents\4A Games2014-03-15 20:32 - 2014-02-04 21:18 - 00000000 ____D () C:\Users\Andy\AppData\Local\4A Games2014-03-14 18:22 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports2014-03-12 22:14 - 2013-08-22 07:44 - 00344664 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-03-12 22:13 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-03-12 22:13 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-03-12 22:13 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender2014-03-12 22:13 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2014-03-12 21:39 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2014-03-07 23:29 - 2014-03-05 18:55 - 00281032 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr2014-03-07 23:29 - 2014-03-05 18:53 - 00281032 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe2014-03-07 16:43 - 2014-03-05 18:53 - 00280792 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0 Some content of TEMP:====================C:\Users\Andy\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys[2014-03-12 22:02] - [2014-01-31 09:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02 LastRegBack: 2014-04-01 21:29 ==================== End Of Log ============================ EXPORT.txt Addition.txt
  7. Hello, So I am having trouble removing the PUP.Optional.Conduit.A malware from my PC. Each time I run a threat scan, the potential threat shows up and I quarantine it. When I run the scan again, it still shows up. It looks like it is located in my Google Chrome app data preferences. I located some forum threads with similar problems regarding this specific malware. I follow the instructions given to the users with the same problem, but it doesn't seem to go away. I followed the instructions here: https://forums.malwarebytes.org/index.php?showtopic=130750 But everything I run the threat scan, I still see the threat. Any advice? I'm running Windows 8 if that helps at all.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.