Jump to content

RNxSupaStar

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I dont think there are any problems any more, thank you.
  2. EsetOS: C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir Win32/NextLive.A potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\MRTNxHILL\AppData\Local\Conduit\Chrome\CT3306061\CHUninstaller.exe.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\MRTNxHILL\AppData\Local\genienext\nengine.dll.vir Win32/NextLive.A potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\MRTNxHILL\AppData\Local\NativeMessaging\CT3306061\1_0_0_6\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\MRTNxHILL\AppData\Local\Temp\NativeMessaging\CT3306061.crx.vir a variant of Win32/Toolbar.Conduit.AA potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\MRTNxHILL\AppData\Local\Temp\NativeMessaging\CT3306061\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\MRTNxHILL\AppData\Roaming\newnext.me\nengine.dll.vir Win32/NextLive.A potentially unwanted applicationC:\Program Files (x86)\NCH Swift Sound\Slice\slice.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted applicationC:\Program Files (x86)\NCH Swift Sound\Slice\slicesetup_v2.00.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted applicationC:\Program Files (x86)\NCH Swift Sound\Slice\uninst.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted applicationC:\Users\MRTNxHILL\Downloads\cbsidlm-cbsi145-Free_Flac_to_MP3-SEO-75758784.exe a variant of Win32/CNETInstaller.B potentially unwanted applicationC:\Users\MRTNxHILL\Downloads\slicesetup.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted applicationC:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll a variant of Win32/Toolbar.Linkury.G potentially unwanted applicationC:\zoek_backup\C_Users_MRTNxHILL_AppData_Local_CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
  3. MalwareBytes: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 7/16/2014Scan Time: 12:34:58 PMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.16.05Rootkit Database: v2014.07.14.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: MRTNxHILL Scan Type: Threat ScanResult: CompletedObjects Scanned: 324833Time Elapsed: 18 min, 40 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: WarnPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 3PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [1460613e6c0f2a0c44aa14c160a2758b], PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Quarantined, [472d693624574aec3335924d25dd23dd], PUP.Optional.SuperFish.A, HKU\S-1-5-21-2389733265-3962132501-2217828593-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [2153eeb17308f2441aeac3fe09f91de3], Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 1PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], Files: 14PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarantined, [95dfdcc354276bcb0685f449946c5ba5], PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [472d653a037888ae755836526d97c739], PUP.Optional.MyEmoticons.A, C:\Users\MRTNxHILL\Downloads\YTDSetup.exe, Quarantined, [83f1f8a72259f14587e288d7e71a08f8], PUP.Optional.OneClickDownloader.A, C:\Users\MRTNxHILL\Downloads\Tyler,_The_Creator_Goblin_(Deluxe_Edition)_-_iPlus.exe, Quarantined, [aec63d62285373c3c1ca67b26998e917], PUP.Optional.LiveLyrics.A, C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage, Quarantined, [54208a152853d2647d457f4de919a35d], PUP.Optional.LiveLyrics.A, C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal, Quarantined, [0c683f607efdbf774b77f1db3ec4ba46], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\64.ico, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\libeay32.dll, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\nfapi.dll, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\nfregdrv.exe, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\ProtocolFilters.dll, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\ssleay32.dll, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\SupraSavingsService64.exe, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], PUP.Optional.SupRaSavings.A, C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\uninstall_l.exe, Quarantined, [a7cd3867f784072fbb488f2d0bf7c739], Physical Sectors: 0(No malicious items detected) (end)
  4. FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01Ran by MRTNxHILL (administrator) on MRTNXHILL-PC on 15-07-2014 23:34:46Running from C:\Users\MRTNxHILL\DownloadsPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Webroot) C:\Program Files\Webroot\WRSA.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Lexmark International, Inc.) C:\Windows\System32\spool\drivers\x64\3\lxdvserv.exe( ) C:\Windows\System32\lxdvcoms.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe(Webroot) C:\Program Files\Webroot\WRSA.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe(ASUS) C:\Windows\AsScrPro.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe() C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe() C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1654992 2011-10-26] (Trend Micro Inc.)HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2011-10-04] (Trend Micro Inc.)HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [416992 2011-08-02] (Trend Micro Inc.)HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)HKLM\...\Run: [lxdvmon.exe] => C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe [455336 2007-11-02] ()HKLM\...\Run: [lxdvamon] => C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe [25256 2007-11-02] ()HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-03-06] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [766040 2014-06-13] (Webroot)HKLM-x32\...\Run: [Lexmark X5400 Series] => C:\Program Files (x86)\Lexmark X5400 Series\fm3032.exe [307880 2007-11-02] ()HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] - rmdir /s /q "\SearchProtect"HKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-29] (Electronic Arts)HKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)HKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnkShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnkShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnkShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.comSearchScopes: HKLM-x32 - DefaultScope value is missing.SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll ()BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Privacy Safeguard BHO -> {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} -> C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PrivacySafeguard)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll ()BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll ()Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll ()Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No FileFF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextensionFF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension [2012-03-06]FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextensionFF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension [2012-03-06] Chrome: =======CHR Extension: (Entanglement Web App) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2012-09-23]CHR Extension: (Theme Creator) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2012-09-23]CHR Extension: (Word Search Puzzle) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl [2014-01-13]CHR Extension: (Google Docs) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-15]CHR Extension: (Google Drive) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-15]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (Frat Boy Beer Pong) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldnejoajcpmegfmelnfikdlnnpclaoi [2012-11-14]CHR Extension: (YouTube) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-15]CHR Extension: (Google Search) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-15]CHR Extension: (Fun Switcher) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2012-09-23]CHR Extension: (AdBlock) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-12]CHR Extension: (Nike Theme 2.0) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplhpmojnbohfmhjgccigdofgbkahaca [2014-02-02]CHR Extension: (Skype Click to Call) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-15]CHR Extension: (Poppit) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2012-09-23]CHR Extension: (Google Dictionary (by Google)) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2012-09-23]CHR Extension: (Google Wallet) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]CHR Extension: (Webroot) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-07-15]CHR Extension: (Flow Colors) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk [2012-11-14]CHR Extension: (Gmail) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-14]CHR HKLM\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx [2012-08-31]CHR HKLM-x32\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx [2012-08-31]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2012-11-15]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)R2 lxdvCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdvserv.exe [33448 2007-10-18] (Lexmark International, Inc.)R2 lxdv_device; C:\Windows\system32\lxdvcoms.exe [1044136 2007-10-18] ( )R2 lxdv_device; C:\Windows\SysWOW64\lxdvcoms.exe [594600 2007-10-18] ( )S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [247072 2011-08-02] (Trend Micro Inc.)R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [766040 2014-06-13] (Webroot)S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X] ==================== Drivers (Whitelisted) ==================== R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.)R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows ® Win 7 DDK provider)R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-07] (Windows ® Win 7 DDK provider)R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-25] (AVG Technologies)R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [91920 2011-08-11] (Trend Micro Inc.)R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [167696 2011-08-11] (Trend Micro Inc.)R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [70928 2011-08-11] (Trend Micro Inc.)R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2014-06-13] (Webroot) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-15 23:23 - 2014-07-15 19:57 - 00024064 _____ () C:\Windows\zoek-delete.exe2014-07-15 20:08 - 2014-07-15 23:27 - 00011745 _____ () C:\zoek-results.log2014-07-15 19:57 - 2014-07-15 23:25 - 00000000 ____D () C:\zoek_backup2014-07-15 19:57 - 2014-07-15 19:57 - 01287168 _____ () C:\Users\MRTNxHILL\Downloads\zoek.exe2014-07-15 19:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-07-15 19:38 - 2014-07-15 19:47 - 00000000 ____D () C:\AdwCleaner2014-07-15 19:31 - 2014-07-15 19:31 - 01348263 _____ () C:\Users\MRTNxHILL\Downloads\AdwCleaner.exe2014-07-15 17:55 - 2014-07-15 17:57 - 00043583 _____ () C:\Users\MRTNxHILL\Downloads\Addition.txt2014-07-15 17:54 - 2014-07-15 23:34 - 00024718 _____ () C:\Users\MRTNxHILL\Downloads\FRST.txt2014-07-15 17:54 - 2014-07-15 23:34 - 00000000 ____D () C:\FRST2014-07-15 17:53 - 2014-07-15 17:53 - 02086912 _____ (Farbar) C:\Users\MRTNxHILL\Downloads\FRST64.exe2014-06-27 19:34 - 2014-06-27 19:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-27 19:34 - 2014-06-27 19:34 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-27 19:34 - 2014-06-27 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-27 19:33 - 2014-06-27 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-27 19:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-27 19:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-27 19:26 - 2014-06-27 19:26 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]geto.boys.discography.320.10.albums.rap.by.dragan09.torrent2014-06-27 19:25 - 2014-06-27 19:25 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\F7C8.tmp2014-06-26 17:56 - 2014-06-26 17:56 - 00000000 ____D () C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B502014-06-18 22:31 - 2014-06-18 22:31 - 00012500 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]method.man.tical.1994.320.kbps.torrent2014-06-16 22:52 - 2014-06-16 22:52 - 00017045 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]the.cool.kids.when.fish.ride.bicycles.2011.mp3ville.torrent2014-06-16 22:33 - 2014-06-16 22:33 - 00046830 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]busta.rhymes.discography.320.16albums.rap.by.dragan09.torrent2014-06-16 22:10 - 2014-06-16 22:10 - 00094673 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]krs.one.bdp.discography.320.28.albums.rap.by.dragan09.torrent2014-06-16 22:04 - 2014-06-16 22:04 - 00017842 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]slum.village.fantastic.vol.2.torrent ==================== One Month Modified Files and Folders ======= 2014-07-15 23:35 - 2014-07-15 17:54 - 00024718 _____ () C:\Users\MRTNxHILL\Downloads\FRST.txt2014-07-15 23:34 - 2014-07-15 17:54 - 00000000 ____D () C:\FRST2014-07-15 23:34 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-07-15 23:34 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-07-15 23:30 - 2013-10-30 14:08 - 00000000 ____D () C:\ProgramData\Origin2014-07-15 23:27 - 2014-07-15 20:08 - 00011745 _____ () C:\zoek-results.log2014-07-15 23:27 - 2013-10-30 14:06 - 00000000 ____D () C:\Program Files (x86)\Origin2014-07-15 23:26 - 2012-08-28 18:36 - 00000000 ____D () C:\ProgramData\WRData2014-07-15 23:26 - 2012-08-28 04:57 - 00000380 _____ () C:\Users\MRTNxHILL\AppData\Roaming\sp_data.sys2014-07-15 23:25 - 2014-07-15 19:57 - 00000000 ____D () C:\zoek_backup2014-07-15 23:25 - 2012-05-30 05:58 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job2014-07-15 23:25 - 2012-03-06 06:49 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-07-15 23:25 - 2012-03-06 06:27 - 00238350 _____ () C:\Windows\PFRO.log2014-07-15 23:25 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-07-15 23:25 - 2009-07-14 00:51 - 00083353 _____ () C:\Windows\setupact.log2014-07-15 23:24 - 2012-05-30 05:50 - 01504088 _____ () C:\Windows\WindowsUpdate.log2014-07-15 22:59 - 2012-03-06 06:49 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-07-15 22:49 - 2012-12-03 22:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-07-15 22:03 - 2012-08-28 04:55 - 00000000 ____D () C:\Users\MRTNxHILL2014-07-15 19:57 - 2014-07-15 23:23 - 00024064 _____ () C:\Windows\zoek-delete.exe2014-07-15 19:57 - 2014-07-15 19:57 - 01287168 _____ () C:\Users\MRTNxHILL\Downloads\zoek.exe2014-07-15 19:47 - 2014-07-15 19:38 - 00000000 ____D () C:\AdwCleaner2014-07-15 19:31 - 2014-07-15 19:31 - 01348263 _____ () C:\Users\MRTNxHILL\Downloads\AdwCleaner.exe2014-07-15 17:57 - 2014-07-15 17:55 - 00043583 _____ () C:\Users\MRTNxHILL\Downloads\Addition.txt2014-07-15 17:53 - 2014-07-15 17:53 - 02086912 _____ (Farbar) C:\Users\MRTNxHILL\Downloads\FRST64.exe2014-07-15 17:52 - 2012-08-31 12:03 - 00000000 ____D () C:\Users\MRTNxHILL\AppData\Roaming\uTorrent2014-07-15 17:34 - 2012-05-30 05:58 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job2014-07-11 21:48 - 2012-08-28 21:44 - 00000000 ____D () C:\ProgramData\Lx_cats2014-07-08 20:05 - 2012-12-03 22:38 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-07-08 20:05 - 2012-12-03 22:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-07-08 20:05 - 2012-12-03 22:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-07-06 18:49 - 2012-08-28 21:39 - 00000000 ____D () C:\Program Files (x86)\Steam2014-07-05 20:00 - 2013-09-09 17:23 - 00000000 ____D () C:\Windows\system32\MRT2014-07-05 19:58 - 2012-09-04 08:49 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-07-05 19:57 - 2012-08-28 18:13 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-07-05 19:55 - 2014-05-11 17:54 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-06-29 14:49 - 2012-05-30 06:04 - 00001860 _____ () C:\Windows\system32\ServiceFilter.ini2014-06-27 19:36 - 2014-06-27 19:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-27 19:34 - 2014-06-27 19:34 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-27 19:34 - 2014-06-27 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-27 19:34 - 2014-06-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-27 19:34 - 2014-01-13 06:03 - 00000000 ____D () C:\Users\MRTNxHILL\AppData\Roaming\Malwarebytes2014-06-27 19:33 - 2014-01-13 06:02 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-27 19:33 - 2014-01-13 06:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-06-27 19:26 - 2014-06-27 19:26 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]geto.boys.discography.320.10.albums.rap.by.dragan09.torrent2014-06-27 19:25 - 2014-06-27 19:25 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\F7C8.tmp2014-06-26 17:56 - 2014-06-26 17:56 - 00000000 ____D () C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B502014-06-25 23:46 - 2012-09-24 10:09 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys2014-06-24 19:20 - 2009-07-14 01:13 - 00798054 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-24 18:54 - 2012-03-06 06:49 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-06-24 18:54 - 2012-03-06 06:49 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-18 22:31 - 2014-06-18 22:31 - 00012500 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]method.man.tical.1994.320.kbps.torrent2014-06-16 22:52 - 2014-06-16 22:52 - 00017045 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]the.cool.kids.when.fish.ride.bicycles.2011.mp3ville.torrent2014-06-16 22:33 - 2014-06-16 22:33 - 00046830 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]busta.rhymes.discography.320.16albums.rap.by.dragan09.torrent2014-06-16 22:12 - 2013-10-11 21:10 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-16 22:10 - 2014-06-16 22:10 - 00094673 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]krs.one.bdp.discography.320.28.albums.rap.by.dragan09.torrent2014-06-16 22:04 - 2014-06-16 22:04 - 00017842 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]slum.village.fantastic.vol.2.torrent ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-27 21:28 ==================== End Of Log ============================
  5. AdwCleaner: # AdwCleaner v3.215 - Report created 15/07/2014 at 19:41:05# Updated 09/07/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : MRTNxHILL - MRTNXHILL-PC# Running from : C:\Users\MRTNxHILL\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** Service Deleted : SupraSavingsService64Service Deleted : vToolbarUpdater18.1.7 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apnFolder Deleted : C:\ProgramData\AskFolder Deleted : C:\ProgramData\AVG Secure SearchFolder Deleted : C:\ProgramData\ConduitFolder Deleted : C:\ProgramData\NCH SoftwareFolder Deleted : C:\Program Files (x86)\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\ConduitFolder Deleted : C:\Program Files (x86)\GreenTree ApplicationsFolder Deleted : C:\Program Files (x86)\MobogenieFolder Deleted : C:\Program Files (x86)\MyPC BackupFolder Deleted : C:\Program Files (x86)\NCH SoftwareFolder Deleted : C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\Common Files\SpigotFolder Deleted : C:\Windows\SysWOW64\SearchProtectFolder Deleted : C:\Program Files\003Folder Deleted : C:\Program Files\SupraSavingsFolder Deleted : C:\Users\MRTNxHILL\AppData\Local\AVG Secure SearchFolder Deleted : C:\Users\MRTNxHILL\AppData\Local\ConduitFolder Deleted : C:\Users\MRTNxHILL\AppData\Local\genienextFolder Deleted : C:\Users\MRTNxHILL\AppData\Local\MobogenieFolder Deleted : C:\Users\MRTNxHILL\AppData\Local\NativeMessagingFolder Deleted : C:\Users\MRTNxHILL\AppData\Local\Slick SavingsFolder Deleted : C:\Users\MRTNXH~1\AppData\Local\Temp\apnFolder Deleted : C:\Users\MRTNXH~1\AppData\Local\Temp\NativeMessagingFolder Deleted : C:\Users\MRTNxHILL\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\MRTNxHILL\AppData\LocalLow\ConduitFolder Deleted : C:\Users\MRTNxHILL\AppData\Roaming\newnext.meFolder Deleted : C:\Users\MRTNxHILL\AppData\Roaming\SystweakFolder Deleted : C:\Users\MRTNxHILL\Documents\MobogenieFolder Deleted : C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmnaFile Deleted : C:\ENDFile Deleted : C:\Windows\System32\roboot64.exeFile Deleted : C:\Users\MRTNxHILL\daemonprocess.txtFile Deleted : C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorageFile Deleted : C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journalFile Deleted : C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorageFile Deleted : C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journalFile Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocjKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpoojKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkkKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocppValue Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWndKey Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Deleted : HKLM\SOFTWARE\Classes\SKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAddValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\1ClickDownloadKey Deleted : HKCU\Software\AVG Secure SearchKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\SmartBarKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Deleted : HKCU\Software\AppDataLow\Software\CrossriderKey Deleted : HKCU\Software\AppDataLow\Software\Search SettingsKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKCU\Software\AppDataLow\Software\Supra SavingsKey Deleted : HKLM\Software\AVG Secure SearchKey Deleted : HKLM\Software\AVG Security ToolbarKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\suprasavingsKey Deleted : HKLM\Software\systweakKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure SearchKey Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcherKey Deleted : [x64] HKLM\SOFTWARE\Supra SavingsKey Deleted : [x64] HKLM\SOFTWARE\suprasavings ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmloDeleted [Extension] : ejpbbhjlbipncjklfjjaedaieimbmddaDeleted [Extension] : hbcennhacfaagdopikcegfcobcadeocjDeleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpoojDeleted [Extension] : icpgjfneehieebagbmdbhnlpiopdcmnaDeleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkkDeleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblofDeleted [Extension] : pfndaklgolladniicklehhancnlgocpp ************************* AdwCleaner[R0].txt - [14582 octets] - [15/07/2014 19:38:50]AdwCleaner[s0].txt - [14376 octets] - [15/07/2014 19:41:05] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [14437 octets] ########## Zoek:Zoek.exe v5.0.0.0 Updated 15-07-2014Tool run by MRTNxHILL on Tue 07/15/2014 at 19:58:26.66.Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\MRTNxHILL\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 7/15/2014 8:08:38 PM Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\SearchScopes\{078AD3A3-754C-4647-9AC9-6785CBF92CB7} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1D3220FC-A5A8-4847-83F3-8A9C61BFA01E} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1D75CBF6-E1B0-424C-A971-EAA6C4DFEC6C} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7FB50EAE-D607-4848-8E01-F3A6D6C98D2D} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1036AD63-AEAC-460B-9060-C96005D4DC86} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1036AD63-AEAC-460B-9060-C96005D4DC86} deleted successfullyHKEY_CLASSES_ROOT\CLSID\{1036AD63-AEAC-460B-9060-C96005D4DC86} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1036AD63-AEAC-460B-9060-C96005D4DC86} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1036AD63-AEAC-460B-9060-C96005D4DC86} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7473B6BD-4691-4744-A82B-7854EB3D70B6} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1036AD63-AEAC-460B-9060-C96005D4DC86} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511131190} deleted successfullyHKEY_USERS\S-1-5-21-2389733265-3962132501-2217828593-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\MRTNxHILL\.android deletedC:\search.sqlite deletedC:\PROGRA~3\SPL59F6.tmp deletedC:\Users\MRTNxHILL\AppData\Local\CRE deletedC:\Users\MRTNxHILL\AppData\Local\cache deletedC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deletedC:\Users\MRTNxHILL\Searches deletedC:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deletedC:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deletedC:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deletedC:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deletedC:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deletedC:\prefs.js deletedC:\Windows\SysNative\config\systemprofile\Searches deleted"C:\Windows\Installer\5ed64.msi" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"="C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension" [03/06/2012 07:00 AM] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensionsgeggofhlfbcmanadhknllmlajiafopoh - C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx[07/18/2012 01:42 AM]lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[04/11/2014 07:46 PM]lipgolpfajiadodbcbljdpmbmbdmfcil - C:\Users\MRTNxHILL\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx[]okfhiodnpcnnnpgbjbhfebjnbagmfhab - C:\ProgramData\WRData\pkg\lpchrome.crx[12/03/2012 10:14 PM] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensionslipgolpfajiadodbcbljdpmbmbdmfcil - C:\Users\MRTNxHILL\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx[] Theme Creator - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffcWord Search - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnlGoogle Voice Search Hotword (Beta) - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfnAdBlock - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidomNike Theme 2.0 - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplhpmojnbohfmhjgccigdofgbkahacaPoppit - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmiGoogle Dictionary (by Google) - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcojaFlow Colors - MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk ==== Chrome Fix ====================== C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage deleted successfullyC:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal deleted successfullyC:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage deleted successfullyC:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage-journal deleted successfullyC:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_broadband-search.com_0.localstorage deleted successfullyC:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_broadband-search.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="https://search.yahoo.com/?type=282369&fr=spigot-yhp-ie"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]No DefaultScope Set For HKCU New Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://www.google.com"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfullyC:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil deleted successfullyHKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil deleted successfullyHKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\MRTNxHILL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\MRTNxHILL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfullyC:\Users\MRTNxHILL\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=131 folders=28 5585100 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfullyC:\Users\Default User\AppData\Local\Temp emptied successfullyC:\Users\MRTNxHILL\AppData\Local\Temp will be emptied at rebootC:\Users\TEMP\AppData\Local\Temp emptied successfullyC:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at rebootC:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfullyC:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptiedC:\Users\MRTNXH~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on Tue 07/15/2014 at 23:27:19.71 ======================
  6. I need and I have already read how to post for help so here you go. FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01Ran by MRTNxHILL (administrator) on MRTNXHILL-PC on 15-07-2014 17:54:30Running from C:\Users\MRTNxHILL\DownloadsPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Webroot) C:\Program Files\Webroot\WRSA.exe(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Lexmark International, Inc.) C:\Windows\System32\spool\drivers\x64\3\lxdvserv.exe( ) C:\Windows\System32\lxdvcoms.exe() C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\SupraSavingsService64.exe(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe(Webroot) C:\Program Files\Webroot\WRSA.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe() C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe() C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe() C:\Program Files (x86)\AVG Secure Search\vprot.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe(ASUS) C:\Windows\AsScrPro.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1654992 2011-10-26] (Trend Micro Inc.)HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2011-10-04] (Trend Micro Inc.)HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [416992 2011-08-02] (Trend Micro Inc.)HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)HKLM\...\Run: [lxdvmon.exe] => C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe [455336 2007-11-02] ()HKLM\...\Run: [lxdvamon] => C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe [25256 2007-11-02] ()HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-03-06] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [766040 2014-06-13] (Webroot)HKLM-x32\...\Run: [Lexmark X5400 Series] => C:\Program Files (x86)\Lexmark X5400 Series\fm3032.exe [307880 2007-11-02] ()HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2571288 2014-06-25] ()HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exeHKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] - rmdir /s /q "\SearchProtect"HKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-29] (Electronic Arts)HKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\MRTNxHILL\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m lHKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)HKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)HKU\S-1-5-21-2389733265-3962132501-2217828593-1000\...\Run: [backgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\MRTNxHILL\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTIONStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnkShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnkShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnkShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/?type=282369&fr=spigot-yhp-ieHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.comURLSearchHook: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.)URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No FileURLSearchHook: HKCU - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.)SearchScopes: HKLM-x32 - DefaultScope {1D75CBF6-E1B0-424C-A971-EAA6C4DFEC6C} URL = SearchScopes: HKCU - DefaultScope {1D75CBF6-E1B0-424C-A971-EAA6C4DFEC6C} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3321733&octid=EB_ORIGINAL_CTID&ISID=M60B2D986-0C84-4431-9CCA-CC5F051CAF83&SearchSource=58&CUI=&UM=2&UP=SP9EFA7280-6650-4629-A092-6D97C7EDCF44&q={searchTerms}&SSPV=SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {078AD3A3-754C-4647-9AC9-6785CBF92CB7} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}SearchScopes: HKCU - {1D3220FC-A5A8-4847-83F3-8A9C61BFA01E} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=DE82D9A8-D5AA-4ECC-B25E-FE8DD51712BB&apn_sauid=839478C8-C4BA-4E62-952D-5D3C0923E89BSearchScopes: HKCU - {1D75CBF6-E1B0-424C-A971-EAA6C4DFEC6C} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3321733&octid=EB_ORIGINAL_CTID&ISID=M60B2D986-0C84-4431-9CCA-CC5F051CAF83&SearchSource=58&CUI=&UM=2&UP=SP9EFA7280-6650-4629-A092-6D97C7EDCF44&q={searchTerms}&SSPV=SearchScopes: HKCU - {7FB50EAE-D607-4848-8E01-F3A6D6C98D2D} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={E83E726E-48B8-43BD-849A-DCECF906B86D}&mid=b6bb5030385047d08a46c1f60ecff627-707021ce4dbc630d0278fad6fc5e925bfacf3d3e〈=en&ds=st011&pr=sa&d=2012-09-24 10:09:19&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}BHO: Privacy Safeguard BHO -> {1036AD63-AEAC-460B-9060-C96005D4DC86} -> C:\Program Files\PrivacySafeGuard\PrivacySafeGuard-x64.dll (PrivacySafeguard)BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll ()BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)BHO: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No FileBHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)BHO-x32: No Name -> {1036AD63-AEAC-460B-9060-C96005D4DC86} -> No FileBHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)BHO-x32: uTorrentControl_v2 Toolbar -> {7473b6bd-4691-4744-a82b-7854eb3d70b6} -> C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)BHO-x32: Privacy Safeguard BHO -> {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} -> C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PrivacySafeguard)BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll ()BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll ()Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No FileToolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)Toolbar: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.)Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll ()Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No FileToolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No FileToolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll (Trend Micro Inc.)Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg.dll (Trend Micro Inc.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll (Trend Micro Inc.)Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll (Trend Micro Inc.)Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No FileFF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No FileFF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextensionFF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension [2012-03-06]FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextensionFF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension [2012-03-06]FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 Chrome: =======CHR HomePage: CHR NewTab: "chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No FileCHR Plugin: (Remoting Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No FileCHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Default Plug-in) - default_plugin No FileCHR Extension: (Entanglement Web App) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2012-09-23]CHR Extension: (Theme Creator) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2012-09-23]CHR Extension: (Word Search Puzzle) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl [2014-01-13]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (Frat Boy Beer Pong) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldnejoajcpmegfmelnfikdlnnpclaoi [2012-11-14]CHR Extension: (Fun Switcher) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2012-09-23]CHR Extension: (AdBlock) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-12]CHR Extension: (New Tab Redirect) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2014-04-30]CHR Extension: (Nike Theme 2.0) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplhpmojnbohfmhjgccigdofgbkahaca [2014-02-02]CHR Extension: (Poppit) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2012-09-23]CHR Extension: (Google Dictionary (by Google)) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2012-09-23]CHR Extension: (Google Wallet) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]CHR Extension: (Flow Colors) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk [2012-11-14]CHR Extension: (Gmail) - C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-14]CHR HKLM\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx [2012-08-31]CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\MRTNxHILL\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-08-31]CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\MRTNxHILL\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-12-12]CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\MRTNxHILL\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2013-12-12]CHR HKLM-x32\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx [2012-08-31]CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\MRTNxHILL\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-12-12]CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-27]CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2012-11-15]CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)R2 lxdvCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdvserv.exe [33448 2007-10-18] (Lexmark International, Inc.)R2 lxdv_device; C:\Windows\system32\lxdvcoms.exe [1044136 2007-10-18] ( )R2 lxdv_device; C:\Windows\SysWOW64\lxdvcoms.exe [594600 2007-10-18] ( )S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)R2 SupraSavingsService64; C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed]R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [247072 2011-08-02] (Trend Micro Inc.)R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1813528 2014-06-25] (AVG Secure Search)R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [766040 2014-06-13] (Webroot)S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X] ==================== Drivers (Whitelisted) ==================== R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.)R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows ® Win 7 DDK provider)R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-07] (Windows ® Win 7 DDK provider)R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-25] (AVG Technologies)R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [91920 2011-08-11] (Trend Micro Inc.)R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [167696 2011-08-11] (Trend Micro Inc.)R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [70928 2011-08-11] (Trend Micro Inc.)R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2014-06-13] (Webroot) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-15 17:54 - 2014-07-15 17:55 - 00033434 _____ () C:\Users\MRTNxHILL\Downloads\FRST.txt2014-07-15 17:54 - 2014-07-15 17:54 - 00000000 ____D () C:\FRST2014-07-15 17:53 - 2014-07-15 17:53 - 02086912 _____ (Farbar) C:\Users\MRTNxHILL\Downloads\FRST64.exe2014-07-06 18:22 - 2014-07-15 17:42 - 00000000 ____D () C:\Program Files\SupraSavings2014-06-27 19:34 - 2014-06-27 19:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-27 19:34 - 2014-06-27 19:34 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-27 19:34 - 2014-06-27 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-27 19:33 - 2014-06-27 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-27 19:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-27 19:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-27 19:26 - 2014-06-27 19:26 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]geto.boys.discography.320.10.albums.rap.by.dragan09.torrent2014-06-27 19:25 - 2014-06-27 19:25 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\F7C8.tmp2014-06-26 17:56 - 2014-06-26 17:56 - 00000000 ____D () C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B502014-06-18 22:31 - 2014-06-18 22:31 - 00012500 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]method.man.tical.1994.320.kbps.torrent2014-06-16 22:52 - 2014-06-16 22:52 - 00017045 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]the.cool.kids.when.fish.ride.bicycles.2011.mp3ville.torrent2014-06-16 22:33 - 2014-06-16 22:33 - 00046830 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]busta.rhymes.discography.320.16albums.rap.by.dragan09.torrent2014-06-16 22:10 - 2014-06-16 22:10 - 00094673 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]krs.one.bdp.discography.320.28.albums.rap.by.dragan09.torrent2014-06-16 22:04 - 2014-06-16 22:04 - 00017842 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]slum.village.fantastic.vol.2.torrent ==================== One Month Modified Files and Folders ======= 2014-07-15 17:55 - 2014-07-15 17:54 - 00033434 _____ () C:\Users\MRTNxHILL\Downloads\FRST.txt2014-07-15 17:54 - 2014-07-15 17:54 - 00000000 ____D () C:\FRST2014-07-15 17:54 - 2012-08-28 18:36 - 00000000 ____D () C:\ProgramData\WRData2014-07-15 17:53 - 2014-07-15 17:53 - 02086912 _____ (Farbar) C:\Users\MRTNxHILL\Downloads\FRST64.exe2014-07-15 17:52 - 2012-08-31 12:03 - 00000000 ____D () C:\Users\MRTNxHILL\AppData\Roaming\uTorrent2014-07-15 17:51 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-07-15 17:51 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-07-15 17:49 - 2012-12-03 22:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-07-15 17:49 - 2012-05-30 05:50 - 01468989 _____ () C:\Windows\WindowsUpdate.log2014-07-15 17:42 - 2014-07-06 18:22 - 00000000 ____D () C:\Program Files\SupraSavings2014-07-15 17:42 - 2012-03-06 06:49 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-07-15 17:35 - 2012-03-06 06:49 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-07-15 17:34 - 2012-08-28 04:57 - 00000380 _____ () C:\Users\MRTNxHILL\AppData\Roaming\sp_data.sys2014-07-15 17:34 - 2012-05-30 05:58 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job2014-07-11 21:48 - 2012-08-28 21:44 - 00000000 ____D () C:\ProgramData\Lx_cats2014-07-08 20:05 - 2012-12-03 22:38 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-07-08 20:05 - 2012-12-03 22:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-07-08 20:05 - 2012-12-03 22:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-07-06 18:49 - 2012-08-28 21:39 - 00000000 ____D () C:\Program Files (x86)\Steam2014-07-06 18:27 - 2013-12-24 01:07 - 00000000 ____D () C:\Users\MRTNxHILL\AppData\Roaming\newnext.me2014-07-06 18:26 - 2013-10-30 14:06 - 00000000 ____D () C:\Program Files (x86)\Origin2014-07-06 18:26 - 2013-06-11 18:14 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job2014-07-06 18:26 - 2013-06-05 16:11 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job2014-07-06 18:26 - 2012-05-30 05:58 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job2014-07-06 18:26 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-07-06 18:25 - 2009-07-14 00:51 - 00083185 _____ () C:\Windows\setupact.log2014-07-06 18:21 - 2012-03-06 06:27 - 00237698 _____ () C:\Windows\PFRO.log2014-07-05 20:00 - 2013-09-09 17:23 - 00000000 ____D () C:\Windows\system32\MRT2014-07-05 19:58 - 2012-09-04 08:49 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-07-05 19:57 - 2012-08-28 18:13 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-07-05 19:55 - 2014-05-11 17:54 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-06-29 23:06 - 2013-10-30 14:08 - 00000000 ____D () C:\ProgramData\Origin2014-06-29 14:49 - 2012-05-30 06:04 - 00001860 _____ () C:\Windows\system32\ServiceFilter.ini2014-06-27 21:53 - 2014-04-28 17:05 - 00000000 ____D () C:\Program Files\0032014-06-27 20:33 - 2014-04-27 15:15 - 00000000 ____D () C:\ProgramData\AVG Secure Search2014-06-27 20:33 - 2012-09-24 10:09 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search2014-06-27 19:36 - 2014-06-27 19:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-27 19:34 - 2014-06-27 19:34 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-27 19:34 - 2014-06-27 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-27 19:34 - 2014-06-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-27 19:34 - 2014-01-13 06:03 - 00000000 ____D () C:\Users\MRTNxHILL\AppData\Roaming\Malwarebytes2014-06-27 19:33 - 2014-01-13 06:02 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-27 19:33 - 2014-01-13 06:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-06-27 19:26 - 2014-06-27 19:26 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]geto.boys.discography.320.10.albums.rap.by.dragan09.torrent2014-06-27 19:25 - 2014-06-27 19:25 - 00032659 _____ () C:\Users\MRTNxHILL\Downloads\F7C8.tmp2014-06-26 17:56 - 2014-06-26 17:56 - 00000000 ____D () C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B502014-06-25 23:46 - 2012-09-24 10:09 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys2014-06-24 19:20 - 2009-07-14 01:13 - 00798054 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-24 18:54 - 2012-03-06 06:49 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-06-24 18:54 - 2012-03-06 06:49 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-18 22:31 - 2014-06-18 22:31 - 00012500 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]method.man.tical.1994.320.kbps.torrent2014-06-16 22:52 - 2014-06-16 22:52 - 00017045 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]the.cool.kids.when.fish.ride.bicycles.2011.mp3ville.torrent2014-06-16 22:33 - 2014-06-16 22:33 - 00046830 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]busta.rhymes.discography.320.16albums.rap.by.dragan09.torrent2014-06-16 22:12 - 2013-10-11 21:10 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-16 22:10 - 2014-06-16 22:10 - 00094673 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]krs.one.bdp.discography.320.28.albums.rap.by.dragan09.torrent2014-06-16 22:04 - 2014-06-16 22:04 - 00017842 _____ () C:\Users\MRTNxHILL\Downloads\[kickass.to]slum.village.fantastic.vol.2.torrent Some content of TEMP:====================C:\Users\MRTNxHILL\AppData\Local\Temp\6_Offer_15.exeC:\Users\MRTNxHILL\AppData\Local\Temp\AVG.exeC:\Users\MRTNxHILL\AppData\Local\Temp\avguidx.dllC:\Users\MRTNxHILL\AppData\Local\Temp\BackupSetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\burnsetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\CommonInstaller.exeC:\Users\MRTNxHILL\AppData\Local\Temp\contentDATs.exeC:\Users\MRTNxHILL\AppData\Local\Temp\dlLogic.exeC:\Users\MRTNxHILL\AppData\Local\Temp\dltr.exeC:\Users\MRTNxHILL\AppData\Local\Temp\DownloadManager.exeC:\Users\MRTNxHILL\AppData\Local\Temp\exthelper.exeC:\Users\MRTNxHILL\AppData\Local\Temp\GCVerifier.dllC:\Users\MRTNxHILL\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exeC:\Users\MRTNxHILL\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exeC:\Users\MRTNxHILL\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exeC:\Users\MRTNxHILL\AppData\Local\Temp\MachineIdCreator.exeC:\Users\MRTNxHILL\AppData\Local\Temp\Mobogenie_Setup_US.exeC:\Users\MRTNxHILL\AppData\Local\Temp\mpsetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\mssinstaller.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsf7D0E.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsk3066.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsk608B.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nskF68.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsl8D2B.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nso8F48.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsoB38B.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsqE6BC.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsqF694.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsv18D4.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsz2F81.exeC:\Users\MRTNxHILL\AppData\Local\Temp\nsz4218.exeC:\Users\MRTNxHILL\AppData\Local\Temp\oi_{4828F5E0-1160-4C47-AE8F-7EAB7CC4B11E}.exeC:\Users\MRTNxHILL\AppData\Local\Temp\ose00000.exeC:\Users\MRTNxHILL\AppData\Local\Temp\RegClean10.exeC:\Users\MRTNxHILL\AppData\Local\Temp\ripsetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\SearchProtectINT.exeC:\Users\MRTNxHILL\AppData\Local\Temp\SearchProtectionSetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\MRTNxHILL\AppData\Local\Temp\setup-Jutera_US_pscombined-bunndle-cb-1.1-x86x64_20120808.exeC:\Users\MRTNxHILL\AppData\Local\Temp\setup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\SPSetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\switchsetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\tbConn.dllC:\Users\MRTNxHILL\AppData\Local\Temp\tbedrs.dllC:\Users\MRTNxHILL\AppData\Local\Temp\ToolbarInstaller.exeC:\Users\MRTNxHILL\AppData\Local\Temp\utt281C.tmp.exeC:\Users\MRTNxHILL\AppData\Local\Temp\utt4B5B.tmp.exeC:\Users\MRTNxHILL\AppData\Local\Temp\uttC514.tmp.exeC:\Users\MRTNxHILL\AppData\Local\Temp\uttC968.tmp.exeC:\Users\MRTNxHILL\AppData\Local\Temp\verifier.exeC:\Users\MRTNxHILL\AppData\Local\Temp\wpsetup.exeC:\Users\MRTNxHILL\AppData\Local\Temp\WRupdate-428516306.exeC:\Users\MRTNxHILL\AppData\Local\Temp\{AFFC373F-9EA9-4604-88DD-668DB11AA89D}-28.0.1500.95_28.0.1500.72_chrome_updater.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-27 21:28 ==================== End Of Log ============================ Addition.txt:Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01Ran by MRTNxHILL at 2014-07-15 17:55:51Running from C:\Users\MRTNxHILL\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}AV: Trend Micro Titanium Internet Security 2012 (Disabled - Up to date) {7193B549-236F-55EE-9AEC-F65279E59A92}AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}AS: Trend Micro Titanium Internet Security 2012 (Disabled - Up to date) {CAF254AD-0555-5A60-A05C-CD200262D02F}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.23 - ASUS)ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)ASUS K5 Series ScreenSaver (HKLM-x32\...\ASUS K5 Series ScreenSaver) (Version: 1.0.0002 - ASUS)ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.0 - ASUS)ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.8 - ASUS)ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.9 - ASUS)ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.7.644 - AVG Technologies)Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)Convert Audio Free FLAC to MP3 version 1.0 (HKLM-x32\...\Convert Audio Free FLAC to MP3_is1) (Version: 1.0 - )Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) HiddenCyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)CyberLink Media Suite (x32 Version: 8.0.2926 - CyberLink Corp.) HiddenCyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)CyberLink Power2Go (x32 Version: 7.0.0.1126 - CyberLink Corp.) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDarkest Hour: Europe '44-'45 (HKLM-x32\...\Steam App 1280) (Version: - Darkest Hour Team)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenGalería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenGalerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenGarry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenHotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.10 - ASUS)Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35132 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJunk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenKatawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)Killing Floor Mod: Defence Alliance 2 (HKLM-x32\...\Steam App 35420) (Version: - )Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)Lexmark X5400 Series (HKLM\...\Lexmark X5400 Series) (Version: - Lexmark International, Inc.)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Mare Nostrum (HKLM-x32\...\Steam App 1230) (Version: - Sandstorm Productions)McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenOpenAL (HKLM-x32\...\OpenAL) (Version: - )Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)Privacy SafeGuard version 1.1 (HKLM\...\{B820C985-D9F1-45B5-A7F5-0C5863CBEA04}_is1) (Version: 1.1 - Privacy SafeGuard)Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)Red Orchestra 2: Heroes of Stalingrad (HKLM-x32\...\Steam App 35450) (Version: - Tripwire)Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version: - Tripwire Interactive)SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.11 - ASUS)Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) HiddenSkype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)Slice Audio File Splitter (HKLM-x32\...\Slice) (Version: - NCH Software)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version: - Mike Bithell)Trend Micro Titanium (Version: 5.00 - Trend Micro Inc.) HiddenTrend Micro Titanium Internet Security 2012 (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 5.0 - Trend Micro Inc.)Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)uTorrentControl_v2 Toolbar (HKLM-x32\...\uTorrentControl_v2 Toolbar) (Version: 6.9.0.16 - uTorrentControl_v2) <==== ATTENTIONWebroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.4.84 - Webroot)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation) ==================== Restore Points ========================= 24-05-2014 07:00:21 Windows Update25-05-2014 03:30:16 Windows Update15-06-2014 03:19:49 Windows Update05-07-2014 23:20:11 Removed YTD Toolbar v9.4.05-07-2014 23:23:55 Removed YTD Toolbar v9.4.05-07-2014 23:55:10 Windows Update ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {03481314-0D56-4EA1-8187-8F544F93BADC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-06] (Google Inc.)Task: {0883A27C-858A-48BC-97FE-56AF1A8765FB} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2011-12-21] (ASUSTeK Computer Inc.)Task: {0FE70065-BEB1-4E26-8511-CFFCAB8DA87D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)Task: {1282D92A-748E-48C9-934C-7815B284B898} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)Task: {147663BE-D1A1-4090-B92C-63297523897A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-01-30] (ASUSTek Computer Inc.)Task: {3DCE16FB-2876-4DFE-9B7D-E75D3A37D74D} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)Task: {4A49A795-CA35-4D53-91BB-BF016D91294B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-06] (Google Inc.)Task: {50CD89E5-C209-41C3-8F28-75047C126F98} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{E721F325-9223-4FB6-897B-D5566BE0129E}.exeTask: {5CCFB8A9-1481-402B-821A-2DE1CE5B1A72} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)Task: {77D600D5-7A49-42DA-977C-550C2ADCA3AF} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{9AC2F05A-BA82-48AA-8410-648640D74F7C}.exeTask: {7E8D1A6B-2241-4F9A-B49C-F0460368260D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)Task: {804428FE-3EBA-49D8-95AC-B152A4446086} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\MRTNxHILL\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTIONTask: {80DB0A95-0BE7-4208-9957-DF3565F80C8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)Task: {810EFC09-22D3-42C9-B32C-6F39A6E05027} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2011-12-21] (ASUSTeK Computer Inc.)Task: {96573818-62EB-42B2-8DEA-FD924B2A1F56} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-01-04] (ASUS)Task: {D6F880B7-D5E4-4501-B367-1B3D9728C29B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{E721F325-9223-4FB6-897B-D5566BE0129E}.exeTask: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{9AC2F05A-BA82-48AA-8410-648640D74F7C}.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exeTask: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (whitelisted) ============= 2012-08-28 21:39 - 2007-09-24 21:03 - 00045568 _____ () C:\Windows\System32\LXDVPMON.DLL2012-08-28 21:38 - 2007-08-14 03:17 - 00069632 _____ () C:\Windows\System32\LXDVOEM.DLL2012-08-28 21:38 - 2007-09-24 20:53 - 00081408 _____ () C:\Program Files (x86)\Lexmark X5400 Series\ipcmt64.dll2012-08-28 21:41 - 2007-05-02 23:43 - 00138240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdvdrpp.dll2007-05-16 00:50 - 2007-05-16 00:50 - 01389568 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdvptpc.dll2007-05-02 23:45 - 2007-05-02 23:45 - 00182272 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdvdrui.dll2007-05-02 23:42 - 2007-05-02 23:42 - 00214016 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdvdr.dll2007-10-01 18:19 - 2007-10-01 18:19 - 01682944 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdvHPEC.DLL2007-07-20 07:32 - 2007-07-20 07:32 - 00193024 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxdvdatr.dll2012-05-30 05:58 - 2011-12-16 14:02 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe2007-08-10 15:51 - 2007-08-10 15:51 - 00025088 _____ () C:\Windows\system32\lxdvcaps.dll2014-06-25 13:58 - 2014-06-25 13:58 - 00172544 _____ () C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\SupraSavingsService64.exe2014-06-12 15:05 - 2014-06-12 15:05 - 00110080 _____ () C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\nfapi.dll2014-06-12 15:05 - 2014-06-12 15:05 - 00456192 _____ () C:\Program Files (x86)\A1D0A8BA-DE75-49A5-A1BF-870FC16D4B50\ProtocolFilters.dll2014-06-27 20:33 - 2014-06-25 23:46 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll2012-08-28 21:37 - 2007-11-02 04:38 - 00455336 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe2012-08-28 21:37 - 2007-11-02 04:38 - 00025256 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe2012-09-24 10:09 - 2014-06-25 23:46 - 02571288 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe2012-03-06 06:59 - 2011-08-02 16:45 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll2012-03-06 06:59 - 2011-08-02 16:45 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll2012-03-11 23:28 - 2012-02-22 03:18 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll2011-12-14 19:18 - 2011-12-14 19:18 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-06-27 20:33 - 2014-06-25 23:46 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll2012-08-28 21:37 - 2007-09-06 16:38 - 00278528 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvscw.dll2012-08-28 21:37 - 2007-07-20 07:30 - 00188416 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvdatr.dll2012-08-28 21:37 - 2006-12-28 11:47 - 00073728 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvcats.dll2012-08-28 21:37 - 2007-09-06 16:40 - 00692224 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvDRS.dll2012-08-28 21:37 - 2007-08-10 15:49 - 00065536 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvcaps.dll2012-08-28 21:37 - 2007-07-16 13:53 - 00069632 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvcnv4.dll2012-08-28 21:37 - 2007-10-08 04:59 - 00028672 _____ () C:\Program Files (x86)\Lexmark X5400 Series\App4R.Monitor.Common.dll2012-08-28 21:37 - 2007-10-08 04:59 - 00036864 _____ () C:\Program Files (x86)\Lexmark X5400 Series\App4R.Monitor.Core.dll2012-08-28 21:37 - 2007-10-08 04:58 - 00057344 _____ () C:\Program Files (x86)\Lexmark X5400 Series\app4r.devmons.mcmdevmon.dll2012-08-28 21:37 - 2007-08-10 02:12 - 00011776 _____ () C:\Program Files (x86)\Lexmark X5400 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll2014-01-31 22:22 - 2014-06-29 14:52 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll2012-01-31 12:25 - 2012-01-31 12:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll2012-02-06 22:32 - 2012-02-06 22:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll2010-08-20 12:57 - 2010-08-20 12:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll2010-08-20 12:57 - 2010-08-20 12:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll2012-05-30 05:58 - 2011-12-16 13:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll2011-08-15 23:12 - 2011-08-15 23:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll2011-08-15 23:15 - 2011-08-15 23:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll2011-08-17 19:41 - 2011-08-17 19:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll2011-08-17 19:48 - 2011-08-17 19:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll2011-11-25 16:29 - 2011-11-25 16:29 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll2011-08-15 23:12 - 2011-08-15 23:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll2011-08-17 19:48 - 2011-08-17 19:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll2011-08-15 22:23 - 2011-08-15 22:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll2011-11-25 16:28 - 2011-11-25 16:28 - 00484352 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll2011-11-25 16:42 - 2011-11-25 16:42 - 00499976 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll2011-11-25 16:26 - 2011-11-25 16:26 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll2011-07-19 19:05 - 2011-07-19 19:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll2011-07-19 19:04 - 2011-07-19 19:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll2011-08-15 23:17 - 2011-08-15 23:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll2014-06-16 22:12 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll2014-06-16 22:12 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll2014-06-16 22:12 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll2014-06-16 22:12 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll2014-06-16 22:12 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll2014-06-16 22:12 - 2014-06-05 09:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll2014-07-15 17:45 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\MRTNxHILL\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exeMSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exeMSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/15/2014 05:34:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 60666121 Error: (07/15/2014 05:34:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 60666121 Error: (07/15/2014 05:34:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/15/2014 00:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 21590 Error: (07/15/2014 00:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 21590 Error: (07/15/2014 00:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/15/2014 00:43:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 20514 Error: (07/15/2014 00:43:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 20514 Error: (07/15/2014 00:43:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/15/2014 00:43:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 19484 System errors:=============Error: (07/06/2014 06:33:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (07/06/2014 06:33:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (07/06/2014 06:24:54 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)Description: CBS Client initialization failed. Last error: 0x8007045b Error: (07/06/2014 06:23:06 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)Description: CBS Client initialization failed. Last error: 0x8007045b Error: (07/05/2014 07:54:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )Description: The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/05/2014 07:24:03 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (06/27/2014 09:52:34 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} Error: (06/27/2014 08:46:45 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {F25AF245-4A81-40DC-92F9-E9021F207706} Error: (06/27/2014 08:34:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The vToolbarUpdater18.1.7 service failed to start due to the following error: %%1053 Error: (06/27/2014 08:34:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the vToolbarUpdater18.1.7 service to connect. Microsoft Office Sessions:=========================Error: (07/15/2014 05:34:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 60666121 Error: (07/15/2014 05:34:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 60666121 Error: (07/15/2014 05:34:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/15/2014 00:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 21590 Error: (07/15/2014 00:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 21590 Error: (07/15/2014 00:43:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/15/2014 00:43:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 20514 Error: (07/15/2014 00:43:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 20514 Error: (07/15/2014 00:43:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/15/2014 00:43:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 19484 ==================== Memory info =========================== Percentage of memory in use: 59%Total physical RAM: 3981.91 MBAvailable physical RAM: 1599.99 MBTotal Pagefile: 7962.01 MBAvailable Pagefile: 5078.23 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:440.44 GB) (Free:243.06 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: 527CD163) Partition: GPT Partition Type. ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.