Jump to content

Feliz_Navidad

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01 Ran by David (administrator) on DAVIDS-LAPTOP on 16-07-2014 22:31:36 Running from C:\Users\David\Downloads Platform: Windows 8 Pro (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe () C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe () C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Webroot) C:\Program Files\Webroot\WRSA.exe (Webroot) C:\Program Files\Webroot\WRSA.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe () C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor) HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7830328 2013-05-21] (Motorola Solutions, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-07-10] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [767152 2014-07-16] (Webroot) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 HKLM\...\Policies\Explorer: [NoFind] 0 HKLM\...\Policies\Explorer: [NoFile] 0 HKLM\...\Policies\Explorer: [HideClock] 0 HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0 HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKLM\...\Policies\Explorer: [NoSetFolders] 0 HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKLM\...\Policies\Explorer: [NoSetTaskbar] 0 HKLM\...\Policies\Explorer: [NoDeletePrinter] 0 HKLM\...\Policies\Explorer: [NoDFSTab] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\...\Policies\Explorer: [NoLogoff] 0 HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0 HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 0 HKLM\...\Policies\Explorer: [NoSaveSettings] 0 HKLM\...\Policies\Explorer: [NoHardwareTab] 0 HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKLM\...\Policies\Explorer: [NoDesktop] 0 HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0 HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0 HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0 HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0 HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-07] (Spotify Ltd) HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-07] (Spotify Ltd) HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.) HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [844360 2014-05-22] (Samsung) HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Run: [Facebook Update] => C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-07] (Facebook Inc.) HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-322845217-1241388301-3331846307-1002\...\Policies\Explorer: [NoStartMenuSubFolders] 0 AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation) AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=BDT3&ocid=BDT3DHP HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot) BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot) BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\David\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) Chrome: ======= CHR HomePage: CHR StartupUrls: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://search.yahoo.com/?type=599486&fr=spigot-yhp-ch" CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-30] CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-30] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-01] CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-30] CHR Extension: (Adblock Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-07] CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-30] CHR Extension: (HTTPS Everywhere) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-05-07] CHR Extension: (Webroot Filtering Extension) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-05-07] CHR Extension: (Ghostery) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-05-07] CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-07] CHR Extension: (ScriptSafe) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-05-07] CHR Extension: (Webroot Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-07-03] CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-30] CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-04-09] CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-04-09] ==================== Services (Whitelisted) ================= R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed] R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-07-26] (Intel Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation) R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation) R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation) R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation) R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] () R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed] S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation) R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-08-15] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation) R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [767152 2014-07-16] (Webroot) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-04] (ASUS Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-08-01] (Motorola Solutions, Inc.) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider) R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-07-31] (Intel Corporation) R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation) R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113096 2013-08-06] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( ) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-16] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows ® Win 7 DDK provider) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows ® Win 7 DDK provider) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation) R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115744 2014-07-16] (Webroot) U0 SR; U2 srservice; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-16 22:31 - 2014-07-16 22:33 - 00040164 _____ () C:\Users\David\Downloads\FRST.txt 2014-07-16 22:31 - 2014-07-16 22:32 - 00000000 ____D () C:\FRST 2014-07-16 22:30 - 2014-07-16 22:30 - 02086912 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2014-07-13 23:14 - 2014-07-16 11:37 - 00000000 ____D () C:\WINDOWS\Minidump 2014-07-10 15:32 - 2014-07-10 15:32 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-07-09 15:11 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2014-07-09 10:59 - 2014-06-30 17:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-07-09 10:59 - 2014-06-28 02:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-07-09 10:59 - 2014-06-28 02:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2014-07-08 22:58 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-07-08 22:58 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-07-08 22:58 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-07-08 22:58 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-07-08 22:58 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-07-08 22:58 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-07-08 22:58 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-07-08 22:58 - 2014-06-18 18:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-07-08 22:58 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-07-08 22:58 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-07-08 22:58 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-07-08 22:58 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-07-08 22:58 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-07-08 22:58 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-07-08 22:58 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-07-08 22:58 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-07-08 22:58 - 2014-06-18 17:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-07-08 22:58 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-07-08 22:58 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-07-08 22:58 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-07-08 22:58 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-07-08 22:58 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-07-08 22:58 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-07-08 22:58 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-07-08 22:58 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-07-08 22:58 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-07-08 22:58 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-07-08 22:58 - 2014-06-16 17:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2014-07-08 22:58 - 2014-06-16 17:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2014-07-08 22:58 - 2014-06-06 09:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-07-08 22:58 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2014-07-08 22:58 - 2014-05-29 07:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-07-08 22:58 - 2014-05-29 02:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-07-08 22:58 - 2014-05-29 01:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-07-08 22:58 - 2014-05-29 01:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-07-08 22:58 - 2014-05-29 00:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-07-08 22:58 - 2014-05-29 00:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-07-08 22:57 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-07-08 22:57 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-07-08 22:57 - 2014-05-31 05:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-07-08 22:57 - 2014-05-31 05:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2014-07-08 22:57 - 2014-05-30 22:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-07-08 22:57 - 2014-05-30 22:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-07-08 22:57 - 2014-05-30 22:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-08 22:57 - 2014-05-30 22:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-07-08 22:57 - 2014-05-30 22:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-07-08 22:57 - 2014-05-30 22:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-08 22:57 - 2014-05-30 21:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-07-08 22:57 - 2014-05-30 21:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-07-08 22:57 - 2014-05-30 21:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-07-08 22:57 - 2014-05-30 21:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2014-07-08 22:57 - 2014-05-30 21:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-07-08 22:57 - 2014-05-30 21:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-07-08 22:57 - 2014-05-30 21:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-07-08 22:55 - 2014-07-08 22:55 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-07-07 15:07 - 2014-07-16 12:12 - 00000956 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA.job 2014-07-07 15:07 - 2014-07-14 15:12 - 00000934 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core.job 2014-07-07 15:07 - 2014-07-07 15:07 - 00501248 _____ (Facebook Inc.) C:\Users\David\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2014-07-07 15:07 - 2014-07-07 15:07 - 00003804 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA 2014-07-07 15:07 - 2014-07-07 15:07 - 00003454 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core 2014-07-07 15:07 - 2014-07-07 15:07 - 00000000 ____D () C:\Users\David\AppData\Local\Facebook 2014-07-03 12:59 - 2014-07-16 11:32 - 00000062 _____ () C:\Users\David\AppData\Roaming\sp_data.sys 2014-07-03 00:56 - 2014-07-03 00:56 - 00000000 ____D () C:\Users\David\Doctor Web 2014-07-03 00:53 - 2014-07-03 00:56 - 151641568 _____ () C:\Users\David\Downloads\injd6xie.exe 2014-07-03 00:32 - 2014-07-12 08:05 - 00000000 ____D () C:\Users\David\AppData\Local\lptmp746254350 2014-07-02 03:28 - 2014-07-02 03:28 - 00000000 ____D () C:\Program Files\SAMSUNG 2014-07-02 02:29 - 2014-07-02 02:29 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-07-02 02:26 - 2014-07-02 03:40 - 00000000 ____D () C:\Users\David\Documents\SelfMV 2014-07-02 02:26 - 2014-07-02 02:26 - 00001987 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk 2014-07-02 02:25 - 2014-07-02 02:25 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-07-02 02:23 - 2014-07-03 12:58 - 00000000 ____D () C:\Program Files (x86)\MarkAny 2014-07-02 02:23 - 2014-07-03 01:53 - 00000000 ____D () C:\Users\David\AppData\Roaming\Samsung 2014-07-02 02:23 - 2014-07-03 01:53 - 00000000 ____D () C:\Users\David\AppData\Local\Samsung 2014-07-02 02:23 - 2014-07-02 03:42 - 00000000 ____D () C:\Users\David\Documents\samsung 2014-07-02 02:22 - 2014-04-11 03:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2014-07-02 02:22 - 2014-04-11 03:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2014-07-02 02:21 - 2014-07-02 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-07-02 02:20 - 2014-07-03 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-07-02 02:20 - 2014-07-02 02:20 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec 2014-07-02 02:20 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2014-07-02 02:20 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll 2014-07-02 02:19 - 2014-07-03 01:53 - 00000000 ____D () C:\ProgramData\Samsung 2014-07-02 02:19 - 2014-07-03 01:53 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-07-02 02:18 - 2014-07-02 02:18 - 74796544 _____ () C:\Users\David\Downloads\Samsung Kies.msi 2014-07-02 02:18 - 2014-07-02 02:17 - 00022492 _____ () C:\Users\David\Downloads\0x0409.ini 2014-07-02 02:18 - 2014-07-02 02:17 - 00003584 _____ () C:\Users\David\Downloads\1033.MST 2014-07-02 02:09 - 2014-07-02 02:09 - 00000000 ____D () C:\Users\David\AppData\Local\Downloaded Installations 2014-07-02 02:08 - 2014-07-02 02:08 - 75709216 _____ (Samsung Electronics Co., Ltd.) C:\Users\David\Downloads\KiesSetup.exe 2014-07-02 02:04 - 2014-07-02 02:08 - 377477237 _____ () C:\Users\David\Downloads\adt-bundle-windows-x86_64-20140624.zip 2014-07-02 02:04 - 2014-07-02 02:04 - 02011769 _____ () C:\Users\David\Downloads\droidAtScreen-1.1.jar 2014-07-02 02:00 - 2014-07-02 02:00 - 00000000 ____D () C:\Users\David\AppData\Roaming\TeamViewer 2014-07-02 01:59 - 2014-07-02 01:59 - 06214104 _____ (TeamViewer GmbH) C:\Users\David\Downloads\TeamViewer_Setup_en.exe 2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 27011.crdownload 2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\tightvnc-1.3.10-setup.exe 2014-07-02 01:34 - 2014-07-02 01:34 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 935383.crdownload 2014-07-02 01:28 - 2014-07-02 03:12 - 00000000 ____D () C:\Users\David\.android 2014-07-02 01:25 - 2014-07-02 01:25 - 00478212 _____ () C:\Users\David\Downloads\ADB Tool - Kayles Blog.zip 2014-07-02 01:25 - 2014-07-02 01:25 - 00000000 ____D () C:\Users\David\Downloads\ADB Tool - Kayles Blog 2014-07-02 01:24 - 2014-07-02 01:24 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-07-02 01:24 - 2014-07-02 01:24 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Sun 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-02 01:22 - 2014-07-02 01:22 - 00918952 _____ (Oracle Corporation) C:\Users\David\Downloads\chromeinstall-7u60.exe 2014-07-02 01:21 - 2014-07-02 01:21 - 00707238 _____ () C:\Users\David\Downloads\DroidAtScreen - Kayles Blog.zip 2014-07-02 01:15 - 2014-07-02 01:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-06-28 07:52 - 2014-06-28 07:52 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-28 07:51 - 2014-06-28 07:51 - 04812672 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup415.exe 2014-06-25 22:25 - 2013-02-28 16:27 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe 2014-06-24 07:48 - 2014-07-16 22:28 - 01783581 _____ () C:\WINDOWS\WindowsUpdate.log 2014-06-23 22:17 - 2014-06-23 22:17 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-06-20 19:02 - 2014-06-20 19:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler 2014-06-20 17:25 - 2014-06-20 17:25 - 00000000 ___RD () C:\Users\David\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App ==================== One Month Modified Files and Folders ======= 2014-07-16 22:33 - 2014-07-16 22:31 - 00040164 _____ () C:\Users\David\Downloads\FRST.txt 2014-07-16 22:32 - 2014-07-16 22:31 - 00000000 ____D () C:\FRST 2014-07-16 22:32 - 2014-04-09 17:01 - 00000000 ____D () C:\Users\David\AppData\Roaming\Spotify 2014-07-16 22:31 - 2014-04-09 16:49 - 00000000 ____D () C:\ProgramData\WRData 2014-07-16 22:30 - 2014-07-16 22:30 - 02086912 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2014-07-16 22:30 - 2014-04-30 21:46 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86828333-CB11-42C3-9E41-FEF1D88E832C} 2014-07-16 22:28 - 2014-06-24 07:48 - 01783581 _____ () C:\WINDOWS\WindowsUpdate.log 2014-07-16 22:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-07-16 13:52 - 2014-05-07 11:37 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-16 12:32 - 2014-04-09 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-07-16 12:12 - 2014-07-07 15:07 - 00000956 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA.job 2014-07-16 12:00 - 2013-11-16 17:02 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1 2014-07-16 12:00 - 2013-11-16 17:02 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2 2014-07-16 11:47 - 2014-04-09 16:20 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-322845217-1241388301-3331846307-1002 2014-07-16 11:41 - 2014-04-09 16:50 - 00154824 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll 2014-07-16 11:41 - 2014-04-09 16:50 - 00115744 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys 2014-07-16 11:41 - 2014-04-09 16:50 - 00105384 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll 2014-07-16 11:37 - 2014-07-13 23:14 - 00000000 ____D () C:\WINDOWS\Minidump 2014-07-16 11:32 - 2014-07-03 12:59 - 00000062 _____ () C:\Users\David\AppData\Roaming\sp_data.sys 2014-07-16 11:31 - 2014-04-30 20:19 - 00000000 __RDO () C:\Users\David\OneDrive 2014-07-16 11:30 - 2014-05-07 11:37 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-16 01:51 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-07-16 01:42 - 2014-02-01 04:29 - 00000000 ____D () C:\Users\David\Documents\Decks 2014-07-15 11:24 - 2014-01-25 04:21 - 01345024 ___SH () C:\Users\David\Desktop\Thumbs.db 2014-07-14 17:38 - 2014-04-30 19:51 - 00000000 ____D () C:\Users\David 2014-07-14 15:12 - 2014-07-07 15:07 - 00000934 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core.job 2014-07-14 11:44 - 2014-04-09 17:02 - 00000000 ____D () C:\Users\David\AppData\Local\Spotify 2014-07-14 11:40 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-07-13 00:54 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-07-12 08:05 - 2014-07-03 00:32 - 00000000 ____D () C:\Users\David\AppData\Local\lptmp746254350 2014-07-10 22:11 - 2013-08-22 09:44 - 00370904 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-07-10 15:32 - 2014-07-10 15:32 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-07-10 15:32 - 2014-03-18 04:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 15:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-07-10 02:40 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-07-09 15:15 - 2014-04-27 16:11 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-07-09 15:12 - 2014-04-27 16:11 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-07-09 15:12 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-07-08 22:55 - 2014-07-08 22:55 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-07-08 21:57 - 2014-04-17 00:33 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc 2014-07-07 15:07 - 2014-07-07 15:07 - 00501248 _____ (Facebook Inc.) C:\Users\David\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2014-07-07 15:07 - 2014-07-07 15:07 - 00003804 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002UA 2014-07-07 15:07 - 2014-07-07 15:07 - 00003454 _____ () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-322845217-1241388301-3331846307-1002Core 2014-07-07 15:07 - 2014-07-07 15:07 - 00000000 ____D () C:\Users\David\AppData\Local\Facebook 2014-07-07 02:39 - 2014-03-18 05:03 - 00892386 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-07-05 19:03 - 2014-04-30 19:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV 2014-07-05 19:03 - 2014-04-30 19:44 - 00000000 ____D () C:\WINDOWS\system32\NV 2014-07-05 19:03 - 2014-04-30 19:44 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-03 12:58 - 2014-07-02 02:23 - 00000000 ____D () C:\Program Files (x86)\MarkAny 2014-07-03 01:53 - 2014-07-02 02:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\Samsung 2014-07-03 01:53 - 2014-07-02 02:23 - 00000000 ____D () C:\Users\David\AppData\Local\Samsung 2014-07-03 01:53 - 2014-07-02 02:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-07-03 01:53 - 2014-07-02 02:19 - 00000000 ____D () C:\ProgramData\Samsung 2014-07-03 01:53 - 2014-07-02 02:19 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-07-03 01:53 - 2013-11-16 16:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-03 00:56 - 2014-07-03 00:56 - 00000000 ____D () C:\Users\David\Doctor Web 2014-07-03 00:56 - 2014-07-03 00:53 - 151641568 _____ () C:\Users\David\Downloads\injd6xie.exe 2014-07-02 03:42 - 2014-07-02 02:23 - 00000000 ____D () C:\Users\David\Documents\samsung 2014-07-02 03:40 - 2014-07-02 02:26 - 00000000 ____D () C:\Users\David\Documents\SelfMV 2014-07-02 03:28 - 2014-07-02 03:28 - 00000000 ____D () C:\Program Files\SAMSUNG 2014-07-02 03:12 - 2014-07-02 01:28 - 00000000 ____D () C:\Users\David\.android 2014-07-02 02:29 - 2014-07-02 02:29 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-07-02 02:26 - 2014-07-02 02:26 - 00001987 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk 2014-07-02 02:25 - 2014-07-02 02:25 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-07-02 02:21 - 2014-07-02 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-07-02 02:20 - 2014-07-02 02:20 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec 2014-07-02 02:18 - 2014-07-02 02:18 - 74796544 _____ () C:\Users\David\Downloads\Samsung Kies.msi 2014-07-02 02:17 - 2014-07-02 02:18 - 00022492 _____ () C:\Users\David\Downloads\0x0409.ini 2014-07-02 02:17 - 2014-07-02 02:18 - 00003584 _____ () C:\Users\David\Downloads\1033.MST 2014-07-02 02:09 - 2014-07-02 02:09 - 00000000 ____D () C:\Users\David\AppData\Local\Downloaded Installations 2014-07-02 02:08 - 2014-07-02 02:08 - 75709216 _____ (Samsung Electronics Co., Ltd.) C:\Users\David\Downloads\KiesSetup.exe 2014-07-02 02:08 - 2014-07-02 02:04 - 377477237 _____ () C:\Users\David\Downloads\adt-bundle-windows-x86_64-20140624.zip 2014-07-02 02:04 - 2014-07-02 02:04 - 02011769 _____ () C:\Users\David\Downloads\droidAtScreen-1.1.jar 2014-07-02 02:00 - 2014-07-02 02:00 - 00000000 ____D () C:\Users\David\AppData\Roaming\TeamViewer 2014-07-02 01:59 - 2014-07-02 01:59 - 06214104 _____ (TeamViewer GmbH) C:\Users\David\Downloads\TeamViewer_Setup_en.exe 2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 27011.crdownload 2014-07-02 01:36 - 2014-07-02 01:36 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\tightvnc-1.3.10-setup.exe 2014-07-02 01:34 - 2014-07-02 01:34 - 01421291 _____ (TightVNC Group ) C:\Users\David\Downloads\Unconfirmed 935383.crdownload 2014-07-02 01:25 - 2014-07-02 01:25 - 00478212 _____ () C:\Users\David\Downloads\ADB Tool - Kayles Blog.zip 2014-07-02 01:25 - 2014-07-02 01:25 - 00000000 ____D () C:\Users\David\Downloads\ADB Tool - Kayles Blog 2014-07-02 01:24 - 2014-07-02 01:24 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-07-02 01:24 - 2014-07-02 01:24 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-07-02 01:24 - 2014-07-02 01:24 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Sun 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-02 01:24 - 2014-07-02 01:24 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-02 01:22 - 2014-07-02 01:22 - 00918952 _____ (Oracle Corporation) C:\Users\David\Downloads\chromeinstall-7u60.exe 2014-07-02 01:21 - 2014-07-02 01:21 - 00707238 _____ () C:\Users\David\Downloads\DroidAtScreen - Kayles Blog.zip 2014-07-02 01:15 - 2014-07-02 01:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-07-01 01:14 - 2014-04-17 23:07 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-06-30 17:45 - 2014-07-09 10:59 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-06-28 08:15 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Vss 2014-06-28 07:52 - 2014-06-28 07:52 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-28 07:52 - 2014-05-07 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-06-28 07:52 - 2014-05-07 11:45 - 00000000 ____D () C:\Program Files\CCleaner 2014-06-28 07:51 - 2014-06-28 07:51 - 04812672 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup415.exe 2014-06-28 02:48 - 2014-07-09 10:59 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-06-28 02:07 - 2014-07-09 10:59 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2014-06-26 15:55 - 2013-08-22 10:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-06-26 15:55 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-23 22:17 - 2014-06-23 22:17 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-06-23 22:17 - 2014-04-09 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-06-23 22:17 - 2014-04-09 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-06-20 19:02 - 2014-06-20 19:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler 2014-06-20 17:25 - 2014-06-20 17:25 - 00000000 ___RD () C:\Users\David\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App 2014-06-19 23:47 - 2014-05-07 11:37 - 00003896 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-19 23:47 - 2014-05-07 11:37 - 00003660 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-19 00:45 - 2014-04-09 22:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-06-19 00:39 - 2014-04-14 01:44 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-18 20:39 - 2014-07-08 22:58 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-06-18 19:48 - 2014-07-08 22:58 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-06-18 19:16 - 2014-07-08 22:58 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-06-18 19:09 - 2014-07-08 22:58 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-06-18 18:51 - 2014-07-08 22:58 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-06-18 18:50 - 2014-07-08 22:58 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-06-18 18:48 - 2014-07-08 22:58 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-06-18 18:46 - 2014-07-08 22:58 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-06-18 18:39 - 2014-07-08 22:58 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-06-18 18:33 - 2014-07-08 22:58 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-06-18 18:32 - 2014-07-08 22:58 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-06-18 18:27 - 2014-07-08 22:58 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-06-18 18:12 - 2014-07-08 22:58 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-06-18 17:59 - 2014-07-08 22:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-06-18 17:58 - 2014-07-08 22:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-06-18 17:58 - 2014-07-08 22:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-06-18 17:57 - 2014-07-08 22:58 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-06-18 17:52 - 2014-07-08 22:58 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-06-18 17:51 - 2014-07-08 22:58 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-06-18 17:49 - 2014-07-08 22:58 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-06-18 17:45 - 2014-07-08 22:58 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-06-18 17:35 - 2014-07-08 22:58 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-06-18 17:34 - 2014-07-08 22:58 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-06-18 17:15 - 2014-07-08 22:58 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-06-18 17:13 - 2014-07-08 22:58 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-06-18 17:09 - 2014-07-08 22:58 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-06-18 17:07 - 2014-07-08 22:58 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-06-18 15:45 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-06-16 17:26 - 2014-07-08 22:58 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2014-06-16 17:24 - 2014-07-08 22:58 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-16 02:22 ==================== End Of Log ============================
  2. I have done 3 scans on my computer and every single time this thing comes up. I go into history and delete it. Then do a check scan to make sure everything is good. Then it comes up again What should I do to permanently purge it from the system
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.