ChipperJonzes

I just meant Windows defender said don't run this and I told it not to worry so much, then it got inside of Windows defender. No more questions thanks for the help, hopefully those/that malicious program will be in the Malwarebytes data base or on its radar at least. Thanks Again!

I dont think it actually cracked the Windows defender, Im pretty sure I ignored a warning and thats when all hell broke loose :-/ Is there anyway to tell Malware Bytes that something is a virus...like just tell it that a certain program running in the task manager needs to be stopped ? Addition 2.txt FRST 2.txt

I don't see anymore strange behavior right now. Thank you so much. Can you tell me anything about what I got...usually google will come up with something about it but it didnt have anything in this case. The MB rootkit scan came back clean. Also thanks You are GOD!! Fixlog.txt MB Scan 2.txt AdwCleaner[C0].txt mrt log.txt

Hi I have a virus that Malwarebytes blocks from popping up but wont seem to block the program itself. It seems like it has gotten into Windows defender and maybe Chrome, I uninstalled chrome with Revo and tried permanently deleting the Rox.exe and the Rasp.exe that I found in the Task Manager using Revo force uninstall. Rox.exe come back on restart I have not seen the Rasp.exe one again. The pictures show they still remain in the startup list Malwarebytes log.txt FRST.txt Addition.txt

Thanks TwinHeadedEagle!!!!!!!!

Thanks so much for your help thus far, if I may ask why was the particular piece of adware so good at hiding and hard to remove???? As far as performance mbam is not going nuts anymore trying to block tons of stuff and performance seems normal. The only lingering issue is that IE still seems corrupt as no matter what I do it will not change the home page from shitty bing, I never use IE unless i need to use a website that is giving the other browser trouble or something wierd with the cookies, so its not a big deal, but I only bring it up incase it is a sign of something else. Possiley IE is just corrupted, but Windows literally wont let you uninstall IE Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01 Ran by Samual at 2014-10-07 20:46:31 Run:1 Running from C:\Users\Samual.Samual-PC\Downloads Loaded Profile: Samual (Available profiles: Samual) Boot Mode: Normal ============================================== Content of fixlist: ***************** closeprocesses: emptytemp: HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {32b924eb-9b8b-11e3-9388-001e3deab81c} - F:\Launch.exe HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {972654e6-1956-11e3-82e9-001e3deab81c} - G:\TL-Bootstrap.exe ShellIconOverlayIdentifiers-x32: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => No File ShellIconOverlayIdentifiers-x32: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => No File ShellIconOverlayIdentifiers-x32: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => No File ShellIconOverlayIdentifiers-x32: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => No File HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...q={searchTerms} Handler: WSISVCUchrome - No CLSID Value - Handler-x32: WSISVCUchrome - No CLSID Value - S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] Task: {41C572C9-29B7-49B0-B927-A2F8B61FC942} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe Task: {495D9441-1287-41A7-9D32-566713D6F6D4} - \YTDownloaderUpd No Task File <==== ATTENTION Task: {870F93AB-ADB4-480D-B8DF-7EED4930AB93} - System32\Tasks\IC Running Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe Task: {8BC91A06-299D-425F-9306-197230FA2974} - \YTDownloader No Task File <==== ATTENTION AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (1).exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (2).exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller.exe:BDU ***************** Processes closed successfully. "HKU\S-1-5-21-2227428012-852200846-1799366619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32b924eb-9b8b-11e3-9388-001e3deab81c}" => Key deleted successfully. "HKCR\CLSID\{32b924eb-9b8b-11e3-9388-001e3deab81c}" => Key not found. "HKU\S-1-5-21-2227428012-852200846-1799366619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{972654e6-1956-11e3-82e9-001e3deab81c}" => Key deleted successfully. "HKCR\CLSID\{972654e6-1956-11e3-82e9-001e3deab81c}" => Key not found. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox1" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" => Key not found. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox2" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}" => Key not found. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox3" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" => Key not found. "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox4" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}" => Key not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => value deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully. "HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found. "HKCR\PROTOCOLS\Handler\WSISVCUchrome" => Key deleted successfully. "HKCR\Wow6432Node\PROTOCOLS\Handler\WSISVCUchrome" => Key not found. Synth3dVsc => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41C572C9-29B7-49B0-B927-A2F8B61FC942}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41C572C9-29B7-49B0-B927-A2F8B61FC942}" => Key deleted successfully. C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\IC Update Procedure" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{495D9441-1287-41A7-9D32-566713D6F6D4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{495D9441-1287-41A7-9D32-566713D6F6D4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{870F93AB-ADB4-480D-B8DF-7EED4930AB93}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{870F93AB-ADB4-480D-B8DF-7EED4930AB93}" => Key deleted successfully. C:\Windows\System32\Tasks\IC Running Procedure => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IC Running Procedure" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8BC91A06-299D-425F-9306-197230FA2974}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BC91A06-299D-425F-9306-197230FA2974}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader" => Key deleted successfully. C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\FRST64.exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\Lightroom_5_LS11_win_5_6.exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (1).exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (2).exe => ":BDU" ADS removed successfully. C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller.exe => ":BDU" ADS removed successfully. EmptyTemp: => Removed 562.6 MB temporary data. The system needed a reboot. ==== End of Fixlog ====

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01 Ran by Samual (administrator) on SAMUAL-PC on 07-10-2014 15:34:17 Running from C:\Users\Samual.Samual-PC\Downloads Loaded Profile: Samual (Available profiles: Samual) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 10 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scManager.sys (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Google Inc.) C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Flux Software LLC) C:\Users\Samual.Samual-PC\AppData\Local\FluxSoftware\Flux\flux.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\SafeConnectClient.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation) HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [Google Update] => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-24] (Google Inc.) HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [F.lux] => C:\Users\Samual.Samual-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC) HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [8877232 2014-08-01] (Visicom Media Inc.) HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [GoogleChromeAutoLaunch_6AA41AA3045E9591C644B35AAD2526D6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-22] (Google Inc.) HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {32b924eb-9b8b-11e3-9388-001e3deab81c} - F:\Launch.exe HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {972654e6-1956-11e3-82e9-001e3deab81c} - G:\TL-Bootstrap.exe HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-18] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk ShortcutTarget: SafeConnect.lnk -> C:\Program Files (x86)\SafeConnect\SCClient.exe (Impulse Point, LLC) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers-x32: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => No File ShellIconOverlayIdentifiers-x32: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => No File ShellIconOverlayIdentifiers-x32: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => No File ShellIconOverlayIdentifiers-x32: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) Handler: WSISVCUchrome - No CLSID Value - Handler-x32: WSISVCUchrome - No CLSID Value - Tcpip\Parameters: [DhcpNameServer] 24.220.0.10 24.220.0.11 FireFox: ======== FF ProfilePath: C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default FF Homepage: google.com FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Samual.Samual-PC\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS) FF Extension: Google Search by Image - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\Extensions\google@hitachi.com.xpi [2013-08-23] FF Extension: Adblock Plus - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-19] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-08-20] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext Chrome: ======= CHR DefaultSearchURL: Default -> https://mail.google.com/mail/?extsrc=mailto&url=%s CHR Profile: C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-19] CHR Extension: (Google Drive) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-19] CHR Extension: (Raindrops) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil [2013-08-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-01] CHR Extension: (Web Developer) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2013-08-19] CHR Extension: (YouTube) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-19] CHR Extension: (Adblock Plus) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-19] CHR Extension: (Google Search) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-19] CHR Extension: (Skype Links) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbmllnadbdnppblcebkkmapkinkdchd [2013-08-19] CHR Extension: (Google Voice (by Google)) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-09-14] CHR Extension: (Alarm Clock Radio) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2013-08-19] CHR Extension: (Numerics Calculator & Converter) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2013-08-19] CHR Extension: (Poppit!) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-08-19] CHR Extension: (Google Wallet) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR Extension: (Gmail) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-19] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-11-20] (Bitdefender) R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2012-06-25] (Bitdefender) R2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [176520 2012-11-19] (Impulse Point, LLC) S4 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [67392 2014-08-23] (Hewlett-Packard) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-09-25] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-11-20] (Bitdefender) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-01-16] (BitDefender) R0 avc3; C:\Windows\SysWOW64\DRIVERS\avc3.sys [596600 2011-09-01] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-01-16] (BitDefender) R3 avckf; C:\Windows\SysWOW64\DRIVERS\avckf.sys [454960 2011-09-01] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-20] (BitDefender SRL) S3 bdsandbox; C:\Windows\SysWOW64\drivers\bdsandbox.sys [63056 2011-09-29] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) R1 BDVEDISK; C:\Windows\SysWOW64\DRIVERS\bdvedisk.sys [85128 2010-01-19] (BitDefender) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-02-22] (DT Soft Ltd) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC) R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-02-22] (Duplex Secure Ltd.) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-07 15:34 - 2014-10-07 15:34 - 00018781 _____ () C:\Users\Samual.Samual-PC\Downloads\FRST.txt 2014-10-07 15:34 - 2014-10-07 15:34 - 00000000 ____D () C:\FRST 2014-10-07 15:33 - 2014-10-07 15:33 - 02109952 _____ (Farbar) C:\Users\Samual.Samual-PC\Downloads\FRST64.exe 2014-10-06 21:29 - 2014-10-06 21:29 - 11840839 _____ () C:\Users\Samual.Samual-PC\Downloads\Windows6.1-KB2670838-x64.msu 2014-10-06 20:04 - 2014-10-06 21:30 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\BeamNG 2014-10-06 20:02 - 2014-10-06 20:04 - 98903976 _____ () C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe 2014-10-05 12:15 - 2014-10-05 12:15 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\Program Files\iTunes 2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\Program Files\iPod 2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-10-03 14:16 - 2014-10-03 14:16 - 00003496 ____N () C:\bootsqm.dat 2014-10-03 14:02 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-10-03 13:52 - 2014-10-03 14:02 - 00000000 ____D () C:\zoek 2014-10-03 13:25 - 2014-10-03 14:07 - 00006835 _____ () C:\zoek-results.log 2014-10-03 13:21 - 2014-10-03 13:53 - 00000000 ____D () C:\zoek_backup 2014-10-03 13:21 - 2014-10-03 13:21 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (4).zip 2014-10-03 13:20 - 2014-10-03 13:20 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (3).zip 2014-10-03 13:20 - 2014-10-03 13:20 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (2).zip 2014-10-03 13:19 - 2014-10-03 13:20 - 04256073 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek.rar 2014-10-03 13:19 - 2014-10-03 13:19 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek.zip 2014-10-03 13:19 - 2014-10-03 13:19 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (1).zip 2014-10-02 10:44 - 2014-10-02 10:44 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\bdch 2014-10-02 10:43 - 2014-10-02 10:43 - 00000000 ____D () C:\ProgramData\bdch 2014-10-01 20:32 - 2014-10-01 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-01 20:30 - 2014-10-01 20:30 - 00895120 _____ (Google Inc.) C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe 2014-10-01 13:13 - 2014-10-01 13:13 - 00000385 _____ () C:\Users\Samual.Samual-PC\AppData\Roaminguser_gensett.xml 2014-10-01 12:49 - 2014-10-01 12:49 - 00007581 _____ () C:\Users\Samual.Samual-PC\Downloads\Bookmarks.csv 2014-10-01 11:55 - 2014-10-01 11:55 - 00418786 _____ () C:\Users\Samual.Samual-PC\Downloads\Unconfirmed 270251.crdownload 2014-10-01 02:20 - 2014-10-01 13:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-01 02:20 - 2014-10-01 13:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-01 02:20 - 2014-10-01 02:20 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-10-01 02:19 - 2014-10-01 02:19 - 00244136 _____ () C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe 2014-10-01 00:18 - 2014-10-01 00:18 - 00511633 _____ () C:\Users\Samual.Samual-PC\Downloads\Autoruns.zip 2014-09-30 23:19 - 2014-09-30 23:19 - 00238444 _____ () C:\Users\Samual.Samual-PC\Downloads\Unconfirmed 159296.crdownload 2014-09-30 22:08 - 2014-09-30 22:08 - 00004644 _____ () C:\Windows\System32\Tasks\IC Running Procedure 2014-09-29 18:58 - 2014-10-01 13:07 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter Ultimate 2014-09-29 18:58 - 2014-09-30 21:23 - 00000000 ____D () C:\ProgramData\iSkysoft 2014-09-29 18:58 - 2014-09-29 18:58 - 00000000 ____D () C:\Users\Samual.Samual-PC\Documents\iSkysoft Video Converter Ultimate 2014-09-29 18:58 - 2014-09-29 18:58 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\iSkysoft 2014-09-29 18:58 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll 2014-09-29 18:57 - 2014-10-01 13:07 - 00000000 ____D () C:\Users\Public\Documents\iSkysoft 2014-09-29 18:35 - 2014-09-29 18:35 - 41945432 _____ (Apple Inc.) C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe 2014-09-29 14:38 - 2014-09-29 14:38 - 00689664 _____ () C:\Users\Samual.Samual-PC\Downloads\MicrosoftFixit50202.msi 2014-09-29 14:23 - 2014-09-30 21:45 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Sony 2014-09-29 14:07 - 2014-09-29 14:07 - 00000000 ____D () C:\Users\Samual.Samual-PC\Downloads\Sony Vegas Movie Studio HD Platinum 10.0.179 + Keygen [RH] 2014-09-29 13:41 - 2014-09-30 23:51 - 00000000 ____D () C:\Users\Samual.Samual-PC\Desktop\vids 2014-09-28 22:58 - 2014-09-28 22:58 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\ManyCam 2014-09-28 22:57 - 2014-09-28 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam 2014-09-28 22:55 - 2014-10-01 13:08 - 00000000 ____D () C:\Program Files (x86)\ManyCam 2014-09-28 22:55 - 2014-09-28 23:49 - 00000000 ____D () C:\ProgramData\ManyCam 2014-09-28 22:55 - 2014-09-28 22:55 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\ManyCam 2014-09-28 22:53 - 2014-09-28 22:54 - 41184136 _____ (Visicom Media Inc.) C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe 2014-09-28 22:16 - 2014-09-28 22:34 - 00014953 _____ () C:\Users\Samual.Samual-PC\Documents\recorder.log 2014-09-28 22:16 - 2014-09-28 22:16 - 00000000 ____D () C:\ProgramData\TEMP 2014-09-22 17:05 - 2014-10-01 13:10 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Skype 2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\Skype 2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ____D () C:\ProgramData\Skype 2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-22 00:58 - 2014-09-22 00:58 - 00919704 _____ () C:\Users\Samual.Samual-PC\Downloads\5854_aircraft_ppt.zip 2014-09-10 15:28 - 2014-09-10 18:50 - 00013520 _____ () C:\Users\Samual.Samual-PC\Downloads\502Airline1203.xlsx 2014-09-08 16:41 - 2014-10-01 13:07 - 00000000 ____D () C:\Windows\SysWOW64\apigidsys 2014-09-08 16:41 - 2014-10-01 13:07 - 00000000 ____D () C:\Windows\msagent 2014-09-08 16:41 - 2014-09-30 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Hal Assistant 2014-09-08 16:41 - 2014-09-30 21:21 - 00000000 ____D () C:\Windows\lhsp 2014-09-08 16:41 - 2014-09-30 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haptek Player 2014-09-08 16:41 - 2014-09-08 16:41 - 00003196 _____ () C:\Windows\System32\Tasks\{6560C5AB-347B-4349-B287-3AB213648944} 2014-09-08 16:41 - 2014-09-08 16:41 - 00003192 _____ () C:\Windows\System32\Tasks\{BBC8A555-0145-4D48-82C7-7DB42C39A348} 2014-09-08 16:41 - 2014-09-08 16:41 - 00003192 _____ () C:\Windows\System32\Tasks\{5FF18776-7FFF-4B3C-BAB2-961F83E6774D} 2014-09-08 15:51 - 2014-10-03 19:46 - 00000000 ____D () C:\Users\Samual.Samual-PC\Desktop\Avit ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-07 15:34 - 2013-08-18 17:22 - 01975538 _____ () C:\Windows\WindowsUpdate.log 2014-10-07 15:33 - 2013-08-18 23:10 - 00494858 _____ () C:\Windows\system32\perfh014.dat 2014-10-07 15:33 - 2013-08-18 23:10 - 00095776 _____ () C:\Windows\system32\perfc014.dat 2014-10-07 15:33 - 2013-08-18 23:02 - 00607332 _____ () C:\Windows\system32\perfh008.dat 2014-10-07 15:33 - 2013-08-18 23:02 - 00111534 _____ () C:\Windows\system32\perfc008.dat 2014-10-07 15:33 - 2013-08-18 22:54 - 00664064 _____ () C:\Windows\system32\perfh01D.dat 2014-10-07 15:33 - 2013-08-18 22:54 - 00142846 _____ () C:\Windows\system32\perfc01D.dat 2014-10-07 15:33 - 2013-08-18 22:46 - 00428770 _____ () C:\Windows\system32\perfh012.dat 2014-10-07 15:33 - 2013-08-18 22:46 - 00120756 _____ () C:\Windows\system32\perfc012.dat 2014-10-07 15:33 - 2013-08-18 22:39 - 00669186 _____ () C:\Windows\system32\perfh005.dat 2014-10-07 15:33 - 2013-08-18 22:39 - 00141798 _____ () C:\Windows\system32\perfc005.dat 2014-10-07 15:33 - 2013-08-18 22:22 - 00743842 _____ () C:\Windows\system32\perfh013.dat 2014-10-07 15:33 - 2013-08-18 22:22 - 00153474 _____ () C:\Windows\system32\perfc013.dat 2014-10-07 15:33 - 2013-08-18 22:11 - 00481846 _____ () C:\Windows\system32\perfh00B.dat 2014-10-07 15:33 - 2013-08-18 22:11 - 00101892 _____ () C:\Windows\system32\perfc00B.dat 2014-10-07 15:33 - 2013-08-18 22:06 - 00684094 _____ () C:\Windows\system32\perfh00E.dat 2014-10-07 15:33 - 2013-08-18 22:06 - 00171646 _____ () C:\Windows\system32\perfc00E.dat 2014-10-07 15:33 - 2013-08-18 21:57 - 00745800 _____ () C:\Windows\system32\perfh00A.dat 2014-10-07 15:33 - 2013-08-18 21:57 - 00158840 _____ () C:\Windows\system32\perfc00A.dat 2014-10-07 15:33 - 2013-08-18 21:52 - 00392734 _____ () C:\Windows\system32\perfh00D.dat 2014-10-07 15:33 - 2013-08-18 21:52 - 00085130 _____ () C:\Windows\system32\perfc00D.dat 2014-10-07 15:33 - 2013-08-18 21:44 - 00740390 _____ () C:\Windows\system32\perfh010.dat 2014-10-07 15:33 - 2013-08-18 21:44 - 00147218 _____ () C:\Windows\system32\perfc010.dat 2014-10-07 15:33 - 2013-08-18 21:40 - 00746060 _____ () C:\Windows\system32\perfh00C.dat 2014-10-07 15:33 - 2013-08-18 21:40 - 00479358 _____ () C:\Windows\system32\perfh001.dat 2014-10-07 15:33 - 2013-08-18 21:40 - 00149952 _____ () C:\Windows\system32\perfc00C.dat 2014-10-07 15:33 - 2013-08-18 21:40 - 00095144 _____ () C:\Windows\system32\perfc001.dat 2014-10-07 15:33 - 2013-08-18 21:32 - 00697552 _____ () C:\Windows\system32\perfh007.dat 2014-10-07 15:33 - 2013-08-18 21:32 - 00149488 _____ () C:\Windows\system32\perfc007.dat 2014-10-07 15:33 - 2009-07-14 00:13 - 11049694 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-07 15:27 - 2014-05-18 00:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-07 15:26 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-07 15:26 - 2009-07-13 23:51 - 00037862 _____ () C:\Windows\setupact.log 2014-10-07 11:53 - 2009-07-13 23:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-07 11:53 - 2009-07-13 23:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-07 11:47 - 2014-03-11 07:26 - 00000501 _____ () C:\Windows\system32\checkdnsid.xml 2014-10-07 11:40 - 2013-08-21 01:37 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-03 14:03 - 2013-08-18 20:02 - 00314374 _____ () C:\Windows\PFRO.log 2014-10-02 17:12 - 2013-08-18 21:51 - 00000000 ____D () C:\Windows\he-IL 2014-10-01 13:08 - 2014-06-23 11:06 - 00000000 ____D () C:\Program Files (x86)\SafeConnect 2014-10-01 13:08 - 2014-05-18 00:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-10-01 13:08 - 2014-03-02 13:06 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-10-01 13:08 - 2014-02-22 02:06 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro 2014-10-01 13:08 - 2013-09-14 11:23 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-10-01 13:07 - 2013-09-14 11:24 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-10-01 13:07 - 2013-09-14 11:24 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-10-01 13:07 - 2013-09-14 11:23 - 00000000 ____D () C:\Program Files\Bonjour 2014-10-01 13:07 - 2013-08-19 22:01 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\vlc 2014-10-01 13:07 - 2013-08-19 21:00 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2014-10-01 13:07 - 2013-08-19 20:36 - 00000000 ____D () C:\Program Files\tixati 2014-10-01 13:07 - 2013-08-19 11:22 - 00000000 ____D () C:\Program Files\WinRAR 2014-10-01 13:07 - 2013-08-18 19:41 - 00000000 ____D () C:\Windows\system32\SPReview 2014-10-01 13:07 - 2013-08-18 17:24 - 00000000 ____D () C:\Users\Samual.Samual-PC 2014-10-01 13:07 - 2009-07-14 02:46 - 00000000 ____D () C:\Program Files\Windows Journal 2014-10-01 13:07 - 2009-07-14 02:45 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar 2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\DVD Maker 2014-10-01 13:07 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\com 2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\com 2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Speech 2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\servicing 2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration 2014-10-01 12:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Help 2014-10-01 00:33 - 2013-08-24 18:24 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA.job 2014-10-01 00:33 - 2013-08-24 18:24 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core.job 2014-10-01 00:33 - 2013-08-19 00:02 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-01 00:33 - 2013-08-19 00:02 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-01 00:22 - 2013-08-24 18:24 - 00003916 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA 2014-10-01 00:22 - 2013-08-24 18:24 - 00003520 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core 2014-10-01 00:22 - 2013-08-19 00:02 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-01 00:22 - 2013-08-19 00:02 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-09-30 23:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system 2014-09-30 22:59 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-09-30 22:09 - 2013-08-18 17:24 - 00001593 _____ () C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-30 21:44 - 2014-08-22 13:14 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT 2014-09-30 21:15 - 2014-02-25 20:44 - 00000000 ____D () C:\Users\Samual.Samual-PC\Documents\My Games 2014-09-30 21:15 - 2013-08-28 22:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-29 18:40 - 2013-09-14 11:25 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\Apple Computer 2014-09-29 14:15 - 2013-08-19 20:34 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\tixati 2014-09-28 23:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\catroot2.bak 2014-09-24 15:29 - 2014-02-24 16:18 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Foxit Software 2014-09-24 02:40 - 2013-08-21 01:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-24 02:40 - 2013-08-21 01:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-24 02:40 - 2013-08-21 01:37 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-22 15:15 - 2013-08-19 20:37 - 00000784 _____ () C:\Users\Samual.Samual-PC\Desktop\Tixati.lnk 2014-09-22 15:15 - 2013-08-19 20:37 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati 2014-09-11 03:05 - 2013-08-19 20:59 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-09-11 03:05 - 2013-08-18 18:39 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 03:01 - 2013-08-18 18:39 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-26 06:38 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01 Ran by Samual at 2014-10-07 15:34:58 Running from C:\Users\Samual.Samual-PC\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09} FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,9,971,247 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Backyard Baseball 2003 (HKLM-x32\...\Backyard Baseball 2003) (Version: - ) Bitdefender Total Security 2013 (HKLM\...\Bitdefender) (Version: 16.32.0.1882 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft) f.lux (HKCU\...\Flux) (Version: - ) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.650 - Oracle) Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - ) ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla) Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon) Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon) Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version: - Octoshape ApS) Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.0 - Nikon) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.) SafeConnect (HKLM-x32\...\SafeConnect) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) SofTest v11 (HKLM-x32\...\InstallShield_{EC327490-F425-4974-A1B3-4695201ABD26}) (Version: 11.6.8 - Examsoft) SofTest v11 (x32 Version: 11.6.8 - Examsoft) Hidden Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.0 - Nikon) VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN) WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 2.0.6.9 - HTC) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 03-10-2014 08:00:12 Windows Update 03-10-2014 18:25:58 zoek.exe restore point 04-10-2014 08:00:13 Windows Update 05-10-2014 08:00:11 Windows Update 06-10-2014 08:00:11 Windows Update 07-10-2014 08:00:11 Windows Update 07-10-2014 16:53:04 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {3A4DA79D-5D98-4FAA-932C-36C4368F0B8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.) Task: {41C572C9-29B7-49B0-B927-A2F8B61FC942} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe Task: {495D9441-1287-41A7-9D32-566713D6F6D4} - \YTDownloaderUpd No Task File <==== ATTENTION Task: {5D0C67B5-E8D8-4731-883F-A2B63D6A53FF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.) Task: {870F93AB-ADB4-480D-B8DF-7EED4930AB93} - System32\Tasks\IC Running Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe Task: {8BC91A06-299D-425F-9306-197230FA2974} - \YTDownloader No Task File <==== ATTENTION Task: {92BCC57C-833D-4CE5-A39F-E7FC6B5FC38D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated) Task: {AE55A88D-A919-4F26-AC12-3D9F75ED6C45} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.) Task: {B3D35F06-605D-46A4-9ABA-C805D26335A6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EEF6C75D-90B7-42DF-8406-E3CDEFD52CB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core.job => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA.job => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-25 23:17 - 2013-09-25 23:17 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll 2013-09-25 23:17 - 2013-09-25 23:17 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui 2013-08-20 17:15 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll 2013-08-20 17:15 - 2013-09-25 23:16 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui 2014-07-24 05:18 - 2014-07-24 05:18 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttpbr.mdl 2014-07-24 05:18 - 2014-07-24 05:18 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttpdsp.mdl 2014-07-24 05:18 - 2014-07-24 05:18 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttpph.mdl 2014-07-24 05:18 - 2014-07-24 05:18 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttprbl.mdl 2011-06-22 07:48 - 2011-06-22 07:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll 2013-08-20 17:15 - 2012-06-21 14:01 - 01117480 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2012-11-13 22:22 - 2012-11-13 22:22 - 02010624 _____ () C:\Program Files (x86)\ManyCam\opencv_core220.dll 2012-11-13 22:23 - 2012-11-13 22:23 - 01241088 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc220.dll 2012-11-13 22:23 - 2012-11-13 22:23 - 00241152 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect220.dll 2012-11-13 22:23 - 2012-11-13 22:23 - 00775680 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui220.dll 2012-11-13 22:23 - 2012-11-13 22:23 - 00201216 _____ () C:\Program Files (x86)\ManyCam\opencv_video220.dll 2014-10-01 20:32 - 2014-09-22 23:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll 2014-10-01 20:32 - 2014-09-22 23:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll 2014-10-01 20:32 - 2014-09-22 23:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll 2014-10-01 20:32 - 2014-09-22 23:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll 2014-10-01 20:32 - 2014-09-22 23:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll 2014-10-01 20:32 - 2014-09-22 23:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\Lightroom_5_LS11_win_5_6.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (1).exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (2).exe:BDU AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^Samual.Samual-PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NexDef Plug-in.lnk => C:\Windows\pss\NexDef Plug-in.lnk.Startup MSCONFIG\startupfolder: C:^Users^Samual.Samual-PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Samual.Samual-PC\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun MSCONFIG\startupreg: VMM Mode Selection => C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe ========================= Accounts: ========================== Administrator (S-1-5-21-2227428012-852200846-1799366619-500 - Administrator - Disabled) Guest (S-1-5-21-2227428012-852200846-1799366619-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2227428012-852200846-1799366619-1002 - Limited - Enabled) Samual (S-1-5-21-2227428012-852200846-1799366619-1001 - Administrator - Enabled) => C:\Users\Samual.Samual-PC ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/07/2014 03:26:57 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (10/07/2014 11:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 10:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 09:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 08:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 07:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 06:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 05:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 04:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (10/07/2014 03:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 System errors: ============= Error: (10/07/2014 03:28:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (10/07/2014 03:28:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (10/07/2014 03:28:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (10/07/2014 03:28:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (10/07/2014 03:28:31 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (10/07/2014 03:28:30 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (10/07/2014 03:28:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (10/07/2014 03:28:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (10/07/2014 03:28:16 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (10/07/2014 11:53:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Microsoft Office Sessions: ========================= Error: (10/07/2014 03:26:57 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (10/07/2014 11:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 10:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 09:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 08:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 07:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 06:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 05:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 04:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (10/07/2014 03:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU P8400 @ 2.26GHz Percentage of memory in use: 64% Total physical RAM: 4094.04 MB Available physical RAM: 1463.3 MB Total Pagefile: 8186.26 MB Available Pagefile: 4797.38 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:127.77 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: CF70327E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================

After running the last program windows had to check the integrity of my drives and didnt start up right the on the first reboot, idk if that is an anomaly or just because the ZOEK prog got rid of some file? Ill run Zaybar, but its not going to drastically alter anything is it?

I dont know if the data base got updated or something, but the other day MBAM actually detected in a scan the malicious files that have been popping up rather than just blocking them when they tried to run so I will post that log. Also I ran the ZOEK program and will post that log as well. What is it that the ZOEK program does? And how/where does this virus hide such that i can find it when looking through task manager or in my programs or add ons to internet browsers? In my previous experience i can usually find the source of the add ware. ZOEK LOG Zoek.exe v5.0.0.0 Updated 03-October-2014Tool run by Samual on Fri 10/03/2014 at 13:23:16.37.Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\SAMUAL~1.SAM\AppData\Local\Temp\Rar$DIa0.697\zoek.com [scan all users] [script inserted] ==== System Restore Info ====================== 10/3/2014 1:26:39 PM Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMUpd deleted successfullyHKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SMUpd deleted successfully ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\boost_interprocess deletedC:\PROGRA~3\Package Cache deletedC:\Users\Samual.Samual-PC\AppData\Local\CrashRpt deletedC:\END deletedC:\Users\SAMUAL~1.SAM\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\jetpack deleted"C:\ProgramData\InkjetPrinter" deleted"C:\ProgramData\Installer Plugin" deleted"C:\Users\SAMUAL~1.SAM\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\extensions\jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\SAMUAL~1.SAM\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default- Google Search by Image - %ProfilePath%\extensions\google@hitachi.com.xpi- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.defaultDFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave FlashFB5621842FDABF9F8359775573498FBC - C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update5CB01CF141E021DAAE96991A5BA57944 - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video RendererDD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk PluginEC401349BFA64BD6232C746046AEC0B5 - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npoctoshape.dll - Octoshape Streaming Services99F97C9FE748C37528C338A423577FCB - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin ==== Chromium Look ====================== Google Voice Search Hotword (Beta) - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfnSkype Links - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbmllnadbdnppblcebkkmapkinkdchdGoogle Voice (by Google) - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaoooAlarm Clock Radio - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmiNumerics Calculator & Converter - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipePoppit - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi ==== Set IE to Default ====================== Old Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://windows.microsoft.com/en-US/internet-explorer/ie-10-welcome" New Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://windows.microsoft.com/en-US/internet-explorer/ie-10-welcome" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfullyC:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=108 folders=45 14608417 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfullyC:\Users\Default User\AppData\Local\Temp emptied successfullyC:\Users\Samual.Samual-PC\AppData\Local\Temp will be emptied at rebootC:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfullyC:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptiedC:\Users\SAMUAL~1.SAM\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied MBAM LOGMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: WarnPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 7PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\extensions, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Data, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules, Quarantined, [dc1342cd85f733030070a367db28ba46], Files: 87PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\uninstall.exe, Quarantined, [0de2937cf58785b1cbac67db749127d9], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcp110.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcr110.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome_100_percent.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome_child.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\content_resources.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\d3dcompiler_46.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\debug.log, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\ffmpegsumo.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\First Run, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\icudt.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\libEGL.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\libGLESv2.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\metro_driver.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl64.exe, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl_irt_x86_32.nexe, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl_irt_x86_64.nexe, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\ppGoogleNaClPluginChrome.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\resources.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hi.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\am.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ar.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\bg.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\bn.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ca.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\cs.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\da.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\de.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\el.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\en-GB.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\en-US.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\es-419.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\es.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\et.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fa.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fi.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fil.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\gu.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\he.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hu.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\id.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\it.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ja.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\kn.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ko.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\lt.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\lv.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ml.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\mr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ms.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\nb.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\nl.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pl.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pt-BR.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pt-PT.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ro.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ru.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sk.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sl.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sv.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sw.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ta.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\te.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\th.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\tr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\uk.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\vi.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\zh-CN.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\zh-TW.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash\manifest.json, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash\pepflashplayer.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Data\ResPack2.bin, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmdProc.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmlProc.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmnUtls.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\InSes.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\ManXec.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\NavSupp.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\PrfIns.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WblSupp.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WbSes.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WdcMan.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], Physical Sectors: 0(No malicious items detected) (end) ALSO HERE IS A LOG FROM A BITDEFENDER Scan</ExcludedPaths> <ExcludedExtensions></ExcludedExtensions> </ScanSettings> <EngineSummarytotalSignatures="6328868"/> <ScanSummaryscannedArchives="524"scannedPacked="1075"startTime="1412234880"duration="7413418"> <TypeSummary type="1"scanned="29"infected="0"suspicious="0"disinfected="0"deleted="0"moved="0"moved_reboot="0"delete_reboot="0"renamed="0"hidden="0"/> <TypeSummary type="4"scanned="562"infected="4"suspicious="0"disinfected="0"deleted="4"moved="0"moved_reboot="0"delete_reboot="0"renamed="0"hidden="0"/> <TypeSummary type="0"scanned="2492207"infected="4"suspicious="0"disinfected="0"deleted="0"moved="2"moved_reboot="0"delete_reboot="0"renamed="0"hidden="0"/> <TypeSummary type="5"scanned="0"infected="0"suspicious="0"disinfected="0"deleted="0"moved="0"moved_reboot="0"delete_reboot="0"renamed="0"hidden="0"/> <TypeSummary type="2"scanned="4997"infected="0"suspicious="0"disinfected="0"deleted="0"moved="0"moved_reboot="0"delete_reboot="0"renamed="0"hidden="0"/> <TypeSummary type="3"scanned="4180"infected="0"suspicious="0"disinfected="0"deleted="0"moved="0"moved_reboot="0"delete_reboot="0"renamed="0"hidden="0"/> <TypeSummary type="6"scanned="269"infected="0"suspicious="0"disinfected="0"deleted="0"moved="0"moved_reboot="0"delete_reboot="0"renamed="0"hidden="0"/> </ScanSummary> <ScanDetails> <ResolvedDetails><Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\MZ7XXYFF.txt" threatType="0" threatName="Cookie.Advertising" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" /><Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\MARXOT4F.txt" threatType="0" threatName="Cookie.DoubleClick" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" /><Item type="0" objectType="0" path="C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6GOWSYR\setup[1].exe=>(NSIS o)=>lzma_solid_nsis0008" threatType="0" threatName="Trojan.Generic.11822573" action="9" allActions="3 7 1 9 1 9" initialStatus="3" finalStatus="6" quarId="7a8f9bea-fd6d-4325-80bd-823ec4ab43d0" failReason="0" /><Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\K52XKX7H.txt" threatType="0" threatName="Cookie.QuestionMarket" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" /><Item type="0" objectType="0" path="C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6GOWSYR\setup[1].exe=>(NSIS o)=>lzma_solid_nsis0024" threatType="0" threatName="Trojan.Generic.11822528" action="9" allActions="3 7 1 9 1 9" initialStatus="3" finalStatus="6" quarId="7a8f9bea-fd6d-4325-80bd-823ec4ab43d0" failReason="0" /><Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ENKB1X8.txt" threatType="0" threatName="Cookie.Casalemedia" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" /></ResolvedDetails> <IgnoredDetails></IgnoredDetails> <QuickScanDetails></QuickScanDetails><NotScannedDetailsskipped="106393"ioerrors="15"archiveBombs="0"passwordProtected="630">

Here is a copy of the scan report, but even after that ran, as you will see from the threat report i posted below i still had mbam continually telling me it was blocking something. I tried uninstalling chrome and firefox and the home page is no longer hijacked, I was not able to uninstall IE and that browser homepage is still hijacked even though if you look under setting it appears everything is normal. However, across all browser performance is down. I also tried getting rid of all temp. internet files but idk if that did anything.....Also I apologize I am not seeing and upload file option Scan Results: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/1/2014Scan Time: 12:53:21 AMLogfile: mbam threats.txtAdministrator: Yes Version: 2.00.2.1012Malware Database: v2014.10.01.01Rootkit Database: v2014.09.19.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Samual Scan Type: Custom ScanResult: CompletedObjects Scanned: 755399Time Elapsed: 11 hr, 15 min, 22 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledDeep Rootkit Scan: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 4PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1QULSRY0\GenericSS[1].zip, Quarantined, [acd942ad2457a591714376b8936e12ee], PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6GOWSYR\SPSetup[1].exe, Quarantined, [3a4b8d623f3cf343b2c685ab9c6507f9], PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QVCUIBIV\SPIdentifierImpl[1].exe, Quarantined, [3d48a847047765d113d08d0854ad03fd], PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SHGUKD3B\spstub[1].exe, Quarantined, [add87679d3a8f4420aaa3fef42bf6a96], Physical Sectors: 0(No malicious items detected) (end) Threat LOG: Malwarebytes Anti-Malwarewww.malwarebytes.org Detection, 10/1/2014 12:01:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49368, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:01:26 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49406, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:01:41 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49432, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:01:59 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49472, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:02:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49522, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:03:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57493, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:04:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57622, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Protection, 10/1/2014 12:11:29 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, Protection, 10/1/2014 12:11:29 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, Protection, 10/1/2014 12:11:29 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 12:12:08 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 12:21:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50922, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50922, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50924, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:34 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50944, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:34 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50945, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50947, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:44 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50960, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:44 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50961, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50967, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50970, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50972, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:21:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50973, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50978, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50988, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50989, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50994, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:13 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51074, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51424, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:32 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51459, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:22:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51662, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:23:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51682, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:23:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51683, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:23:10 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51719, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:23:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51941, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:24:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52506, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:24:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52685, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:25:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53424, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:25:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53726, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:27:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 64162, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:27:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 64290, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:29:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49549, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:29:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49812, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Protection, 10/1/2014 12:33:33 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, Protection, 10/1/2014 12:33:33 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, Protection, 10/1/2014 12:33:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 12:34:09 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 12:54:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55176, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55176, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55177, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55218, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:25 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55219, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:25 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55224, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:25 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55230, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55274, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:54:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55402, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:55:21 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55757, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:56:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 56044, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:57:05 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 56328, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:58:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 56875, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 1:00:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57153, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Update, 10/1/2014 1:56:06 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.1, 2014.10.1.2, Protection, 10/1/2014 1:56:07 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 1:56:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 1:56:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 1:56:22 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 1:56:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 1:56:27 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 2:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53365, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 2:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53365, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 2:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53366, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 2:48:11 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61408, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 2:48:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61409, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 2:48:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61408, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 2:48:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61545, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 2:48:36 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61640, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Update, 10/1/2014 3:31:00 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.2, 2014.10.1.3, Protection, 10/1/2014 3:31:01 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 3:31:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 3:31:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 3:31:08 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 3:31:08 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 3:31:10 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Update, 10/1/2014 5:30:23 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.3, 2014.10.1.4, Protection, 10/1/2014 5:30:24 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 5:30:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 5:30:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 5:30:37 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 5:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 5:30:43 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 6:00:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50422, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:00:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50423, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:00:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50422, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:00:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50546, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:00:52 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50618, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:01:09 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50740, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:01:37 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50900, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:02:15 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51076, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:03:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51380, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:03:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51381, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:04:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51764, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:06:39 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52326, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:08:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53001, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:09:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53200, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53213, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53214, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53215, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:02 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53219, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:02 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53220, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:11 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53283, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:14 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53291, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53447, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53448, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52329, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:10:57 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52560, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:11:35 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52681, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:12:32 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52854, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:13:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53093, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:15:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53533, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:15:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53534, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:17:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53917, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:29:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57482, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:30:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57526, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:30:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57577, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:30:41 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57623, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:31:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57687, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:31:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57765, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:23:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55063, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:23:20 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55074, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:23:32 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55185, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:23:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55298, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:24:15 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55403, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:24:15 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55404, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:24:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55515, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:25:52 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55639, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:27:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55889, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:27:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55891, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Update, 10/1/2014 11:30:37 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.4, 2014.10.1.6, Protection, 10/1/2014 11:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 11:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 11:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 11:30:59 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 11:30:59 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 11:31:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 11:38:35 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57891, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:35 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57891, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:36 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57894, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:43 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57954, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57967, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57968, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57969, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58042, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58076, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:57 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58077, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:38:57 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58078, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:39:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58176, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:39:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58346, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:39:39 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58347, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:40:21 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58665, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:41:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59239, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:41:23 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59240, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:42:48 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 60147, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:42:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 60149, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:44:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58763, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:46:51 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59609, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:56:16 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58617, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:56:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58618, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:56:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58660, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:14 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58817, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:14 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58818, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58846, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58847, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58866, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58917, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:31 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58918, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58937, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58959, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58960, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:57:51 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59104, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:58:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59192, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:58:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59385, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:58:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59388, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 11:59:53 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59716, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:01:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59924, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:01:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59976, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:01:34 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59977, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:03:20 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50860, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:03:20 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50861, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:05:20 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51307, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:37 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51494, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:38 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51495, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:38 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51496, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:45 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51515, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:45 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51516, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:47 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51528, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:57 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51590, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:58 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51594, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:06:58 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51595, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:00 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51629, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:07 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51700, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:08 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51701, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:09 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51702, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51717, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51721, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:36 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51756, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:07:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51764, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:08:02 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51826, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:08:18 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51875, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:08:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51896, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Protection, 10/1/2014 12:11:14 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, Protection, 10/1/2014 12:11:14 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, Protection, 10/1/2014 12:11:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 12:11:50 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 12:13:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57413, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:13:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57413, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:13:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57415, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:13:44 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57477, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:13:44 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57478, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:15:51 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 58302, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 12:15:51 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 58303, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Update, 10/1/2014 12:27:08 PM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.6, 2014.10.1.7, Protection, 10/1/2014 12:27:10 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 12:27:10 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 12:27:10 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 12:27:19 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 12:27:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 12:27:22 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Protection, 10/1/2014 1:08:45 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, Protection, 10/1/2014 1:08:46 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, Protection, 10/1/2014 1:08:46 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 1:09:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Protection, 10/1/2014 1:30:11 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, Protection, 10/1/2014 1:30:11 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, Protection, 10/1/2014 1:30:11 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 1:30:26 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Update, 10/1/2014 1:31:39 PM, SYSTEM, SAMUAL-PC, Manual, Malware Database, 2014.10.1.7, 2014.10.1.9, Protection, 10/1/2014 1:31:41 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 1:31:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 1:31:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 1:31:47 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 1:31:47 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 1:31:48 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Update, 10/1/2014 4:45:23 PM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.9, 2014.10.1.10, Protection, 10/1/2014 4:45:24 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 4:45:24 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 4:45:24 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 4:45:32 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 4:45:32 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 4:45:34 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 5:48:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62362, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 5:48:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62362, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 5:48:18 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62402, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 5:48:30 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62422, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 5:48:47 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62453, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 5:49:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62500, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 5:49:29 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 62653, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 5:49:30 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 62653, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Update, 10/1/2014 5:59:59 PM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.10, 2014.10.1.11, Protection, 10/1/2014 6:00:00 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, Protection, 10/1/2014 6:00:00 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/1/2014 6:00:00 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/1/2014 6:00:14 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, Protection, 10/1/2014 6:00:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, Protection, 10/1/2014 6:00:17 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, Detection, 10/1/2014 6:35:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49732, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:35:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49732, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:35:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49748, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:35:44 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49789, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:35:56 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49875, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:36:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49962, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:36:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50100, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:37:18 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50404, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:38:15 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50631, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:39:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51025, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:41:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51463, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 6:43:42 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51794, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:09:31 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53636, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:09:42 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53798, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:09:56 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53911, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:10:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54107, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:10:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54108, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:10:39 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54333, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:11:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54593, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:11:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54594, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:12:05 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54850, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:12:05 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54851, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:12:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54852, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Detection, 10/1/2014 7:12:17 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54913, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, (end)

I am good with computers but i am struggling with this browser hijack as it is nowhere to be found in any browser extension but when i start ie firefox or chrome it redirects to http://www.bing.com/?pc=COSP&ptag=AABF01BDF90604DD4AEF&form=CONMHP&conlogo=CT3210127 however when i look at the browser settings they all appear in normal order. I have used revo uninstaller to get rid of any strange programs but i still get popups from malwarebytes blocking ids.idlecrawler outgoing process. I was getting some dll extension errors but i believe that i have resolved that but thought i would mention it in case it was connected. From what i have found on the internet this is supposed to be simply removing and extension but it does not seem that easy. I am scanning for rootkits with MBAM now. Any help would help would be much appreciated,, also browser is going very slow! Thanks, Chip