Jump to content

Search the Community

Showing results for tags 'Firefox'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hello all - I just noticed this odd behavour in Firefox 27.0. When MBAE is active I cannot use Tools>Options to change the download folder location. Attempting to use the Browse button in the dialog box does NOT produce a folder list to let you specify a download folder. Additionally, if you check the option to "Always ask me where to save files" and you attempt a download a folder list WILL NOT appear and you can therefore not complete a download. Using the MBAE tray icon and selecting "Stop protection", then restarting Firefox allows you to both browse to a download folder to specify it and use the "Always ask me where to save files" option. Both srettings will produce a folder list dialog as long as MBAE protection is stopped. This is pretty ugly, as I have always kept Firefox set to prompt for a download location. Having to use a specific named download folder exclusively means I have to cut and paste any download to get it into the folder I want it in. Obviously this is not a show stopper but it sure is an annoyance!
  2. Hi all Over the past week i have been experiencing some annoying AdWare in all of my internet browsers What happens is When i go on any web site except Google within 15 seconds of the page loading the browser enters a redirect loop After about another 30 seconds the redirect loop stops and random music starts playing, and a new tab opens with an ad in it Because of this it is very difficult to do any work online, and as i am a Computer Science student whose work is mostly online and has deadlines to adhere to i can not do my work properly because of this and need to fix it as fast as possible. Things I have Tried scanning with MalwareBytes premium, which did not find anythingrunning ADWCleaner, which detected and removed some items but did not fix the problemscanning AVG Free 2015, which did not find anythingResetting all of my browsers to the default settingsRan ComboFix which did not do anythingRan Hijack This (Log is attached to this post)hijackthis.logRan RKill (Log is attached to this post)Rkill.txtBrowsing in incognito mode I have Also uploaded a video demonstrating what happens here https://www.youtube.com/watch?v=p42yRNLfA9w&feature=youtu.be But now i am fresh out of ideas I am hoping someone here will be able to help me Thanks In Advance Tom
  3. This past week, I noticed clicking on links on several different, completely unrelated sites would cause an extra tab to open up in Firefox that attempted to go to a URL at "popnexsus.com". I use noscript so I think I didn't get anything from that but I'm wondering if I somehow got infected with some kind of malware to cause the problem in the first place. This only happened for two days earlier this week and then completely stopped. Malwarebytes threat scan didn't turn up anything either but, to be doubly sure I'm clean, I'm posting here. Thanks. FRST.txt Addition.txt mbLog.txt
  4. I have MWB Premium, and Windows 7. I use FireFox exclusively and it is always updated. Lately my site usernames and passwords are not saving. I have FF set to remember all passwords and usernames as I am on a private computer. I have checked FF security in options and they are saved. But every time I go to a site, like this one, or FB, or Google, or any site I am a member of, I have to log in with my userename and password anew. The FF dropdown to save passwords appears and I click yes, but it does not ever save. Can a setting in MWB the reason my login info won't save? I use MS Security Essentials for antivirus and the Windows firewall. Thanks!
  5. Hi, I believe I got infection in my PC now. Win 8.1 pro 64 bit The problem so far found on Firefox (30.0) only. Firefox has Ad Block Plus plugin installed When browsing site that have google ads banner (I live in japan so I expect to see some Japanese site ads) , the banners will be replaced into some Russian or greek language ? banner with same sites, browsing with IE or chrome get correctly google ads banner. When browsing site that don't have google ads banner, warning popup may be shown. firefox may freeze after popup shown and it always re-pop after click stop script or continue I tried to scan with Malwarebytes Anti-Malware (Free edition) , it always found PUP.Optional.Delta.A at "C:\Users\my name\AppData\Roaming\Mozilla\Firefox\Profiles\bevxfsct.default\prefs.js" (after saw replaced banner in firefox)​​Scan with Avast (Free), AVG (Free), Windows Defender returned nothing much ..... Thank you in advance for any help. Best regards, Anuwat FRST file here FRST.txt Addition file here Addition.txt ​
  6. Hello malware experts, i just booted my pc the first time today and couldn't start my Firefox any more. After some google research i got the advice to run the malwarebytes Software. The log file after doing the full scan is attached to this thread, because i somehow wasn't able to post the text here?? Thanks! Ben log.txt
  7. I don't know if this a false positive or not, so I thought I should post it here. After my FireFox updated itself, Malwarebytes IP Protection blocked several outbound connections. I was on facebook and yahoo mail at the time, and I have the adblocker addon for FireFox. I tried recreating the scenario but nothing happened. I did a Threat Scan and found nothing. It had never done this before, and I think it's a FP because my FireFox had just updated. I'm no expert so I would like some confirmation on this. Here's the Protection Log and the Threat Scan Log that I did afterwards. Thank you Protection Log.txt Threat Scan Log.txt
  8. Help please! I bought pro version of malwarebytes and it found nothing in the scan. Pages keep refreshing every 15 seconds or so in both Firefox and chrome. This page refreshed 3 times while I was trying to write this. Attached files from the farber scan tool. FRST.txt Addition.txt
  9. Last couple weeks Firefox and Chrome have been laggy. Slow start ups. Flash crashes frequently. MBAM, CC Cleaner, and Trend Micro found no issues. Any and all help would be greatly appreciated. Frst.txt: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014 Ran by Bob (administrator) on BOB-PC on 05-05-2014 22:34:24 Running from C:\Users\Bob\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (HP) C:\Windows\System32\HPSIsvc.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Spotify Ltd) C:\Users\Bob\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Google Inc.) C:\Users\Bob\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler.exe (Google Inc.) C:\Users\Bob\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Dropbox, Inc.) C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Farbar) C:\Users\Bob\Desktop\FRST64(1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.) HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated) HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-09-23] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [FLxHCIm] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [43008 2011-04-08] (Windows ® Win 7 DDK provider) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1519176 2014-02-10] (Seagate Technology LLC) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2144928189-1839784273-1947254877-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911040 2013-04-22] (Microsoft Corporation) HKU\S-1-5-21-2144928189-1839784273-1947254877-1000\...\Run: [Google Update] => C:\Users\Bob\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-30] (Google Inc.) HKU\S-1-5-21-2144928189-1839784273-1947254877-1000\...\Run: [spotify Web Helper] => C:\Users\Bob\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-25] (Spotify Ltd) HKU\S-1-5-21-2144928189-1839784273-1947254877-1000\...\Run: [uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [126056 2014-02-10] (Seagate Technology LLC) Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Bob\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={931EBDB0-8ABF-4EB8-B4C8-03FFC30946E1}&mid=e6ac29d52f2047d09b4f854de0d436a0-9783a00025432450128841c76305d344105641b2〈=en&ds=AVG&pr=pr&d=2012-09-07 15:32:21&v=12.2.5.4&sap=dsp&q={searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={931EBDB0-8ABF-4EB8-B4C8-03FFC30946E1}&mid=e6ac29d52f2047d09b4f854de0d436a0-9783a00025432450128841c76305d344105641b2〈=en&ds=AVG&pr=pr&d=2012-09-07 15:32:21&v=12.2.5.4&sap=dsp&q={searchTerms} BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend Micro Inc.) BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (Trend Micro Inc.) BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend Micro Inc.) Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - No File Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.) Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (Trend Micro Inc.) Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\ao2gzv7m.default FF SelectedSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bob\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bob\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bob\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Extension: StumbleUpon - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\ao2gzv7m.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2012-01-25] FF Extension: Adblock Plus - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\ao2gzv7m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-27] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-04-24] FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-01-07] FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013-09-26] FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-04-24] FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [] Chrome: ======= CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Bob\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Bob\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Bob\AppData\Local\Google\Chrome\Application\34.0.1847.131\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) CHR Plugin: (Facebook Desktop) - C:\Users\Bob\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Google Drive) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-01] CHR Extension: (HootSuite Hootlet) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn [2013-08-22] CHR Extension: (YouTube) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-30] CHR Extension: (Google Search) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-30] CHR Extension: (Google Wallet) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01] CHR Extension: (Buffer) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2013-08-22] CHR Extension: (Gmail) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-30] CHR Extension: (Writer) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnengefjfhgcceajaepbjhanoojifmog [2012-03-30] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Bob\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-01] CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2013-05-01] ==================== Services (Whitelisted) ================= R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.) R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2010-02-17] () R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-04-17] () R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-02-10] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-02-10] (Seagate Technology LLC) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2671376 2012-04-17] (Intel® Corporation) R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X] ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation) R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [56320 2011-04-08] (Fresco Logic) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.) R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.) R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [116264 2013-09-04] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.) R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.) R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [85424 2013-09-04] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.) R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-08-22] (Trend Micro Inc.) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] U2 TMAgent; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-05 22:34 - 2014-05-05 22:34 - 00029413 _____ () C:\Users\Bob\Desktop\FRST.txt 2014-05-05 22:20 - 2014-05-05 22:20 - 02063872 _____ (Farbar) C:\Users\Bob\Downloads\FRST64(2).exe 2014-05-05 21:55 - 2014-05-05 21:55 - 02063872 _____ (Farbar) C:\Users\Bob\Desktop\FRST64(1).exe 2014-05-05 21:10 - 2014-05-05 21:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-05 21:10 - 2014-05-05 21:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-05 21:10 - 2014-05-05 21:10 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-05 21:10 - 2014-05-05 21:10 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-05 20:36 - 2014-05-05 20:36 - 04981160 _____ (Adobe Systems Inc.) C:\Users\Bob\Downloads\Shockwave_Installer_Slim (1).exe 2014-05-04 21:36 - 2014-03-06 06:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-04 21:36 - 2014-03-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-04 21:36 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-04 21:36 - 2014-03-06 05:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-04 21:36 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-04 21:36 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-04 21:36 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-04 21:36 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-04 21:36 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-04 21:36 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-04 21:36 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-04 21:36 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-04 21:36 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-04 21:36 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-04 21:36 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-04 21:36 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-04 21:36 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-04 21:36 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-04 21:36 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-04 21:36 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-04 21:36 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-04 21:36 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-04 21:36 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-04 21:36 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-04 21:36 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-04 21:36 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-04 21:36 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-04 21:36 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-04 21:36 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-04 21:36 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-04 21:36 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-04 21:36 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-04 21:36 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-04 21:36 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-04 21:36 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-04 21:36 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-04 21:36 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-04 21:36 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-04 21:36 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-04 21:36 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-04 21:36 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-04 21:36 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-04 21:36 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-04 21:36 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-04 21:36 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-04 21:36 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-04 21:36 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-04 21:36 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-02 21:29 - 2014-05-02 21:29 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\DropboxMaster 2014-04-30 22:10 - 2014-04-30 22:10 - 00450109 _____ () C:\Users\Bob\Downloads\OpenForms(15).cfm 2014-04-30 22:10 - 2014-04-30 22:10 - 00450109 _____ () C:\Users\Bob\Downloads\OpenForms(14).cfm 2014-04-30 22:09 - 2014-04-30 22:09 - 00040029 _____ () C:\Users\Bob\Downloads\OpenForms(13).cfm 2014-04-30 22:06 - 2014-04-30 22:06 - 00241914 _____ () C:\Users\Bob\Downloads\OpenForms(12).cfm 2014-04-30 22:06 - 2014-04-30 22:06 - 00241914 _____ () C:\Users\Bob\Downloads\OpenForms(11).cfm 2014-04-30 22:05 - 2014-04-30 22:05 - 00092421 _____ () C:\Users\Bob\Downloads\OpenForms(10).cfm 2014-04-30 22:00 - 2014-04-30 22:00 - 00216020 _____ () C:\Users\Bob\Downloads\OpenForms(9).cfm 2014-04-30 21:59 - 2014-04-30 21:59 - 00142051 _____ () C:\Users\Bob\Downloads\OpenForms(8).cfm 2014-04-30 21:59 - 2014-04-30 21:59 - 00142051 _____ () C:\Users\Bob\Downloads\OpenForms(7).cfm 2014-04-30 21:57 - 2014-04-30 21:57 - 00119122 _____ () C:\Users\Bob\Downloads\OpenForms(6).cfm 2014-04-30 21:27 - 2014-04-30 21:27 - 01467095 _____ () C:\Users\Bob\Downloads\OpenForms(5).cfm 2014-04-30 21:23 - 2014-04-30 21:23 - 00119122 _____ () C:\Users\Bob\Downloads\OpenForms(3).cfm 2014-04-30 21:23 - 2014-04-30 21:23 - 00107047 _____ () C:\Users\Bob\Downloads\OpenForms(4).cfm 2014-04-30 21:22 - 2014-04-30 21:22 - 01467095 _____ () C:\Users\Bob\Downloads\OpenForms(2).cfm 2014-04-30 21:22 - 2014-04-30 21:22 - 00107047 _____ () C:\Users\Bob\Downloads\OpenForms(1).cfm 2014-04-30 21:20 - 2014-04-30 21:20 - 00107047 _____ () C:\Users\Bob\Downloads\OpenForms.cfm 2014-04-29 19:53 - 2014-04-30 06:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-27 14:34 - 2014-04-27 14:34 - 00041599 _____ () C:\Users\Bob\Downloads\StatementPdf 2014-04-21 00:43 - 2014-05-02 22:44 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\vlc 2014-04-21 00:43 - 2014-04-21 00:43 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-21 00:43 - 2014-04-21 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-21 00:43 - 2014-04-21 00:43 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-14 16:44 - 2014-05-05 22:18 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\uTorrent 2014-04-09 19:43 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 19:43 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 19:43 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 19:43 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 19:43 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 19:43 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2014-05-05 22:34 - 2014-05-05 22:34 - 00029413 _____ () C:\Users\Bob\Desktop\FRST.txt 2014-05-05 22:34 - 2012-11-23 14:34 - 00000000 ____D () C:\FRST 2014-05-05 22:20 - 2014-05-05 22:20 - 02063872 _____ (Farbar) C:\Users\Bob\Downloads\FRST64(2).exe 2014-05-05 22:18 - 2014-04-14 16:44 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\uTorrent 2014-05-05 22:15 - 2011-11-01 19:50 - 01073677 _____ () C:\Windows\WindowsUpdate.log 2014-05-05 22:02 - 2009-07-14 01:13 - 00798054 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-05 21:58 - 2014-05-05 21:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-05 21:55 - 2014-05-05 21:55 - 02063872 _____ (Farbar) C:\Users\Bob\Desktop\FRST64(1).exe 2014-05-05 21:47 - 2012-03-30 11:11 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2144928189-1839784273-1947254877-1000UA.job 2014-05-05 21:44 - 2012-04-24 18:52 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-05 21:11 - 2012-01-01 19:14 - 00000000 ____D () C:\Users\Bob\AppData\Local\Adobe 2014-05-05 21:10 - 2014-05-05 21:10 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-05 21:10 - 2014-05-05 21:10 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-05 21:10 - 2014-05-05 21:10 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-05 21:00 - 2012-01-12 15:47 - 00000000 ___RD () C:\Users\Bob\Dropbox 2014-05-05 21:00 - 2012-01-12 15:29 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Dropbox 2014-05-05 20:59 - 2012-11-15 19:33 - 00000000 ____D () C:\Windows\Minidump 2014-05-05 20:57 - 2012-09-06 22:07 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-05 20:52 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-05 20:52 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-05 20:44 - 2012-04-24 18:52 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-05 20:44 - 2011-12-29 17:55 - 00045056 _____ () C:\Windows\system32\acovcnt.exe 2014-05-05 20:44 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-05 20:36 - 2014-05-05 20:36 - 04981160 _____ (Adobe Systems Inc.) C:\Users\Bob\Downloads\Shockwave_Installer_Slim (1).exe 2014-05-05 20:36 - 2012-04-29 12:24 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2014-05-05 06:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-04 18:47 - 2012-03-30 11:11 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2144928189-1839784273-1947254877-1000Core.job 2014-05-02 22:44 - 2014-04-21 00:43 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\vlc 2014-05-02 21:29 - 2014-05-02 21:29 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\DropboxMaster 2014-05-02 21:29 - 2011-12-29 17:54 - 00000000 ___RD () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-02 21:28 - 2012-09-15 11:55 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-04-30 22:10 - 2014-04-30 22:10 - 00450109 _____ () C:\Users\Bob\Downloads\OpenForms(15).cfm 2014-04-30 22:10 - 2014-04-30 22:10 - 00450109 _____ () C:\Users\Bob\Downloads\OpenForms(14).cfm 2014-04-30 22:09 - 2014-04-30 22:09 - 00040029 _____ () C:\Users\Bob\Downloads\OpenForms(13).cfm 2014-04-30 22:06 - 2014-04-30 22:06 - 00241914 _____ () C:\Users\Bob\Downloads\OpenForms(12).cfm 2014-04-30 22:06 - 2014-04-30 22:06 - 00241914 _____ () C:\Users\Bob\Downloads\OpenForms(11).cfm 2014-04-30 22:05 - 2014-04-30 22:05 - 00092421 _____ () C:\Users\Bob\Downloads\OpenForms(10).cfm 2014-04-30 22:00 - 2014-04-30 22:00 - 00216020 _____ () C:\Users\Bob\Downloads\OpenForms(9).cfm 2014-04-30 22:00 - 2012-11-27 11:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-04-30 21:59 - 2014-04-30 21:59 - 00142051 _____ () C:\Users\Bob\Downloads\OpenForms(8).cfm 2014-04-30 21:59 - 2014-04-30 21:59 - 00142051 _____ () C:\Users\Bob\Downloads\OpenForms(7).cfm 2014-04-30 21:57 - 2014-04-30 21:57 - 00119122 _____ () C:\Users\Bob\Downloads\OpenForms(6).cfm 2014-04-30 21:27 - 2014-04-30 21:27 - 01467095 _____ () C:\Users\Bob\Downloads\OpenForms(5).cfm 2014-04-30 21:23 - 2014-04-30 21:23 - 00119122 _____ () C:\Users\Bob\Downloads\OpenForms(3).cfm 2014-04-30 21:23 - 2014-04-30 21:23 - 00107047 _____ () C:\Users\Bob\Downloads\OpenForms(4).cfm 2014-04-30 21:22 - 2014-04-30 21:22 - 01467095 _____ () C:\Users\Bob\Downloads\OpenForms(2).cfm 2014-04-30 21:22 - 2014-04-30 21:22 - 00107047 _____ () C:\Users\Bob\Downloads\OpenForms(1).cfm 2014-04-30 21:21 - 2011-12-30 01:55 - 00000000 ____D () C:\Users\Bob\AppData\Roaming\Adobe 2014-04-30 21:20 - 2014-04-30 21:20 - 00107047 _____ () C:\Users\Bob\Downloads\OpenForms.cfm 2014-04-30 16:21 - 2012-05-04 09:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-30 06:47 - 2014-04-29 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-27 14:34 - 2014-04-27 14:34 - 00041599 _____ () C:\Users\Bob\Downloads\StatementPdf 2014-04-21 00:43 - 2014-04-21 00:43 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-04-21 00:43 - 2014-04-21 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-21 00:43 - 2014-04-21 00:43 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-04-21 00:19 - 2011-12-30 02:28 - 00000000 ____D () C:\Users\Bob\AppData\Local\Windows Live 2014-04-12 15:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache 2014-04-09 22:34 - 2013-07-15 08:36 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 22:34 - 2011-12-30 03:09 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-09 22:32 - 2011-12-30 14:26 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-06 14:12 - 2011-12-31 16:19 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-05 18:57 - 2012-01-07 02:20 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk 2014-04-05 18:57 - 2012-01-07 02:20 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk 2014-04-05 18:57 - 2012-01-07 02:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 Some content of TEMP: ==================== C:\Users\Bob\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgjszzi.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-21 14:50 ==================== End Of Log ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014 Ran by Bob at 2014-05-05 22:35:24 Running from C:\Users\Bob\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Trend Micro Titanium Internet Security (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Trend Micro Titanium Internet Security (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1} ==================== Installed Programs ====================== Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.) Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated) Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden Age of Empires III: Complete Collection (HKLM-x32\...\GFWL_{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Game Studios) Age of Empires III: Complete Collection (x32 Version: 1.0.0000.1 - Microsoft Game Studios) Hidden Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment) Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version: - Remedy Entertainment) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}) (Version: 1.7.17.25416 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.7.17.25416 - Alcor Micro Corp.) Hidden Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon) Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce) Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.) ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS) ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS) ASUS U Series ScreenSaver (HKLM-x32\...\ASUS U Series ScreenSaver) (Version: 1.0.0002 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.6.125 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS) Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team) Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - ) Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.) Best Buy pc app (Version: 3.2.2.0 - Best Buy) Hidden Best Buy pc app (x32 Version: 3.2.2.0 - Best Buy) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) calibre (HKLM-x32\...\{A3810BEE-967B-41DC-9662-F941A3F7D689}) (Version: 0.8.58 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Cold Turkey version 0.7 (HKLM\...\{6498E673-B9C2-4544-A722-1E854B5B573E}_is1) (Version: 0.7 - Felix Belzile) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC53C6A4-1CC4-48A5-91F3-565BB7978B22}) (Version: - Microsoft) Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment) Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.2.9991 - Blizzard Entertainment) Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.) Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ETDWare PS/2-X64 8.0.5.0_WHQL (HKLM\...\Elantech) (Version: 8.0.5.0 - ELAN Microelectronic Corp.) Evernote v. 5.1.2 (HKLM-x32\...\{12FB6296-8840-11E3-86D7-00163E98E7D0}) (Version: 5.1.2.2387 - Evernote Corp.) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS) Freedom (HKLM-x32\...\{27A92F26-C572-42B4-95C6-FD8C8B9203AB}) (Version: 0.5.2 - Freedom) Fresco Logic USB3.0 Host Controller (HKLM\...\{B1E301A1-C2B4-4B0B-AF31-C71F8A53DCDA}) (Version: 3.0.119.1 - Fresco Logic Inc.) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - ) Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.) Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{7D220A57-969F-4D09-9297-D48195A8ABDD}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard) HP Deskjet 3050 J610 series Product Improvement Study (HKLM\...\{860B418B-F90B-465A-BC1D-04B518045C72}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation) Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{705EE775-5776-48FD-B704-C3C9CF535420}) (Version: 15.1.1.0170 - Intel Corporation) Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel) Intel® WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation) Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless WiFi Software (HKLM\...\{BAA0BE9B-9E6D-4802-91CB-FB7ED5CD4BEF}) (Version: 15.01.1500.1034 - Intel Corporation) Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5C1DA3D9-F590-4317-A4FB-274F658E504B}) (Version: 6.05.0000 - Intel Corporation) iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version: - ) Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 en-US)) (Version: 24.5.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Music Mover (HKLM-x32\...\Music Mover_is1) (Version: - ) Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - ) NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PoxNora (HKLM-x32\...\Steam App 201210) (Version: - Sony Online Entertainment) QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games) SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS) Scrivener (HKLM-x32\...\Scrivener 1610) (Version: 1610 - Literature and Latte) Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate) Seagate Manager Installer (HKLM-x32\...\InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}) (Version: 2.01.0109 - Seagate) Seagate Manager Installer (HKLM-x32\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate) Seagate Manager Installer (x32 Version: 2.01.0600 - Seagate) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Sins of a Solar Empire: Trinity (HKLM-x32\...\Steam App 201290) (Version: - ) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys ) Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC) Terraria (HKLM-x32\...\Steam App 105600) (Version: - ) The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic) The Banner Saga: Factions (HKLM-x32\...\Steam App 219340) (Version: - Stoic) Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2553444) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8E076AE6-4E29-4056-A13F-70CC8F433FB5}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version: - Microsoft) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Phone app for desktop (HKLM-x32\...\{E786AE85-8A30-4CF2-BF70-57404A5CD684}) (Version: 1.0.1720.1 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS) WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS) ==================== Restore Points ========================= 26-04-2014 21:23:07 Windows Update 27-04-2014 04:47:53 Windows Update 27-04-2014 15:12:44 Windows Update 28-04-2014 10:40:11 Windows Update 28-04-2014 11:06:06 Windows Update 29-04-2014 02:15:42 Windows Update 30-04-2014 10:43:14 Windows Update 30-04-2014 11:11:00 Windows Update 30-04-2014 22:16:49 Windows Update 01-05-2014 03:43:45 Windows Update 02-05-2014 02:11:26 Windows Update 03-05-2014 02:45:03 Windows Update 05-05-2014 01:34:24 Windows Update 06-05-2014 00:57:06 TITANUIMRES ==================== Hosts content: ========================== 2009-07-13 22:34 - 2012-11-27 10:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0B4C587B-ECF4-4234-822C-5ECA8E0FFDA1} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {0E4CAD71-5DBB-4B57-83A0-AA056F51D3D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {0F53AA80-610B-46A8-8147-4ADBE004B81E} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-02-10] (Seagate Technology LLC) Task: {2F06A976-D367-40DC-AAEC-D2722E25842F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2144928189-1839784273-1947254877-1000UA => C:\Users\Bob\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.) Task: {3C6DDDFA-BDB9-49B0-AF7C-99F34A540CB3} - System32\Tasks\Bob => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-02-10] (Seagate Technology LLC) Task: {3FA0BAD1-6B77-4A0F-B327-817927801C7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24] (Google Inc.) Task: {41EEEDF9-9EB0-4E3C-AE59-16947B326808} - System32\Tasks\AdobeAAMUpdater-1.0-Bob-PC-Bob => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated) Task: {460C73F6-0ED7-47B2-8721-5501D6497039} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2144928189-1839784273-1947254877-1000Core => C:\Users\Bob\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.) Task: {5DD34CFE-F1C1-4D57-A213-0C09992FBE5D} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation) Task: {72465B5E-716F-4F2F-B6DE-23309C5EBDE0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-05] (Adobe Systems Incorporated) Task: {88C5435A-A912-476F-963C-4E58AB51E4FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24] (Google Inc.) Task: {8CC8F309-2F48-4EAC-9EF1-D607CE135A30} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-01] (ASUS) Task: {A9A309EB-0A40-4057-B55C-78351A4F368A} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS) Task: {AA52D50E-4DF8-4791-B79E-B243F9D6E43A} - System32\Tasks\Bob Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-02-10] (Seagate Technology LLC) Task: {AC545705-EF8B-4EE3-AC1D-F293A4BE19A0} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-27] (Trend Micro Inc.) Task: {B5565638-F9DA-4B52-8BE7-1838A7D219D4} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {B980A9DE-D6CA-4F3E-B484-63D5B360549F} - System32\Tasks\Bob DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-02-10] (Seagate Technology LLC) Task: {BA60ABD2-6891-42A5-923E-6732D7AD5D1A} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {BD5BAD7C-5345-4950-B261-56C7AAF5F402} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {C2D88B74-AF92-47B1-88BB-3EF772CFDECE} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS) Task: {C6F596E1-45D4-4079-8AFA-671BF624BD02} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd) Task: {F530B054-AC42-4F0C-85FE-F47377986ABE} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-11] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2144928189-1839784273-1947254877-1000Core.job => C:\Users\Bob\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2144928189-1839784273-1947254877-1000UA.job => C:\Users\Bob\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-01 19:29 - 2012-08-31 15:03 - 00288768 _____ () C:\Windows\System32\HP1100LM.DLL 2013-09-01 19:09 - 2012-08-31 15:02 - 00074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2013-09-26 07:24 - 2013-01-15 22:19 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll 2013-09-26 07:24 - 2013-04-02 00:25 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll 2013-09-26 07:24 - 2013-01-15 22:23 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll 2013-09-26 07:24 - 2012-12-18 16:06 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll 2013-09-26 07:24 - 2013-01-15 22:19 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll 2013-09-26 07:12 - 2013-07-23 11:28 - 00247352 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll 2011-12-31 12:41 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2011-12-30 12:56 - 2010-02-17 19:25 - 00149504 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2011-12-30 12:56 - 2010-02-17 19:25 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe 2011-12-30 12:56 - 2010-02-09 16:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe 2011-11-01 20:04 - 2007-11-30 14:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll 2010-05-11 20:35 - 2010-05-11 20:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe 2011-07-15 04:14 - 2011-01-26 20:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-01-08 06:45 - 2013-12-18 09:33 - 00057584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll 2011-06-10 10:49 - 2011-06-10 10:49 - 00060928 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe 2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-05-30 13:48 - 2011-05-30 13:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2011-06-10 10:49 - 2011-06-10 10:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll 2014-05-05 20:45 - 2014-05-05 20:45 - 00041984 ____N () c:\users\bob\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgjszzi.dll 2013-10-18 19:55 - 2013-10-18 19:55 - 25100288 _____ () C:\Users\Bob\AppData\Roaming\Dropbox\bin\libcef.dll 2014-03-29 13:54 - 2014-03-29 13:54 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-05-05 21:10 - 2014-05-05 21:10 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Bob^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: MaxMenuMgr => "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SkyDrive => "C:\Users\Bob\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Bob\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/05/2014 08:57:03 PM) (Source: VSS) (User: ) (EventID: 8194) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {02ed6beb-b274-4b3e-82d0-b4dea753500b} Error: (05/04/2014 07:00:00 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (05/04/2014 11:31:23 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledSPRetry 12230 Error: (05/04/2014 11:31:23 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledEvent 12230 Error: (05/04/2014 11:31:23 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/04/2014 11:31:22 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledSPRetry 11107 Error: (05/04/2014 11:31:22 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledEvent 11107 Error: (05/04/2014 11:31:22 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/04/2014 11:31:21 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledSPRetry 10077 Error: (05/04/2014 11:31:21 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledEvent 10077 System errors: ============= Error: (05/05/2014 08:44:12 PM) (Source: EventLog) (User: ) (EventID: 6008) Description: The previous system shutdown at 8:43:01 PM on ‎5/‎5/‎2014 was unexpected. Error: (05/05/2014 06:21:55 AM) (Source: bowser) (User: ) (EventID: 8003) Description: The master browser has received a server announcement from the computer JESSICA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D5EABD6E-10A6-4A86-A8AC-37F77E0B8643}. The master browser is stopping or an election is being forced. Error: (05/04/2014 09:37:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Update for Windows 7 for x64-based Systems (KB2847077). Error: (05/04/2014 09:37:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Update for Windows 7 for x64-based Systems (KB2798162). Error: (05/04/2014 09:36:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Update for Windows 7 for x64-based Systems (KB2904266). Error: (05/04/2014 09:35:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Security Update for Windows 7 for x64-based Systems (KB2916036). Error: (05/04/2014 09:35:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Security Update for Windows 7 for x64-based Systems (KB2930275). Error: (05/04/2014 09:35:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Security Update for Windows 7 for x64-based Systems (KB2868725). Error: (05/04/2014 09:35:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Security Update for Windows 7 for x64-based Systems (KB2872339). Error: (05/04/2014 09:35:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) (EventID: 20) Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: Security Update for Windows 7 for x64-based Systems (KB2849470). Microsoft Office Sessions: ========================= Error: (05/05/2014 08:57:03 PM) (Source: VSS) (User: ) (EventID: 8194) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {02ed6beb-b274-4b3e-82d0-b4dea753500b} Error: (05/04/2014 07:00:00 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: D:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006) Error: (05/04/2014 11:31:23 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledSPRetry 12230 Error: (05/04/2014 11:31:23 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledEvent 12230 Error: (05/04/2014 11:31:23 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/04/2014 11:31:22 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledSPRetry 11107 Error: (05/04/2014 11:31:22 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledEvent 11107 Error: (05/04/2014 11:31:22 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/04/2014 11:31:21 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledSPRetry 10077 Error: (05/04/2014 11:31:21 AM) (Source: Bonjour Service) (User: ) (EventID: 100) Description: Task Scheduling Error: m->NextScheduledEvent 10077 CodeIntegrity Errors: =================================== Date: 2012-11-27 09:37:32.685 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-27 09:37:32.638 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-27 09:37:32.607 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-27 09:37:32.560 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-25 12:58:47.859 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-25 12:58:47.828 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 8102.76 MB Available physical RAM: 5088.27 MB Total Pagefile: 16203.7 MB Available Pagefile: 12812.95 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:673.64 GB) (Free:481.41 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 496B9619) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=674 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  10. Lenovo Yoga 13, Windows 8.1 Any page I'm on is automatically refreshing every 15 seconds or so in both Firefox and chrome. I bought the Malwarebytes premium version and it found nothing. Tried uninstall/re install, system restore, nothing works. I found through searching more people are having this problem but only in chrome, and Google is saying to try incognito mode but it happens there too. I've disabled plugins and gotten rid of all extensions and it is still happening. Please help!
  11. For about eleven days - Outlook: Can not open emails properly. I have to hit "reply" to get them to open up to read. I can not view attachments in the emails. I have to use my phone to look at attachments in the emails. Firefox: Can not minimize or move windows. Where they open is where they stay. I can not click on a background window and have it come forward. I have to use the images on task bar in order to move to a different window. Downloads also mostly don't happen. It doesn't behave normally. Malwarebytes: Can not move to different tabs. Frozen on one tab. I can only move to another if I play with Dreamweaver and upload a file. If I do that a couple times, I can quick like a bunny jump to MWBts and try to click a different tab. Sometimes that works - sometimes it doesn't. I do have the most recent Malwarebytes version. I haven't been able to explore it all yet because I can't get in to the different tabs. If I do get into a tab, I can't change the setting. It took me several tries, playing with Dreamweaver at the same time, to be able to click the root scan option in the defense tab. (I can't remember what it was exactly called because I am not in that tab right now and it would take a lot of time and effort to get back in there and look at it) I have also had various things - other programs - simply freeze and have to be shut down and reopened. Dreamweaver did once. I have run rkill many times - it always says that C:\Windows\SysWOW64\rundll32.exe is a problem, but it doesn't kill it. Other times it brings up additonal roots - but always that one with it I run ccleaner right after that - then run Malwarebytes. There were some PUPS that were originally, in the first day or two, found. Malwarebytes has not found anything since - but the symptoms continue without abatement and seem to be getting worse. I did use the chameleon. It didn't find anything. There was one thing with Drop box that was unusual - so I uninstalled Drop box. I was looking for something in the drop and came across a "screenshots" folder. I don't save screenshots to Drop box. I looked in there - and it is screenshots of my email, facebook, etc. I didn't take those screenshots. There were about 50 over the space of a few weeks. I think it is unrelated to the present problem because the present problem is only 11 days old. At any rate. I always save screenshots to Paint and then to a topical folder. I experimented with hitting the 'prt sc' with a finger, as if it might happen accidently while typing. Quiet a stretch. And my experiment didn't result in anything being saved to Drop box. But... that might be off topic as the screenshots were several weeks older than the current problem. Just saying on the off chance. Anyway - I am ready to use combo, I think.
  12. Hello there. Every time (daily) Malwarebytes runs it finds entries for Babylon toolbar inside the prefs.js file in my Firefox profile. For the first few times I clicked 'Quarantine all', but the next scan the detections are back. I then tried manually selecting 'quarantine' for each item (about 20) but when the next scan is run, guess what? They're baa-aaack!. I then deleted the prefs.js file from this path: AppData\Roaming\Mozilla\Firefox\Profiles\nnnnnnnnnn\ but, you guessed it. The detections were back in the next scan. I'm really getting tired of this and would love to hear an explanation. Here are some typical entries: PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"), Replaced,[da9b53d6403b39fd095d79d1ce36ca36] PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.smplGrp", "none"), Replaced,[1263ec3d92e9bf7767ffa9a1ee16d12f] PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.srcExt", "ss"), Replaced,[175efd2cf289ba7cb5b163e780841ee2] PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.tlbrId", "base"), Complete log attached.MB_Log.txt Thank-you.
  13. Hello all, I really need help with this thing. This what happened: I needed two browsers today on my Laptop so I went ahead and downloaded Firefox. As many would do, I just typed in firefox on google and clicked first link which showed up. I never imagined google would show a virused website first. It seems I downloaded firefox from gol-apps.com and after installation it messed up my laptop. I can't sign in to yahoo anymore cuz it says my Java script is not enabled but my java is definitely enabled. Also some other pages which require java will not show anymore. I tried updating to latest java but that didn't fix my issue. I think it's the virus from the firefox installer I got which is messing it up. Is there any way I can fix what I did ? Please, I really need suggestions on what to do as I just bought this laptop and I have some important stuff on it and I don't wish to harm my laptop/informatio more. Thank you!
  14. From my log: Protection, 4/4/2014 7:49:14 AM, SYSTEM, PARIAHPRESS-PC, Protection, Malware Protection, Starting, Protection, 4/4/2014 7:49:14 AM, SYSTEM, PARIAHPRESS-PC, Protection, Malware Protection, Started, Protection, 4/4/2014 7:49:14 AM, SYSTEM, PARIAHPRESS-PC, Protection, Malicious Website Protection, Starting, Protection, 4/4/2014 7:49:43 AM, SYSTEM, PARIAHPRESS-PC, Protection, Malicious Website Protection, Started, Update, 4/4/2014 2:05:03 PM, SYSTEM, PARIAHPRESS-PC, Scheduler, Malware Database, 2014.4.3.11, 2014.4.4.5, Protection, 4/4/2014 2:05:04 PM, SYSTEM, PARIAHPRESS-PC, Protection, Refresh, Starting, Protection, 4/4/2014 2:05:04 PM, SYSTEM, PARIAHPRESS-PC, Protection, Malicious Website Protection, Stopping, Protection, 4/4/2014 2:05:04 PM, SYSTEM, PARIAHPRESS-PC, Protection, Malicious Website Protection, Stopped, Protection, 4/4/2014 2:05:08 PM, SYSTEM, PARIAHPRESS-PC, Protection, Refresh, Success, Protection, 4/4/2014 2:05:08 PM, SYSTEM, PARIAHPRESS-PC, Protection, Malicious Website Protection, Starting, Protection, 4/4/2014 2:05:09 PM, SYSTEM, PARIAHPRESS-PC, Protection, Malicious Website Protection, Started, Detection, 4/4/2014 2:29:40 PM, pariahpress, PARIAHPRESS-PC, Protection, Malware Protection, File, PUP.Optional.HotMailWatcher.A, C:\Users\pariahpress\AppData\Roaming\Mozilla\Firefox\Profiles\mzzsmc8q.default-1356549169109\extensions\hotmailwatcher@sonthakit.xpi, Allow, [e96c79adf9828ea8b86516474db5916f] Now I didn't have a problem with it this morning before the update. I used Firefox and didn't get any error... After the update: Got the warning.... Please check? Thank you
  15. Hello, On my PC, a full Malwarebytes Anti-Malware scan used to take 1 hour and 15 minutes, but it now takes 2 hours and 15 minutes. I'm wondering if it's because I recently installed Adblock Plus in both Firefox and Internet Explorer. According to two websites, Adblock Plus employs 37,000 filters, so my guess is that having it in both Firefox and Internet Explorer makes it 74,000 filters. Would that be the culprit for adding an hour to my full Malwarebytes Anti-Malware scans? I have recently added the following programs to my PC: January 7, 2014: • Malwarebytes Anti-Rootkit • Malwarebytes Anti-Exploit • Adblock Plus • Adblock Plus Pop-up Addon • Webutation January 8, 2014: • Adobe Flash Player 11 for Internet Explorer • Adblock Plus for Internet Explorer January 9, 2014: • Malwarebytes Anti-Malware Pro license activated • InPaint installed from Giveaway of the Day site January 10, 2014: • Uninstalled McAfee Security Scan Plus which came "bundled" with Adobe Flash (I already have McAfee SecurityCenter) Here are the two websites that mention Adblock Plus' 37,000 filters: [1 of 2] Adblock Plus • View topic - Adblock Plus slows Firefox site load time on warm restarts. https://adblockplus.org/forum/viewtopic.php?t=17158#p80749 [says Adblock Plus has 37,000 filters.] [2 of 2] How to Remove Ads, Wasted Page Space and Annoying Content http://www.techsupportalert.com/content/how-remove-ads-wasted-page-space-and-annoying-content.htm << Performance After a few years of using ABP, I started searching for the source of the constant freezes and memory leaks I was having in my otherwise smoothly running Firefox. EasyList and the other popular filter lists sadly turned out to be the culprits. This is what I found: (1) ABP with subscription lists enabled accounted for 40% of Firefox's internal memory usage, roughly 40MB or about the same as Firefox's own code (not to be confused with the total RAM usage as reported by Task Manager and the like, which is around 200MB for me). Removing the lists entirely (disabling them is not enough!) and leaving only the manual lists reduced this to 400KB, which is pretty much the average of all add-ons; (2) Firefox reacted much more smoothly and froze much less when loading pages with the lists disabled; (3) EasyList contains 37,000 filters at the moment and more are added every week. Only 100 or 200 of those filters had ever had any hits, despite months or years of browsing. The reason popular filter lists make Firefox slow is because of their size. All filters need to be loaded and possibly applied on each page, which is a gargantuan task. <<
  16. First, I'm not totally sure what I'm doing here or what you may need so here goes: My laptop is about 12 years old running Windows XP sp2 so secondly, I don't know if you can even help me, it's so old (I've seen some forums refuse to help people running Windows XP). I apologize if that's the case, but thanks anyway! I hadn't used this computer for a couple years but I've started using it again and I decided to do some basic maintenance (updates, defragment, scan with avg etc) in an attempt to improve performance and as part of that process, someone recommended me to use IObit's Advanced System Care. So I did and I've discovered since then that no matter what I do, my homepage (for firefox) is set to yahoo! and both Firefox and Chrome keep having the default search engine set to yahoo. I'm not 100% convinced it was Advanced System Care that caused the problem though, I have it on my desktop and I've never had this problem before (I just noticed the problem after installing it). I ran MBAM but it didn't resolve the issue; also ran DDS. In summary: Am I beyond hope? (with my computer being so old) and if not: Please help me fix my homepage/default search engine settings back to google, if possible. To your knowledge, is Advanced System Care/IObit known to be associated with malware? (And should I remove it?) Thank you! DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.5.0_06 Run by Michelle at 16:00:14 on 2014-01-18 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.316 [GMT -8:00] . AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\AVG\AVG2014\avgidsagent.exe C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\stsystra.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\windows\system32\igfxpers.exe C:\windows\system32\hkcmd.exe C:\program files\common files\java\java update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE C:\PROGRAM FILES\DELL SUPPORT CENTER\BIN\SPRTCMD.EXE C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - <orphaned> BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\surfing protection\browerprotect\ASCPlugin_Protection.dll BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned> TB: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [dla] c:\windows\system32\dla\tfswctrl.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [sunJavaUpdateSched] c:\program files\common files\java\java update\jusched.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\michelle\application data\mozilla\firefox\profiles\6h3chw64.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-1-17 15808] R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848] R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare 7\ASCService.exe [2014-1-17 881440] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] S?2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544] S2 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-1-17 2151200] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-28 25112] . =============== Created Last 30 ================ . 2014-01-18 23:51:44 1893 ----a-w- c:\windows\bcmwltrytmp.reg 2014-01-18 20:38:33 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-01-18 18:49:43 -------- d-----w- c:\windows\SxsCaPendDel 2014-01-18 08:49:59 954368 ------w- c:\windows\system32\dllcache\mfc40.dll 2014-01-18 08:49:58 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll 2014-01-18 08:43:33 617472 ------w- c:\windows\system32\dllcache\comctl32.dll 2014-01-18 08:42:20 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2014-01-18 08:42:05 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll 2014-01-18 08:41:56 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll 2014-01-18 08:41:12 25088 ------w- c:\windows\system32\dllcache\hidparse.sys 2014-01-18 08:21:33 5376 ------w- c:\windows\system32\dllcache\usbd.sys 2014-01-18 07:34:17 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2014-01-18 07:34:17 265728 ------w- c:\windows\system32\dllcache\http.sys 2014-01-18 07:34:17 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2014-01-18 07:33:43 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2014-01-18 07:33:43 149504 ------w- c:\windows\system32\dllcache\rastls.dll 2014-01-18 07:33:36 471552 ------w- c:\windows\system32\dllcache\aclayers.dll 2014-01-18 07:31:51 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2014-01-18 07:31:40 3072 ------w- c:\windows\system32\iacenc.dll 2014-01-18 07:31:40 3072 ------w- c:\windows\system32\dllcache\iacenc.dll 2014-01-18 07:31:29 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2014-01-18 04:17:28 -------- d-----w- C:\DrvInstall 2014-01-18 03:56:59 27904 ----a-w- c:\windows\system32\drivers\risdptsk.sys 2014-01-18 03:16:26 920088 ----a-w- c:\windows\system32\igxpun.exe 2014-01-18 03:16:26 -------- d-----w- c:\windows\system32\x64 2014-01-18 03:16:26 -------- d-----w- c:\windows\system32\Lang 2014-01-18 03:14:41 57344 ----a-w- c:\windows\system32\igxprd32.dll 2014-01-17 22:45:45 24384 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2014-01-17 22:08:36 -------- d-----w- c:\documents and settings\michelle\AppData 2014-01-17 22:08:26 -------- d-----w- c:\documents and settings\all users\application data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-01-17 22:08:17 -------- d-----w- c:\documents and settings\all users\application data\ProductData 2014-01-17 16:03:56 31008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe 2014-01-17 16:02:46 -------- d-----w- c:\documents and settings\all users\application data\IObit 2014-01-17 16:02:45 103424 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll 2014-01-17 16:02:15 15808 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys 2014-01-17 16:01:14 -------- d-----w- c:\documents and settings\michelle\application data\IObit 2014-01-13 21:08:59 272496 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll 2014-01-13 21:08:44 28272 ----a-w- c:\program files\mozilla firefox\plugin-hang-ui.exe 2014-01-13 21:08:24 170960 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe 2014-01-13 21:08:24 108144 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe 2014-01-13 21:08:19 17248 ----a-w- c:\program files\mozilla firefox\plugins\NPOFFICE.DLL 2014-01-13 21:08:19 1642496 ----a-w- c:\program files\mozilla firefox\plugins\npdjvu.dll . ==================== Find3M ==================== . 2014-01-18 04:15:11 1952512 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS 2014-01-14 12:13:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-01-14 12:13:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll 2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-11-06 05:50:48 120600 ----a-w- c:\windows\system32\drivers\avgdiskx.sys 2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll 2013-11-05 05:57:30 209176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2013-11-01 07:00:28 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2013-11-01 06:30:08 222520 ----a-w- c:\windows\system32\drivers\avglogx.sys 2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys 2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll 2013-10-29 07:57:33 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll 2013-10-29 07:57:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-10-29 00:45:02 385024 ----a-w- c:\windows\system32\html.iec 2013-10-25 06:28:32 147768 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll . ============= FINISH: 16:01:55.31 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 6/8/2008 12:52:53 PM System Uptime: 1/18/2014 3:49:16 PM (1 hours ago) . Motherboard: Dell Inc. | | 0FF049 Processor: Genuine Intel® CPU T2250 @ 1.73GHz | Microprocessor | 795/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 68 GiB total, 9.531 GiB free. D: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E96A-E325-11CE-BFC1-08002BE10318} Description: Ricoh MMC Host Controller Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01CD1028&REV_01\4&2FE911E8&0&0AF0 Manufacturer: Ricoh Company Name: Ricoh MMC Host Controller PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01CD1028&REV_01\4&2FE911E8&0&0AF0 Service: rimmptsk . ==== System Restore Points =================== . RP1: 1/17/2014 4:00:02 AM - System Checkpoint RP2: 1/17/2014 4:08:46 AM - Removed Java 7 Update 9 RP3: 1/17/2014 4:10:02 AM - Installed Java 7 Update 51 RP4: 1/17/2014 9:57:08 AM - Removed Microsoft Visual C++ 2005 Redistributable RP5: 1/17/2014 10:01:29 AM - Removed SPORE™ RP6: 1/17/2014 7:13:13 PM - Driver Booster : Mobile Intel® 945GM Express Chipset Family RP7: 1/17/2014 11:45:51 PM - Software Distribution Service 3.0 RP8: 1/18/2014 1:02:56 AM - Software Distribution Service 3.0 RP9: 1/18/2014 10:08:58 AM - IObit Uninstaller restore point RP10: 1/18/2014 10:14:00 AM - Prior to using IObit to uninstall all the things RP11: 1/18/2014 10:14:24 AM - IObit Uninstaller restore point RP12: 1/18/2014 10:16:26 AM - IObit Uninstaller restore point RP13: 1/18/2014 10:18:32 AM - IObit Uninstaller restore point RP14: 1/18/2014 10:27:44 AM - IObit Uninstaller restore point RP15: 1/18/2014 10:28:30 AM - Removed IObit Apps Toolbar v8.6. RP16: 1/18/2014 10:43:26 AM - IObit Uninstaller restore point RP17: 1/18/2014 10:46:18 AM - IObit Uninstaller restore point RP18: 1/18/2014 10:47:17 AM - Removed Microsoft Visual C++ 2005 Redistributable RP19: 1/18/2014 10:50:46 AM - IObit Uninstaller restore point RP20: 1/18/2014 10:51:04 AM - Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 RP21: 1/18/2014 10:53:08 AM - IObit Uninstaller restore point RP22: 1/18/2014 10:57:19 AM - IObit Uninstaller restore point RP23: 1/18/2014 11:16:26 AM - IObit Uninstaller restore point RP24: 1/18/2014 11:26:50 AM - IObit Uninstaller restore point RP25: 1/18/2014 12:12:51 PM - IObit Uninstaller restore point . ==== Installed Programs ====================== . Adobe Flash Player 10 ActiveX Adobe Flash Player 12 Plugin Adobe Reader 7.0.8 Advanced SystemCare 7 AOLIcon AVG 2014 Broadcom Management Programs Compatibility Pack for the 2007 Office system Conexant HDA D110 MDC V.92 Modem Costco Photo Organizer Dell Support Center (Support Software) Dell System Restore Dell Wireless WLAN Card DellSupport Digital Content Portal Digital Line Detect Documentation & Support Launcher Driver Booster ELIcon Game Booster Games, Music, & Photos Launcher High Definition Audio Driver Package - KB835221 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB981793) Intel® Graphics Media Accelerator Driver IObit Uninstaller J2SE Runtime Environment 5.0 Update 6 Java 7 Update 51 Java Auto Updater Lizardtech DjVu Control Logitech Camera Driver Malwarebytes Anti-Malware version 1.75.0.1300 MapleStory MCU Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft .NET Framework 1.0 Hotfix (KB979904) Microsoft .NET Framework 1.0 Security Update (KB2742607) Microsoft .NET Framework 1.0 Security Update (KB2833951) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office File Validation Add-In Microsoft Office Outlook 2003 with Business Contact Manager Update Microsoft Office Small Business Edition 2003 Microsoft Office Standard Edition 2003 Microsoft Office XP Standard for Students and Teachers Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Works Modem Helper Mozilla Firefox 26.0 (x86 en-US) MSN MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) O&O Defrag Professional Edition PowerDVD 5.7 QuickSet QuickTime Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2898785) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB2834905-v2) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB2813345) Security Update for Windows XP (KB2820917) Security Update for Windows XP (KB2834886) Security Update for Windows XP (KB2845187) Security Update for Windows XP (KB2847311) Security Update for Windows XP (KB2850869) Security Update for Windows XP (KB2859537) Security Update for Windows XP (KB2862152) Security Update for Windows XP (KB2862330) Security Update for Windows XP (KB2862335) Security Update for Windows XP (KB2864063) Security Update for Windows XP (KB2868038) Security Update for Windows XP (KB2868626) Security Update for Windows XP (KB2876217) Security Update for Windows XP (KB2876331) Security Update for Windows XP (KB2892075) Security Update for Windows XP (KB2893294) Security Update for Windows XP (KB2893984) Security Update for Windows XP (KB2898715) Security Update for Windows XP (KB2900986) Security Update for Windows XP (KB2914368) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Skype™ 6.11 Smart Defrag 3 Sonic DLA Sonic Encoders Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sonic Update Manager Spybot - Search & Destroy Surfing Protection Synaptics Pointing Device Driver TES Construction Set Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB972636) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Media Player 10 (KB910393) Update for Windows XP (KB2345886) Update for Windows XP (KB2749655) Update for Windows XP (KB2904266) Update for Windows XP (KB942763) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update Rollup 2 for Windows XP Media Center Edition 2005 URL Assistant VideoLAN VLC media player 0.8.6f Visual Studio 2012 x86 Redistributables VisualBee for Microsoft PowerPoint WebFldrs XP Winamp Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Messenger Windows Media Format Runtime Windows Media Player 10 Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information] Windows XP Media Center Edition 2005 KB2502898 Windows XP Media Center Edition 2005 KB2619340 Windows XP Media Center Edition 2005 KB2628259 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB912067 Windows XP Media Center Edition 2005 KB973768 Windows XP Service Pack 3 WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 1/18/2014 9:30:03 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 1/17/2014 4:08:17 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). 1/17/2014 3:30:05 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied. 1/17/2014 2:09:22 PM, error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 12:01:02 PM, error: Service Control Manager [7034] - The EPSON V3 Service4(01) service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 11:59:33 AM, error: Service Control Manager [7034] - The EPSON V5 Service4(01) service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 11:57:43 AM, error: Service Control Manager [7031] - The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 1/13/2014 11:56:43 AM, error: Service Control Manager [7034] - The Logitech Process Monitor service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 11:50:36 AM, error: Service Control Manager [7031] - The Turbine Message Service - Live service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 1/13/2014 11:38:04 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Turbine Message Service - Live service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. . ==== End Of File =========================== dds.txt attach.txt
  17. Hi, I have never had a virus before on my computer. Now I got my first virus though. The virus is opening a a webpage a lot: http://reader24h.com/architecture-hide/232-puerta-de-europa--philip-johnson-a-john-burgee%20-%20#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1389575397537&parent=http%3A%2F%2Fwww.travelandtransitions.com&pfname=&rpctoken=47397316 It opens about 20 tabs of this page in chrome (my current and default browser) it opens them as new tabs NOT as new windows. Also google chrome i using a lot of ram. I think it is maxed out at 1.5GB because of this
  18. So, late one night setting up a new computer I stupidly downloaded mozilla firefox off of "firefox-todownload.com" or some similar site that was top of the google list. Without paying attention I skip through the install and realize what's happening as it begins; I cancel about 10% of the way through but it's too late. I am now infected with "better browse" "search protect (conduit)" and something like "sblite". I decide to not take any risks so I reformat my ssd and reinstall windows 7. After manually installing every driver, updating windows, downloading all fresh common software, and installing avast and malwarebytes, I run them and everything is good. Now, I run hitmanpro and adwcleaner and both pop up with a single entry in the registry: hklm\software\classes\s Hitman identifies it as "softpedia". A quick series of google searches makes me think it may be related to the conduit infection. I have deleted it but I wanted to post on here to know if anyone is familiar with this or if it could just have been a false positive. I scanned my other computers which have the same basic software installed and none came up with this same particular registry entry.
  19. Hi i'm getting this popup thats getting blocked by MBAM, it seems to be popping when i load new sites or refreshes. I'm getting this message from MBAM - "2013/11/10 23:00:52 +0100 MJ-PC MJ IP-BLOCK 128.204.198.72 (Type: outgoing, Port: 49407, Process: firefox.exe)". I already did all the steps to get here, i would really appreciate some help. Regards Mamakiks. Attach and dds uploaded. attach.txt dds.txt
  20. A couple of days ago, I was recommended Vuze to download. I did so, but now even though I click on Firefox, it opens up but will not load. It will not go to any site and says it's connecting. It has also changed my default search engine to Yahoo. I declined all of this during installation of vuze , but that obviously did not matter. I've tried to delete everything concerning vuze, but that has not helped. I have found spigot on my computer as well and I'm not sure how to delete and remove all of this. What do I do to clean my computer from this mess and know for a fact vuze/spigot is gone from my computer completely ?
  21. My pc is a toshiba I3, and it has been running choppy with games, videos, music and also using it, display after actions such as cliking, sometimes nevigation even takes some few seconds. This together describe the choppy nature of my pc's operation style. I have tried re-installing my windows several times but still am seing not a bit of improvement. I have also tried scanning several times with differnt softwares and they keep saying "no threat found". I have also gotten rid of all I hve on my pc but still things are the same. And am amazed because the action or the commant issued during normal operation of the pc is seen to have been processed at an impressive speed but it will be left with the display, this is perfectly seen when am playing games. When the choppyness Stops for a while, you can perfectly see that things are running at perfect speeds. Please help me because am not enjoying the use of my pc any longer.......... i have runned a log and this is it this is the log after running it. the 1st is the dds and the 2nd attach DDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 Run by Cus cus at 12:28:22 on 2013-09-09 Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.4044.2981 [GMT -7:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\dwm.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Windows Defender\MsMpEng.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\taskhost.exe C:\Program Files\WindowsApps\Microsoft.Camera_6.2.8514.0_x64__8wekyb3d8bbwe\webcam.exe C:\Windows\system32\wwahost.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe TCP: NameServer = 192.168.1.1 0.0.0.0 TCP: Interfaces\{1BB9920B-F6E1-42B1-8001-A141CB0D49B5} : DHCPNameServer = 192.168.1.1 0.0.0.0 TCP: Interfaces\{6C640FC6-2E10-4796-89E2-312C048990B6} : DHCPNameServer = 168.95.1.1 TCP: Interfaces\{6C640FC6-2E10-4796-89E2-312C048990B6}\155796C6C6370275966496 : DHCPNameServer = 168.95.1.1 TCP: Interfaces\{6C640FC6-2E10-4796-89E2-312C048990B6}\4584540275542402D20203234343239373933373 : DHCPNameServer = 197.251.203.57 SSODL: WebCheck - <orphaned> x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Cus cus\AppData\Roaming\Mozilla\Firefox\Profiles\38lsnxn5.default\ . ============= SERVICES / DRIVERS =============== . R3 FwLnk;FwLnk Driver;C:\Windows\System32\Drivers\FwLnk.sys [2012-7-20 9216] R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-6-2 100864] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-29 1119232] S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248] . =============== Created Last 30 ================ . 2013-09-09 17:21:20 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{42B6B9E3-41B8-4245-9CBF-D007BD73411C}\mpengine.dll 2013-09-06 18:18:36 -------- d-----w- C:\Windows\System32\appmgmt 2013-09-06 17:15:11 -------- d-----w- C:\Program Files\Synaptics 2013-09-06 17:13:27 -------- d-----w- C:\Intel 2013-09-06 17:06:53 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-09-06 17:00:05 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-09-06 17:00:04 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-09-06 17:00:04 4036096 ----a-w- C:\Windows\System32\win32k.sys 2013-09-06 16:59:21 1255936 ----a-w- C:\Windows\System32\certutil.exe 2013-09-06 16:59:20 141312 ----a-w- C:\Windows\System32\cryptnet.dll 2013-09-06 16:59:20 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-09-06 16:59:20 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-09-06 16:59:01 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-06 16:59:00 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-09-06 16:58:45 1838080 ----a-w- C:\Windows\System32\DWrite.dll 2013-09-06 16:58:45 1421312 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-09-06 16:58:12 595968 ----a-w- C:\Windows\System32\qedit.dll 2013-09-06 16:58:12 496640 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-09-06 16:58:12 20992 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-09-06 16:56:47 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-06 16:56:30 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-09-06 16:56:29 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll 2013-09-06 16:55:04 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-09-06 16:53:57 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-09-06 16:52:43 861184 ----a-w- C:\Windows\System32\drivers\http.sys 2013-09-05 01:29:55 508264 ----a-w- C:\Windows\System32\d3dx10_35.dll 2013-09-04 19:08:36 -------- d-----w- C:\ProgramData\Solidshield 2013-09-03 19:47:48 -------- d-----w- C:\Users\Cus cus\AppData\Roaming\Malwarebytes 2013-09-03 19:46:48 -------- d-----w- C:\ProgramData\Malwarebytes 2013-09-03 19:45:17 -------- d-----w- C:\Users\Cus cus\AppData\Local\Programs 2013-09-02 03:58:19 -------- d-----w- C:\Windows\Panther 2013-09-02 03:10:00 -------- d-----r- C:\Users\Cus cus\Searches 2013-09-02 03:09:59 -------- d-----r- C:\Users\Cus cus\Contacts 2013-08-15 08:13:32 32832 ----a-w- C:\Windows\System32\drivers\TVALZ_O.SYS . ==================== Find3M ==================== . 2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-07-26 05:13:28 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-07-26 05:13:28 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-07-26 03:13:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-07-26 00:54:34 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll 2013-07-13 06:18:21 337408 ----a-w- C:\Windows\System32\wintrust.dll 2013-07-13 06:16:06 68096 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-07-13 06:16:06 1889280 ----a-w- C:\Windows\System32\crypt32.dll 2013-07-13 06:15:53 98304 ----a-w- C:\Windows\System32\apprepsync.dll 2013-07-13 06:15:53 124416 ----a-w- C:\Windows\System32\apprepapi.dll 2013-07-13 04:24:58 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-07-13 04:23:11 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-07-13 04:23:03 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll 2013-07-13 04:23:03 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll 2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe . ============= FINISH: 12:29:22.43 =============== ATTACH . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Pro Boot Device: \Device\HarddiskVolume1 Install Date: 9/1/2013 8:08:39 PM System Uptime: 9/9/2013 9:54:01 AM (3 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Core™ i3-2330M CPU @ 2.20GHz | CPU | 2200/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 200 GiB total, 167.971 GiB free. D: is FIXED (NTFS) - 252 GiB total, 239.787 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1: 9/4/2013 5:57:36 PM - Windows Modules Installer RP2: 9/6/2013 11:13:14 AM - Installed DirectX . ==== Installed Programs ====================== . Intel® Processor Graphics Mozilla Firefox 24.0 (x86 en-US) Mozilla Maintenance Service Synaptics Pointing Device Driver . ==== Event Viewer Messages From Past Week ======== . 9/3/2013 1:32:25 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900. . ==== End Of File ===========================
  22. I have this same problem but am using windows 8 please help me out. my videos run choppy, sometimes even when playing music it stops and continues its the same when playing games. please help me. because it wasn't so before
  23. A couple weeks ago I started getting these ads that appear whenever I open Internet explorer or Firefox. It is always in the bottom left of the screen and they cannot be closed out of. The most I can do is click "hide ad" and then you can only see a small amount of it, after a few mins though it will becomes full size again. I have tried malwarebytes to try and get rid of it but that did not work. It doesn't matter what webpages I'm on, the ad is always there and it is significantly slowing down my computer. How do I get rid of this? Please help!
  24. Hi, I'm embarrassed to ask as this should be an easy one and part of my job is removing virus' from people's computers but I can't seem to kick this one. It's a regular google link hijack that only happens in Firefox when I start a new google search in a new window or sometimes tab. It redirects to another sponsored search of some kind - usually benign and simply annoying rather than dangerous - but of course you don't know what else is going on. All Malwarebytes scans come up clean, as so Windows Defender and Hitman Pro. I have a full copy of Malware bytes. here's the logs and thanks for any help: DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2 Run by Robin at 22:07:22 on 2013-07-03 Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.44.2057.18.16331.10818 [GMT 1:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\dwm.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe C:\Windows\system32\dashost.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\rundll32.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files (x86)\Pidgin\pidgin.exe C:\Users\Robin\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe C:\Program Files (x86)\nerds.de\LoopBe2\loough.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe C:\Users\Robin\AppData\Roaming\Copy\CopyAgent.exe C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE C:\PROGRA~2\Intuit\QUICKB~2\QBDBMgr.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\axlbridge.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe C:\PROGRA~2\Intuit\QUICKB~2\dbextclr11.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wwahost.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\wwahost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [AdobeBridge] <no file> mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRun: [Copy] "C:\Users\Robin\AppData\Roaming\Copy\CopyAgent.exe" StartupFolder: C:\Users\Robin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\CODEME~1.LNK - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\LOOPBE~1.LNK - C:\Program Files (x86)\nerds.de\LoopBe2\loough.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUICKB~2.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.0.1 TCP: Interfaces\{4B1870CC-4438-44F5-AC05-7B76DFBE8295} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{DC7A1243-58A3-4ACA-B15C-681C0F1FA88E} : DHCPNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll, C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-mPolicies-System: PromptOnSecureDesktop = dword:0 x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - <orphaned> x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> Hosts: 184.107.188.204 smithsonmartin.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\hpnratv8.default-1357556451162\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll FF - plugin: C:\Users\Robin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll FF - plugin: C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll . ============= SERVICES / DRIVERS =============== . R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-1 645952] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2012-11-13 56336] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-1 920736] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-1 951936] R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-7-6 2304912] R2 DigiNet;Digidesign Ethernet Support;C:\Windows\System32\Drivers\diginet.sys [2012-12-18 23976] R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-11-1 233328] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-1 7168] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-6-5 190824] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-1 166720] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-27 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-27 701512] R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-11-9 6370680] R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-1-30 1900728] R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-5-18 2938880] R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-4 4150112] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-1 365376] R3 bomebus;Bome's Virtual MIDI Port Bus Service;C:\Windows\System32\Drivers\bomebus.sys [2013-1-10 34376] R3 bomemidi;Bome's Virtual MIDI Port;C:\Windows\System32\Drivers\bomemidi.sys [2013-1-10 30792] R3 debutfilter;Debut Filter Driver v6.10.01;C:\Windows\System32\Drivers\debutfilterx64.sys [2012-11-8 32024] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\Drivers\LEqdUsb.sys [2012-9-18 78648] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\Drivers\LHidEqd.sys [2012-9-18 15160] R3 LoopBe30;nerds.de LoopBe30 - Internal Midi Port SvcDesc(WDM);C:\Windows\System32\Drivers\loopbe30.sys [2011-2-26 16896] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2012-12-27 25928] R3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2012-12-3 23552] R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656] R3 ysusb64;Yamaha Steinberg USB Audio;C:\Windows\System32\Drivers\ysusb64.sys [2013-1-29 113960] S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624] S3 gbxavs;Maschine Midi;C:\Windows\System32\Drivers\gbxavs.sys [2011-7-7 357968] S3 gbxusb_svc;Maschine Controller;C:\Windows\System32\Drivers\gbxusb.sys [2011-7-7 68688] S3 iLokDrvr;Usb Driver;C:\Windows\System32\Drivers\iLokDrvr.sys [2012-5-16 25752] S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528] S3 MFWAMIDI64;MOTU Audio MIDI for 64 bit;C:\Windows\System32\Drivers\mfwamidi64.sys [2012-9-6 32408] S3 MFWAWAVE64;MOTU Audio Wave for 64 bit;C:\Windows\System32\Drivers\mfwawave64.sys [2012-9-6 82584] S3 MotuFWA64;MotuFWA64;C:\Windows\System32\Drivers\MotuFWA64.sys [2012-9-6 609944] S3 rspLLL;rspLLL;C:\Windows\System32\Drivers\rspLLL64.sys [2013-6-4 23968] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 synusb64;eLicenser;C:\Windows\System32\Drivers\synusb64.sys [2012-11-1 30352] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760] S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-07-03 10:33:55 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E40D2F26-F082-4733-A9DE-83D7BC0CD5AC}\mpengine.dll 2013-07-03 09:40:28 9552976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-07-03 09:21:53 -------- d---a-w- C:\.Trash-999 2013-06-28 02:41:51 243888 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10208.bin 2013-06-26 20:19:56 -------- d-----w- C:\Program Files\Common Files\Intuit 2013-06-25 10:34:53 -------- d-----w- C:\ProgramData\Codemasters 2013-06-24 19:21:47 -------- d-----w- C:\Program Files (x86)\Infogrames 2013-06-24 19:19:09 692224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2013-06-24 19:19:09 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2013-06-24 19:19:09 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2013-06-24 19:19:09 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2013-06-24 19:19:09 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2013-06-24 19:19:01 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2013-06-24 19:19:00 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2013-06-24 18:41:10 315904 ----a-w- C:\Windows\IsUninst.exe 2013-06-24 17:47:13 2829 ----a-w- C:\Windows\War3Unin.pif 2013-06-24 17:47:13 126976 ----a-w- C:\Windows\War3Unin.exe 2013-06-23 10:58:06 -------- d-----w- C:\Users\Robin\AppData\Roaming\Open DVD Ripper 2013-06-17 14:14:20 1300992 ----a-w- C:\Windows\System32\gdi32.dll 2013-06-17 14:14:20 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-06-17 14:13:49 888320 ----a-w- C:\Windows\System32\autochk.exe 2013-06-17 14:13:49 793088 ----a-w- C:\Windows\SysWow64\autochk.exe 2013-06-17 14:13:49 542208 ----a-w- C:\Windows\System32\untfs.dll 2013-06-17 14:13:49 482816 ----a-w- C:\Windows\SysWow64\untfs.dll 2013-06-13 08:30:04 17271808 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2013-06-13 08:30:04 16642560 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2013-06-11 10:33:15 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin 2013-06-11 10:33:03 -------- d-----w- C:\Users\Robin\AppData\Roaming\Copy 2013-06-04 10:37:22 23968 ----a-w- C:\Windows\System32\drivers\rspLLL64.sys 2013-06-04 10:37:22 -------- d-----w- C:\Program Files\LatencyMon . ==================== Find3M ==================== . 2013-06-17 13:50:19 223 ---ha-w- C:\Windows\samborombon.dll 2013-06-04 22:09:22 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-04 22:09:22 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe 2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS 2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys 2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe 2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe 2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe 2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll 2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll 2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll 2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll 2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll 2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll 2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll 2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll 2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll 2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll 2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll 2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll 2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll 2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll 2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll 2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll 2013-05-04 06:57:31 820736 ----a-w- C:\Windows\System32\gpprefcl.dll 2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll 2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll 2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll 2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll 2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll 2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll 2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll 2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl 2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe 2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll 2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll 2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll 2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll 2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll 2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll 2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll 2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll 2013-05-04 04:56:35 582144 ----a-w- C:\Windows\SysWow64\gpprefcl.dll 2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll 2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll 2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll 2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll 2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl 2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs 2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys 2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-05-01 02:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2013-05-01 02:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2013-04-28 22:30:55 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-28 22:30:12 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-28 22:28:33 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-04-28 22:28:29 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-04-28 22:28:00 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-27 05:20:12 733184 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-23 23:13:53 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-04-23 23:12:44 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-04-23 23:12:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-04-23 22:56:35 1255936 ----a-w- C:\Windows\System32\certutil.exe 2013-04-23 22:55:48 68096 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-04-23 22:55:48 1889280 ----a-w- C:\Windows\System32\crypt32.dll 2013-04-23 22:55:48 141312 ----a-w- C:\Windows\System32\cryptnet.dll 2013-04-16 02:34:44 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-13 12:56:32 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-04-13 12:56:32 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-11 06:40:48 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-09 05:33:02 489576 ----a-w- C:\Windows\System32\AudioEng.dll 2013-04-09 05:33:02 446792 ----a-w- C:\Windows\System32\AudioSes.dll 2013-04-09 05:33:02 253544 ----a-w- C:\Windows\System32\audiodg.exe 2013-04-09 05:20:02 86280 ----a-w- C:\Windows\System32\kdnet.dll 2013-04-09 05:20:02 306952 ----a-w- C:\Windows\System32\kd_02_10ec.dll 2013-04-09 05:18:05 77960 ----a-w- C:\Windows\System32\kdvm.dll 2013-04-09 05:17:57 1829408 ----a-w- C:\Windows\System32\ntdll.dll 2013-04-09 04:52:07 816128 ----a-w- C:\Windows\System32\SearchIndexer.exe 2013-04-09 04:52:07 373760 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2013-04-09 04:52:07 197120 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2013-04-09 04:52:07 126464 ----a-w- C:\Windows\System32\Robocopy.exe 2013-04-09 04:52:06 804352 ----a-w- C:\Windows\System32\RecoveryDrive.exe 2013-04-09 04:51:51 367616 ----a-w- C:\Windows\System32\conhost.exe 2013-04-09 04:51:45 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-04-09 04:51:41 99840 ----a-w- C:\Windows\System32\wscsvc.dll . ============= FINISH: 22:07:30.63 =============== Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Pro with Media Center Boot Device: \Device\HarddiskVolume1 Install Date: 01/11/2012 10:54:51 System Uptime: 03/07/2013 10:40:17 (12 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | P8Z77-V Processor: Intel® Core i7-3770K CPU @ 3.50GHz | LGA1155 | 3501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 223 GiB total, 20.98 GiB free. D: is FIXED (NTFS) - 1863 GiB total, 1417.853 GiB free. E: is FIXED (NTFS) - 1863 GiB total, 1572.628 GiB free. F: is FIXED (NTFS) - 932 GiB total, 445.823 GiB free. G: is CDROM () I: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP48: 24/06/2013 20:21:37 - Installed Enter The Matrix RP49: 03/07/2013 11:27:58 - Installed DirectX . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) Ableton Live 9 Suite Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Download Assistant Adobe Flash Player 11 Plugin Adobe Help Manager Adobe Reader XI Adobe Widget Browser Adobe® Content Viewer Amazon MP3 Downloader 1.0.18 Analog Laboratory v1_5_2 Apple Application Support Apple Mobile Device Support Apple Software Update ARP2600 V2 2.5.3 Artisteer 4 Assassin's Creed® III v1.03 Authorizer 1.0.5 Authorizer 2.0 Authorizer Ignition Key Support Avid Effects Avid HD Driver (x64) Avid Pro Tools Avid Virtual Instruments bl Bome's Virtual MIDI Port 1.0.0.11 Bonjour Borderlands 2 Canon MG6100 series MP Drivers Copy CS-80V2 2.5.3 D3DX10 Debut Video Capture Software Decimort 1.3.1 (64bit) DEFCON Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Devastor 1.3.1 (64bit) Dimension Pro 1.5 Dimension Pro Free Expansion Packs 1-3 Drumazon 1.5.1 (64bit) DVD-Cloner V10.00 Build 1202 DVD Architect Pro 5.2 eLicenser Control Emulator 1.4.4 Emulator 1.4.6 Emulator Modular 1.3 eReg Far Cry 3 Fazortan 1.3.1 (64bit) FL Studio 11 FlowStone FL 3.0 IL Download Manager IL Shared Libraries Intel® Management Engine Components Intel® Network Connections 17.2.153.0 Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® Trusted Connect Service Client iTunes Java 7 Update 21 Java Auto Updater Junk Mail filter update Jupiter-8V2 2.5.3 LatencyMon 5.00 License Support Line 6 Uninstaller Livid Cell Logitech SetPoint 6.51 LoopBe2 - Internal MIDI Ports LuSH-101 1.0.0 (64bit) Magic Bullet Suite 64-bit Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 1.1 Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Home and Student 2013 - en-us Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MIDI-OX Mini V 2.5.4 Modular V 2.6.3 Movie Maker Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT Redists MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 Parser and SDK Native Instruments Abbey Road 60s Drums Native Instruments Abbey Road 60s Drums Vintage Native Instruments Abbey Road 70s Drums Native Instruments Abbey Road 80s Drums Native Instruments Abbey Road Modern Drums Native Instruments Absynth 5 Native Instruments Alicias Keys Native Instruments Balinese Gamelan Native Instruments Battery 3 Native Instruments Battery Library Importer for Maschine Native Instruments Berlin Concert Grand Native Instruments Controller Editor Native Instruments Evolve Mutations Native Instruments Evolve Mutations 2 Native Instruments FM8 Native Instruments George Duke Soul Treasures Native Instruments Guitar Rig 5 Native Instruments Guitar Rig Elements for Maschine Native Instruments Guitar Rig Mobile I/O Native Instruments Guitar Rig Pro Library for Maschine Native Instruments Guitar Rig Session I/O Native Instruments Komplete 8 Ultimate Native Instruments Komplete Elements Mk2 Native Instruments Kontakt 5 Native Instruments Kontakt Elements Selection R2 Native Instruments Kontakt Factory Library Native Instruments Maschine Native Instruments Maschine Controller Native Instruments Maschine Controller Driver Native Instruments Maschine Drum Selection Native Instruments Massive Native Instruments New York Concert Grand Native Instruments Rammfire Native Instruments Razor Native Instruments Reaktor 5 Native Instruments Reaktor Elements Selection Native Instruments Reaktor Prism Native Instruments Reaktor Spark R2 Native Instruments Reflektor Native Instruments Rig Kontrol 3 Native Instruments Scarbee Funk Guitarist Native Instruments Scarbee Jay-Bass Native Instruments Scarbee MM-Bass Native Instruments Scarbee MM-Bass Amped Native Instruments Scarbee Pre-Bass Native Instruments Scarbee Pre-Bass Amped Native Instruments Scarbee Vintage Keys Native Instruments Service Center Native Instruments Session Strings Pro Native Instruments Studio Drummer Native Instruments The Finger R2 Native Instruments The Mouth Native Instruments Traktors 12 Native Instruments Transient Master Native Instruments Upright Piano Native Instruments VC 160 Native Instruments VC 2A Native Instruments VC 76 Native Instruments Vienna Concert Grand Native Instruments Vintage Organs Native Instruments West Africa Nepheton 1.5.1 (64bit) Nithonat 1.5.1 (64bit) NVIDIA 3D Vision Driver 311.06 NVIDIA Control Panel 311.06 NVIDIA Graphics Driver 311.06 NVIDIA Install Application NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components Oberheim SEM V 1.1.2 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Open DVD Ripper 3.40 Build 508 PDF Settings CS6 ph Phoscyon 1.9.0 (64bit) Photo Common Photo Gallery Picasa 3 Pidgin PrimoPDF -- brought to you by Nitro PDF Software Prism Video File Converter Prophet-V2 2.5.3 PunkBuster Services QuickBooks QuickBooks Premier Edition 2008 QuickBooks Premier Edition 2013 QuickTime Rapture 1.2.2 Realtek High Definition Audio Driver Reason 6.0 Reason 6.5.1 Redoptor 1.3.1 (64bit) Resolume Avenue 4.1.3 SeaTools for Windows Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Sibelius Scorch (Firefox, Opera, Netscape only) SONAR X2 Producer x64 Sony Sound Forge 8.0d Spark Vintage Drum Machines 1.0.2 Spotify StageLight version 1.0 (3456) Steam Steinberg Cubase 6 64bit Steinberg Cubase 7 Steinberg Cubase 7 64bit Steinberg Dark Planet 64bit Steinberg Drum Loop Expansion 01 Steinberg Eucon Adapter 6.5 Steinberg Eucon Adapter 6.5 64bit Steinberg Groove Agent ONE Allen Morgan Signature Drums Steinberg Groove Agent ONE Content Steinberg Groove Agent ONE Vintage Beatboxes Steinberg HALion Sonic SE Steinberg HALion Sonic SE 64bit Steinberg HALion Sonic SE Content Steinberg HALionOne 64bit Steinberg HALionOne Expression Set Steinberg HALionOne GM Drum Set Steinberg HALionOne GM Set Steinberg HALionOne Pro Set Steinberg HALionOne Studio Drum Set Steinberg HALionOne Studio Set Steinberg Hypnotic Dance 64bit Steinberg Instrument Set Dark Planet Steinberg Instrument Set Hypnotic Dance Steinberg Instrument Set Triebwerk Steinberg Instrument Set Zero Gravity Steinberg LoopMash Content Steinberg LoopMash Content 2 Steinberg Midi Loop Library Steinberg Padshop Steinberg Padshop 64bit Steinberg Retrologue Steinberg Retrologue 64bit Steinberg REVerence Content 01 Steinberg Triebwerk 64bit Steinberg Upload Manager Steinberg UR28M Applications Steinberg VST Amp Rack Content 01 SupportSoft Assisted Service Syntorus 1.3.1 (64bit) TeamViewer 8 Toraverb 1.3.1 (64bit) TouchOSC Bridge version 1.0.1 Unity Web Player Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Uplay Vegas Pro 11.0 (64-bit) Vegas Pro 12.0 (64-bit) Visual C++ 64-bit Redistributables Visual C++ Redistributables Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) Warcraft III Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Wurlitzer V 1.0.2 Yamaha Steinberg USB Driver . ==== Event Viewer Messages From Past Week ======== . 03/07/2013 11:27:20, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 03/07/2013 11:27:20, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/07/2013 10:42:43, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: The password for this account has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 03/07/2013 10:42:43, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a log-on failure. 02/07/2013 09:39:46, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xfffffa80179da490, 0x0000007bb4f5000c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070213-12187-01. . ==== End Of File ===========================
  25. Hello everyone My teenage son decided to download Vuze onto my laptop last night and when i logged on this morning and went on the internet all my searches were being redirected though yahoo and its really annoying. I did some searching and saw a program called spiggot in a bunch of files. So i went into C:\Program Files (x86)\Common Files and found a spiggot folder and deleted it but it's still going through yahoo. Ive had this happen to my laptop before and i just did a complete system restore on the computer. I would like to somehow remove it though this time because i have important documents saved on here that i cannot move. Anyone have any suggestions?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.