Jump to content

Search the Community

Showing results for tags 'search'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 15 results

  1. Hello, I've got my mother's laptop. She has some kind of a browser hijacker. Attached are reports from: Malwarebytes scan Adwcleaner scan Farbar scan I'd appreciate guidance at this point, as I'm not in IT. THANK YOU! Malwarebytes 210316.txt AdwCleaner[S01] 210316.txt Addition 210316.txt FRST 210316.txt
  2. So it seems I have some sort of malware on my Google Chrome on Mac. I'm pretty new to this so please bare with me. For example When I search a random search in Google Chrome this URL briefly shows: http://www.google.com/url?sa=D&q=http%3A%2F%2Fsearch.operativeeng.com%2Fcps%3Fq%3Dwhere%2Bare%2Byou%26_pg%3DD5AF862B-7C24-5787-AF3D-AEAFF9F8B205 I am then redirected to Yahoo's search engine even though Chrome had always been my default. When I go to Chrome settings I see this search engine listed but there is no remove option. Chrome://management shows my computer is being managed by an outside source (this is a personal laptop). Going to chrome://policy shows this as default search provider http://search.operativeeng.com/favicon.ico I ran a Malwarebytes scan, it identified three threats and I quarantined and then restarted. However the malware is still on my chrome. I am wondering if it is embedded into my gmail account somehow. Thanks for any suggestions, just worried they could steal my passwords/financial information somehow.
  3. I am still not 100% used on this Android device which is a full of Bu**t annoying ads everywhere on such new mobile . and I’m looking for an ad-blocker but there is a lot of fake ones on the Google play store . in meanwhile Google is also blocking an search item for "Malwarebytes Browser Guard" on my Android device . so I have no clue what ad-blocker is recommend to the Android device . could some one help me with this above ?
  4. Hello, Everyone, I'm new here. Hopefully, I won't violate any rules. I used to rely on MalwareBytes to remove the search.anysearchmanager.com redirect. I am infected, again. by this annoying malware, in Firefox. MalwareBytes isn't working to remove the redirect. MalwareBytes Browser Guard DOES block the redirect, but MalwareBytes won't scour it. Any suggestions? sadaunhe1
  5. My headsets stopped working when i removed a malware from my PC. I clicked on restart via malwarebytes for the removal process to be finished and then my PC frose on the blue screen where it says restarting and then i turned the PC off and turned it on again. But once i did my PC had remove my headsets software drive and also out of nowhere my device driver was not working properly and the troubleshooter didn't detect anything. I need help pls someone help me and also this happend to my gaming headset directly after the restart and also now i have no malware left or any threat or virus but i watched YouTube and try to see solutions and not any solution worked. So pls I need someone in Support & Help to help me because no YouTube videos could help me and also pls contact me as fast as possible or comment if you know a solution. (i have checked for update drivers for my specific headsets if didn't even have any)
  6. I am having trouble with the "PUP.Optional.Trovi.A" virus. Malware bytes find it and I can remove it but it keeps on popping up. It is in my google chrome preferences somehow. I think it might come back b/c of google's cloud system. I tried this guide to remove this exact virus but it didn't work. I also have norton installed but it isn't doing anythign as far as this one goes. guide link: http://malwaretips.com/blogs/pup-optional-trovi-a-virus/#adwcleaner FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014Ran by Jan (administrator) on JANHP on 18-06-2014 14:11:10Running from C:\Users\Jan\DownloadsPlatform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\n360.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\SysWOW64\PnkBstrA.exe() C:\Windows\SysWOW64\PnkBstrB.exe(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe(Flux Software LLC) C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe(Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe() C:\Program Files\Sublime Text 3\sublime_text.exe() C:\Program Files\Sublime Text 3\plugin_host.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\n360.exe(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-10] (IDT, Inc.)HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)HKLM-x32\...\Run: [] => [X]HKU\S-1-5-21-4204994677-4138567341-266406142-1001\...\Run: [f.lux] => C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)HKU\S-1-5-21-4204994677-4138567341-266406142-1001\...\MountPoints2: {51504baa-7c77-11e3-94d7-806e6f6e6963} - "H:\Install Navigator.exe"HKU\S-1-5-21-4204994677-4138567341-266406142-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-11-28] (Microsoft Corporation) <==== ATTENTION IFEO\epmstartloader.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)==================== Internet (Whitelisted) ====================ProxyServer: 192.168.100.100:9999SearchScopes: HKLM-x32 - DefaultScope value is missing.SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\8m1b8mck.defaultFF NewTab: about:newtabFF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No FileFF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No FileFF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No FileFF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFFFF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-02-15]FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-18]Chrome: =======CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=M7E42B965-0888-400B-8A4D-CAC349558988&SearchSource=55&CUI=&UM=5&UP=SP1EE93341-5855-4181-B8DA-C82190EF7F7E&SSPV=CHR Extension: (Magic Actions for YouTube™) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-06-18]CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-17]CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-18]CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-06-17]CHR Extension: (HTTPS Everywhere) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-06-18]CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-17]CHR Extension: (Ghostery) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-06-18]CHR Extension: (Cloud9) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2014-06-18]CHR Extension: (Google Wallet) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]CHR Extension: (Thin Scroll Bar) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmmnceaidnmminjjffpndcbdibelgam [2014-06-18]CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-18]==================== Services (Whitelisted) =================S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-06] ()R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-06-06] ()R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)==================== Drivers (Whitelisted) ====================R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-15] (Symantec Corporation)S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-15] (Symantec Corporation)S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140617.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-18] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140617.024\ENG64.SYS [126040 2014-02-14] (Symantec Corporation)R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140617.024\EX64.SYS [2099288 2014-02-14] (Symantec Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-11-28] ()R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-15] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-06-18 14:05 - 2014-06-18 14:11 - 00018063 _____ () C:\Users\Jan\Downloads\FRST.txt2014-06-18 14:05 - 2014-06-18 14:11 - 00000000 ____D () C:\FRST2014-06-18 14:05 - 2014-06-18 14:09 - 00022039 _____ () C:\Users\Jan\Downloads\Addition.txt2014-06-18 14:05 - 2014-06-18 14:05 - 02081280 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe2014-06-18 13:49 - 2014-06-18 13:52 - 00000000 ____D () C:\ProgramData\HitmanPro2014-06-18 13:45 - 2014-06-18 13:47 - 10971424 _____ (SurfRight B.V.) C:\Users\Jan\Downloads\HitmanPro_x64.exe2014-06-18 13:44 - 2014-06-18 13:44 - 00001506 _____ () C:\Users\Jan\Desktop\JRT.txt2014-06-18 13:38 - 2014-06-18 13:38 - 01016261 _____ (Thisisu) C:\Users\Jan\Downloads\JRT.exe2014-06-18 13:38 - 2014-06-18 13:38 - 00000000 ____D () C:\Windows\ERUNT2014-06-18 13:35 - 2014-06-18 13:36 - 00000000 ____D () C:\AdwCleaner2014-06-18 13:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-06-18 13:34 - 2014-06-18 13:34 - 01333465 _____ () C:\Users\Jan\Downloads\adwcleaner_3.212.exe2014-06-18 10:15 - 2014-06-18 10:15 - 00033177 _____ () C:\Users\Jan\Desktop\DxDiag.txt2014-06-17 20:30 - 2014-06-17 20:39 - 00000000 ____D () C:\Users\Jan\AppData\Local\NPE2014-06-17 20:06 - 2014-06-18 13:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-17 20:06 - 2014-06-17 20:06 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-17 20:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-17 20:06 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-17 20:06 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-16 10:40 - 2014-06-17 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com2014-06-16 10:07 - 2014-06-16 10:07 - 00000000 ____D () C:\Users\Jan\AppData\Local\backburner2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieUserList2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieSiteList2014-06-15 08:45 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-06-15 08:45 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-06-15 08:45 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-06-15 08:45 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-06-15 08:45 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-06-15 08:45 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-06-15 08:45 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-06-15 08:45 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-06-15 08:45 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-06-15 08:45 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-06-15 08:45 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-06-15 08:45 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-06-15 08:45 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-06-15 08:45 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-06-15 08:45 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-06-15 08:45 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-06-15 08:45 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-06-15 08:45 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-06-15 08:45 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-06-15 08:45 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-06-15 08:45 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-06-15 08:45 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-06-15 08:45 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-06-15 08:45 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-06-15 08:45 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-06-15 08:45 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-06-15 08:45 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-06-15 08:45 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-06-15 08:45 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-06-15 08:45 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-06-15 08:45 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-06-15 08:45 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-06-15 08:45 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-06-15 08:45 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-06-15 08:45 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-06-15 08:45 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-06-15 08:45 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-06-15 08:45 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-06-15 08:45 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-06-15 08:45 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-06-15 08:45 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-06-15 08:45 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-06-15 08:45 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-06-15 08:45 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-06-15 08:45 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-06-15 08:45 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-06-15 08:45 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-06-15 08:45 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-06-15 08:45 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-06-15 08:45 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-06-15 08:45 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-06-15 08:45 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-06-15 08:45 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2014-06-15 08:45 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2014-06-15 08:45 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-06-15 08:45 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-06-15 08:45 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2014-06-15 08:45 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-06-15 08:45 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2014-06-15 08:45 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-06-15 08:45 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2014-06-15 08:45 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-06-15 08:45 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2014-06-15 08:45 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-06-15 08:45 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys2014-06-10 20:30 - 2014-06-10 20:30 - 00000000 ____D () C:\Windows\pss2014-06-07 18:13 - 2014-06-07 18:13 - 00003212 _____ () C:\Windows\System32\Tasks\{135558F8-48E4-415E-AEBF-FB3A84896461}2014-06-07 18:08 - 2014-06-07 18:08 - 00003112 _____ () C:\Windows\System32\Tasks\{8CC68473-5F95-493E-B7D3-DCEC85662B9A}2014-06-06 10:56 - 2014-06-06 10:57 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-06-06 10:56 - 2014-06-06 10:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-06-04 10:38 - 2014-06-04 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razorworks2014-06-04 10:00 - 2014-06-04 13:46 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Skype2014-06-04 10:00 - 2014-06-04 10:00 - 00000000 ____D () C:\Users\Jan\AppData\Local\Skype2014-06-02 19:44 - 2014-05-29 19:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2014-06-02 19:44 - 2014-05-29 19:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2014-06-02 13:47 - 2014-06-06 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Reality2014-06-02 13:28 - 2014-06-04 10:39 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2014-05-31 15:11 - 2014-05-19 19:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2014-05-31 15:10 - 2014-05-19 22:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-05-31 15:10 - 2014-05-19 22:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-05-31 15:10 - 2014-05-19 22:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-05-31 15:10 - 2014-05-19 22:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2014-05-31 15:10 - 2014-05-19 22:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2014-05-31 15:10 - 2014-05-19 22:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-05-31 15:10 - 2014-05-19 22:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-05-31 15:10 - 2014-05-19 22:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-05-31 15:10 - 2014-05-19 22:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-05-31 15:10 - 2014-05-19 22:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-05-31 15:10 - 2014-05-19 22:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-05-31 15:10 - 2014-05-19 22:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-05-31 15:10 - 2014-05-19 22:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2014-05-31 15:10 - 2014-05-19 22:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2014-05-31 15:10 - 2014-05-19 22:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll2014-05-31 15:10 - 2014-05-19 22:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2014-05-24 19:25 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2014-05-24 19:25 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2014-05-23 17:45 - 2014-05-24 12:50 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-05-23 16:58 - 2014-06-06 10:56 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-05-23 16:49 - 2014-05-23 16:49 - 00000533 _____ () C:\Windows\KB893803v2.log2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clementine2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\Program Files (x86)\Clementine2014-05-19 18:45 - 2014-05-20 08:44 - 00000000 _____ () C:\Users\Jan\Documents\pymel.log2014-05-19 13:17 - 2014-05-19 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains==================== One Month Modified Files and Folders =======2014-06-18 14:11 - 2014-06-18 14:05 - 00018063 _____ () C:\Users\Jan\Downloads\FRST.txt2014-06-18 14:11 - 2014-06-18 14:05 - 00000000 ____D () C:\FRST2014-06-18 14:11 - 2014-01-13 10:29 - 00000000 ____D () C:\Users\Jan\AppData\Local\Temp2014-06-18 14:09 - 2014-06-18 14:05 - 00022039 _____ () C:\Users\Jan\Downloads\Addition.txt2014-06-18 14:09 - 2011-11-28 12:20 - 01201920 _____ () C:\Windows\WindowsUpdate.log2014-06-18 14:05 - 2014-06-18 14:05 - 02081280 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe2014-06-18 13:57 - 2014-03-13 12:22 - 00000370 _____ () C:\Windows\Tasks\WpsNotifyTask_Jan.job2014-06-18 13:54 - 2014-03-13 12:22 - 00000370 _____ () C:\Windows\Tasks\WpsUpdateTask_Jan.job2014-06-18 13:52 - 2014-06-18 13:49 - 00000000 ____D () C:\ProgramData\HitmanPro2014-06-18 13:47 - 2014-06-18 13:45 - 10971424 _____ (SurfRight B.V.) C:\Users\Jan\Downloads\HitmanPro_x64.exe2014-06-18 13:44 - 2014-06-18 13:44 - 00001506 _____ () C:\Users\Jan\Desktop\JRT.txt2014-06-18 13:44 - 2009-07-14 01:13 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-18 13:44 - 2009-07-14 00:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-06-18 13:44 - 2009-07-14 00:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-06-18 13:38 - 2014-06-18 13:38 - 01016261 _____ (Thisisu) C:\Users\Jan\Downloads\JRT.exe2014-06-18 13:38 - 2014-06-18 13:38 - 00000000 ____D () C:\Windows\ERUNT2014-06-18 13:38 - 2014-02-04 16:59 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Dropbox2014-06-18 13:37 - 2014-06-17 20:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-18 13:37 - 2014-03-05 08:46 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-18 13:37 - 2014-02-04 16:59 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\DropboxMaster2014-06-18 13:37 - 2011-11-28 12:14 - 00000000 ____D () C:\ProgramData\NVIDIA2014-06-18 13:37 - 2010-11-20 23:47 - 01375506 _____ () C:\Windows\PFRO.log2014-06-18 13:37 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-18 13:37 - 2009-07-14 00:51 - 00079308 _____ () C:\Windows\setupact.log2014-06-18 13:36 - 2014-06-18 13:35 - 00000000 ____D () C:\AdwCleaner2014-06-18 13:35 - 2014-02-17 19:14 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\KeePass2014-06-18 13:34 - 2014-06-18 13:34 - 01333465 _____ () C:\Users\Jan\Downloads\adwcleaner_3.212.exe2014-06-18 13:13 - 2014-03-05 08:46 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-18 12:49 - 2014-01-13 10:33 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1958405C-B2A4-43C7-B4D5-D5955E44AE42}2014-06-18 11:29 - 2014-05-14 17:37 - 00000000 ____D () C:\Users\Jan\AppData\Local\CrashDumps2014-06-18 10:55 - 2011-02-11 16:29 - 00772558 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-06-18 10:54 - 2011-11-28 12:29 - 00446658 _____ () C:\Windows\DirectX.log2014-06-18 10:15 - 2014-06-18 10:15 - 00033177 _____ () C:\Users\Jan\Desktop\DxDiag.txt2014-06-18 07:34 - 2014-02-12 20:29 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe2014-06-18 07:28 - 2014-02-13 14:17 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\vlc2014-06-18 07:27 - 2014-01-13 10:33 - 00000000 ___RD () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-06-17 20:39 - 2014-06-17 20:30 - 00000000 ____D () C:\Users\Jan\AppData\Local\NPE2014-06-17 20:32 - 2014-01-13 10:32 - 00070888 _____ () C:\Users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT2014-06-17 20:31 - 2009-07-14 00:45 - 04975456 _____ () C:\Windows\system32\FNTCACHE.DAT2014-06-17 20:30 - 2011-11-28 12:31 - 00000000 ____D () C:\ProgramData\Norton2014-06-17 20:13 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media2014-06-17 20:06 - 2014-06-17 20:06 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-17 16:05 - 2014-05-01 18:08 - 00000000 ____D () C:\Windows\Minidump2014-06-17 16:05 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061714-8533-01.dmp2014-06-17 14:52 - 2014-06-16 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com2014-06-17 11:18 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061714-8595-01.dmp2014-06-17 10:08 - 2014-03-05 08:46 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-06-17 10:08 - 2014-03-05 08:46 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-16 12:23 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-06-16 10:07 - 2014-06-16 10:07 - 00000000 ____D () C:\Users\Jan\AppData\Local\backburner2014-06-16 10:07 - 2014-02-12 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk2014-06-16 10:01 - 2014-02-17 11:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime2014-06-16 10:00 - 2014-02-13 12:56 - 00000000 ____D () C:\Program Files\Adobe2014-06-16 10:00 - 2014-02-13 11:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe2014-06-16 10:00 - 2014-01-13 10:34 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Adobe2014-06-16 10:00 - 2011-11-28 12:27 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-06-15 16:56 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061514-8143-01.dmp2014-06-15 16:22 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieUserList2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieSiteList2014-06-15 13:39 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061514-8299-01.dmp2014-06-10 20:30 - 2014-06-10 20:30 - 00000000 ____D () C:\Windows\pss2014-06-10 18:29 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061014-8314-01.dmp2014-06-10 18:16 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061014-8751-01.dmp2014-06-09 11:38 - 2014-02-17 11:13 - 00000000 ____D () C:\Users\Jan\Documents\Camtasia Studio2014-06-08 15:23 - 2014-05-04 15:38 - 00000000 ____D () C:\Program Files\Unlocker2014-06-08 15:15 - 2011-11-28 12:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-06-07 18:13 - 2014-06-07 18:13 - 00003212 _____ () C:\Windows\System32\Tasks\{135558F8-48E4-415E-AEBF-FB3A84896461}2014-06-07 18:08 - 2014-06-07 18:08 - 00003112 _____ () C:\Windows\System32\Tasks\{8CC68473-5F95-493E-B7D3-DCEC85662B9A}2014-06-07 09:14 - 2014-02-19 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft2014-06-06 10:57 - 2014-06-06 10:56 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-06-06 10:56 - 2014-06-06 10:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-06-06 10:56 - 2014-06-02 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Reality2014-06-06 10:56 - 2014-05-23 16:58 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-06-04 13:46 - 2014-06-04 10:00 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Skype2014-06-04 10:52 - 2014-06-04 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razorworks2014-06-04 10:39 - 2014-06-02 13:28 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2014-06-04 10:00 - 2014-06-04 10:00 - 00000000 ____D () C:\Users\Jan\AppData\Local\Skype2014-06-02 19:44 - 2011-11-28 12:14 - 00000000 ____D () C:\Program Files\NVIDIA Corporation2014-05-31 15:12 - 2014-01-13 10:40 - 00000000 ____D () C:\Temp2014-05-31 15:11 - 2014-01-13 14:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-05-30 06:21 - 2014-06-15 08:45 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-30 06:02 - 2014-06-15 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-30 06:02 - 2014-06-15 08:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-05-30 05:45 - 2014-06-15 08:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-05-30 05:39 - 2014-06-15 08:45 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-05-30 05:39 - 2014-06-15 08:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-05-30 05:38 - 2014-06-15 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-05-30 05:28 - 2014-06-15 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-05-30 05:27 - 2014-06-15 08:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-05-30 05:24 - 2014-06-15 08:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-05-30 05:21 - 2014-06-15 08:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-05-30 05:21 - 2014-06-15 08:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-05-30 05:20 - 2014-06-15 08:45 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-05-30 05:18 - 2014-06-15 08:45 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-30 05:11 - 2014-06-15 08:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-05-30 05:08 - 2014-06-15 08:45 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-05-30 05:06 - 2014-06-15 08:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-05-30 05:02 - 2014-06-15 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-30 04:55 - 2014-06-15 08:45 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-05-30 04:49 - 2014-06-15 08:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-05-30 04:46 - 2014-06-15 08:45 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-30 04:44 - 2014-06-15 08:45 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-05-30 04:44 - 2014-06-15 08:45 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-05-30 04:43 - 2014-06-15 08:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-05-30 04:42 - 2014-06-15 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-05-30 04:38 - 2014-06-15 08:45 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-05-30 04:35 - 2014-06-15 08:45 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-05-30 04:34 - 2014-06-15 08:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-05-30 04:33 - 2014-06-15 08:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-05-30 04:30 - 2014-06-15 08:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-05-30 04:29 - 2014-06-15 08:45 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-05-30 04:28 - 2014-06-15 08:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-05-30 04:27 - 2014-06-15 08:45 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-05-30 04:24 - 2014-06-15 08:45 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-05-30 04:23 - 2014-06-15 08:45 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-05-30 04:16 - 2014-06-15 08:45 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-05-30 04:10 - 2014-06-15 08:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-05-30 04:06 - 2014-06-15 08:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-05-30 04:04 - 2014-06-15 08:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-30 04:02 - 2014-06-15 08:45 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-05-30 03:56 - 2014-06-15 08:45 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-05-30 03:56 - 2014-06-15 08:45 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-05-30 03:54 - 2014-06-15 08:45 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-05-30 03:50 - 2014-06-15 08:45 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-05-30 03:49 - 2014-06-15 08:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-05-30 03:43 - 2014-06-15 08:45 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-05-30 03:40 - 2014-06-15 08:45 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-05-30 03:30 - 2014-06-15 08:45 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-05-30 03:21 - 2014-06-15 08:45 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-05-30 03:15 - 2014-06-15 08:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-05-30 03:13 - 2014-06-15 08:45 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-05-30 03:13 - 2014-06-15 08:45 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-05-29 19:07 - 2014-06-02 19:44 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2014-05-29 19:07 - 2014-06-02 19:44 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2014-05-29 19:07 - 2014-01-13 14:37 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2014-05-29 19:07 - 2014-01-13 14:37 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2014-05-25 16:50 - 2014-02-27 15:57 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner2014-05-24 19:25 - 2014-01-13 14:39 - 00000000 ____D () C:\Users\Jan\AppData\Local\NVIDIA Corporation2014-05-24 19:25 - 2011-11-28 12:14 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation2014-05-24 19:13 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\052414-8018-01.dmp2014-05-24 18:36 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\052414-8424-01.dmp2014-05-24 17:00 - 2014-03-30 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-05-24 12:50 - 2014-05-23 17:45 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-05-24 07:42 - 2014-02-04 16:59 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-05-23 16:49 - 2014-05-23 16:49 - 00000533 _____ () C:\Windows\KB893803v2.log2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clementine2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\Program Files (x86)\Clementine2014-05-21 11:57 - 2014-01-13 10:29 - 00000000 ____D () C:\Users\Jan2014-05-21 08:12 - 2014-02-16 22:31 - 00000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe PNG Format CC Prefs2014-05-20 08:58 - 2014-02-15 11:03 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe online update program2014-05-20 08:44 - 2014-05-19 18:45 - 00000000 _____ () C:\Users\Jan\Documents\pymel.log2014-05-19 22:44 - 2014-05-31 15:10 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-05-19 22:44 - 2014-05-31 15:10 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-05-19 22:44 - 2014-05-31 15:10 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-05-19 22:44 - 2014-05-31 15:10 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2014-05-19 22:44 - 2014-05-31 15:10 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2014-05-19 22:44 - 2014-05-31 15:10 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-05-19 22:44 - 2014-05-31 15:10 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-05-19 22:44 - 2014-05-31 15:10 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-05-19 22:44 - 2014-05-31 15:10 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-05-19 22:44 - 2014-05-31 15:10 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-05-19 22:44 - 2014-05-31 15:10 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-05-19 22:44 - 2014-05-31 15:10 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-05-19 22:44 - 2014-05-31 15:10 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2014-05-19 22:44 - 2014-05-31 15:10 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2014-05-19 22:44 - 2014-05-31 15:10 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll2014-05-19 22:44 - 2014-05-31 15:10 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2014-05-19 22:44 - 2014-01-13 14:35 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2014-05-19 22:44 - 2014-01-13 14:35 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2014-05-19 22:44 - 2011-11-28 12:11 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2014-05-19 22:44 - 2011-11-28 12:11 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2014-05-19 22:44 - 2011-11-28 12:11 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2014-05-19 22:44 - 2011-11-28 12:11 - 00026069 _____ () C:\Windows\system32\nvinfo.pb2014-05-19 21:25 - 2011-05-03 04:09 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2014-05-19 21:25 - 2011-05-03 04:09 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2014-05-19 21:25 - 2011-05-03 04:09 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2014-05-19 21:25 - 2011-05-03 04:09 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2014-05-19 21:25 - 2011-05-03 04:09 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2014-05-19 19:10 - 2014-05-31 15:11 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2014-05-19 13:17 - 2014-05-19 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains2014-05-19 13:17 - 2014-02-04 16:51 - 00000000 ____D () C:\Program Files (x86)\JetBrains2014-05-19 10:02 - 2014-02-12 20:39 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-05-19 10:02 - 2014-02-12 20:39 - 00000000 ____D () C:\ProgramData\AdobeSome content of TEMP:====================C:\Users\Jan\AppData\Local\Temp\AcDeltree.exeC:\Users\Jan\AppData\Local\Temp\FNP_ACT_InstallerCA.dllC:\Users\Jan\AppData\Local\Temp\Quarantine.exe==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-06-18 08:11==================== End Of Log ============================Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014Ran by Jan at 2014-06-18 14:11:24Running from C:\Users\Jan\DownloadsBoot Mode: Normal============================================================================== Security Center ========================AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}==================== Installed Programs ======================802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)Adobe Flash Player 10 ActiveX (HKLM-x32\...\{DCC90D9D-4F8D-4A06-9050-ADDB284FF9FA}) (Version: 10.3.181.14 - Adobe Systems Incorporated)Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) HiddenBonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)Clementine (HKLM-x32\...\Clementine) (Version: 1.2.3 - Clementine)Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)f.lux (HKCU\...\Flux) (Version: - )Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenHewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) HiddenHP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) HiddenHP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) HiddenHP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) HiddenHP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJetBrains PyCharm 3.1.3 (HKLM-x32\...\PyCharm 3.1.3) (Version: 133.1347 - JetBrains s.r.o.)KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)Kingsoft Office 2013 (9.1.0.4514) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4514 - Kingsoft Corp.)Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) HiddenLogitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) HiddenMozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)Norton 360 (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) HiddenNVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Python 2.7 PIL-1.1.7 (HKLM-x32\...\PIL-py2.7) (Version: - )Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) HiddenSamsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.6 - Samsung)Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) HiddenSublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenTuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.296 - TuneUp Software) HiddenTuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)TuneUp Utilities 2014 (x32 Version: 14.0.1000.296 - TuneUp Software) HiddenUnlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)Visual C++ 11.0 CRT (x64) (Version: 11.0 - Microsoft Corporation) HiddenVLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Restore Points ============================================= Hosts content: ==========================2009-07-13 22:34 - 2014-02-17 11:07 - 00001192 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 activate.adobe.com127.0.0.1 practivate.adobe.com127.0.0.1 lmlicenses.wip4.adobe.com127.0.0.1 lm.licenses.adobe.com127.0.0.1 na1r.services.adobe.com127.0.0.1 hlrcv.stage.adobe.com127.0.0.1 activation.cloud.techsmith.com==================== Scheduled Tasks (whitelisted) =============Task: {03833AC3-CD83-436E-81A9-B4DEDE33189F} - System32\Tasks\WpsNotifyTask_Jan => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe [2014-03-05] (Zhuhai Kingsoft Office Software Co.,Ltd)Task: {1417D688-19C7-4E3A-83C9-78657D6CBC72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {271C8454-DB5B-4952-AAC7-7FAF51328B09} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exeTask: {2E62830E-0991-4FCF-90FD-E4E343F56FEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)Task: {32912948-9E31-4D68-A4BA-326BF52379BF} - System32\Tasks\WpsUpdateTask_Jan => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [2014-03-05] (Zhuhai Kingsoft Office Software Co.,Ltd)Task: {3489E967-D12E-47E5-A038-5FB3E3492F4F} - System32\Tasks\SetupManager => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exeTask: {6470F8B9-4D49-4D3E-85BC-D16098E4AE4C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)Task: {662E4B46-22F6-4500-898E-ADB8ECCE0912} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-04-15] (TuneUp Software)Task: {6C0EA258-62B0-49A1-A0E6-4636C0A9295C} - System32\Tasks\AdobeAAMUpdater-1.0-JanHP-Jan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)Task: {755A3679-B6CC-4F23-A3BB-1F75C0A79DAB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)Task: {8B5DD9C7-0AD9-4B9A-BE78-9A3C474027D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exeTask: {8EB8B5AD-4990-4A72-92C7-B25C4EB187E1} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)Task: {A8375188-C5A7-4545-88E7-F03DEEA6C09A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeTask: {B599FFC6-603E-4ACA-B9E3-A07DF1570AAB} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)Task: {C78C1011-8DB1-4413-8A28-A879CA287B0B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-08] (Hewlett-Packard)Task: {D8E87C56-2C9B-4B0A-BD49-FA107E191CEF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)Task: {DF386CA3-5B2A-4D4A-80FE-F11288368BC8} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)Task: {E75C3B35-2B4C-4742-9E4A-B8AB6D06C2D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeTask: {FD286B6C-3830-465E-92F8-0139BC09EAB2} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\WpsNotifyTask_Jan.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exeTask: C:\Windows\Tasks\WpsUpdateTask_Jan.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe==================== Loaded Modules (whitelisted) =============2014-01-13 14:36 - 2014-05-19 21:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2014-06-06 10:56 - 2014-06-06 10:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-06-06 10:56 - 2014-06-06 10:57 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-15 09:59 - 2014-04-15 09:59 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll2014-02-04 17:08 - 2014-02-12 10:55 - 05482384 _____ () C:\Program Files\Sublime Text 3\sublime_text.exe2014-02-04 17:08 - 2013-12-17 15:22 - 00594432 _____ () C:\Program Files\Sublime Text 3\plugin_host.exe2014-02-04 17:08 - 2013-02-18 17:59 - 01065472 _____ () C:\Program Files\Sublime Text 3\_hashlib.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00108032 _____ () C:\Program Files\Sublime Text 3\_ctypes.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00051200 _____ () C:\Program Files\Sublime Text 3\_socket.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 01702400 _____ () C:\Program Files\Sublime Text 3\_ssl.pyd2014-02-12 11:15 - 2014-02-11 08:32 - 01212416 _____ () C:\Users\Jan\AppData\Roaming\Sublime Text 3\Packages\SublimeCodeIntel\arch\_win64_py33\_SilverCity.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00165376 _____ () C:\Program Files\Sublime Text 3\_elementtree.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00168448 _____ () C:\Program Files\Sublime Text 3\pyexpat.pyd2014-02-12 11:15 - 2014-02-11 08:32 - 00220672 _____ () C:\Users\Jan\AppData\Roaming\Sublime Text 3\Packages\SublimeCodeIntel\arch\_win64_py33\_ielementtree.pyd2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll2014-06-18 13:37 - 2014-06-18 13:37 - 00043008 _____ () g:\tmp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxwjxft.dll2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\libcef.dll2014-06-15 09:06 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll2014-06-15 09:06 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll2014-06-15 09:06 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll2014-06-15 09:06 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll2014-06-15 09:06 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll==================== Alternate Data Streams (whitelisted) ============================= Safe Mode (whitelisted) ======================================= EXE Association (whitelisted) ================================= MSCONFIG/TASK MANAGER disabled items ============================= Faulty Device Manager Devices =============Name: Microsoft Teredo Tunneling AdapterDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.==================== Event log errors: =========================Application errors:==================System errors:=============Microsoft Office Sessions:=========================CodeIntegrity Errors:=================================== Date: 2014-02-14 09:44:59.811 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:44:59.783 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:23.910 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:23.883 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:22.151 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:22.123 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:41:43.131 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:41:43.102 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:22:28.660 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:22:28.632 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.==================== Memory info =========================== Percentage of memory in use: 21%Total physical RAM: 12268.31 MBAvailable physical RAM: 9601.37 MBTotal Pagefile: 24534.8 MBAvailable Pagefile: 21238.01 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB==================== Drives ================================Drive c: (OS) (Fixed) (Total:111.69 GB) (Free:64.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive d: (HP_RECOVERY) (Fixed) (Total:12.24 GB) (Free:1.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive e: () (Fixed) (Total:111.79 GB) (Free:111.7 GB) NTFSDrive f: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive g: (HDD) (Fixed) (Total:1080.24 GB) (Free:976.1 GB) NTFSDrive i: (Data) (Fixed) (Total:0.1 GB) (Free:0.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive n: (ADATA UFD) (Removable) (Total:14.7 GB) (Free:14.7 GB) FAT32==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: AD0EBD5D)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=-1039124135936) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=305 GB) - (Type=83)========================================================Disk: 1 (Size: 112 GB) (Disk ID: 0005169E)Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)========================================================Disk: 2 (Size: 112 GB) (Disk ID: 5F923E2E)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)========================================================Disk: 3 (Size: 15 GB) (Disk ID: 00000000)Partition: GPT Partition Type.==================== End Of Log ============================ Addition.txt FRST.txt
  7. Hi ... Hope this topic hasn't been dicussed other Places in this forum, but that would really surprise me. All though I am confident that others than me has this "problem" too. I have searched the forum for other threads about this, but I did not find any. Anyhow ... It is, at least to me, very annoying that malwarebytes starts it's search for malware with a window popping up and stealing screen real estate and the focus too. Is there a way to make Malwarebytes work in silent mode? I mean ... like install and forget? rgs Øyvind Granberg Norway
  8. SafeSearch got downloaded covertly when I was downloading a program from the internet, and now when I open IE it opens to SafeSearch's page instead of the homepage I have set in Tools>Internet Options. It overrides it. I have tried every removal program suggested on the internet and none work. Malwarebytes was one of the programs recommended, but I already had Malwarebytes Pro and it doesn't even recognize it, much less get rid of it. How can I get my browser's settings back? I have Win 7 Home Premium, Sp1 and IE 11.
  9. Hi, So when I started my PC (Windows 7) up today and used google chrome something strange happened. When I open a new tab, it goes to my new tab page, then it gets redirected to http://feed.helperbar.com/?p=(Random letters and numbers) which then redirects to http://search.snapdo.com/?st=nt&q= So I looked those up on google and they all said to remove it using add/remove programs, and remove it from the extensions, New page tab and search engine. But those are all correct. There's nothing about them, since it doesn't go to those websites straight away. It goes to my new tab page first, and then gets redirected. Does anyone know what this is? Thanks in advance.
  10. I have already tried several things to get rid of "search.yahoo.com" as my IE10 Browser Search engine. 1. I have change the default URL under internet options. 2. I have disabled all my Managed Add ins 3. I have run the following PC Cleaners: 1. Microsoft Security Essentials, 2. Advanced SystemCare 7 and 3. MalwareBytes 1.7. All finding no problems. What else do I need to do to remove search.yahoo.com? Many thanks in advance for your assistance. Regards, Paul
  11. Howdy. I joined this forum so that I could find help with this annoying virus. The culprit is this thing called "Search Assist" that seems to have gotten into all of my browsers. What happens is that it finds keywords on any website I visit, highlights them in an orange color, and displays an ad when I hover over them. It even happens on this site. Here are some screens of the problem: I have done numerous scans with Malwarebytes, including ones with my computer in safe mode, and it tells me my pc is clean. There are no new toolbars or extensions in the browsers that could've been installed, and other sites have been less than helpful. Any ideas, guys?
  12. Every time I open a new tab a Delta search page opens. I have run Malwarebytes three times after uninstalling the program: the first time it removed something. The next two times it has found nothing. Here is dds.txt followed by attach.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.17.2 Run by RICHARD at 14:58:16 on 2013-04-16 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3957.1790 [GMT 1:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe C:\Windows\system32\DRIVERS\o2flash.exe C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\thinkbroadband.com\tbbMeter\tbbLoaderService.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Zune\WMZuneComm.exe C:\Program Files\Zune\ZuneWlanCfgSvc.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Users\RICHARD_2\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\RICHARD_2\AppData\Roaming\T-Mobile Internet Manager\ouc.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe C:\Users\RICHARD_2\AppData\Roaming\Trusteer\Rapport\app\bin\RapportService.exe C:\Users\RICHARD_2\AppData\Roaming\Trusteer\Rapport\app\bin\x64\RapportInjService_x64.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.uk/ uSearch Bar = Preserve mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=c6115b5e0000000000000023148dbf58&tlver=1.4.19.19&ss=1&affID=17978 mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll mRun: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: secunia.com DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} - hxxps://secure.stewardship.org.uk/Reserved.ReportViewerWebControl.axd?ReportSession=2qffa42ild5p5p3r1bxu3du4&ControlID=e698378161ca479587222d8079e5b489&Culture=2057&UICulture=2057&ReportStack=1&OpType=PrintCab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{30044346-5B93-4C90-BE9B-A13E4F037FC7} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{30044346-5B93-4C90-BE9B-A13E4F037FC7}\05C65737E6564775962756C6563737 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{30044346-5B93-4C90-BE9B-A13E4F037FC7}\3547F6272775966496 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{30044346-5B93-4C90-BE9B-A13E4F037FC7}\84F6C69702144435C4 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{505A6C19-D2F2-4737-8F17-D452849E6578} : DHCPNameServer = 192.168.0.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\RICHARD\AppData\Roaming\Mozilla\Firefox\Profiles\7g4bn0kf.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdflt.sys [2011-6-8 18792] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2011-6-8 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 236544] R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2011-6-8 60928] R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 130008] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-11-26 1225312] R2 tbbLoaderService;tbbLoaderService;C:\Program Files (x86)\thinkbroadband.com\tbbMeter\tbbLoaderService.exe [2010-10-9 14848] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-25 2673064] R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Acceler.sys [2011-6-8 23912] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-6-9 151936] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2011-6-3 6952960] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 O2MDGRDR;O2MDGRDR;C:\Windows\System32\drivers\o2mdgx64.sys [2009-11-13 74272] R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976] R3 PSSDK42;PSSDK42;C:\Windows\System32\drivers\pssdk42.sys [2012-3-21 53312] R3 PSSDKLBF;PSSDKLBF;C:\Windows\System32\drivers\pssdklbf.sys [2012-3-21 65600] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-11-26 659040] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-6-9 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\System32\drivers\ewusbdev.sys [2013-1-9 114304] S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2013-1-28 25584] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-14 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-14 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-9 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-04-16 07:46:38 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B209F47F-E3A5-4E82-9066-FDE20A9450EE}\offreg.dll 2013-04-16 07:45:18 9311288 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B209F47F-E3A5-4E82-9066-FDE20A9450EE}\mpengine.dll 2013-04-15 20:12:05 9311288 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-04-14 18:16:39 -------- d-----w- C:\Users\RICHARD\AppData\Roaming\WinPatrol 2013-04-14 18:16:33 -------- d-----w- C:\ProgramData\InstallMate 2013-04-14 18:16:33 -------- d-----w- C:\Program Files (x86)\BillP Studios 2013-04-14 09:01:56 -------- d-----w- C:\Users\RICHARD\AppData\Roaming\Malwarebytes 2013-04-14 09:01:36 -------- d-----w- C:\ProgramData\Malwarebytes 2013-04-14 09:01:34 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-04-11 12:45:36 -------- d-----w- C:\Users\RICHARD\AppData\Roaming\player 2013-04-11 12:39:51 -------- d-----w- C:\Users\RICHARD\AppData\Roaming\Babylon 2013-04-11 12:39:51 -------- d-----w- C:\ProgramData\Babylon 2013-04-10 19:37:32 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-04-10 19:37:31 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 19:37:30 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-04-10 19:37:27 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-10 19:37:26 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-04-10 19:37:25 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-04-10 19:37:24 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-04-10 19:37:24 112640 ----a-w- C:\Windows\System32\smss.exe 2013-04-10 19:37:23 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-31 17:22:55 -------- d-----w- C:\ProgramData\PC-Doctor for Windows 2013-03-27 13:45:32 -------- d-----w- C:\Program Files (x86)\ConvertHelper 2013-03-21 08:49:24 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C10A6596-BD8E-4DF0-B81C-ADFC5253ED44}\gapaengine.dll . ==================== Find3M ==================== . 2013-04-14 09:17:51 65600 ----a-w- C:\Windows\System32\drivers\pssdklbf.sys 2013-04-14 09:17:51 53312 ----a-w- C:\Windows\System32\drivers\pssdk42.sys 2013-04-10 11:47:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-10 11:47:15 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-04-02 10:34:28 282744 ------w- C:\Windows\System32\MpSigStub.exe 2013-03-07 08:26:24 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-07 08:26:21 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-07 08:26:21 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll 2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-01-20 15:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-01-20 15:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys . ============= FINISH: 14:58:25.49 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 08/06/2011 21:30:31 System Uptime: 15/04/2013 21:20:55 (17 hours ago) . Motherboard: Dell Inc. | | 0KVMW2 Processor: Intel® Core i5 CPU M 430 @ 2.27GHz | U2E1 | 2267/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 252.682 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP264: 07/04/2013 09:17:28 - Windows Update RP265: 10/04/2013 22:55:31 - Windows Update RP266: 11/04/2013 15:02:23 - Quitado VAFPlayer RP267: 11/04/2013 16:19:47 - Windows Update RP268: 11/04/2013 20:31:49 - Removed Microsoft .NET Framework 4 Extended RP269: 14/04/2013 18:53:05 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Accelerometer Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.02) AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders Ancestral Sources Apple Application Support Apple Software Update Audacity 2.0 Avanquest update Basic PAYE Tools Blue Chip Bridge Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish ConvertHelper 2.2 CutePDF Writer 2.8 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell Driver Download Manager Dell Support Center DoubleCAD XT Pro 3 Excel VBA Code Cleaner 5.0 Family Historian 5.0 Family Historian PDF (novaPDF 7.7 printer) Family Historian PDF File (novaPDF 6.1 printer) FreeCAD 0.11 GenQuiry GIMP 2.8.0 GPL Ghostscript IDT Audio ImageMagick 6.8.0-3 Q16 (2012-11-01) Intel® Turbo Boost Technology Driver Java 7 Update 17 Java Auto Updater Junk Mail filter update KeePass Password Safe 2.18 LAME v3.99.3 (for Windows) Malwarebytes Anti-Malware version 1.75.0.1300 Membership Co-ordinator Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft Access 2010 Runtime Service Pack 1 (SP1) Microsoft Access database engine 2010 (English) Microsoft Access Runtime 2010 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access Runtime 2010 Microsoft Office Access Runtime MUI (English) 2010 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual FoxPro OLE DB Provider Moneysoft Money Manager MotoHelper 2.1.32 Driver 5.4.0 MotoHelper MergeModules Motorola Mobile Drivers Installation 5.4.0 Motorola Phone Tools Motorola Software Update Mozilla Firefox 20.0.1 (x86 en-GB) Mozilla Maintenance Service Mozilla Thunderbird 17.0.5 (x86 en-GB) MSVCRT MSVCRT_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) O2Micro Flash Memory Card Windows Driver office Convert Pdf to Jpg Jpeg Tiff Free 6.5 OmniPage SE Quickset64 QuickTime Rapport Realtek Ethernet Controller Driver For Windows Vista and Later Secunia PSI (3.0.0.6001) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Synaptics Pointing Device Driver T-Mobile Internet Manager tbbMeter tbbMeter Loader Service TeamViewer 7 Total Access Components Runtime 32-bit Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Updater Component WinPatrol ZIP Reader 8.00.0010 Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== Event Viewer Messages From Past Week ======== . 15/04/2013 05:45:07, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.147.1816.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9302.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 14/04/2013 09:15:41, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds. 11/04/2013 16:29:15, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 11/04/2013 16:29:15, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 11/04/2013 16:29:15, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 11/04/2013 16:29:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 11/04/2013 16:29:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 11/04/2013 16:29:13, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 11/04/2013 16:29:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 11/04/2013 16:28:48, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 11/04/2013 16:28:48, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/04/2013 14:02:54, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File ===========================
  13. Hello All, I've been using this forum to try to rid my laptop of this Google Redirect Virus, but nothing seems to take. If someone could please help me out, it would be really appreciated. Here are my logs: DDS (Ver_2012-10-14.05) - NTFS_x86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by JOVY at 17:20:37 on 2012-10-16 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.1421 [GMT -7:00] . AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Canon\DIAS\CnxDIAS.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\Explorer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{DCD8641A-2A95-4BA3-B3B4-D8100439DFDE} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DCD8641A-2A95-4BA3-B3B4-D8100439DFDE}\0527573616346513 : DHCPNameServer = 75.49.64.94 68.94.156.1 192.168.40.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\jovy\appdata\roaming\mozilla\firefox\profiles\qt30ff31.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\baidu\baiduplayer\1.12.0.11\npxbdyy.dll FF - plugin: c:\program files\baidu\baiduplayer\1.12.0.11\npxbdyyreg.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\users\jovy\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - ExtSQL: 2012-08-24 16:33; closetabstotheright@4kwh.net; c:\users\jovy\appdata\roaming\mozilla\firefox\profiles\qt30ff31.default\extensions\closetabstotheright@4kwh.net.xpi FF - ExtSQL: 2012-08-24 17:08; firegestures@xuldev.org; c:\users\jovy\appdata\roaming\mozilla\firefox\profiles\qt30ff31.default\extensions\firegestures@xuldev.org.xpi . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-9-23 65192] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-7-2 116648] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-7-2 116648] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-30 115168] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336] . =============== Created Last 30 ================ . 2012-10-16 22:33:08 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{927ce751-6edf-411f-bcf4-b7d56f452e64}\offreg.dll 2012-10-16 22:32:38 6980552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{927ce751-6edf-411f-bcf4-b7d56f452e64}\mpengine.dll 2012-10-16 22:23:19 -------- d-----w- C:\$RECYCLE.BIN 2012-10-16 22:21:50 -------- d-----w- c:\users\jovy\appdata\local\temp 2012-10-16 01:43:56 -------- d-----w- c:\users\jovy\appdata\local\Macromedia 2012-10-05 23:29:35 -------- d-----w- c:\program files\CCleaner 2012-10-05 22:43:23 98816 ----a-w- c:\windows\sed.exe 2012-10-05 22:43:23 256000 ----a-w- c:\windows\PEV.exe 2012-10-05 22:43:23 208896 ----a-w- c:\windows\MBR.exe 2012-10-05 22:38:35 -------- d-----w- c:\users\jovy\appdata\local\VirtualStore 2012-10-05 22:34:47 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-05 22:03:34 388096 ----a-r- c:\users\jovy\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2012-10-05 22:03:34 -------- d-----w- c:\program files\Trend Micro 2012-10-05 22:03:06 -------- d-----w- c:\program files\VS Revo Group 2012-10-02 01:27:06 -------- d-----w- c:\users\jovy\appdata\local\webkit 2012-09-27 04:13:37 -------- d-----w- c:\programdata\RegRun 2012-09-27 04:13:24 2 --shatr- c:\windows\winstart.bat 2012-09-17 23:04:15 -------- d-----w- c:\programdata\Sophos 2012-09-17 23:02:49 73728 ----a-r- c:\users\jovy\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe 2012-09-17 23:02:49 73728 ----a-r- c:\users\jovy\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe 2012-09-17 23:02:45 73728 ----a-r- c:\users\jovy\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\ARPPRODUCTICON.exe 2012-09-17 23:02:29 -------- d-----w- c:\program files\Sophos 2012-09-17 23:00:47 -------- d-----w- c:\users\jovy\appdata\roaming\SUPERAntiSpyware.com 2012-09-17 23:00:15 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-09-17 23:00:15 -------- d-----w- c:\program files\SUPERAntiSpyware . ==================== Find3M ==================== . 2012-10-15 23:54:22 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-15 23:54:21 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-05 22:34:37 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-10-05 22:34:37 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-08 00:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 17:21:01.15 =============== . ******** UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2/10/2012 2:35:59 AM System Uptime: 10/16/2012 3:22:28 PM (2 hours ago) . Motherboard: Dell Inc. | | 0WY040 Processor: Intel® Core2 Duo CPU T5470 @ 1.60GHz | Microprocessor | 1601/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 26 GiB total, 5.651 GiB free. D: is FIXED (NTFS) - 48 GiB total, 10.012 GiB free. E: is CDROM () I: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_02281028&REV_12\4&39A5768A&0&0BF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_02281028&REV_12\4&39A5768A&0&0BF0 Service: . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02281028&REV_12\4&39A5768A&0&0AF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02281028&REV_12\4&39A5768A&0&0AF0 Service: . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Dell Wireless 1490 Dual Band WLAN Mini-Card Device ID: PCI\VEN_14E4&DEV_4312&SUBSYS_00071028&REV_01\4&4A128E6&0&00E1 Manufacturer: Broadcom Name: Dell Wireless 1490 Dual Band WLAN Mini-Card PNP Device ID: PCI\VEN_14E4&DEV_4312&SUBSYS_00071028&REV_01\4&4A128E6&0&00E1 Service: BCM43XX . ==== System Restore Points =================== . RP192: 10/16/2012 3:14:13 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 7-Zip 9.20 Adobe Acrobat 9 Pro - English, Français, Deutsch Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI BaiduPlayer1.12.0.11 Canon MF Toolbox 4.9.1.1.mf12 Canon MF4320-4350 CCleaner Daum PotPlayer 1.5.31934 Dell Touchpad foobar2000 v1.1.11 GIMP 2.8.0 Google Chrome Google Update Helper HiJackThis Java 7 Update 7 Java Auto Updater JDownloader 0.9 Malwarebytes Anti-Malware version 1.65.0.1400 Microsoft Antimalware Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Firefox 16.0.1 (x86 en-US) Mozilla Maintenance Service Revo Uninstaller 1.94 Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Sophos Virus Removal Tool Spotify SUPERAntiSpyware Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VirtualCloneDrive XnView 1.98.8 . ==== Event Viewer Messages From Past Week ======== . 10/16/2012 3:18:54 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 10/16/2012 3:00:24 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 10/15/2012 4:58:28 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 10/15/2012 4:58:28 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure. 10/15/2012 4:58:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56} 10/12/2012 12:35:17 AM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 10/10/2012 9:06:30 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection. . ==== End Of File ===========================
  14. I believe my PC was infected with some type of malware. Whenever I use google on Firefox and I click on one of the search results, it redirects me to www.gethotresults.com. This usually happens 1/3 to 1/5 of the time. Now, this does not happen on any other browsers I have installed. I heard this malware goes by the name "random". I havn't seen this name anywhere though. Not in the registry, not in the appdata, not in any firefox/mozilla folders (I thought it would be in there as thats what brower its affecting), I even checked most of the C-Drive. Please tell me it simply just needs me to reset firefox. Any help will be appreciated, Thanks.
  15. Hi, I get redirected when I pick on a link, can you help. Attached, dds.txt and attach.txt Thanks dds.txt attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.