Jump to content

Search the Community

Showing results for tags 'trovi'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 23 results

  1. Hi I have that virus where whenever I search using the bar on google chrome I get redirected to trovi.com This does not happen with edge. I've run scans with windows defender, Malwarebytes, Adwcleaner and RogueKiller All detect nothing This makes me think its just isolated to chrome So I deleted browsing/download history, coockies, cached, passwords, autofill data, site settings and hosted app data I've checked search engine settings and all is normal Is there anyone who can help I'd like to not completely reset my chrome if possible Thanks (the only thing detected was the honey browser extension which I have deleted) RogueKiller.txt AdwCleaner[S00].txt Malwarebytes.txt
  2. Hello, every time I open a webpage in Chrome, I get a popup saying that Malware bytes blocked Trovi.com from opening. It seems that the website is trying to change the homepage to trovi.com and malware bytes is blocking it. I have run both the malware bytes premium version as well as the windows software and cannot stop this popup from reappearing. FRST.txt Addition.txt
  3. Trovi and Spigot returns every time I open Chrome. If I remove and restart and scan without opening Chrome, nothing is detected. If I then run Chrome and do a scan it will detect it. Please help. Log are attached. I appreciate it very much thank you! Addition.txt FRST.txt MBLog.txt
  4. Good Evening, Earlier this morning, I encountered a Trovi Virus. I am using a Macbook Air on Google chrome. I have done everything I can to remove it, even using malwarebytes and I'm not sure if it's gone or not.I have only reset the google chrome preferences which did the job, but some sites are still not working. I tried accessing several websites like games, etc but an error message pops up. This never happened even during when Trovi was active and I'm in need of serious assistance. Sincerely, J.Kye
  5. I have recurring detections of Trovi.A when scanning with Malwarebytes. The symptoms appear similar to this post in the forum: https://forums.malwarebytes.org/index.php?/topic/166854-pupoptionaltrovia-keeps-reappearing-after-each-quarantine/ This past weekend, I thought I had cleaned it out by using, in this order, adwcleaner, JRT, MalwareBytes, and HitmanPro as instructed in this post here: http://malwaretips.com/blogs/pup-optional-trovi-a-virus/ Today I became suspicious again and did another MWB scan. It detected Trovi.A again, which I again quarantined. I've done a FRST scan. Logs attached. Addition.txt FRST.txt
  6. Please help! Four days ago, I downloaded Forge for my son to run mods for MInecraft. I thought I'd declined every nefarious add-in from Forge but must have missed. Trovi has taken over Chrome. I've run the following anti-x-ware tools in succession as I read in another lengthy post: - MBAM - AdwCleaner - Farbar Recovery Scan Tool - Junkware Removal Tool But, Trovi is still in control of Chrome. I expect it's doing other nefarious things on my PC that aren't as obvious. So, can someone help me get rid of this nightmare Forge has delivered onto my PC? Thanks, Thomas
  7. Hello, My computer was infected with Trovi spyware. I have attempted to manually clean the virus multiple times without luck. When trying to run MBAM the scan fails after 3 seconds with the error, "SDKDatabaseLoadDefaults failed with code: 2". I am running windows 7 NT. My research on the topic leads me to believe the spyware is blocking MBAM from running correctly. I have attempted the following with no luck. 1. Remove all AV software 2. Run MBAM in safemode 3. MBAM clean removal tool and reinstall 4. Chameleon mode (test 1 did find a malicious program but the scan still would not run) 5. Download and save MBAM under another filename on another device and run from flashdrive on infected PC. Any assistance would be much appreciated. -Matt
  8. Please... I have tried to get rid of the malware on my computer with your program, yet it never yields effective, and just rewrites all the files and folders MBAM deleted within minutes... i dont know how to get or post any logs or anything, if you give me instruction i will GLADLY comply 100%.... Recently I fell for the SkypEmoticons download, this then caused me to recieve Trovi, yet another adware (i think thats what these things are called) and then THAT caused me to get YAC, as a friend said he used it for the Trovi thing once. YAC then allowed "Klip Pal" to install without my acknowledgement upon opening Internet Explorer.... So i rushed to get MBAM, knowing that you all are VERY good at what you do. All this being said, i booted into Safe Mode and ran hyper scan, which found a few things, so i quarantined, and deleted, then i ran a full scan, this got more things, AND EVEN GOT SKYPEMOTICONS!!! But within seconds SE.exe was back again... Long story short, i have malware, please help.
  9. I'm running Windows 8.1 with IE 11. I ran Malware Bytes 2. Over 300 files were removed but my browser still opens with Trovi as the homepage. How do I remove Trovi completely?
  10. Hey guys, first off I would like to thank you for any input and help. It would be much appreciated. I'm not really a techie or computer savvy person but I am running on windows 7. So to start off, I have been playing video games and wanted to upload a mod onto one of my games but required winrar to unzip one of my files, yes you can see where this is going. So yesterday, I stupidly just searched up winrar and downloaded off of some site which wasn't the main website. I obliviously just accepted all the terms and ta-da! I got hit with the trovi adware. First off, a toolbar and url page would appear at the top of my desktop and whenever I opened google chrome or internet explorer, my homepage would be trovi. Like any other person would I searched up how to remove this trovi thing. So I read up on a couple of guides and followed what they said. 1. I downloaded the adware cleaner, scanned it, deleted all the infected files. 2. I downloaded junkremover tool and launched it, it did its thing after I pressed any key. 3. I downloaded the anti-malwarebytes, scanned and launched the program and quarantined the infected files. 4. Finally I downloaded hitmanpro, the latest version and launched that and removed the files. My homepage still remained as trovi and the toolbar on my desktop still was there. So I reset my google chrome homepage, search bar, and reset the whole google chrome. I also reset my internet explorer as well. After doing so, my homepage and all were completely fine. However, the toolbar was still on my desktop so I went to control panel->uninstall programs->(some toolbar file). I deleted this toolbar file along with all the other recent anti-malware programs I downloaded and the toolbar on my desktop disappeared. Furthermore I have been searching everywhere for the remnants of this adware. I have organized my files in my downloads, control panel programs, and documents in date when downloaded and removed any unfamiliar files that were recently downloaded. I also went through the run command and went to "regedit" and went to edit->find-> "trovi" and also "conduit". Nothing comes up with trovi but when I type in conduit it comes up with: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll I do have an iphone that is synched to my computer, could it be that apple uses this conduit and this file is safe? I also reset all of my browsers, cleared cookies, history, and cache etc after. In the end it seems that I was able to remove trovi within 30 minutes to an hour and a half of when I got it. However I had a few questions: Could any of my saved information such as sensitive info be released even if I did not input them into the trovi search? Are there any places that malwarebytes could not detect trovi? Should I worry about it re-installing/building itself.
  11. So last night I left my PC on and went away for about 4 hours. No, I was not browsing porn at the time I went AFK. I came back and my laptop wouldn't boot up. I had to plugin my power cord to start it up. battery was at 16%, though. Then pops up a failure to start and pc repair window (the kind that doesn't load windows fully) It looks like win 98. I restored windows to a "previously working point in time" and went on. Then I ran MBAM out of curiosity. I found trovi and other malware. Obviously i attempted to remove them all. I was prompted to restart for full removal so I did, BUT after 30 mins of waiting I decided to go ahead and restart while it still said "shutting down" still. My real problem is that I can't remove trovi and the other crap again. I can't even find it. I don't have the logs to show you either. How can i fix this?
  12. MBAM finds three entries for Trovi and quarantines them but it comes back when I start Firefox. I was able to manually delete it from Chrome but not from Firefox. Can anyone assist? I have seen several posts that recommend different products so I would appreciate the most current advice on this. Thanks, Geoff
  13. Hello, I have run the Malwarebytes scan and deleted corrupted files and such from my computer. Rebooted & Trovi was still there. Ran a second Malwarebytes scan and nothing came up. Ran FarBar and the results are attached. Thanks Farbar Addition.txt Farbar FRST.txt
  14. Hello, I bought a used computer on Amazon from EZCORP, and it was filled with viruses and malware, including the TROVI virus. I know, I know, bad idea. Anyway I'd like to try to clean up the computer before I return it. I'm a new user to the Malwarebytes forums. I don't know how to use the forums properly, so please forgive me if I'm doing something wrong. I've checked both the "Malware Removal Guides and Self Help Guides" and the "Malware Removal Help," and I haven't seen my exact situation listed, so I'm posting a new topic. I also don't know what a "pinned" topic is, nor what difference is indicated by the lock icon, the round dot bullet icon, or the absence of any icon at all to the left of each topic. Please forgive my lack of knowledge. Before I found this website and associated advice, I ran 4 full Malwarebytes scans, and a total of 2500 malicious objects were found and removed. At first, something on the computer wouldn't let me download Malwarebytes. Then something wouldn't let me run it. Then something wouldn't let it finish. Finally, after 4 full scans, I was able to restart the computer with the 2500 malicious objects removed, I think. Some small problems have gone away, but the TROVI virus is still present: the default search provider is still redirected to trovi.com. A search for "TROVI" on this website resulted in several threads/topics with the same advice given. This advice is, in essence: 1. FRST 2. Malwarebytes 3. AdwCleaner 4. ESET 5. FRST again Should I run each of these programs in this order, following the specific details of each step given in other topics on the TROVI virus? Should I post the appropriate logfiles here after each step? Malwarebytes posters who have helped in the past on this topic are deeprybka and TwinHeadedEagle. Please forgive me if this is inappropriate to list. Thanks for any help. I will donate something in the end. I believe in paying for good advice. Norm Sequim, Washington
  15. I've been fighting this malware for a month, tried a lot of scanners, cleaned my registry, reset my browsers. Also removed whatever was suspicious from them and my PC. I can't seem to get rid of this one, it keeps resetting my Firefox's homepage to trovi.com and on Chrome it constantly opens a new tab telling me my software may be out of date. Also random ads pop up from eDeals. I can't find any addons or extensions that could be infected with them. I've tried pretty much everything possible, can't do a system restore because the earliest point is Oct. 1st. Can anyone help?
  16. my explorers are infected by malware called trovi, though I've tried all ways which can be found on the internet, but it still can't be removed completely, because the ads pop out when I open some websites. The Anti-Malware really detected some trovi files and I deleted them. So what can I do now?
  17. I keep running Malwarbytes scans but every time it spots more Trovi threats. I don't have much experience with this stuff. Can someone help?
  18. I noticed that Trovi had taken over my home page last week. I've attempted running RKill followed by ADW Cleaner, Malwarebytes, Junkware Removal Tool and Hitman Pro (in safe mode) as advised in several articles I found online. The cleaners appear to find the malware and remove it however when I start up Internet Explorer Trovi is still there (note Trovi is now only appearing on IE, not Chrome). I've also tried editing the registry to delete Trovi.com as the Start Page at Computer\HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main I've also cleared the Cache, temp files and reset Internet Explorer and Chrome and checked for any suspicious add-ons or search engines in the browser settings. I've attached the log files from Malwarebytes, AdwCleaner, JRT, Rkill and the Text and Extras files from OTL I'm not sure what else to try so any advice would be greatly appreciated. mbam-log-2014-06-23 (10-47-13).xml AdwCleanerS0.txt Extras.Txt JRT.txt OTL.Txt Rkill.txt
  19. As titled states PUP.Optional.Trovi.A keeps coming back even after i select quarantine all after malwarebytes is run. Logs attached Addition.txt FRST.txt
  20. Hi, What would be the best way to remove the Trovi virus from my computer? I just got it a few days ago, and havenot yet taken any action to remove, for fear of not knowing what I'm really doing, and downloading unnecessary programs. So far, all I can see is that my internet browsers and search engines have been hijacked. Help would be appreciated!
  21. OK, I give up. Can you please assist me with removing PUP.Optional.Trovi.A? I have this reoccurring on 2 different computers (Windows 8.1 64bit and Windows 7 Ultimate N 32bit. The attached logs are from my Windows 8.1 system. I have attempted many of the suggestions available on the internet with no success. Should I open up 2 separate cases or will the resolution be the same for both? I also pasted in the results of the latest MB scan. I will hold off on any attempts to repair until I hear from someone. Thanks Addition.txt FRST.txt Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/7/2014Scan Time: 11:38:36 AMLogfile: Administrator: No Version: 2.00.2.1012Malware Database: v2014.07.07.08Rootkit Database: v2014.07.03.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Robert Scan Type: Custom ScanResult: CompletedObjects Scanned: 458432Time Elapsed: 1 hr, 11 min, 24 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.Trovi.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ ""http://www.google.com/" ],), ,[081a02993744360013ea764e09fb6997] Physical Sectors: 0(No malicious items detected) (end)
  22. I am having trouble with the "PUP.Optional.Trovi.A" virus. Malware bytes find it and I can remove it but it keeps on popping up. It is in my google chrome preferences somehow. I think it might come back b/c of google's cloud system. I tried this guide to remove this exact virus but it didn't work. I also have norton installed but it isn't doing anythign as far as this one goes. guide link: http://malwaretips.com/blogs/pup-optional-trovi-a-virus/#adwcleaner FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014Ran by Jan (administrator) on JANHP on 18-06-2014 14:11:10Running from C:\Users\Jan\DownloadsPlatform: Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\n360.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\SysWOW64\PnkBstrA.exe() C:\Windows\SysWOW64\PnkBstrB.exe(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe(Flux Software LLC) C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe(Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe() C:\Program Files\Sublime Text 3\sublime_text.exe() C:\Program Files\Sublime Text 3\plugin_host.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\n360.exe(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-10] (IDT, Inc.)HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation)HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)HKLM-x32\...\Run: [] => [X]HKU\S-1-5-21-4204994677-4138567341-266406142-1001\...\Run: [f.lux] => C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)HKU\S-1-5-21-4204994677-4138567341-266406142-1001\...\MountPoints2: {51504baa-7c77-11e3-94d7-806e6f6e6963} - "H:\Install Navigator.exe"HKU\S-1-5-21-4204994677-4138567341-266406142-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-11-28] (Microsoft Corporation) <==== ATTENTION IFEO\epmstartloader.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)==================== Internet (Whitelisted) ====================ProxyServer: 192.168.100.100:9999SearchScopes: HKLM-x32 - DefaultScope value is missing.SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\8m1b8mck.defaultFF NewTab: about:newtabFF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No FileFF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No FileFF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No FileFF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFFFF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-02-15]FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-18]Chrome: =======CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=M7E42B965-0888-400B-8A4D-CAC349558988&SearchSource=55&CUI=&UM=5&UP=SP1EE93341-5855-4181-B8DA-C82190EF7F7E&SSPV=CHR Extension: (Magic Actions for YouTube™) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-06-18]CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-17]CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-18]CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-06-17]CHR Extension: (HTTPS Everywhere) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-06-18]CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-17]CHR Extension: (Ghostery) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-06-18]CHR Extension: (Cloud9) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2014-06-18]CHR Extension: (Google Wallet) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]CHR Extension: (Thin Scroll Bar) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmmnceaidnmminjjffpndcbdibelgam [2014-06-18]CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-18]==================== Services (Whitelisted) =================S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-06] ()R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-06-06] ()R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)==================== Drivers (Whitelisted) ====================R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-15] (Symantec Corporation)S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-15] (Symantec Corporation)S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140617.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-18] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140617.024\ENG64.SYS [126040 2014-02-14] (Symantec Corporation)R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140617.024\EX64.SYS [2099288 2014-02-14] (Symantec Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-11-28] ()R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-15] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-06-18 14:05 - 2014-06-18 14:11 - 00018063 _____ () C:\Users\Jan\Downloads\FRST.txt2014-06-18 14:05 - 2014-06-18 14:11 - 00000000 ____D () C:\FRST2014-06-18 14:05 - 2014-06-18 14:09 - 00022039 _____ () C:\Users\Jan\Downloads\Addition.txt2014-06-18 14:05 - 2014-06-18 14:05 - 02081280 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe2014-06-18 13:49 - 2014-06-18 13:52 - 00000000 ____D () C:\ProgramData\HitmanPro2014-06-18 13:45 - 2014-06-18 13:47 - 10971424 _____ (SurfRight B.V.) C:\Users\Jan\Downloads\HitmanPro_x64.exe2014-06-18 13:44 - 2014-06-18 13:44 - 00001506 _____ () C:\Users\Jan\Desktop\JRT.txt2014-06-18 13:38 - 2014-06-18 13:38 - 01016261 _____ (Thisisu) C:\Users\Jan\Downloads\JRT.exe2014-06-18 13:38 - 2014-06-18 13:38 - 00000000 ____D () C:\Windows\ERUNT2014-06-18 13:35 - 2014-06-18 13:36 - 00000000 ____D () C:\AdwCleaner2014-06-18 13:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-06-18 13:34 - 2014-06-18 13:34 - 01333465 _____ () C:\Users\Jan\Downloads\adwcleaner_3.212.exe2014-06-18 10:15 - 2014-06-18 10:15 - 00033177 _____ () C:\Users\Jan\Desktop\DxDiag.txt2014-06-17 20:30 - 2014-06-17 20:39 - 00000000 ____D () C:\Users\Jan\AppData\Local\NPE2014-06-17 20:06 - 2014-06-18 13:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-17 20:06 - 2014-06-17 20:06 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-17 20:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-17 20:06 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-17 20:06 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-16 10:40 - 2014-06-17 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com2014-06-16 10:07 - 2014-06-16 10:07 - 00000000 ____D () C:\Users\Jan\AppData\Local\backburner2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieUserList2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieSiteList2014-06-15 08:45 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-06-15 08:45 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-06-15 08:45 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-06-15 08:45 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-06-15 08:45 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-06-15 08:45 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-06-15 08:45 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-06-15 08:45 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-06-15 08:45 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-06-15 08:45 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-06-15 08:45 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-06-15 08:45 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-06-15 08:45 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-06-15 08:45 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-06-15 08:45 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-06-15 08:45 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-06-15 08:45 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-06-15 08:45 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-06-15 08:45 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-06-15 08:45 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-06-15 08:45 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-06-15 08:45 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-06-15 08:45 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-06-15 08:45 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-06-15 08:45 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-06-15 08:45 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-06-15 08:45 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-06-15 08:45 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-06-15 08:45 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-06-15 08:45 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-06-15 08:45 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-06-15 08:45 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-06-15 08:45 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-06-15 08:45 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-06-15 08:45 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-06-15 08:45 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-06-15 08:45 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-06-15 08:45 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-06-15 08:45 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-06-15 08:45 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-06-15 08:45 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-06-15 08:45 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-06-15 08:45 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-06-15 08:45 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-06-15 08:45 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-06-15 08:45 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-06-15 08:45 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-06-15 08:45 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-06-15 08:45 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-06-15 08:45 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-06-15 08:45 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-06-15 08:45 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-06-15 08:45 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2014-06-15 08:45 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2014-06-15 08:45 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-06-15 08:45 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-06-15 08:45 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2014-06-15 08:45 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-06-15 08:45 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2014-06-15 08:45 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-06-15 08:45 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2014-06-15 08:45 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-06-15 08:45 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2014-06-15 08:45 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-06-15 08:45 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys2014-06-10 20:30 - 2014-06-10 20:30 - 00000000 ____D () C:\Windows\pss2014-06-07 18:13 - 2014-06-07 18:13 - 00003212 _____ () C:\Windows\System32\Tasks\{135558F8-48E4-415E-AEBF-FB3A84896461}2014-06-07 18:08 - 2014-06-07 18:08 - 00003112 _____ () C:\Windows\System32\Tasks\{8CC68473-5F95-493E-B7D3-DCEC85662B9A}2014-06-06 10:56 - 2014-06-06 10:57 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-06-06 10:56 - 2014-06-06 10:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-06-04 10:38 - 2014-06-04 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razorworks2014-06-04 10:00 - 2014-06-04 13:46 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Skype2014-06-04 10:00 - 2014-06-04 10:00 - 00000000 ____D () C:\Users\Jan\AppData\Local\Skype2014-06-02 19:44 - 2014-05-29 19:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2014-06-02 19:44 - 2014-05-29 19:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2014-06-02 13:47 - 2014-06-06 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Reality2014-06-02 13:28 - 2014-06-04 10:39 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2014-05-31 15:11 - 2014-05-19 19:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2014-05-31 15:10 - 2014-05-19 22:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-05-31 15:10 - 2014-05-19 22:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-05-31 15:10 - 2014-05-19 22:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-05-31 15:10 - 2014-05-19 22:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2014-05-31 15:10 - 2014-05-19 22:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2014-05-31 15:10 - 2014-05-19 22:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-05-31 15:10 - 2014-05-19 22:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-05-31 15:10 - 2014-05-19 22:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-05-31 15:10 - 2014-05-19 22:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-05-31 15:10 - 2014-05-19 22:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-05-31 15:10 - 2014-05-19 22:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-05-31 15:10 - 2014-05-19 22:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-05-31 15:10 - 2014-05-19 22:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2014-05-31 15:10 - 2014-05-19 22:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2014-05-31 15:10 - 2014-05-19 22:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll2014-05-31 15:10 - 2014-05-19 22:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2014-05-31 15:10 - 2014-05-19 22:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2014-05-24 19:25 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2014-05-24 19:25 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2014-05-23 17:45 - 2014-05-24 12:50 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-05-23 16:58 - 2014-06-06 10:56 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-05-23 16:49 - 2014-05-23 16:49 - 00000533 _____ () C:\Windows\KB893803v2.log2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clementine2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\Program Files (x86)\Clementine2014-05-19 18:45 - 2014-05-20 08:44 - 00000000 _____ () C:\Users\Jan\Documents\pymel.log2014-05-19 13:17 - 2014-05-19 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains==================== One Month Modified Files and Folders =======2014-06-18 14:11 - 2014-06-18 14:05 - 00018063 _____ () C:\Users\Jan\Downloads\FRST.txt2014-06-18 14:11 - 2014-06-18 14:05 - 00000000 ____D () C:\FRST2014-06-18 14:11 - 2014-01-13 10:29 - 00000000 ____D () C:\Users\Jan\AppData\Local\Temp2014-06-18 14:09 - 2014-06-18 14:05 - 00022039 _____ () C:\Users\Jan\Downloads\Addition.txt2014-06-18 14:09 - 2011-11-28 12:20 - 01201920 _____ () C:\Windows\WindowsUpdate.log2014-06-18 14:05 - 2014-06-18 14:05 - 02081280 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe2014-06-18 13:57 - 2014-03-13 12:22 - 00000370 _____ () C:\Windows\Tasks\WpsNotifyTask_Jan.job2014-06-18 13:54 - 2014-03-13 12:22 - 00000370 _____ () C:\Windows\Tasks\WpsUpdateTask_Jan.job2014-06-18 13:52 - 2014-06-18 13:49 - 00000000 ____D () C:\ProgramData\HitmanPro2014-06-18 13:47 - 2014-06-18 13:45 - 10971424 _____ (SurfRight B.V.) C:\Users\Jan\Downloads\HitmanPro_x64.exe2014-06-18 13:44 - 2014-06-18 13:44 - 00001506 _____ () C:\Users\Jan\Desktop\JRT.txt2014-06-18 13:44 - 2009-07-14 01:13 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-18 13:44 - 2009-07-14 00:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-06-18 13:44 - 2009-07-14 00:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-06-18 13:38 - 2014-06-18 13:38 - 01016261 _____ (Thisisu) C:\Users\Jan\Downloads\JRT.exe2014-06-18 13:38 - 2014-06-18 13:38 - 00000000 ____D () C:\Windows\ERUNT2014-06-18 13:38 - 2014-02-04 16:59 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Dropbox2014-06-18 13:37 - 2014-06-17 20:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-18 13:37 - 2014-03-05 08:46 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-18 13:37 - 2014-02-04 16:59 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\DropboxMaster2014-06-18 13:37 - 2011-11-28 12:14 - 00000000 ____D () C:\ProgramData\NVIDIA2014-06-18 13:37 - 2010-11-20 23:47 - 01375506 _____ () C:\Windows\PFRO.log2014-06-18 13:37 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-18 13:37 - 2009-07-14 00:51 - 00079308 _____ () C:\Windows\setupact.log2014-06-18 13:36 - 2014-06-18 13:35 - 00000000 ____D () C:\AdwCleaner2014-06-18 13:35 - 2014-02-17 19:14 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\KeePass2014-06-18 13:34 - 2014-06-18 13:34 - 01333465 _____ () C:\Users\Jan\Downloads\adwcleaner_3.212.exe2014-06-18 13:13 - 2014-03-05 08:46 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-18 12:49 - 2014-01-13 10:33 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1958405C-B2A4-43C7-B4D5-D5955E44AE42}2014-06-18 11:29 - 2014-05-14 17:37 - 00000000 ____D () C:\Users\Jan\AppData\Local\CrashDumps2014-06-18 10:55 - 2011-02-11 16:29 - 00772558 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-06-18 10:54 - 2011-11-28 12:29 - 00446658 _____ () C:\Windows\DirectX.log2014-06-18 10:15 - 2014-06-18 10:15 - 00033177 _____ () C:\Users\Jan\Desktop\DxDiag.txt2014-06-18 07:34 - 2014-02-12 20:29 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe2014-06-18 07:28 - 2014-02-13 14:17 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\vlc2014-06-18 07:27 - 2014-01-13 10:33 - 00000000 ___RD () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-06-17 20:39 - 2014-06-17 20:30 - 00000000 ____D () C:\Users\Jan\AppData\Local\NPE2014-06-17 20:32 - 2014-01-13 10:32 - 00070888 _____ () C:\Users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT2014-06-17 20:31 - 2009-07-14 00:45 - 04975456 _____ () C:\Windows\system32\FNTCACHE.DAT2014-06-17 20:30 - 2011-11-28 12:31 - 00000000 ____D () C:\ProgramData\Norton2014-06-17 20:13 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media2014-06-17 20:06 - 2014-06-17 20:06 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-17 20:06 - 2014-06-17 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-17 16:05 - 2014-05-01 18:08 - 00000000 ____D () C:\Windows\Minidump2014-06-17 16:05 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061714-8533-01.dmp2014-06-17 14:52 - 2014-06-16 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com2014-06-17 11:18 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061714-8595-01.dmp2014-06-17 10:08 - 2014-03-05 08:46 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-06-17 10:08 - 2014-03-05 08:46 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-16 12:23 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-06-16 10:07 - 2014-06-16 10:07 - 00000000 ____D () C:\Users\Jan\AppData\Local\backburner2014-06-16 10:07 - 2014-02-12 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk2014-06-16 10:01 - 2014-02-17 11:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime2014-06-16 10:00 - 2014-02-13 12:56 - 00000000 ____D () C:\Program Files\Adobe2014-06-16 10:00 - 2014-02-13 11:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe2014-06-16 10:00 - 2014-01-13 10:34 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Adobe2014-06-16 10:00 - 2011-11-28 12:27 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-06-15 16:56 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061514-8143-01.dmp2014-06-15 16:22 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieUserList2014-06-15 13:57 - 2014-06-15 13:57 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieSiteList2014-06-15 13:39 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061514-8299-01.dmp2014-06-10 20:30 - 2014-06-10 20:30 - 00000000 ____D () C:\Windows\pss2014-06-10 18:29 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061014-8314-01.dmp2014-06-10 18:16 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\061014-8751-01.dmp2014-06-09 11:38 - 2014-02-17 11:13 - 00000000 ____D () C:\Users\Jan\Documents\Camtasia Studio2014-06-08 15:23 - 2014-05-04 15:38 - 00000000 ____D () C:\Program Files\Unlocker2014-06-08 15:15 - 2011-11-28 12:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-06-07 18:13 - 2014-06-07 18:13 - 00003212 _____ () C:\Windows\System32\Tasks\{135558F8-48E4-415E-AEBF-FB3A84896461}2014-06-07 18:08 - 2014-06-07 18:08 - 00003112 _____ () C:\Windows\System32\Tasks\{8CC68473-5F95-493E-B7D3-DCEC85662B9A}2014-06-07 09:14 - 2014-02-19 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft2014-06-06 10:57 - 2014-06-06 10:56 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-06-06 10:56 - 2014-06-06 10:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-06-06 10:56 - 2014-06-02 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Reality2014-06-06 10:56 - 2014-05-23 16:58 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-06-04 13:46 - 2014-06-04 10:00 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Skype2014-06-04 10:52 - 2014-06-04 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razorworks2014-06-04 10:39 - 2014-06-02 13:28 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2014-06-04 10:00 - 2014-06-04 10:00 - 00000000 ____D () C:\Users\Jan\AppData\Local\Skype2014-06-02 19:44 - 2011-11-28 12:14 - 00000000 ____D () C:\Program Files\NVIDIA Corporation2014-05-31 15:12 - 2014-01-13 10:40 - 00000000 ____D () C:\Temp2014-05-31 15:11 - 2014-01-13 14:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-05-30 06:21 - 2014-06-15 08:45 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-30 06:02 - 2014-06-15 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-30 06:02 - 2014-06-15 08:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-05-30 05:45 - 2014-06-15 08:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-05-30 05:39 - 2014-06-15 08:45 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-05-30 05:39 - 2014-06-15 08:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-05-30 05:38 - 2014-06-15 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-05-30 05:28 - 2014-06-15 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-05-30 05:27 - 2014-06-15 08:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-05-30 05:24 - 2014-06-15 08:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-05-30 05:21 - 2014-06-15 08:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-05-30 05:21 - 2014-06-15 08:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-05-30 05:20 - 2014-06-15 08:45 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-05-30 05:18 - 2014-06-15 08:45 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-30 05:11 - 2014-06-15 08:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-05-30 05:08 - 2014-06-15 08:45 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-05-30 05:06 - 2014-06-15 08:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-05-30 05:02 - 2014-06-15 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-30 04:55 - 2014-06-15 08:45 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-05-30 04:49 - 2014-06-15 08:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-05-30 04:46 - 2014-06-15 08:45 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-30 04:44 - 2014-06-15 08:45 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-05-30 04:44 - 2014-06-15 08:45 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-05-30 04:43 - 2014-06-15 08:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-05-30 04:42 - 2014-06-15 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-05-30 04:38 - 2014-06-15 08:45 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-05-30 04:35 - 2014-06-15 08:45 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-05-30 04:34 - 2014-06-15 08:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-05-30 04:33 - 2014-06-15 08:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-05-30 04:30 - 2014-06-15 08:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-05-30 04:29 - 2014-06-15 08:45 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-05-30 04:28 - 2014-06-15 08:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-05-30 04:27 - 2014-06-15 08:45 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-05-30 04:24 - 2014-06-15 08:45 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-05-30 04:23 - 2014-06-15 08:45 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-05-30 04:16 - 2014-06-15 08:45 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-05-30 04:10 - 2014-06-15 08:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-05-30 04:06 - 2014-06-15 08:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-05-30 04:04 - 2014-06-15 08:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-30 04:02 - 2014-06-15 08:45 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-05-30 03:56 - 2014-06-15 08:45 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-05-30 03:56 - 2014-06-15 08:45 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-05-30 03:54 - 2014-06-15 08:45 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-05-30 03:50 - 2014-06-15 08:45 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-05-30 03:49 - 2014-06-15 08:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-05-30 03:43 - 2014-06-15 08:45 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-05-30 03:40 - 2014-06-15 08:45 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-05-30 03:30 - 2014-06-15 08:45 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-05-30 03:21 - 2014-06-15 08:45 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-05-30 03:15 - 2014-06-15 08:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-05-30 03:13 - 2014-06-15 08:45 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-05-30 03:13 - 2014-06-15 08:45 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-05-29 19:07 - 2014-06-02 19:44 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2014-05-29 19:07 - 2014-06-02 19:44 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2014-05-29 19:07 - 2014-01-13 14:37 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2014-05-29 19:07 - 2014-01-13 14:37 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2014-05-25 16:50 - 2014-02-27 15:57 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner2014-05-24 19:25 - 2014-01-13 14:39 - 00000000 ____D () C:\Users\Jan\AppData\Local\NVIDIA Corporation2014-05-24 19:25 - 2011-11-28 12:14 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation2014-05-24 19:13 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\052414-8018-01.dmp2014-05-24 18:36 - 2014-01-13 13:22 - 00338605 ____N () C:\Windows\Minidump\052414-8424-01.dmp2014-05-24 17:00 - 2014-03-30 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-05-24 12:50 - 2014-05-23 17:45 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-05-24 07:42 - 2014-02-04 16:59 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-05-23 16:49 - 2014-05-23 16:49 - 00000533 _____ () C:\Windows\KB893803v2.log2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clementine2014-05-21 11:57 - 2014-05-21 11:57 - 00000000 ____D () C:\Program Files (x86)\Clementine2014-05-21 11:57 - 2014-01-13 10:29 - 00000000 ____D () C:\Users\Jan2014-05-21 08:12 - 2014-02-16 22:31 - 00000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe PNG Format CC Prefs2014-05-20 08:58 - 2014-02-15 11:03 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe online update program2014-05-20 08:44 - 2014-05-19 18:45 - 00000000 _____ () C:\Users\Jan\Documents\pymel.log2014-05-19 22:44 - 2014-05-31 15:10 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-05-19 22:44 - 2014-05-31 15:10 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-05-19 22:44 - 2014-05-31 15:10 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-05-19 22:44 - 2014-05-31 15:10 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2014-05-19 22:44 - 2014-05-31 15:10 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2014-05-19 22:44 - 2014-05-31 15:10 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-05-19 22:44 - 2014-05-31 15:10 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-05-19 22:44 - 2014-05-31 15:10 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-05-19 22:44 - 2014-05-31 15:10 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-05-19 22:44 - 2014-05-31 15:10 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-05-19 22:44 - 2014-05-31 15:10 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-05-19 22:44 - 2014-05-31 15:10 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-05-19 22:44 - 2014-05-31 15:10 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2014-05-19 22:44 - 2014-05-31 15:10 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2014-05-19 22:44 - 2014-05-31 15:10 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll2014-05-19 22:44 - 2014-05-31 15:10 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2014-05-19 22:44 - 2014-05-31 15:10 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2014-05-19 22:44 - 2014-01-13 14:35 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2014-05-19 22:44 - 2014-01-13 14:35 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2014-05-19 22:44 - 2011-11-28 12:11 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2014-05-19 22:44 - 2011-11-28 12:11 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2014-05-19 22:44 - 2011-11-28 12:11 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2014-05-19 22:44 - 2011-11-28 12:11 - 00026069 _____ () C:\Windows\system32\nvinfo.pb2014-05-19 21:25 - 2011-05-03 04:09 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2014-05-19 21:25 - 2011-05-03 04:09 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2014-05-19 21:25 - 2011-05-03 04:09 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2014-05-19 21:25 - 2011-05-03 04:09 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2014-05-19 21:25 - 2011-05-03 04:09 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2014-05-19 19:10 - 2014-05-31 15:11 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2014-05-19 13:17 - 2014-05-19 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains2014-05-19 13:17 - 2014-02-04 16:51 - 00000000 ____D () C:\Program Files (x86)\JetBrains2014-05-19 10:02 - 2014-02-12 20:39 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-05-19 10:02 - 2014-02-12 20:39 - 00000000 ____D () C:\ProgramData\AdobeSome content of TEMP:====================C:\Users\Jan\AppData\Local\Temp\AcDeltree.exeC:\Users\Jan\AppData\Local\Temp\FNP_ACT_InstallerCA.dllC:\Users\Jan\AppData\Local\Temp\Quarantine.exe==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-06-18 08:11==================== End Of Log ============================Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014Ran by Jan at 2014-06-18 14:11:24Running from C:\Users\Jan\DownloadsBoot Mode: Normal============================================================================== Security Center ========================AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}==================== Installed Programs ======================802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)Adobe Flash Player 10 ActiveX (HKLM-x32\...\{DCC90D9D-4F8D-4A06-9050-ADDB284FF9FA}) (Version: 10.3.181.14 - Adobe Systems Incorporated)Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) HiddenBonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)Clementine (HKLM-x32\...\Clementine) (Version: 1.2.3 - Clementine)Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)f.lux (HKCU\...\Flux) (Version: - )Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenHewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000 - Hewlett-Packard) HiddenHP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) HiddenHP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) HiddenHP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) HiddenHP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJetBrains PyCharm 3.1.3 (HKLM-x32\...\PyCharm 3.1.3) (Version: 133.1347 - JetBrains s.r.o.)KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)Kingsoft Office 2013 (9.1.0.4514) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4514 - Kingsoft Corp.)Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) HiddenLogitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) HiddenMozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)Norton 360 (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) HiddenNVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Python 2.7 PIL-1.1.7 (HKLM-x32\...\PIL-py2.7) (Version: - )Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) HiddenSamsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.6 - Samsung)Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) HiddenSublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenTuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.296 - TuneUp Software) HiddenTuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)TuneUp Utilities 2014 (x32 Version: 14.0.1000.296 - TuneUp Software) HiddenUnlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)Visual C++ 11.0 CRT (x64) (Version: 11.0 - Microsoft Corporation) HiddenVLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Restore Points ============================================= Hosts content: ==========================2009-07-13 22:34 - 2014-02-17 11:07 - 00001192 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 activate.adobe.com127.0.0.1 practivate.adobe.com127.0.0.1 lmlicenses.wip4.adobe.com127.0.0.1 lm.licenses.adobe.com127.0.0.1 na1r.services.adobe.com127.0.0.1 hlrcv.stage.adobe.com127.0.0.1 activation.cloud.techsmith.com==================== Scheduled Tasks (whitelisted) =============Task: {03833AC3-CD83-436E-81A9-B4DEDE33189F} - System32\Tasks\WpsNotifyTask_Jan => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe [2014-03-05] (Zhuhai Kingsoft Office Software Co.,Ltd)Task: {1417D688-19C7-4E3A-83C9-78657D6CBC72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {271C8454-DB5B-4952-AAC7-7FAF51328B09} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exeTask: {2E62830E-0991-4FCF-90FD-E4E343F56FEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)Task: {32912948-9E31-4D68-A4BA-326BF52379BF} - System32\Tasks\WpsUpdateTask_Jan => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [2014-03-05] (Zhuhai Kingsoft Office Software Co.,Ltd)Task: {3489E967-D12E-47E5-A038-5FB3E3492F4F} - System32\Tasks\SetupManager => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exeTask: {6470F8B9-4D49-4D3E-85BC-D16098E4AE4C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)Task: {662E4B46-22F6-4500-898E-ADB8ECCE0912} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-04-15] (TuneUp Software)Task: {6C0EA258-62B0-49A1-A0E6-4636C0A9295C} - System32\Tasks\AdobeAAMUpdater-1.0-JanHP-Jan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)Task: {755A3679-B6CC-4F23-A3BB-1F75C0A79DAB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)Task: {8B5DD9C7-0AD9-4B9A-BE78-9A3C474027D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exeTask: {8EB8B5AD-4990-4A72-92C7-B25C4EB187E1} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)Task: {A8375188-C5A7-4545-88E7-F03DEEA6C09A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeTask: {B599FFC6-603E-4ACA-B9E3-A07DF1570AAB} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)Task: {C78C1011-8DB1-4413-8A28-A879CA287B0B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-08] (Hewlett-Packard)Task: {D8E87C56-2C9B-4B0A-BD49-FA107E191CEF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)Task: {DF386CA3-5B2A-4D4A-80FE-F11288368BC8} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)Task: {E75C3B35-2B4C-4742-9E4A-B8AB6D06C2D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeTask: {FD286B6C-3830-465E-92F8-0139BC09EAB2} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\WpsNotifyTask_Jan.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exeTask: C:\Windows\Tasks\WpsUpdateTask_Jan.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe==================== Loaded Modules (whitelisted) =============2014-01-13 14:36 - 2014-05-19 21:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2014-06-06 10:56 - 2014-06-06 10:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-06-06 10:56 - 2014-06-06 10:57 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-15 09:59 - 2014-04-15 09:59 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll2014-02-04 17:08 - 2014-02-12 10:55 - 05482384 _____ () C:\Program Files\Sublime Text 3\sublime_text.exe2014-02-04 17:08 - 2013-12-17 15:22 - 00594432 _____ () C:\Program Files\Sublime Text 3\plugin_host.exe2014-02-04 17:08 - 2013-02-18 17:59 - 01065472 _____ () C:\Program Files\Sublime Text 3\_hashlib.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00108032 _____ () C:\Program Files\Sublime Text 3\_ctypes.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00051200 _____ () C:\Program Files\Sublime Text 3\_socket.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 01702400 _____ () C:\Program Files\Sublime Text 3\_ssl.pyd2014-02-12 11:15 - 2014-02-11 08:32 - 01212416 _____ () C:\Users\Jan\AppData\Roaming\Sublime Text 3\Packages\SublimeCodeIntel\arch\_win64_py33\_SilverCity.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00165376 _____ () C:\Program Files\Sublime Text 3\_elementtree.pyd2014-02-04 17:08 - 2013-02-18 17:59 - 00168448 _____ () C:\Program Files\Sublime Text 3\pyexpat.pyd2014-02-12 11:15 - 2014-02-11 08:32 - 00220672 _____ () C:\Users\Jan\AppData\Roaming\Sublime Text 3\Packages\SublimeCodeIntel\arch\_win64_py33\_ielementtree.pyd2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll2014-06-18 13:37 - 2014-06-18 13:37 - 00043008 _____ () g:\tmp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxwjxft.dll2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\libcef.dll2014-06-15 09:06 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll2014-06-15 09:06 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll2014-06-15 09:06 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll2014-06-15 09:06 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll2014-06-15 09:06 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll==================== Alternate Data Streams (whitelisted) ============================= Safe Mode (whitelisted) ======================================= EXE Association (whitelisted) ================================= MSCONFIG/TASK MANAGER disabled items ============================= Faulty Device Manager Devices =============Name: Microsoft Teredo Tunneling AdapterDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.==================== Event log errors: =========================Application errors:==================System errors:=============Microsoft Office Sessions:=========================CodeIntegrity Errors:=================================== Date: 2014-02-14 09:44:59.811 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:44:59.783 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:23.910 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:23.883 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:22.151 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:43:22.123 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:41:43.131 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:41:43.102 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:22:28.660 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-14 09:22:28.632 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.==================== Memory info =========================== Percentage of memory in use: 21%Total physical RAM: 12268.31 MBAvailable physical RAM: 9601.37 MBTotal Pagefile: 24534.8 MBAvailable Pagefile: 21238.01 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB==================== Drives ================================Drive c: (OS) (Fixed) (Total:111.69 GB) (Free:64.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive d: (HP_RECOVERY) (Fixed) (Total:12.24 GB) (Free:1.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive e: () (Fixed) (Total:111.79 GB) (Free:111.7 GB) NTFSDrive f: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive g: (HDD) (Fixed) (Total:1080.24 GB) (Free:976.1 GB) NTFSDrive i: (Data) (Fixed) (Total:0.1 GB) (Free:0.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]Drive n: (ADATA UFD) (Removable) (Total:14.7 GB) (Free:14.7 GB) FAT32==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: AD0EBD5D)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=-1039124135936) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=305 GB) - (Type=83)========================================================Disk: 1 (Size: 112 GB) (Disk ID: 0005169E)Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)========================================================Disk: 2 (Size: 112 GB) (Disk ID: 5F923E2E)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)========================================================Disk: 3 (Size: 15 GB) (Disk ID: 00000000)Partition: GPT Partition Type.==================== End Of Log ============================ Addition.txt FRST.txt
  23. Hi! "PUP.Optional.Trovi.A" appears twice as a quarantined item every time I scan with Malwarebytes. I read a former note on this topic and have saved the logs as directed by a Malwarebyte Staff member. The Malwarebyte and RogueKiller Logs are attached. Thanks for your help Ernie Adsett LogMBAB140715_1.txt LogRogueKiller140715_1.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.