Came late to the party....

RicardoJC · November 5, 2013

Hi. After googling a problem picked up by malwarebytes I came up with a previous post (now closed that sums up my problem)

PUP.Optional.AdvancedSystemProtector.A

Started by CTownNick, Aug 23 2013 02:10 AM

But I came to this late - the 5 infections I had already deleted using malwarebytes. I then downloaded Roguekiller (as had been recommended for CTownNick) and came up with the report below. I have not taken any action, but have left Roguekiller running.

Then I thought I had better check how to report this and saw the 'steps to take'. I have run the DDS scan and below are the DDS and Attach reports. I've come a bit late to the party but hopefully better late than never!

What should my next steps be, please?

Ric

RKreport0_S_11052013_152529.txt

dds.txt

attach.txt

Psychotic · November 6, 2013

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

You told us that you removed several items with Malwarebytes´ Antimalware. This tool creates a log on every run and we need to see them.

The logs can be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Zip any and all of these logs and attach the file to your next reply.

RicardoJC · November 6, 2013

Hello Marius. Thanks for your help I cannot see how to attach the file in this thread so have copied and pasted the contents below. You will see from the above that I was running RogueKiller. It identified 5 or 6 PUM.UserWLoad problems, which I removed as I had to close down the computer. This morning I ran Kaspersky TDSSKiller, which found no problems. I use Kaspersky Internet Security 2012 on my computer.

mbam-log-2013-11-05 (08-56-14)

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.11.04.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

user :: RJC-VAIO [administrator]

Protection: Disabled

05/11/2013 08:56:14

mbam-log-2013-11-05 (08-56-14).txt

Scan type: Full scan (C:\|)

Scan options disabled: P2P

Objects scanned: 622624

Time elapsed: 5 hour(s), 40 minute(s), 37 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Psychotic · November 6, 2013

Delete junk with adwCleaner

Please download AdwCleaner to your desktop.

Run adwcleaner.exe
Hit Scan and wait for the scan to finish.
Confirm the message but don´t uncheck anything.
Hit Clean
When the run is finished, it will open up a text file
Please post its contents within your next reply
You´ll find the log file at C:\AdwCleaner[s1].txt also

Delete junk with JRT

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

RicardoJC · November 6, 2013

Marius,

Many thanks for the links and instructions. Please find the results of both below. You were right - the JRT took a while to complete its task!

R

AdwCleaner[s0]

# AdwCleaner v3.011 - Report created 06/11/2013 at 17:21:57

# Updated 03/11/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : user - RJC-VAIO

# Running from : C:\Users\user\AppData\Local\Temp\dlm6CE.tmp\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\ProgramData\Partner

Folder Deleted : C:\ProgramData\SpeedyPC Software

Folder Deleted : C:\ProgramData\StarApp

Folder Deleted : C:\Program Files (x86)\SafeSaver

Folder Deleted : C:\Program Files (x86)\Common Files\SpeedyPC Software

Folder Deleted : C:\users\user\AppData\Roaming\DriverCure

Folder Deleted : C:\users\user\AppData\Roaming\SpeedyPC Software

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\SpeedyPC Software

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKLM\Software\SP Global

Key Deleted : HKLM\Software\SpeedyPC Software

Key Deleted : HKLM\Software\SProtector

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

Deleted : search_url

Deleted : suggest_url

Deleted : keyword

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [4822 octets] - [06/11/2013 17:11:55]

AdwCleaner[s0].txt - [4672 octets] - [06/11/2013 17:21:57]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4732 octets] ##########

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 7 Home Premium x64

Ran by user on 06/11/2013 at 17:34:53.27

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [service] backupstack

Successfully deleted: [service] backupstack

Successfully stopped: [service] cltmngsvc

Successfully deleted: [service] cltmngsvc

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ConduitFloatingPlugin_lipgolpfajiadodbcbljdpmbmbdmfcil

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotect

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotectall

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4122584603-281543611-2346686656-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\priam_bho.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wajam

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3306061

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9B37721B-9674-4B33-8C2A-4829221A4F19}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}

~~~ Files

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\conduit"

Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\searchprotect"

Successfully deleted: [Folder] "C:\Users\user\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\user\appdata\local\cre"

Successfully deleted: [Folder] "C:\Users\user\appdata\local\wajam"

Successfully deleted: [Folder] "C:\Users\user\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"

Failed to delete: [Folder] "C:\Program Files (x86)\mypc backup"

Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"

Failed to delete: [Folder] "C:\Program Files (x86)\wajam"

Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"

Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\microsoft\windows\start menu\programs\wajam"

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1BC0EBD3-DCEB-4F02-960A-0B1089084443}

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{32433CE1-6209-483C-AC08-0C48417CBC0A}

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{581355D4-DB9B-41CF-8A69-AB99F3937B40}

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8C1D686D-28D2-44B3-ACD4-03586E135D99}

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{C8D44044-184B-4B84-A3D4-3DABC99B6CBF}

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{E9DFFAB6-A808-430A-97BA-5A86E791BDBF}

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{EB34B945-A804-4CFC-988F-46EF38CEA7DE}

Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F2DDF087-10EC-4C3B-81F2-F43A24EBA23E}

~~~ Chrome

Successfully deleted: [Folder] C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 06/11/2013 at 17:53:41.88

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Psychotic · November 7, 2013

Full System Scan with Malwarebytes Antimalware

If not existing, please download

Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

Run Malwarebytes Antimalware
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.
The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Post that log back here.

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings and ensure these options are ticked:
- Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

RicardoJC · November 7, 2013

Marius. Sorry it has taken so long to respond. The scan took just under 8 hours. I already have Malwarebytes installed and updated it as you suggested. I was surprised to find so many (36) problems, which I have removed. I have not yet run the ESET programme but will do so after rebooting. In the meantime here is the malwarebytes log.

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.11.07.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

user :: RJC-VAIO [administrator]

Protection: Enabled

07/11/2013 09:13:27

mbam-log-2013-11-07 (09-13-27).txt

Scan type: Full scan (C:\|D:\|)

Scan options disabled: P2P

Objects scanned: 623295

Time elapsed: 7 hour(s), 59 minute(s), 38 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 5

HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

HKCR\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

HKCR\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully.

HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3 (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 4

C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Wajam\Updater (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 29

C:\Program Files (x86)\Connect_DLC_5\Connect_DLC_5ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BQ1R5OE6\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BQ1R5OE6\Connect_DLC_5[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWZZLLMM\wajam_install[1].exe (PUP.Optional.Wajam) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJZ0IU1M\Connect_DLC_5_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJZ0IU1M\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZEI2X2Z3\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZEI2X2Z3\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\nsa7A89.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\nsb2FD.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\nsbE914.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\nsgA8FC.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\dlm6CE.tmp\LuckyLeap0816.exe (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\dlm6CE.tmp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\dlm6CE.tmp\wajam0715.exe (PUP.Optional.Wajam) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\CT3306061.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\initdata.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\user\AppData\Local\Temp\ct3306061\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)

Psychotic · November 8, 2013

No worries, this were just some remainings of adware.

I´ll await the ESET log.

RicardoJC · November 8, 2013

Had to leave it running overnight. This morning it reported 4 issues. There was however no obvious way of saving the information - and it has now taken me to a webpage asking me to download for home different versions of ESET. Sorry - not sure what happened. Do you want me to re-run this again?

Psychotic · November 8, 2013

Yes, please run it again.

RicardoJC · November 8, 2013

Hi Marius. 7hrs 25 mins this time but I have the report below:

C:\Program Files (x86)\Connect_DLC_5\tbConn.dll a variant of Win32/Toolbar.Conduit.B application

C:\Users\user\AppData\Local\Temp\dlm6CE.tmp\mypcbackuptier2_0529.exe Win32/MyPCBackup.A application

C:\Users\user\AppData\LocalLow\Connect_DLC_5\tbConn.dll a variant of Win32/Toolbar.Conduit.B application

C:\Users\user\Documents\Computer\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exe probably a variant of Win32/CNETInstaller.A application

Thanks again.

R

Psychotic · November 11, 2013

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

Run FRST.
Don´t change one of the checkboxes and hit Scan.
Logfiles are created on your desktop.
Poste the FRST.txt and (after the first scan only!) the Addition.txt.

RicardoJC · November 11, 2013

Marius, good morning. Thank you for the link. Here are the results:

First, FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01

Ran by user (administrator) on RJC-VAIO on 11-11-2013 08:21:35

Running from C:\Users\user\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Alcatel-Lucent) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\bin\MAHostService.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Joyent, Inc) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\bin\node.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe

(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Alcatel-Lucent) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe

() C:\Program Files (x86)\MultiScreen\MultiScreen.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

() C:\Users\user\AppData\Local\Viber\Viber.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe

(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

() C:\Program Files\Sony\VAIO Care\VCPerfService.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe

() C:\Program Files\Sony\VAIO Care\listener.exe

(TradeStation Technologies, Inc.) C:\Program Files (x86)\TradeStation 9.1\Program\ORPlat.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

(TradeStation Technologies, Inc.) C:\Program Files (x86)\TradeStation 9.1\Program\ordllhst.exe

(Microsoft) C:\Program Files (x86)\TradeStation 9.1\Program\TradeStationAgentForms.exe

(TradeStation Technologies, Inc.) C:\Program Files (x86)\TradeStation 9.1\Program\whserver.exe

(TradeStation Technologies, Inc.) C:\Program Files (x86)\TradeStation 9.1\Program\orcal.exe

(TradeStation Technologies, Inc.) C:\Program Files (x86)\TradeStation 9.1\Program\orclprxy.exe

(TradeStation Technologies, Inc.) C:\Program Files (x86)\TradeStation 9.1\Program\TSScanner.exe

(TradeStation Technologies, Inc.) C:\Program Files (x86)\TradeStation 9.1\Program\orchart.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\system32\prevhost.exe

(Microsoft Corporation) C:\PROGRA~2\MICROS~1\Office14\POWERPNT.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-06-21] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-06-21] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [212480 2010-05-14] (Alps Electric Co., Ltd.)

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)

HKLM\...\Run: [btbb_McciTrayApp] - C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe [2821808 2013-01-22] (Alcatel-Lucent)

HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)

HKCU\...\Run: [MultiScreen] - C:\Program Files (x86)\MultiScreen\MultiScreen.exe [303104 2009-08-11] ()

HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)

HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)

HKCU\...\Run: [Viber] - C:\Users\user\AppData\Local\Viber\Viber.exe [912904 2013-07-31] ()

MountPoints2: {432bda3b-673d-11e0-a718-889ffae4624f} - "E:\WD SmartWare.exe" autoplay=true

HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)

HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: HKLM-x32 - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File

URLSearchHook: HKCU - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {2D8E2C12-4641-4F45-8041-05ABC5FBE35B} URL = http://rover.ebay.com/rover/1/710-42480-16445-15/4?satitle={searchTerms}

SearchScopes: HKCU - {6305523F-0229-418E-A120-AEDE9CB092C2} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices

SearchScopes: HKCU - {E6A8DA3E-CD1A-46D9-B5CC-D8A8CDF485D8} URL = http://uk.shopping.com/?linkin_id=8056359

BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKLM-x32 - No Name - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

Chrome:

=======

CHR DefaultSearchURL: (Conduit) - http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN33512874045943002&ctid=CT3306061&UM=2

CHR DefaultSuggestURL: (Conduit) - http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN33512874045943002&UM=2

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll (Kaspersky Lab ZAO)

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll (Kaspersky Lab ZAO)

CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll (Kaspersky Lab ZAO)

CHR Plugin: (Skype Toolbars) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\user\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (BlackBerry AppWorld) - C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Adblock Plus) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0

CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Kaspersky URL Advisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0

CHR Extension: (BT DesktopHelp extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.0_0

CHR Extension: (Virtual Keyboard) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0

CHR Extension: (Skype Click to Call) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0

CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR Extension: (Anti-Banner) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx

CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx

CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\user\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)

R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)

R2 BT Help Wizard; C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\bin\MAHostService.exe [321024 2013-10-02] (Alcatel-Lucent)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)

R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [467280 2012-11-27] (Alcatel-Lucent)

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()

S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2012-01-02] (TuneUp Software)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-11-15] (TuneUp Software)

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)

R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)

R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-31] (Kaspersky Lab)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)

S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (http://libusb-win32.sourceforge.net)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S3 MREMP50; C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2013-03-24] (Printing Communications Assoc., Inc. (PCAUSA))

S3 MREMP50a64; C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [43008 2013-03-24] (Printing Communications Assoc., Inc. (PCAUSA))

S3 MRESP50; C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2013-03-24] (Printing Communications Assoc., Inc. (PCAUSA))

R3 MRESP50a64; C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [40960 2013-03-24] (Printing Communications Assoc., Inc. (PCAUSA))

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)

R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)

S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [x]

S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-11 08:21 - 2013-11-11 08:21 - 00000000 ____D C:\FRST

2013-11-11 08:17 - 2013-11-11 08:18 - 01957590 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe

2013-11-10 17:54 - 2013-11-10 17:54 - 00000000 ____D C:\Program Files (x86)\MyFree Codec

2013-11-10 17:31 - 2013-11-10 17:31 - 00000000 ____D C:\Program Files (x86)\MarkAny

2013-11-10 12:26 - 2013-11-10 12:26 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-11-08 14:23 - 2013-11-10 18:35 - 00014913 _____ C:\Users\user\Desktop\Amazon Cloud Player List.xlsx

2013-11-08 09:33 - 2013-11-11 07:37 - 00000000 ____D C:\Users\user\AppData\Roaming\ViberPC

2013-11-08 09:33 - 2013-11-08 09:33 - 00001061 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk

2013-11-08 09:33 - 2013-11-08 09:33 - 00001053 _____ C:\Users\user\Desktop\Viber.lnk

2013-11-08 09:16 - 2013-11-11 07:35 - 00000000 ____D C:\Users\user\AppData\Local\Viber

2013-11-07 17:37 - 2013-11-07 17:37 - 00000000 ____D C:\Program Files (x86)\ESET

2013-11-07 11:49 - 2013-11-07 14:22 - 00012714 _____ C:\Users\user\Desktop\Freezer data.xlsx

2013-11-06 17:46 - 2013-11-06 18:17 - 00000000 ____D C:\Users\user\SyncFolder

2013-11-06 17:46 - 2013-11-06 17:46 - 00004024 _____ C:\Windows\System32\Tasks\LaunchApp

2013-11-06 17:34 - 2013-11-06 17:34 - 00000000 ____D C:\Windows\ERUNT

2013-11-06 17:17 - 2013-11-06 17:17 - 00000000 ____D C:\Program Files (x86)\Connect_DLC_5

2013-11-06 17:16 - 2013-11-06 17:16 - 00000000 ____D C:\Users\user\AppData\Local\NativeMessaging

2013-11-06 17:13 - 2013-11-06 18:49 - 00000000 ____D C:\Program Files (x86)\MyPC Backup

2013-11-06 17:11 - 2013-11-06 17:23 - 00000000 ____D C:\AdwCleaner

2013-11-05 22:37 - 2013-11-05 22:37 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps

2013-11-04 14:36 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-11-04 14:36 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-11-04 14:36 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-11-04 14:36 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-11-04 14:34 - 2013-11-04 14:36 - 00004154 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log

2013-11-02 23:35 - 2013-11-02 23:35 - 00000000 ____D C:\Windows\SysWOW64\%Report%

2013-10-29 14:15 - 2013-01-29 08:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-29 14:14 - 2013-10-23 10:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-10-29 14:14 - 2013-10-23 10:30 - 00023287 _____ C:\Windows\system32\nvinfo.pb

2013-10-28 17:51 - 2013-10-18 01:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2013-10-28 17:51 - 2013-10-18 01:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2013-10-28 17:49 - 2013-09-27 23:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-10-28 17:49 - 2013-09-27 23:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-10-24 08:36 - 2013-11-11 08:16 - 00000000 ____D C:\Users\user\Documents\Computer

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2013-10-22 18:18 - 2013-10-16 00:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll

2013-10-22 18:18 - 2013-10-16 00:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll

2013-10-21 21:48 - 2013-10-21 21:48 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-10-21 21:47 - 2013-10-21 21:48 - 00000000 ____D C:\Program Files (x86)\QuickTime

==================== One Month Modified Files and Folders =======

2013-11-11 08:21 - 2013-11-11 08:21 - 00000000 ____D C:\FRST

2013-11-11 08:18 - 2013-11-11 08:17 - 01957590 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe

2013-11-11 08:17 - 2011-06-18 13:55 - 00000000 ____D C:\Users\user\Documents\CCMR

2013-11-11 08:16 - 2013-10-24 08:36 - 00000000 ____D C:\Users\user\Documents\Computer

2013-11-11 07:50 - 2011-03-07 17:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2013-11-11 07:49 - 2009-07-14 04:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-11 07:49 - 2009-07-14 04:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-11 07:46 - 2012-12-12 19:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-11-11 07:39 - 2009-07-14 05:13 - 00783458 _____ C:\Windows\system32\PerfStringBackup.INI

2013-11-11 07:37 - 2013-11-08 09:33 - 00000000 ____D C:\Users\user\AppData\Roaming\ViberPC

2013-11-11 07:35 - 2013-11-08 09:16 - 00000000 ____D C:\Users\user\AppData\Local\Viber

2013-11-11 07:34 - 2010-10-11 20:06 - 00000000 ____D C:\ProgramData\NVIDIA

2013-11-11 07:34 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-11-11 07:34 - 2009-07-14 04:51 - 00160991 _____ C:\Windows\setupact.log

2013-11-10 18:36 - 2011-03-07 16:03 - 01944499 _____ C:\Windows\WindowsUpdate.log

2013-11-10 18:35 - 2013-11-08 14:23 - 00014913 _____ C:\Users\user\Desktop\Amazon Cloud Player List.xlsx

2013-11-10 17:56 - 2010-10-11 20:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-11-10 17:54 - 2013-11-10 17:54 - 00000000 ____D C:\Program Files (x86)\MyFree Codec

2013-11-10 17:54 - 2013-09-24 11:22 - 00000000 ____D C:\Program Files (x86)\Samsung

2013-11-10 17:54 - 2013-09-24 11:11 - 00000000 ____D C:\Users\user\AppData\Local\Downloaded Installations

2013-11-10 17:50 - 2013-09-24 11:39 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

2013-11-10 17:31 - 2013-11-10 17:31 - 00000000 ____D C:\Program Files (x86)\MarkAny

2013-11-10 12:26 - 2013-11-10 12:26 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2013-11-10 12:25 - 2013-09-24 11:09 - 00000000 ____D C:\Users\user\AppData\Roaming\Samsung

2013-11-08 22:02 - 2011-04-14 11:13 - 00022835 _____ C:\Windows\SysWOW64\error.log

2013-11-08 20:32 - 2012-02-01 08:23 - 00000598 _____ C:\Windows\Tasks\TradeStation Backup - Weekly.job

2013-11-08 20:10 - 2011-04-12 19:07 - 00000000 ____D C:\Program Files (x86)\TradeStation Archives

2013-11-08 20:10 - 2011-04-07 16:45 - 171515208 _____ C:\Windows\DYNAZIP.LOG

2013-11-08 10:38 - 2013-03-09 11:50 - 00000000 ____D C:\Users\user\Documents\Personal

2013-11-08 09:33 - 2013-11-08 09:33 - 00001061 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk

2013-11-08 09:33 - 2013-11-08 09:33 - 00001053 _____ C:\Users\user\Desktop\Viber.lnk

2013-11-07 17:37 - 2013-11-07 17:37 - 00000000 ____D C:\Program Files (x86)\ESET

2013-11-07 17:28 - 2010-10-11 20:06 - 00088276 _____ C:\Windows\PFRO.log

2013-11-07 14:22 - 2013-11-07 11:49 - 00012714 _____ C:\Users\user\Desktop\Freezer data.xlsx

2013-11-06 18:49 - 2013-11-06 17:13 - 00000000 ____D C:\Program Files (x86)\MyPC Backup

2013-11-06 18:49 - 2011-03-07 16:06 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-11-06 18:17 - 2013-11-06 17:46 - 00000000 ____D C:\Users\user\SyncFolder

2013-11-06 17:46 - 2013-11-06 17:46 - 00004024 _____ C:\Windows\System32\Tasks\LaunchApp

2013-11-06 17:34 - 2013-11-06 17:34 - 00000000 ____D C:\Windows\ERUNT

2013-11-06 17:23 - 2013-11-06 17:11 - 00000000 ____D C:\AdwCleaner

2013-11-06 17:17 - 2013-11-06 17:17 - 00000000 ____D C:\Program Files (x86)\Connect_DLC_5

2013-11-06 17:16 - 2013-11-06 17:16 - 00000000 ____D C:\Users\user\AppData\Local\NativeMessaging

2013-11-05 22:37 - 2013-11-05 22:37 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps

2013-11-05 16:01 - 2013-09-20 07:13 - 00003796 _____ C:\Windows\System32\Tasks\Java Update Scheduler

2013-11-04 14:38 - 2013-09-18 21:22 - 00000000 ____D C:\ProgramData\Oracle

2013-11-04 14:36 - 2013-11-04 14:34 - 00004154 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log

2013-11-04 14:36 - 2010-11-30 03:59 - 00000000 ____D C:\Program Files (x86)\Java

2013-11-02 23:35 - 2013-11-02 23:35 - 00000000 ____D C:\Windows\SysWOW64\%Report%

2013-10-29 14:30 - 2011-07-04 19:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-10-28 17:51 - 2013-09-21 10:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-10-28 17:51 - 2010-10-11 20:02 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-10-24 09:58 - 2013-09-21 21:26 - 00000000 ____D C:\Users\user\AppData\Roaming\iolo

2013-10-24 09:57 - 2013-09-21 21:26 - 00000000 ____D C:\ProgramData\iolo

2013-10-23 10:30 - 2013-10-29 14:14 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-23 10:30 - 2013-10-29 14:14 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-10-23 10:30 - 2013-10-29 14:14 - 00023287 _____ C:\Windows\system32\nvinfo.pb

2013-10-23 10:30 - 2013-09-21 10:18 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-10-23 10:30 - 2013-09-21 10:18 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2013-10-23 10:30 - 2013-09-21 10:16 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-10-23 10:30 - 2013-09-21 10:16 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-10-23 10:30 - 2013-09-21 10:16 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-10-23 10:30 - 2013-09-21 10:16 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-10-23 10:30 - 2013-09-21 10:16 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-10-23 09:27 - 2011-03-27 18:15 - 00000000 ____D C:\Users\user\Documents\Financial Risk Management

2013-10-23 08:20 - 2013-09-21 10:18 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-10-23 08:20 - 2013-09-21 10:18 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2013-10-23 08:20 - 2013-09-21 10:18 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2013-10-23 08:20 - 2013-09-21 10:18 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-10-23 08:20 - 2013-09-21 10:18 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-10-23 08:20 - 2013-09-21 10:18 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2013-10-22 07:27 - 2013-01-26 09:58 - 00001340 _____ C:\Users\Public\Desktop\BT Desktop Help.lnk

2013-10-21 21:54 - 2012-02-08 22:40 - 00000000 ____D C:\Users\user\AppData\Local\Apple Computer

2013-10-21 21:48 - 2013-10-21 21:48 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-10-21 21:48 - 2013-10-21 21:47 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-10-18 01:36 - 2013-10-28 17:51 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2013-10-18 01:36 - 2013-10-28 17:51 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2013-10-16 00:48 - 2013-10-22 18:18 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll

2013-10-16 00:48 - 2013-10-22 18:18 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll

2013-10-14 17:20 - 2010-11-30 03:58 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-10-14 17:20 - 2010-11-30 03:58 - 00000000 ____D C:\ProgramData\Skype

Some content of TEMP:

====================

C:\Users\user\AppData\Local\Temp\jzgcxqye.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-31 11:33

==================== End Of Log ============================

Second, Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013 01

Ran by user at 2013-11-11 08:27:24

Running from C:\Users\user\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8)

7400_Help (x32 Version: 1.00.0000)

Adobe AIR (x32 Version: 3.8.0.1430)

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)

Adobe Photoshop Elements 8.0 (x32 Version: 8.0)

Adobe Premiere Elements 8.0 (x32 Version: 8.0)

Adobe Reader X (10.1.8) (x32 Version: 10.1.8)

Alps Pointing-device for VAIO

Apple Application Support (x32 Version: 2.3.2)

Apple Software Update (x32 Version: 2.1.3.127)

ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.115)

ArcSoft ShowBiz (x32 Version: )

ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.368)

BBC iPlayer Desktop (x32 Version: 3.2.15)

BBC iPlayer Downloads (x32 Version: 1.0.2)

Bitcoin (HKCU Version: 0.8.1)

BlackBerry App World Browser Plugin (x32 Version: 3.0.3.2)

BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41)

Bonjour (Version: 3.0.0.10)

bpd_scan (x32 Version: 3.00.0000)

BPDSoftware (x32 Version: 130.0.000.000)

BPDSoftware_Ini (x32 Version: 1.00.0000)

BT Desktop Help (x32)

BufferChm (x32 Version: 130.0.331.000)

Cisco WebEx Meetings (HKCU)

Corel WinDVD (x32 Version: 10.0.5.804)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

Destinations (x32 Version: 130.0.0.0)

DeviceDiscovery (x32 Version: 130.0.465.000)

DocProc (x32 Version: 13.0.0.0)

ESET Online Scanner v3 (x32)

Garmin ANT Agent (Version: 2.3.4)

Garmin Communicator Plugin (x32 Version: 4.0.4)

Garmin Communicator Plugin x64 (Version: 4.0.4)

Garmin USB Drivers (x32 Version: 2.3.1.0)

GeForce Experience NvStream Client Components (Version: 1.6.28)

Google Chrome (x32 Version: 30.0.1599.101)

Google Earth (x32 Version: 7.1.1.1888)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0)

Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)

Google Update Helper (x32 Version: 1.3.21.165)

GPBaseService2 (x32 Version: 130.0.371.000)

Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000)

HP Customer Participation Program 13.0 (Version: 13.0)

HP Imaging Device Functions 13.0 (Version: 13.0)

HP OfficeJet L7400 Series (Version: 13.0)

HP Product Detection (x32 Version: 11.14.0001)

HP Smart Web Printing 4.51 (Version: 4.51)

HP Solution Center 13.0 (Version: 13.0)

HP Update (x32 Version: 5.005.000.002)

HPDiagnosticAlert (x32 Version: 1.00.0000)

HPProductAssistant (x32 Version: 130.0.371.000)

HPSSupply (x32 Version: 130.0.371.000)

HyperCam 2 (x32 Version: 2.25.01)

ImgBurn (x32 Version: 2.5.7.0)

Intel® Control Center (x32 Version: 1.2.1.1007)

Intel® Rapid Storage Technology (x32 Version: 9.6.0.1014)

Intel® Turbo Boost Technology Driver (x32 Version: 01.01.01.1007)

Java 7 Update 45 (x32 Version: 7.0.450)

Java Auto Updater (x32 Version: 2.1.9.8)

Java 6 Update 20 (64-bit) (Version: 6.0.200)

Java 6 Update 24 (x32 Version: 6.0.240)

Java 6 Update 3 (x32 Version: 1.6.0.30)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374)

L7400 (x32 Version: 130.0.000.000)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

MarketResearch (x32 Version: 130.0.374.000)

Media Gallery (Version: 1.4.0.16250)

Mesh Runtime (x32 Version: 15.4.5722.2)

Messenger Companion (x32 Version: 15.4.3502.0922)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office 2010 Service Pack 1 (SP1) (x32)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)

MPM (x32 Version: 1.00.0000)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)

MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)

MultiScreen (x32 Version: 1.00.0000)

MyFreeCodec (HKCU)

NVIDIA 3D Vision Driver 331.65 (Version: 331.65)

NVIDIA Control Panel 331.65 (Version: 331.65)

NVIDIA GeForce Experience 1.7 (Version: 1.7)

NVIDIA Graphics Driver 331.65 (Version: 331.65)

NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.140.952)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA PhysX (x32 Version: 9.13.0725)

NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)

NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)

NVIDIA Update 9.3.16 (Version: 9.3.16)

NVIDIA Update Components (Version: 9.3.16)

NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)

OCR Software by I.R.I.S. 13.0 (Version: 13.0)

PMB (x32 Version: 5.3.00.06040)

PMB VAIO Edition plug-in (Click to Disc) (Version: 3.4.00.12020)

PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.4.00.12020)

ProductContext (x32 Version: 130.0.000.000)

PVSonyDll (Version: 1.00.0001)

QuickTime (x32 Version: 7.71.80.42)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6098)

Remote Keyboard (x32 Version: 1.1.1.03020)

Remote Play with PlayStation 3 (x32 Version: 1.1.0.12240)

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.1)

Samsung Kies (x32 Version: 2.6.0.13091_9)

Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0)

Samsung_MonSetup (x32 Version: 1.00.0000)

Scan (x32 Version: 13.0.0.0)

SHIELD Streaming (Version: 1.6.34)

Shop for HP Supplies (Version: 13.0)

Skype Click to Call (x32 Version: 6.13.13771)

Skype™ 6.6 (x32 Version: 6.6.106)

SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090)

SmartWebPrinting (x32 Version: 130.0.457.000)

SolutionCenter (x32 Version: 130.0.373.000)

Status (x32 Version: 130.0.469.000)

Toolbox (x32 Version: 130.0.648.000)

TradeStation 9.1 (x32 Version: 9.01.00.12536)

TrayApp (x32 Version: 130.0.422.000)

TuneUp Utilities (x32 Version: 9.0.6020.7)

TuneUp Utilities Language Pack (en-GB) (x32 Version: 9.0.6020.7)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2494150) (x32)

Update for Microsoft Office 2010 (KB2553065) (x32)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2566458) (x32)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)

USB Video/Audio Device Driver (x32 Version: 1.00.0000)

VAIO - Media Gallery (x32 Version: 1.4.3.16250)

VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.03020)

VAIO - PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.4.00.12130)

VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.4.00.12020)

VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.4.00.12130)

VAIO - Remote Keyboard (x32 Version: 1.0.1.03020)

VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.12240)

VAIO - Xperia Link (x32 Version: 1.1.2.08070)

VAIO Care (Version: 8.1.0.10120)

VAIO Control Center (x32 Version: 4.3.0.05310)

VAIO Data Restore Tool (x32 Version: 1.4.0.05240)

VAIO DVD Menu Data (x32 Version: 2.3.00.12130)

VAIO Gate (x32 Version: 2.4.1.09230)

VAIO Gate Default (x32 Version: 2.2.0.07020)

VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230)

VAIO Manual (x32 Version: 1.1.0.05280)

VAIO Media plus (Version: 2.1.0)

VAIO Media plus (x32 Version: 2.1.0.18210)

VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220)

VAIO Movie Story Template Data (x32 Version: 2.3.00.06040)

VAIO Movie Story Template Data (x32 Version: 2.4.00.12130)

VAIO Sample Contents (x32 Version: 1.3.0.06041)

VAIO screensaver (x32 Version: 1.0.0.0)

VAIO Smart Network (x32 Version: 3.3.1.08110)

VAIO Transfer Support (x32 Version: 1.2.0.06230)

VAIO Update (x32 Version: 6.3.0.08010)

Viber (HKCU Version: 3.0.0.133634)

VU5x64 (Version: 1.1.0)

VU5x86 (x32 Version: 1.0.0)

VU5x86 (x32 Version: 1.1.0)

WebReg (x32 Version: 130.0.132.017)

WIDCOMM Bluetooth Software (Version: 6.3.0.5600)

Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)

Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (Version: 02/06/2007 3.1)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3555.0308)

Windows Live Family Safety (Version: 15.4.3555.0308)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3555.0308)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Mesh (x32 Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)

Windows Live Messenger (x32 Version: 15.4.3538.0513)

Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live Sync (x32 Version: 14.0.8117.416)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

XperiaLinkx86 (x32 Version: 1.0.0)

==================== Restore Points =========================

29-10-2013 07:44:06 Windows Update

01-11-2013 09:48:27 Windows Update

04-11-2013 14:32:58 Installed Java 7 Update 45

05-11-2013 09:00:42 Windows Update

09-11-2013 11:49:18 Windows Update

10-11-2013 17:54:58 Installed Samsung Story Album Viewer

==================== Hosts content: ==========================

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {08F9443F-7C01-4693-AC05-41C90A8E053F} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {0A7275D7-3517-4521-A136-02DD19A4601E} - System32\Tasks\{E7EB3878-1A35-4B0B-9EF3-3A1408D21D2D} => C:\Program Files (x86)\TradeStation 9.1\Program\ORPlat.exe [2013-09-24] (TradeStation Technologies, Inc.)

Task: {10F76699-846B-45AF-9B4A-EA4C600C1B32} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)

Task: {114E067F-9835-4C2A-AFD0-C5D42AF33431} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {11DFC40F-4E8C-462B-B57B-94F77AAB7B76} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)

Task: {13A5ECC6-ED51-43CD-8977-ED38D5F3F0E2} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music user => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2010-11-05] (Sony Corporation)

Task: {165E9112-3E2B-4CD9-A4BD-377E171FB26B} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

Task: {1DEF33BB-6B98-4FFC-B5C6-440B7A5C7CCD} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)

Task: {2D2A5A64-A501-4617-ADAB-DFC6A909BB2B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {336DA3FF-148B-472E-846F-3D143D7B6821} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)

Task: {4C4D0452-8C01-466A-9191-87D6CA13E240} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)

Task: {4E27E9E4-3C70-4C41-8DA4-468F509CB987} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {58791A18-EA68-4B97-8166-B89485D09DC7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)

Task: {62B5614A-F9D2-4252-8181-CBA1D2FA76C1} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {6B255612-4C8E-46D1-9C27-49F196183900} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)

Task: {798A6C34-8103-4C01-8F5C-B39713D31D81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-30] (Google Inc.)

Task: {8359376C-40D8-4700-9C3C-61B7035167BE} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {9C518529-4F9F-4347-A977-B54F5363AFE5} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)

Task: {9C552F4A-DE13-4DB4-BD5B-8CB61A668D4A} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)

Task: {A115D250-D2F2-4885-9F88-F5F96553751A} - System32\Tasks\TradeStation Backup - Monthly => C:\Program Files (x86)\TradeStation 9.1\Program\TSBackupRestore.exe [2013-09-24] (TradeStation Technologies, Inc.)

Task: {AC72C0CE-533E-48B6-9A47-3A4D00A56A39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)

Task: {ACBCEBA0-5A79-40ED-9E9E-507193445A74} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)

Task: {C41D01C3-0005-463D-B225-D74A8DB56148} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-30] (Google Inc.)

Task: {C5CCEB86-2BB0-41AD-BD9B-FCCDE0A426D1} - System32\Tasks\TradeStation Backup - Weekly => C:\Program Files (x86)\TradeStation 9.1\Program\TSBackupRestore.exe [2013-09-24] (TradeStation Technologies, Inc.)

Task: {C902A88F-45B8-4729-B1FC-1AE82A45E01B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2011-11-15] (TuneUp Software)

Task: {D8171E5F-C7B0-4AFF-979C-23DD10678898} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe

Task: {E1FC24E8-2C2C-47C0-A905-BEF6E5C1AEC4} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)

Task: {E54A9D0B-D560-4292-BC88-BB2C142A53B8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [2011-05-10] (Hewlett-Packard)

Task: {E85D0960-2AE3-45A5-BF7E-D95A2AE9618B} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)

Task: {E99D47D2-76FB-4021-BAD4-FEA200BD75F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {F85F74B9-6C26-467D-98BC-FC1E59A419E3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {FB1E0727-D7D6-4D52-8793-AA6D8C90B0A5} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)

Task: {FBD3DBF8-4991-412F-B2FC-E6A7003F6CCE} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\TradeStation Backup - Monthly.job => C:\Program Files (x86)\TradeStation 9.1\Program\TSBackupRestore.exe

Task: C:\Windows\Tasks\TradeStation Backup - Weekly.job => C:\Program Files (x86)\TradeStation 9.1\Program\TSBackupRestore.exe

==================== Loaded Modules (whitelisted) =============

2013-10-02 22:30 - 2013-10-02 22:30 - 00241664 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node

2013-04-24 12:05 - 2013-04-24 12:05 - 00268288 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node

2013-04-24 12:05 - 2013-04-24 12:05 - 00233984 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node

2012-07-12 11:37 - 2012-07-12 11:37 - 01380864 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\node_modules\libxmljs\build\Release\libxmljs.node

2012-06-26 08:40 - 2012-06-26 08:40 - 00068096 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.3.1.7.bt.1.3\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node

2010-06-12 10:27 - 2010-06-12 10:27 - 00135168 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\Extension\MrsMpegParser.dll

2010-11-30 03:29 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll

2010-11-30 03:29 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll

2011-03-11 22:00 - 2009-08-11 13:54 - 00094208 _____ () C:\Program Files (x86)\MultiScreen\TitleBar.dll

2011-03-11 22:00 - 2009-08-11 13:54 - 00053248 _____ () C:\Program Files (x86)\MultiScreen\SmartMouseDll.dll

2011-03-11 22:00 - 2009-08-11 13:56 - 00053248 _____ () C:\Program Files (x86)\MultiScreen\MGResEng.dll

2013-11-08 09:33 - 2013-07-31 19:07 - 12632576 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\libViber.dll

2013-11-08 09:33 - 2013-04-30 09:48 - 00679936 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\libGLESv2.dll

2013-11-08 09:33 - 2013-04-30 09:48 - 00060416 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\libEGL.dll

2013-11-08 09:33 - 2013-04-30 09:53 - 00821760 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\platforms\qwindows.dll

2013-11-08 09:33 - 2013-04-30 09:52 - 00022016 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qgif.dll

2013-11-08 09:33 - 2013-04-30 09:53 - 00021504 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qico.dll

2013-11-08 09:33 - 2013-04-30 09:53 - 00205312 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qjpeg.dll

2013-11-08 09:33 - 2013-04-30 09:55 - 00218624 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qmng.dll

2013-11-08 09:33 - 2013-04-30 09:53 - 00016384 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qsvg.dll

2013-11-08 09:33 - 2013-04-30 09:55 - 00015872 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qtga.dll

2013-11-08 09:33 - 2013-04-30 09:55 - 00282112 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qtiff.dll

2013-11-08 09:33 - 2013-04-30 09:55 - 00015360 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\imageformats\qwbmp.dll

2013-11-08 09:33 - 2013-04-30 09:52 - 00557056 _____ () C:\Users\user\AppData\Local\Viber\3.1.1.60\sqldrivers\qsqlite.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll

2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll

2013-08-15 06:55 - 2013-08-15 06:55 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\44bfa824a3b8a6f789fda79a2e01a8db\IsdiInterop.ni.dll

2010-10-11 20:03 - 2010-03-04 03:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2009-12-29 08:59 - 2009-12-29 08:59 - 00344130 _____ () C:\Program Files (x86)\TradeStation 9.1\Program\SQLITE3.dll

2009-12-29 08:59 - 2009-12-29 08:59 - 00134144 _____ () C:\Program Files (x86)\TradeStation 9.1\Program\zlib1.dll

2013-09-24 15:09 - 2013-09-24 15:09 - 00148992 _____ () C:\Program Files (x86)\TradeStation 9.1\Program\tssess.dll

2013-10-16 13:31 - 2013-10-09 00:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll

2013-10-16 13:31 - 2013-10-09 00:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll

2013-10-16 13:31 - 2013-10-09 00:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll

2013-10-16 13:31 - 2013-10-09 00:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll

2013-10-16 13:31 - 2013-10-09 00:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll

2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

2013-09-03 13:53 - 2013-09-03 13:53 - 00305520 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll

2012-07-27 20:51 - 2012-07-27 20:51 - 06549432 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\authplay.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (11/11/2013 08:15:53 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2013 07:46:45 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8

Error: (11/11/2013 07:46:44 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8

Error: (11/08/2013 00:20:10 PM) (Source: Application Hang) (User: )

Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 120c

Start Time: 01cedbdee1feaa14

Termination Time: 1993

Application Path: C:\Windows\Explorer.EXE

Report Id: 12eedc47-4870-11e3-bdd1-889ffae4624f

Error: (11/08/2013 08:02:38 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2013 08:02:34 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2013 08:02:31 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2013 08:02:26 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2013 00:27:51 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2013 05:37:36 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:

=============

Error: (11/11/2013 07:40:17 AM) (Source: Service Control Manager) (User: )

Description: The VAIO Care Performance Service service hung on starting.

Error: (11/11/2013 07:34:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll

Error Code: 126

Error: (11/11/2013 07:34:23 AM) (Source: EventLog) (User: )

Description: The previous system shutdown at 18:35:59 on ‎10/‎11/‎2013 was unexpected.

Error: (11/10/2013 10:07:55 AM) (Source: Service Control Manager) (User: )

Description: The VAIO Care Performance Service service hung on starting.

Error: (11/10/2013 10:04:18 AM) (Source: Service Control Manager) (User: )

Description: The VAIO Media plus Device Searcher service terminated with the following error:

%%-2147467259

Error: (11/10/2013 10:04:18 AM) (Source: DCOM) (User: )

Description: 1053SpfService{A13E129C-F190-4B14-9AD5-A6C09004E43E}

Error: (11/10/2013 10:04:10 AM) (Source: Service Control Manager) (User: )

Description: The VAIO Entertainment Common Service service failed to start due to the following error:

%%1053

Error: (11/10/2013 10:04:10 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the VAIO Entertainment Common Service service to connect.

Error: (11/10/2013 10:03:02 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll

Error Code: 126

Error: (11/10/2013 10:03:00 AM) (Source: EventLog) (User: )

Description: The previous system shutdown at 21:23:40 on ‎09/‎11/‎2013 was unexpected.

Microsoft Office Sessions:

=========================

Error: (11/11/2013 08:15:53 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (11/11/2013 07:46:45 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8

C:\Program Files (x86)\Samsung\Kies\Kies.exe

Error: (11/11/2013 07:46:44 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x800700d8

C:\Program Files (x86)\Samsung\Kies\Kies.exe

Error: (11/08/2013 00:20:10 PM) (Source: Application Hang)(User: )

Description: Explorer.EXE6.1.7601.17567120c01cedbdee1feaa141993C:\Windows\Explorer.EXE12eedc47-4870-11e3-bdd1-889ffae4624f

Error: (11/08/2013 08:02:38 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (11/08/2013 08:02:34 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (11/08/2013 08:02:31 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (11/08/2013 08:02:26 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (11/08/2013 00:27:51 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/07/2013 05:37:36 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

==================== Memory info ===========================

Percentage of memory in use: 75%

Total physical RAM: 4076.93 MB

Available physical RAM: 1003.59 MB

Total Pagefile: 8152.04 MB

Available Pagefile: 3773.75 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.81 GB) (Free:86.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: FCB4CFCB)

Partition 1: (Not Active) - (Size=13 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Psychotic · November 11, 2013

Fix with FRST (normal mode)

Open notepad (Start =>All Programs => Accessories => Notepad).
Please copy the entire contents of the code box below.
(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).

Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

C:\Program Files (x86)\Connect_DLC_5C:\Users\user\AppData\Local\Temp\dlm6CE.tmpC:\Users\user\AppData\LocalLow\Connect_DLC_5C:\Users\user\Documents\Computer\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exeC:\Users\user\AppData\Local\Temp\jzgcxqye.dll

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner

Please download AdwCleaner to your desktop.

Run adwcleaner.exe
Hit Scan and wait for the scan to finish.
Confirm the message but don´t uncheck anything.
Hit Clean
When the run is finished, it will open up a text file
Please post its contents within your next reply
You´ll find the log file at C:\AdwCleaner[s1].txt also

SecurityCheck

Please download SecurityCheck: LINK1 LINK2

Save it to your desktop, start it and follow the instructions in the window.
After the scan finished the (checkup.txt) will open. Copy its content to your thread.

RicardoJC · November 11, 2013

I think that worked ok - here is the fix.log. I'll run Adwcleaner now.

R

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013 01

Ran by user at 2013-11-11 08:58:31 Run:1

Running from C:\Users\user\Downloads

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

C:\Program Files (x86)\Connect_DLC_5C:\Users\user\AppData\Local\Temp\dlm6CE.tmpC:\Users\user\AppData\LocalLow\Connect_DLC_5C:\Users\user\Documents\Computer\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exeC:\Users\user\AppData\Local\Temp\jzgcxqye.dll

*****************

"C:\Program Files (x86)\Connect_DLC_5C:\Users\user\AppData\Local\Temp\dlm6CE.tmpC:\Users\user\AppData\LocalLow\Connect_DLC_5C:\Users\user\Documents\Computer\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exeC:\Users\user\AppData\Local\Temp\jzgcxqye.dll" => File/Directory not found.

==== End of Fixlog ====

Psychotic · November 11, 2013

No, it didn´t.

You´ve copied the lines into one single line so FRST couldn´t find the files.

Please repeat, it has to look like within my last reply, one line after the other.

RicardoJC · November 11, 2013

Sorry. I copied it from the e-mail, not from the link above. Here is the text - I hope it is correct this time. Do you want me to run Adwcleaner again now?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013 01

Ran by user at 2013-11-11 09:46:14 Run:2

Running from C:\Users\user\Downloads

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

C:\Program Files (x86)\Connect_DLC_5

C:\Users\user\AppData\Local\Temp\dlm6CE.tmp

C:\Users\user\AppData\LocalLow\Connect_DLC_5

C:\Users\user\Documents\Computer\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exe

C:\Users\user\AppData\Local\Temp\jzgcxqye.dll

*****************

"C:\Program Files (x86)\Connect_DLC_5" => File/Directory not found.

C:\Users\user\AppData\Local\Temp\dlm6CE.tmp => Moved successfully.

"C:\Users\user\AppData\LocalLow\Connect_DLC_5" => File/Directory not found.

C:\Users\user\Documents\Computer\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exe => Moved successfully.

C:\Users\user\AppData\Local\Temp\jzgcxqye.dll => Moved successfully.

==== End of Fixlog ====

Psychotic · November 11, 2013

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner

Please download AdwCleaner to your desktop.

Run adwcleaner.exe
Hit Scan and wait for the scan to finish.
Confirm the message but don´t uncheck anything.
Hit Clean
When the run is finished, it will open up a text file
Please post its contents within your next reply
You´ll find the log file at C:\AdwCleaner[s1].txt also

SecurityCheck

Please download SecurityCheck: LINK1 LINK2

Save it to your desktop, start it and follow the instructions in the window.
After the scan finished the (checkup.txt) will open. Copy its content to your thread.

RicardoJC · November 11, 2013

Great. This is what it looks like now.

First adwcleanerlog

# AdwCleaner v3.012 - Report created 11/11/2013 at 10:04:19

# Updated 11/11/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : user - RJC-VAIO

# Running from : C:\Users\user\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

Deleted : search_url

Deleted : suggest_url

Deleted : keyword

*************************

AdwCleaner[R0].txt - [4822 octets] - [06/11/2013 17:11:55]

AdwCleaner[R1].txt - [3492 octets] - [11/11/2013 09:09:39]

AdwCleaner[R2].txt - [1173 octets] - [11/11/2013 09:59:23]

AdwCleaner[s0].txt - [4828 octets] - [06/11/2013 17:21:57]

AdwCleaner[s1].txt - [3487 octets] - [11/11/2013 09:15:18]

AdwCleaner[s2].txt - [1007 octets] - [11/11/2013 10:04:19]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1067 octets] ##########

Second, Security Check log

Results of screen317's Security Check version 0.99.76

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 10

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.75.0.1300

TuneUp Utilities

TuneUp Utilities Language Pack (en-GB)

TuneUp Utilities

Java 6 Update 24

Java 7 Update 45

Java 6 Update 3

Adobe Flash Player 11.9.900.117

Adobe Reader 10.1.8 Adobe Reader out of Date!

Google Chrome 30.0.1599.101

Google Chrome 30.0.1599.69

````````Process Check: objlist.exe by Laurent````````

Malwarebytes' Anti-Malware mbamscheduler.exe

Kaspersky Lab Kaspersky Internet Security 2012 avp.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 2%

````````````````````End of Log``````````````````````

Psychotic · November 11, 2013

Your system is clean!

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.

Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
Run setup and follow the instructions.
Click upon Start-->control panel-->add/remove programs.
Search for and remove any older reader versions.

Uninstall our tools using delfix

Please follow these steps in order:

In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
In any case please download delfix to your desktop.
- Close all other programms and start delfix.
- Please check all the boxes and run the tool.
- delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.

How to protect yourself

System Updates
Beeing up to date is very important. Please be sure to activate automatic updates in your control panel.
Windows XP | Windows Vista |
Windows 7 | windows 8
Protection
What you need is one (not more) good virus scanner with backgroud protection. Additionally I recommend a special malwarescanner that you run from time to time.
Personally I am using the avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer you good protection for free use. But please remember: You get only the full protection if you use the payed versions of your security software.
Up to date Software
Stay up to date with all the programs you use. Some of those really have to have an eye on are: your browser(s) including add-ons and plug-ins, Java, Flash Player, your virus scanner, and basically every software you use often. These link may help you to check:
- Secunia Online Software Inspector - Checks if your software has updates available.
- Filehippo Update Checkere - This tool also scans your computer for outdated software.
- Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins in your Firefox browser.
[*] Backups
There are chances for an emergency every day. So be prepared. Back up your data on a regular basis. If you burn it to DVDs from time to time, use a cloud-drive or a professional network backup system is your choice. [*] Brains
It's no joke! You really need one of those things. It is very important not just to click anywhere it is colored or flashing while you surfing on the web. Do not click an OK button on any popping window without reading what it says. While installing software always choose the custom mode, read what those windows says and uncheck adware that will be installed along the software you want.

RicardoJC · November 11, 2013

Marius,

Many thanks indeed.

Windows Update is on: last update yesterday.

Protection. I have the paid version of Malwarebytes. I will look at the Avast! as well - thank you.

Up to date software. This is a weakness. Sometimes I don't check. Thanks for the links.

Backups. I backup once a month onto 2 x 2Tb WD HDDs (2 - in case one fails!). The last backup was last week. I don't use the Cloud as our internet connection is too slow.

Brains. I thought I was pretty 'savvy' (wise) but I have previously ignored your good advice (even when downloading Adobe Reader today I forgot to uncheck a Norton AntiVirus download!). So yes, this is the weakest spot. I am also conscious that I may have picked up something when in Eastern Europe on business - I use a flashdrive to transfer presentations and although Kaspersky is pretty good some nasty stuff may have got through.

I have taken the liberty of making a small Paypal donation in gratitude for your help.

Best wishes

R

Psychotic · November 11, 2013

Thank you very much!

AdvancedSetup · November 15, 2013

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Came late to the party....

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information