Jump to content

Scorpion Saver will not uninstall

Recommended Posts



I recently found two separate programs with the same name "scorpion saver" when I opened up my programs and features window. When I tried to uninstall, it says "The feature you are trying to use is on a network resource that is unavailable" and will not let me proceed. I have already ran Malwarebytes full scans and was not able to remove. The following is my DDS report. Please advice. Thank you. 


DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.45.2
Run by Jeff at 12:02:22 on 2014-01-19
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8078.4892 [GMT -5:00]
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Internet Security 2013 *Enabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
SP: 360 Internet Security 2013 *Enabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files\360\360 Internet Security\360rps.exe
C:\Program Files\360\360 Internet Security\deepscan\zhudongfangyu.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe
C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files (x86)\ArcGIS\License10.1\bin\ARCGIS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\360\360 Internet Security\360sd.exe
C:\Program Files\360\360 Internet Security\360rp.exe
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\360\360 Internet Security\safemon\360tray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
============== Pseudo HJT Report ===============
uStart Page = about:blank
mStart Page = about:blank
uProxyOverride = <local>;*.local
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [Akamai NetSession Interface] "C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe"
uRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
uRun: [360sd] "C:\Program Files\360\360 Internet Security\360sdrun.exe"
uRun: [Google Update] "C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [spotify Web Helper] "C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: dell.com
TCP: NameServer =
TCP: Interfaces\{5185BC43-9369-4E89-999B-C33F9D0A9A2A} : NameServer =  
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D} : DHCPNameServer =
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\05271647470294E637479647574756 : DHCPNameServer =
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\0527164747355636572756 : DHCPNameServer =
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\14962707F627470264275656027596D26496 : DHCPNameServer =
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\23332334166656C416474756 : DHCPNameServer =
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\3596E6764756C673030323D224834324 : DHCPNameServer =
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\4554C4553513235343 : DHCPNameServer =
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\65944454F44525F4E453837333 : DHCPNameServer =
TCP: Interfaces\{7515AD1C-116A-41FE-9665-AC7AD702E858} : DHCPNameServer =
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [360sd] "C:\Program Files\360\360 Internet Security\360sdrun.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: EnableSecureUIAPath = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
================= FIREFOX ===================
FF - ProfilePath - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - 
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll
FF - plugin: C:\Users\Jeff\AppData\Local\Google\Update\\npGoogleUpdate3.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
============= SERVICES / DRIVERS ===============
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-8-31 644968]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2014-1-12 32544]
R1 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\System32\Drivers\360AntiHacker64.sys [2013-9-15 97480]
R1 360Box64;360Box mini-filter driver;C:\Windows\System32\Drivers\360Box64.sys [2013-9-15 305856]
R1 360Camera;360Safe Camera Filter Service;C:\Windows\System32\Drivers\360Camera64.sys [2013-9-15 41152]
R1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\System32\Drivers\360FsFlt.sys [2013-9-15 228544]
R1 BAPIDRV;BAPIDRV;C:\Windows\System32\Drivers\BAPIDRV64.SYS [2013-9-15 179904]
R1 nvkflt;nvkflt;C:\Windows\System32\Drivers\nvkflt.sys [2014-1-12 300320]
R2 360rp;360 Internet Security Real-time Protection Loading Service;C:\Program Files\360\360 Internet Security\360rps.exe [2013-9-15 295608]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-11-13 755240]
R2 ArcGIS License Manager;ArcGIS License Manager;C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [2012-1-5 1408904]
R2 AtherosSvc;AtherosSvc;C:\Windows\System32\AdminService.exe [2013-6-25 208384]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-5-27 99632]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-16 701512]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-2 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-1 15129376]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-18 411936]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-11-2 1042808]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-11-2 270704]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-11-15 1153840]
R2 ZhuDongFangYu;Proactive Defence;C:\Program Files\360\360 Internet Security\deepscan\ZhuDongFangYu.exe [2013-12-23 225216]
R3 360AvFlt;360AvFlt mini-filter driver;C:\Windows\System32\Drivers\360AvFlt.sys [2013-9-15 67272]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-11-13 156160]
R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-6-25 565760]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;C:\Windows\System32\Drivers\dtscsibus.sys [2013-8-31 29696]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2013-7-11 380680]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2013-9-13 21152]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\Drivers\ew_jubusenum.sys [2013-12-29 90112]
R3 i8042HDR;Keyboard Filter Driver;C:\Windows\System32\Drivers\i8042HDR.sys [2013-8-31 15920]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-8-31 169752]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2013-8-31 119528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-9-16 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\Drivers\nvvad64v.sys [2013-12-17 39200]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-8-31 34544]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC;C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-12-29 655712]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-11-13 156160]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]
S3 Disc Soft Bus Service;Disc Soft Bus Service;C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-6-25 632352]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\Drivers\ew_hwusbdev.sys [2013-12-29 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\Drivers\ew_usbenumfilter.sys [2013-12-29 13952]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-8-31 1471792]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\Drivers\ew_jucdcacm.sys [2013-12-29 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\Drivers\ew_juextctrl.sys [2013-12-29 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\Drivers\ew_juwwanecm.sys [2013-12-29 238080]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-11-15 272176]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-8-20 204568]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
=============== File Associations ===============
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
ShellExec: SC2Editor.exe: open="C:/Program Files (x86)/StarCraft II/Support/SC2Editor.exe" "%1"
ShellExec: SC2Switcher.exe: open="C:/Program Files (x86)/StarCraft II/Support/SC2Switcher.exe" "%1"
=============== Created Last 30 ================
2014-01-19 14:48:15 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10230.bin
2014-01-14 04:54:59 92272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
2014-01-13 03:06:35 -------- d-----w- C:\Windows\SysWow64\NV
2014-01-13 03:06:35 -------- d-----w- C:\Windows\System32\NV
2014-01-09 07:49:05 -------- d-----w- C:\Program Files (x86)\SkypeWebPlugin
2014-01-02 14:30:03 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Wargaming.net
2013-12-30 03:19:06 90112 ----a-w- C:\Windows\System32\drivers\ew_jubusenum.sys
2013-12-30 03:19:06 76800 ----a-w- C:\Windows\System32\drivers\ew_jucdcecm.sys
2013-12-30 03:19:06 450048 ----a-w- C:\Windows\System32\drivers\ewusbwwan.sys
2013-12-30 03:19:06 32768 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys
2013-12-30 03:19:06 30720 ----a-w- C:\Windows\System32\drivers\ew_juextctrl.sys
2013-12-30 03:19:06 238080 ----a-w- C:\Windows\System32\drivers\ew_juwwanecm.sys
2013-12-30 03:19:06 225920 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys
2013-12-30 03:19:06 22016 ----a-w- C:\Windows\System32\drivers\ew_hwupgrade.sys
2013-12-30 03:19:06 13952 ----a-w- C:\Windows\System32\drivers\ew_usbenumfilter.sys
2013-12-30 03:19:06 117248 ----a-w- C:\Windows\System32\drivers\ew_hwusbdev.sys
2013-12-30 03:19:06 104448 ----a-w- C:\Windows\System32\drivers\ew_jucdcacm.sys
2013-12-30 03:19:06 1001472 ----a-w- C:\Windows\System32\drivers\mod7700.sys
2013-12-28 03:51:52 -------- d-----w- C:\Users\Jeff\AppData\Local\SkypeWebPlugin
2013-12-27 08:20:54 -------- d-----w- C:\ProgramData\Mobile Partner
2013-12-27 08:20:41 1490656 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
2013-12-27 08:20:34 -------- d-----w- C:\Program Files (x86)\Mobile Partner
2013-12-27 08:20:17 -------- d-----w- C:\ProgramData\DatacardService
2013-12-23 00:46:47 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-12-23 00:46:47 -------- d-----w- C:\Program Files (x86)\StarCraft II
2013-12-23 00:46:47 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-12-23 00:46:13 -------- d-----w- C:\ProgramData\Battle.net
==================== Find3M  ====================
2014-01-09 08:02:07 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-09 08:02:07 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44 67072 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2013-12-19 18:53:44 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-12-19 18:53:44 1065248 ----a-w- C:\Windows\System32\nv3dappshext.dll
2013-12-19 05:01:48 3539040 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-12-19 04:20:22 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-12-10 03:49:34 179904 ----a-w- C:\Windows\System32\drivers\BAPIDRV64.SYS
2013-12-10 02:13:11 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-12-09 02:04:01 41152 ----a-w- C:\Windows\System32\drivers\360Camera64.sys
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-29 07:55:21 228544 ----a-w- C:\Windows\System32\drivers\360FsFlt.sys
2013-11-29 07:55:11 305856 ----a-w- C:\Windows\System32\drivers\360Box64.sys
2013-11-27 12:10:43 97480 ----a-w- C:\Windows\System32\drivers\360AntiHacker64.sys
2013-11-23 06:43:58 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-14 11:58:09 1884448 ----a-w- C:\Windows\System32\nvdispco6433182.dll
2013-11-14 11:58:09 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433182.dll
2013-11-06 23:18:57 4036608 ----a-w- C:\Windows\System32\win32k.sys
2013-11-05 00:48:47 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-01 05:38:21 312320 ----a-w- C:\Windows\System32\msieftp.dll
2013-11-01 03:49:24 273408 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-31 05:56:24 915968 ----a-w- C:\Windows\System32\MPSSVC.dll
2013-10-31 05:56:02 758784 ----a-w- C:\Windows\System32\FirewallAPI.dll
2013-10-31 04:01:46 550400 ----a-w- C:\Windows\SysWow64\FirewallAPI.dll
2013-10-31 03:42:19 74752 ----a-w- C:\Windows\System32\drivers\mpsdrv.sys
2013-10-28 05:50:42 588288 ----a-w- C:\Windows\System32\SHCore.dll
2013-10-28 04:05:52 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-10-25 06:19:12 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-23 10:30:23 1884448 ----a-w- C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433165.dll
============= FINISH: 12:02:38.02 ===============
DDS (Ver_2012-11-20.01)
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 8/31/2013 8:54:51 PM
System Uptime: 1/19/2014 11:42:47 AM (1 hours ago)
Motherboard: ASUSTeK COMPUTER INC. |  | N56VJ
Processor: Intel® Core i7-3630QM CPU @ 2.40GHz | SOCKET 0 | 2401/100mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 245 GiB total, 80.305 GiB free.
D: is FIXED (NTFS) - 231 GiB total, 139.523 GiB free.
E: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP45: 12/27/2013 9:59:30 PM - Scheduled Checkpoint
RP46: 1/5/2014 11:37:30 AM - Scheduled Checkpoint
RP47: 1/9/2014 2:48:58 AM - Windows Update
RP48: 1/15/2014 1:50:54 AM - Windows Update
==== Installed Programs ======================
360 Internet Security
7-Zip 9.22beta
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Widget Browser
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcGIS 10.1 for Desktop
ArcGIS 10.1 License Manager
AutoCAD 2014 - English
AutoCAD 2014 Language Pack - English
Autodesk 360
Autodesk App Manager
Autodesk AutoCAD 2014 - English
Autodesk AutoCAD 2014 - English SP1
Autodesk AutoCAD Map 3D 2014
Autodesk AutoCAD Map 3D 2014 Language Pack
Autodesk Autodesk AutoCAD Map 3D 2014
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Featured Apps
Autodesk Material Library 2014
Autodesk Material Library Base Resolution Image Library 2014
Autodesk Material Library Low Resolution Image Library 2014
Autodesk Material Library Medium Resolution Image Library 2014
Autodesk ReCap
Autodesk ReCap Language Pack-English
Autodesk Revit 2014
Autodesk Vasari Beta 3
Autodesk Workflows 2014
Classic Shell
DAEMON Tools Ultra
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dota 2
ESET Online Scanner v3
ETDWare PS/2-X64
FARO LS 1.1.501.0 (64bit)
GeForce Experience NvStream Client Components
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
IBM SPSS Statistics 22
Intel PROSet Wireless
Intel® Processor Graphics
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® PROSet/Wireless WiFi Software
Java 7 Update 45
Java Auto Updater
K-Lite Mega Codec Pack 10.0.5
League of Legends
Malwarebytes Anti-Malware version
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2012 Native Client 
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mobile Partner
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
NVIDIA 3D Vision Driver 332.21
NVIDIA Control Panel 332.21
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 332.21
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 10.11.15
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
Pando Media Booster
PDF Settings CS6
Qualcomm Atheros Client Installation Program
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Realtek High Definition Audio Driver
Revit 2014
Revit 2014 Language Pack - English
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SHIELD Streaming
SketchUp 2013
SketchUp Import for AutoCAD 2014
Skype Web Plugin
Skype™ 6.11
StarCraft II
Tweaking.com - Windows Repair (All in One)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Vasari Beta 3
Vasari Beta 3 Language Pack - English
Vasari Prototype CFD Visualisation Plug-in
Vasari Solar Radiation Plug-in
Vasari STL Export Plug-in
Vasari Wind Analysis Plug-in
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
VLC media player 2.0.6
VLC media player 2.1.2
WD Drive Utilities
WD Quick View
WD Security
WD SmartWare
WD SmartWare Installer
WinRAR archiver
World of Tanks
ZipX V3.01
==== Event Viewer Messages From Past Week ========
1/19/2014 11:42:54 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. OUC service to connect.
1/19/2014 11:42:54 AM, Error: Service Control Manager [7000]  - The Mobile Partner. OUC service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
==== End Of File ===========================


Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.


New window that comes up.



Link to post
Share on other sites

Here is the FRST report:


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 03
Ran by Jeff (administrator) on PO-PC on 19-01-2014 12:36:59
Running from C:\Users\Jeff\Desktop\FARBAR
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360rps.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\deepscan\ZhuDongFangYu.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Flexera Software, Inc.) C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Flexera Software, Inc.) C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.1\bin\ARCGIS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360sd.exe
(Akamai Technologies, Inc.) C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360rp.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Jeff\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Jeff\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-08-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-08-31] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [360sd] - C:\Program Files\360\360 Internet Security\360sdrun.exe [273848 2013-12-11] (Qihu 360 Software Co., Ltd.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-08-12] (Autodesk, Inc.)
HKCU\...\Run: [360sd] - C:\Program Files\360\360 Internet Security\360sdrun.exe [273848 2013-12-11] (Qihu 360 Software Co., Ltd.)
HKCU\...\Run: [Google Update] - C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-08] (Google Inc.)
HKCU\...\Run: [spotify Web Helper] - C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-19] (Spotify Ltd)
HKCU\...\Policies\Explorer: [] 
AppInit_DLLs: C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {E365ED18-FAD8-474D-9042-3EC8AE3644BF} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=586383&p={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{5185BC43-9369-4E89-999B-C33F9D0A9A2A}: [NameServer] 
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default
FF Homepage: www.google.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jeff\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jeff\AppData\Local\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jeff\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jeff\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Jeff\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-08-31]
CHR HomePage: 
CHR RestoreOnStartup: "translate_accepted_count": {
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (360 Internet Security 2013) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppagaglfkmlpgobnlenhknilehpmcbo\1.0_1\plugin/360webshield.dll (Qihu 360 Software Co., Ltd.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Extension: (Google Docs) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-01]
CHR Extension: (Google Drive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-01]
CHR Extension: (YouTube) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-01]
CHR Extension: (Google Search) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-01]
CHR Extension: (Google Wallet) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-01]
CHR Extension: (360 WebShield Plug-in) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppagaglfkmlpgobnlenhknilehpmcbo [2013-09-15]
CHR HKLM-x32\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - C:\Program Files\360\360 Internet Security\safemon\360webshield.crx [2013-09-15]
==================== Services (Whitelisted) =================
U2 360rp; C:\Program Files\360\360 Internet Security\360rps.exe [295608 2013-12-11] (Qihu 360 Software Co., Ltd.)
U2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [1408904 2012-01-05] (Flexera Software, Inc.)
U2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations)
U2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
U3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-06-25] (Disc Soft Ltd)
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-31] (ELAN Microelectronics Corp.)
U2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-06-17] ()
U3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
U3 scan; C:\Program Files\360\360 Internet Security\scan.dll [423144 2013-02-19] (S.C. BitDefender S.R.L)
U2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-02] (Western Digital Technologies, Inc.)
U2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
U2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation)
U2 ZhuDongFangYu; C:\Program Files\360\360 Internet Security\deepscan\zhudongfangyu.exe [225216 2013-11-27] (Qihu 360 Software Co., Ltd.)
==================== Drivers (Whitelisted) ====================
U1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [97480 2013-11-27] (Qihu 360 Software Co., Ltd.)
U3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [67272 2013-03-27] (Qihu 360 Software Co., Ltd.)
U1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305856 2013-11-29] (Qihu 360 Software Co., Ltd.)
U1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [41152 2013-12-08] (Qihu 360 Software Co., Ltd.)
U1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [228544 2013-11-29] (Qihu 360 Software Co., Ltd.)
U1 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV64.SYS [179904 2013-12-09] (Qihu 360 Software Co., Ltd.)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
U3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2013-08-31] (Disc Soft Ltd)
U3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-22] (Huawei Technologies Co., Ltd.)
U3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2013-08-31] (Windows ® Codename Longhorn DDK provider)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [300320 2013-12-19] (NVIDIA Corporation)
U3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-31] (Synaptics Incorporated)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
U3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 12:34 - 2014-01-19 12:36 - 00000000 ____D C:\Users\Jeff\Desktop\FARBAR
2014-01-19 12:02 - 2014-01-19 12:02 - 00029299 _____ C:\Users\Jeff\Desktop\dds.txt
2014-01-19 12:02 - 2014-01-19 12:02 - 00008164 _____ C:\Users\Jeff\Desktop\attach.txt
2014-01-19 12:00 - 2014-01-19 12:00 - 00688992 ____R (Swearware) C:\Users\Jeff\Desktop\dds.com
2014-01-19 11:40 - 2014-01-19 11:41 - 01236282 _____ C:\Users\Jeff\Desktop\AdwCleaner.exe
2014-01-19 09:37 - 2014-01-19 09:37 - 00021150 _____ C:\Users\Jeff\Desktop\557645af5f86aeac2b9f28501471a9b129db97b6.zip
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 ____D C:\Users\Jeff\Desktop\attachment
2014-01-19 00:13 - 2014-01-19 00:13 - 55321604 _____ C:\Users\Jeff\Desktop\stormwater_plan.ai
2014-01-19 00:13 - 2014-01-19 00:13 - 55191387 _____ C:\Users\Jeff\Desktop\programmingdraft.ai
2014-01-17 03:53 - 2014-01-17 03:54 - 01785961 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_lot_tree_parking [Converted].ai
2014-01-17 00:47 - 2014-01-17 00:47 - 00231807 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_LU [Converted].ai
2014-01-17 00:13 - 2014-01-17 00:13 - 00543107 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_flood [Converted].ai
2014-01-16 23:46 - 2014-01-16 23:47 - 00373508 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_publictrans [Converted].ai
2014-01-16 23:27 - 2014-01-16 23:27 - 00596711 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_zoning [Converted].ai
2014-01-16 22:43 - 2014-01-17 03:53 - 104168342 _____ C:\Users\Jeff\Desktop\Basemap_140116_site [Converted].ai
2014-01-16 21:43 - 2014-01-16 21:43 - 214960058 _____ C:\Users\Jeff\Desktop\Basemap_140116_site.ai
2014-01-16 01:15 - 2014-01-16 01:15 - 84941916 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace [Converted].ai
2014-01-16 01:11 - 2014-01-16 01:11 - 02720773 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace.ai
2014-01-15 23:53 - 2014-01-15 23:53 - 14803611 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].dwg
2014-01-15 23:49 - 2014-01-16 00:08 - 84847213 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].ai
2014-01-15 14:38 - 2014-01-15 23:39 - 59358838 _____ C:\Users\Jeff\Desktop\Basemap_140115.ai
2014-01-15 11:08 - 2014-01-15 11:24 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP05 (1)
2014-01-15 11:05 - 2014-01-15 11:05 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP05
2014-01-15 11:00 - 2014-01-15 11:01 - 13945361 _____ C:\Users\Jeff\Desktop\tl_2013_47_tract.zip
2014-01-15 00:47 - 2014-01-15 00:47 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_B02001
2014-01-14 23:37 - 2013-12-07 01:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-14 23:37 - 2013-12-07 01:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 23:37 - 2013-12-07 00:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-14 23:37 - 2013-12-07 00:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 23:37 - 2013-10-31 00:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-14 23:37 - 2013-10-31 00:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-14 23:37 - 2013-10-30 23:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-14 23:37 - 2013-10-30 22:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-14 23:37 - 2013-10-28 00:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-14 23:37 - 2013-10-27 23:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-14 23:37 - 2013-10-13 15:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-14 23:37 - 2013-08-27 00:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-14 23:37 - 2013-08-27 00:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-14 23:37 - 2013-08-26 17:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-14 23:37 - 2013-08-26 17:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-13 23:54 - 2014-01-13 23:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-13 10:13 - 2014-01-17 14:26 - 00000000 ____D C:\Users\Jeff\Desktop\GIS
2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\system32\NV
2014-01-12 09:35 - 2013-12-19 15:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-12 09:35 - 2013-12-19 15:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-01-12 09:35 - 2013-12-19 15:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-12 09:35 - 2013-12-19 15:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-09 02:49 - 2014-01-09 02:49 - 00000000 ____D C:\Program Files (x86)\SkypeWebPlugin
2014-01-02 09:30 - 2014-01-02 09:30 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Wargaming.net
2013-12-29 22:19 - 2012-04-25 22:04 - 00450048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2013-12-29 22:19 - 2012-04-22 20:58 - 00238080 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2013-12-29 22:19 - 2012-04-22 20:57 - 00104448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2013-12-29 22:19 - 2012-04-22 20:57 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2013-12-29 22:19 - 2012-04-22 20:57 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2013-12-29 22:19 - 2012-04-22 20:57 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2013-12-29 22:19 - 2011-12-30 20:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2013-12-29 22:19 - 2010-10-08 03:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2013-12-29 22:19 - 2010-09-26 05:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2013-12-29 22:19 - 2010-08-05 18:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2013-12-29 22:19 - 2010-07-26 20:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2013-12-29 22:19 - 2010-03-19 23:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2013-12-27 22:51 - 2013-12-27 22:51 - 00000000 ____D C:\Users\Jeff\AppData\Local\SkypeWebPlugin
2013-12-27 03:21 - 2013-12-27 03:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-12-27 03:20 - 2013-12-29 22:19 - 00000000 ____D C:\ProgramData\DatacardService
2013-12-27 03:20 - 2013-12-29 22:19 - 00000000 ____D C:\Program Files (x86)\Mobile Partner
2013-12-27 03:20 - 2013-12-27 03:20 - 00000000 ____D C:\ProgramData\Mobile Partner
2013-12-27 03:20 - 2011-08-16 03:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2013-12-22 19:46 - 2013-12-22 23:03 - 00000000 ____D C:\Users\Jeff\Documents\StarCraft II
2013-12-22 19:46 - 2013-12-22 19:53 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Battle.net
==================== One Month Modified Files and Folders =======
2014-01-19 12:37 - 2013-10-08 20:22 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001UA.job
2014-01-19 12:36 - 2014-01-19 12:34 - 00000000 ____D C:\Users\Jeff\Desktop\FARBAR
2014-01-19 12:35 - 2013-08-31 20:53 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Skype
2014-01-19 12:34 - 2013-09-15 21:02 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\360safe
2014-01-19 12:27 - 2013-11-04 10:24 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Spotify
2014-01-19 12:19 - 2013-09-01 01:04 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 12:04 - 2013-08-31 19:54 - 01294472 _____ C:\Windows\WindowsUpdate.log
2014-01-19 12:03 - 2013-11-27 16:42 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\ClassicShell
2014-01-19 12:02 - 2014-01-19 12:02 - 00029299 _____ C:\Users\Jeff\Desktop\dds.txt
2014-01-19 12:02 - 2014-01-19 12:02 - 00008164 _____ C:\Users\Jeff\Desktop\attach.txt
2014-01-19 12:00 - 2014-01-19 12:00 - 00688992 ____R (Swearware) C:\Users\Jeff\Desktop\dds.com
2014-01-19 12:00 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-19 11:48 - 2013-08-31 20:02 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2390293640-1901313879-3085246707-1001
2014-01-19 11:48 - 2012-07-26 02:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 11:43 - 2013-09-01 01:04 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 11:42 - 2013-09-16 09:13 - 00000000 ____D C:\AdwCleaner
2014-01-19 11:42 - 2013-09-01 10:30 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2014-01-19 11:42 - 2013-08-31 20:01 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 11:42 - 2013-08-31 19:52 - 01269316 _____ C:\Windows\PFRO.log
2014-01-19 11:42 - 2012-07-26 02:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 11:42 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-19 11:41 - 2014-01-19 11:40 - 01236282 _____ C:\Users\Jeff\Desktop\AdwCleaner.exe
2014-01-19 11:32 - 2013-09-03 08:37 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\vlc
2014-01-19 10:08 - 2013-09-15 23:20 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2014-01-19 09:37 - 2014-01-19 09:37 - 00021150 _____ C:\Users\Jeff\Desktop\557645af5f86aeac2b9f28501471a9b129db97b6.zip
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 ____D C:\Users\Jeff\Desktop\attachment
2014-01-19 00:13 - 2014-01-19 00:13 - 55321604 _____ C:\Users\Jeff\Desktop\stormwater_plan.ai
2014-01-19 00:13 - 2014-01-19 00:13 - 55191387 _____ C:\Users\Jeff\Desktop\programmingdraft.ai
2014-01-18 23:37 - 2012-07-26 02:21 - 00048351 _____ C:\Windows\setupact.log
2014-01-18 23:10 - 2013-12-18 14:56 - 00000000 ____D C:\Users\Jeff\Desktop\ULI Competition
2014-01-18 09:25 - 2013-11-04 10:24 - 00000000 ____D C:\Users\Jeff\AppData\Local\Spotify
2014-01-17 14:26 - 2014-01-13 10:13 - 00000000 ____D C:\Users\Jeff\Desktop\GIS
2014-01-17 13:37 - 2013-09-01 01:07 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Mozilla
2014-01-17 04:37 - 2013-10-08 20:22 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001Core.job
2014-01-17 04:21 - 2013-08-31 17:50 - 06204928 ___SH C:\Users\Jeff\Desktop\Thumbs.db
2014-01-17 03:54 - 2014-01-17 03:53 - 01785961 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_lot_tree_parking [Converted].ai
2014-01-17 03:53 - 2014-01-16 22:43 - 104168342 _____ C:\Users\Jeff\Desktop\Basemap_140116_site [Converted].ai
2014-01-17 02:35 - 2013-08-31 16:48 - 00000000 ____D C:\Users\Jeff\AppData\Local\PMB Files
2014-01-17 02:35 - 2013-08-31 16:48 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-17 00:47 - 2014-01-17 00:47 - 00231807 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_LU [Converted].ai
2014-01-17 00:13 - 2014-01-17 00:13 - 00543107 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_flood [Converted].ai
2014-01-16 23:47 - 2014-01-16 23:46 - 00373508 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_publictrans [Converted].ai
2014-01-16 23:27 - 2014-01-16 23:27 - 00596711 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_zoning [Converted].ai
2014-01-16 21:43 - 2014-01-16 21:43 - 214960058 _____ C:\Users\Jeff\Desktop\Basemap_140116_site.ai
2014-01-16 04:48 - 2013-08-31 09:30 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\BitTorrent
2014-01-16 03:06 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Jeff\Desktop\SAVI
2014-01-16 01:15 - 2014-01-16 01:15 - 84941916 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace [Converted].ai
2014-01-16 01:11 - 2014-01-16 01:11 - 02720773 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace.ai
2014-01-16 00:08 - 2014-01-15 23:49 - 84847213 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].ai
2014-01-15 23:53 - 2014-01-15 23:53 - 14803611 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].dwg
2014-01-15 23:39 - 2014-01-15 14:38 - 59358838 _____ C:\Users\Jeff\Desktop\Basemap_140115.ai
2014-01-15 13:06 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\rescache
2014-01-15 11:24 - 2014-01-15 11:08 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP05 (1)
2014-01-15 11:05 - 2014-01-15 11:05 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP05
2014-01-15 11:01 - 2014-01-15 11:00 - 13945361 _____ C:\Users\Jeff\Desktop\tl_2013_47_tract.zip
2014-01-15 01:52 - 2013-08-31 20:12 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 01:51 - 2013-08-31 20:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 01:51 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\WinStore
2014-01-15 00:47 - 2014-01-15 00:47 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_B02001
2014-01-13 23:55 - 2014-01-13 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-13 10:03 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\system32\NV
2014-01-12 09:37 - 2013-08-31 20:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-11 03:32 - 2013-08-31 17:50 - 00000775 _____ C:\Users\Jeff\Desktop\Movies to watch.txt
2014-01-09 03:02 - 2012-07-26 03:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 03:02 - 2012-07-26 03:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-09 02:49 - 2014-01-09 02:49 - 00000000 ____D C:\Program Files (x86)\SkypeWebPlugin
2014-01-08 08:40 - 2013-08-31 17:50 - 00011340 _____ C:\Users\Jeff\Desktop\Sharing List.xlsx
2014-01-02 09:30 - 2014-01-02 09:30 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Wargaming.net
2013-12-29 22:19 - 2013-12-27 03:20 - 00000000 ____D C:\ProgramData\DatacardService
2013-12-29 22:19 - 2013-12-27 03:20 - 00000000 ____D C:\Program Files (x86)\Mobile Partner
2013-12-28 21:59 - 2013-08-31 17:02 - 00000000 ____D C:\ProgramData\FLEXnet
2013-12-27 22:51 - 2013-12-27 22:51 - 00000000 ____D C:\Users\Jeff\AppData\Local\SkypeWebPlugin
2013-12-27 03:21 - 2013-12-27 03:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2013-12-27 03:20 - 2013-12-27 03:20 - 00000000 ____D C:\ProgramData\Mobile Partner
2013-12-25 22:37 - 2013-08-31 17:48 - 00000000 ____D C:\Users\Jeff\Desktop\Resume
2013-12-23 19:36 - 2013-11-08 01:42 - 00000000 ____D C:\Users\Jeff\Desktop\SAVI Data
2013-12-22 23:03 - 2013-12-22 19:46 - 00000000 ____D C:\Users\Jeff\Documents\StarCraft II
2013-12-22 19:53 - 2013-12-22 19:46 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Battle.net
Some content of TEMP:
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-17 13:21
==================== End Of Log ============================
Link to post
Share on other sites

Here is the Addition report:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 03
Ran by Jeff at 2014-01-19 12:37:30
Running from C:\Users\Jeff\Desktop\FARBAR
Boot Mode: Normal
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Internet Security 2013 (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Internet Security 2013 (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
360 Internet Security (x32 Version: - Qihu 360 Software Co., Ltd.)
7-Zip 9.22beta (x32 Version:  - )
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.0.0 - Adobe Systems)
Adobe AIR (x32 Version: - Adobe Systems Incorporated)
Adobe AIR (x32 Version: - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (x32 Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (x32 Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: - Apple Inc.)
Apple Software Update (x32 Version: - Apple Inc.)
ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.1 License Manager (x32 Version: 10.1.2891 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 License Manager (x32 Version: 10.1.2891 - Environmental Systems Research Institute, Inc.) Hidden
AutoCAD 2014 - English (Version: - Autodesk) Hidden
AutoCAD 2014 - English (Version: - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: - Autodesk) Hidden
Autodesk 360 (Version: - Autodesk)
Autodesk App Manager (x32 Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (Version: - Autodesk)
Autodesk AutoCAD 2014 - English SP1 (Version: 1 - Autodesk)
Autodesk AutoCAD Map 3D 2014 (Version: - Autodesk) Hidden
Autodesk AutoCAD Map 3D 2014 Language Pack (Version: - Autodesk) Hidden
Autodesk Autodesk AutoCAD Map 3D 2014 (Version: - Autodesk)
Autodesk Content Service (x32 Version: - Autodesk)
Autodesk Content Service (x32 Version: - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: - Autodesk) Hidden
Autodesk Featured Apps (x32 Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (x32 Version: - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (x32 Version: - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (x32 Version: - Autodesk)
Autodesk ReCap (Version: - Autodesk)
Autodesk ReCap (Version: - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: - Autodesk) Hidden
Autodesk Revit 2014 (Version: 13.07.22211 - Autodesk)
Autodesk Vasari Beta 3 (Version: 13.06.18120 - Autodesk)
Autodesk Workflows 2014 (Version: - Autodesk, Inc.)
BitTorrent (HKCU Version: - BitTorrent Inc.)
Bonjour (Version: - Apple Inc.)
Classic Shell (Version: 4.0.2 - IvoSoft)
DAEMON Tools Ultra (x32 Version: - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Dota 2 (x32 Version:  - Valve)
Dropbox (HKCU Version: 2.4.1 - Dropbox, Inc.)
EPSON Scan (x32 Version:  - )
ESET Online Scanner v3 (x32 Version:  - )
ETDWare PS/2-X64 (Version: - ELAN Microelectronic Corp.)
FARO LS 1.1.501.0 (64bit) (x32 Version: - FARO Scanner Production)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Earth (x32 Version: - Google)
Google Talk Plugin (x32 Version: - Google)
Google Update Helper (x32 Version: - Google Inc.) Hidden
IBM SPSS Statistics 22 (Version: - IBM Corp)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Processor Graphics (x32 Version: - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.05.7000.1709 - Intel Corporation)
iTunes (Version: - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: - Sun Microsystems, Inc.) Hidden
K-Lite Mega Codec Pack 10.0.5 (x32 Version: 10.0.5 - )
League of Legends (x32 Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version (x32 Version: - Malwarebytes Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mobile Partner (x32 Version: - Huawei Technologies Co.,Ltd)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 23.0.1 - Mozilla)
NVIDIA 3D Vision Driver 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
Pando Media Booster (x32 Version: - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: - Qualcomm Atheros Communications Inc.)
QuickTime (x32 Version: - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: - Realtek Semiconductor Corp.)
Revit 2014 (Version: 13.07.22211 - Autodesk) Hidden
Revit 2014 Language Pack - English (Version: 13.07.22211 - Autodesk) Hidden
ScorpionSaver (x32 Version: - Adpeak, Inc.) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
SketchUp 2013 (x32 Version: 13.0.3689 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (x32 Version: 1.1.0 - Autodesk)
Skype Web Plugin (x32 Version: 2.3.12417.17599 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU Version: - Spotify AB)
StarCraft II (x32 Version:  - Blizzard Entertainment)
Steam (x32 Version:  - Valve Corporation)
Tweaking.com - Windows Repair (All in One) (x32 Version: 1.9.18 - Tweaking.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
Vasari Beta 3 (Version: 13.06.18120 - Autodesk) Hidden
Vasari Beta 3 Language Pack - English (Version: 13.06.18120 - Autodesk) Hidden
Vasari Prototype CFD Visualisation Plug-in (x32 Version: 2012 - Autodesk, Inc.)
Vasari Solar Radiation Plug-in (x32 Version: 2012 - Autodesk, Inc.)
Vasari STL Export Plug-in (x32 Version: 2012 - Autodesk, Inc.)
Vasari Wind Analysis Plug-in (x32 Version: 2012 - Autodesk, Inc.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WD Drive Utilities (x32 Version: - Western Digital Technologies, Inc.)
WD Quick View (x32 Version: - Western Digital Technologies, Inc.)
WD Security (x32 Version: - Western Digital Technologies, Inc.)
WD SmartWare (Version: - Western Digital Technologies, Inc.)
WD SmartWare Installer (x32 Version: - Western Digital Technologies, Inc.)
WinRAR archiver (x32 Version:  - )
World of Tanks (x32 Version:  - Wargaming.net)
ZipX V3.01 (x32 Version:  - WinX Software)
==================== Restore Points  =========================
28-12-2013 02:59:30 Scheduled Checkpoint
05-01-2014 16:37:30 Scheduled Checkpoint
09-01-2014 07:48:58 Windows Update
15-01-2014 06:50:54 Windows Update
==================== Hosts content: ==========================
2013-09-17 17:02 - 2013-09-17 17:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts       localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {030D4D3F-CE6A-4650-9136-1DE96F4E2824} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {11F3CC81-E155-4067-999A-678752B3B8E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-01] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {26F90A2C-AC59-44DC-BD76-913AC3224D15} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001UA => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-08] (Google Inc.)
Task: {3F6827DC-100C-46EB-B7F7-61EAD6B864FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001Core => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-08] (Google Inc.)
Task: {8BC97286-B02A-43D3-8A2B-979CFFA48CBB} - \Dealply No Task File
Task: {8EE1A937-133E-46CE-BBBB-FE962E698A18} - System32\Tasks\Western Digital\SmartWare\____Volume_6dfa9a68_b2f7_4b8f_af9b_a56cd0643bdd______Volume_29557f25_127d_11e3_be77_6c71d9234bf8__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2013-11-02] (Western Digital Technologies, Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DA425C2D-65EF-4308-AC5C-58F8D12173B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-01] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FA35C2AC-CC87-479C-B43F-BAA730D16743} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FE4831FF-71FE-4C2E-8A67-A04C080DB1AA} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001Core.job => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001UA.job => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-08 15:32 - 2013-12-19 15:33 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-08-31 20:00 - 2013-12-19 13:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-31 16:06 - 2009-06-02 00:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-07-26 02:58 - 2012-07-26 02:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-12-14 04:42 - 2012-12-14 04:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-27 03:20 - 2009-01-10 05:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-12-27 03:20 - 2009-06-22 13:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-12-27 03:20 - 2010-05-14 04:57 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-12-27 03:20 - 2010-02-10 09:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-12-27 03:20 - 2012-06-17 21:56 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-12-27 03:20 - 2010-02-10 09:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2013-09-30 13:38 - 2013-12-19 15:33 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-16 17:20 - 2014-01-11 05:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 17:20 - 2014-01-11 05:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 17:20 - 2014-01-11 05:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 17:20 - 2014-01-11 05:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 17:20 - 2014-01-11 05:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-16 17:20 - 2014-01-11 05:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
2013-11-04 10:24 - 2014-01-19 09:36 - 36967424 _____ () C:\Users\Jeff\AppData\Roaming\Spotify\Data\libcef.dll
2013-11-04 10:24 - 2014-01-19 09:36 - 00887808 _____ () C:\Users\Jeff\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-11-04 10:24 - 2014-01-19 09:36 - 00109568 _____ () C:\Users\Jeff\AppData\Roaming\Spotify\Data\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
The requested service has already been started.
More help is available by typing NET HELPMSG 2182.
==================== Memory info =========================== 
Percentage of memory in use: 49%
Total physical RAM: 8077.5 MB
Available physical RAM: 4079.58 MB
Total Pagefile: 9293.5 MB
Available Pagefile: 4227.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:245.48 GB) (Free:80.31 GB) NTFS
Drive d: () (Fixed) (Total:230.94 GB) (Free:139.52 GB) NTFS
==================== MBR & Partition Table ==================
Disk: 0 (Size: 477 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
==================== End Of Log ============================
Link to post
Share on other sites

Please create a new system restore point before continuing.


Download the attached fixlist.txt to the same folder as FRST.

Run FRST.exe and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.


Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":


  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.


Link to post
Share on other sites



Attaching the requested logs:




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 03
Ran by Jeff at 2014-01-19 13:30:32 Run:1
Running from C:\Users\Jeff\Desktop\FARBAR
Boot Mode: Normal
Content of fixlist:
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => ""="Driver"
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => Key deleted successfully.
==== End of Fixlog ====
# AdwCleaner v3.017 - Report created 19/01/2014 at 13:35:38
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Jeff - PO-PC
# Running from : C:\Users\Jeff\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v26.0 (en-US)
[ File : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default\prefs.js ]
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\preferences ]
AdwCleaner[R0].txt - [4369 octets] - [16/09/2013 09:13:03]
AdwCleaner[R1].txt - [2251 octets] - [24/09/2013 21:11:48]
AdwCleaner[R2].txt - [1102 octets] - [19/01/2014 13:31:05]
AdwCleaner[s0].txt - [4459 octets] - [16/09/2013 09:14:00]
AdwCleaner[s1].txt - [2324 octets] - [24/09/2013 21:12:51]
AdwCleaner[s2].txt - [1024 octets] - [19/01/2014 13:35:38]
########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1084 octets] ##########
Malwarebytes Anti-Malware (PRO)
Database version: v2014.01.19.05
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Jeff :: PO-PC [administrator]
Protection: Enabled
1/19/2014 1:37:30 PM
mbam-log-2014-01-19 (13-37-30).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 623734
Time elapsed: 24 minute(s), 53 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Link to post
Share on other sites

Please download SystemLook from the link below and save it to your Desktop.


  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


Link to post
Share on other sites

SystemLook 30.07.11 by jpshortstuff

Log created at 19:32 on 19/01/2014 by Jeff

Administrator - Elevation successful


========== regfind ==========


Searching for "Scorpion"












@="C:\Program Files(x86)\ScorpionSaver\IECore.dll"


"c:\Program Files (x86)\ScorpionSaver\"=""


"c:\Program Files\ScorpionSaver Services\"=""


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakWFP64.sys"


"A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\ff_bootstrap.js"


"3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\ff_bootstrap.js"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakProxy64.dll"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\Microsoft.Deployment.WindowsInstaller.dll"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\Installbat.dll"


"A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\SendJson.dll"


"3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\SendJson.dll"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe"


"A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\"


"3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\PCProxyDLL.dll"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\background.js"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\CustomActionInstall"


"3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\CustomActionInstall"


"A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\IECore.dll"


"3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\IECore.dll"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\Installbat64.dll"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"




"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.dll"


"6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakWFPInstaller.exe"


"A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"


"3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"




"DisplayName"="ScorpionSaver Services"








"AppFullPath"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe"


"AppFullPath"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe"

[HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\Scorpion Saver]

[HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\Scorpion Saver]


-= EOF =-

Link to post
Share on other sites


Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.79  

   x64 (UAC is enabled)  

 Internet Explorer 10 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Windows Defender             

360 Internet Security 2013   

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version  

 Java 7 Update 51  

 Adobe Flash Player 11.9.900.170  

 Mozilla Firefox (26.0) 

 Google Chrome 31.0.1650.63  

 Google Chrome 32.0.1700.76  

 Google Chrome plugins...  

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Malwarebytes' Anti-Malware mbamscheduler.exe   

 Mobile Partner OnlineUpdate ouc.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

All looks Good.......

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /


Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)


Please download OTC to your desktop. (This will clean up most of the tools and logs)


Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.

Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete. (right click.....Delete)

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.


If you used FRST and can't delete the quarantine folder:

Download the fixlist.txt to the same folder as FRST.exe.

Run FRST.exe and click Fix only once and wait

That will delete the quarantine folder created by FRST.

The rest you can manually delete.


Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.