Jump to content

Is there any way to undo what this program did?


KoSah6

Recommended Posts

Hi im not sure if im posting this in the correct topic but I really need some help. 

After scanning for malware and getting a few results, I quarantined a few things. That is when I started to notice that there has been some negative effects after doing so. I thought maybe deleting the quarantined items would fix it. I was very wrong. Now from what I notices, I cant get to the hulu website and I am unable to sign into my yahoo mail on their website. There should be other things that have been affected that I am unaware of but I do know there is a problem. I do have the application logs . Please help me to reverse what I did if there is a way.

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

 

Yes, removing quarantined files that you're not sure of is not a good idea. Please go to the History and the logs and post back the text file of the protection log or scan log that removed the items so that we can see what it found and removed please.

 

Next, Please read the following and post back the 3 requested logs.
 
Diagnostic Logs
 
Thank you
 

Link to post
Share on other sites

Scan Log

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 9/12/2014

Scan Time: 1:25:04 PM

Logfile: Scan Log.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.09.12.06

Rootkit Database: v2014.09.12.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Phillip

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 317734

Time Elapsed: 11 min, 45 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 14

PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, No Action By User, [eadc7e6eb2c9d95dca5f1ca0d52d40c0], 

PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, No Action By User, [eadc7e6eb2c9d95dca5f1ca0d52d40c0], 

PUP.Optional.SearchProtect.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, No Action By User, [596ddb118cef43f33eac503224de9a66], 

PUP.Optional.Babylon.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [7e487a721665e155d0eb5230847e34cc], 

PUP.Optional.SpeedTest.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, Quarantined, [dceadf0d6516c96d894780056d95eb15], 

PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [9e28b834ed8e1a1c74ce02116d96cb35], 

PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nbmafkdmkkckhggblphicnnhlgljnoje, Quarantined, [f3d3ba32dd9edc5a3700be5962a1f20e], 

PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Quarantined, [4581f1fbadce6cca61cadf1f4cb62bd5], 

PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [8244ffedb9c2f1455a55c38464a0e11f], 

PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, Quarantined, [913535b76714132333d12d1d24e006fa], 

PUP.Optional.DataMngr.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [f5d1cb21a7d476c0b983073f6a9ac739], 

PUP.Optional.DataMngr.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [b412d4182259b97d59e2ef572cd81ce4], 

PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, Quarantined, [80463daf0b70d75f412b7f8619ea02fe], 

PUP.Optional.Babylon.A, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, Quarantined, [fdc9d51717641a1c201fc582f113fc04], 

 

Registry Values: 2

PUP.Optional.SpeedTest, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|speedtest4354@BestOffers, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers, Quarantined, [0abc15d75922b086a65bc343778c16ea]

PUP.Optional.SpeedTest, HKU\S-1-5-21-86388601-3102729420-1138137104-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest4354@BestOffers, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers, Quarantined, [8541905ca2d9d462c53ba165f80bca36]

 

Registry Data: 1


 

Folders: 15

PUP.Optional.OpenCandy, C:\Users\Phillip\AppData\Roaming\OpenCandy, Quarantined, [f8cefbf185f6f442bed024ab36ccfc04], 

PUP.Optional.OpenCandy, C:\Users\Phillip\AppData\Roaming\OpenCandy\1EDD677395C94862BD32757479546B28, Quarantined, [f8cefbf185f6f442bed024ab36ccfc04], 

PUP.Optional.Delta.A, C:\Users\Phillip\AppData\Local\Temp\mt_ffx\Delta, Quarantined, [ac1a5d8f0972013539725e711fe3f907], 

PUP.Optional.Delta.A, C:\Users\Phillip\AppData\Local\Temp\mt_ffx\Delta\delta, Quarantined, [ac1a5d8f0972013539725e711fe3f907], 

PUP.Optional.Delta.A, C:\Users\Phillip\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.16.16, Quarantined, [ac1a5d8f0972013539725e711fe3f907], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\speedtest4354, Quarantined, [c600ab410279ee488bcf9938b2508f71], 

PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker, Quarantined, [4383ae3e7cfff244a9facd04c042867a], 

PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, Quarantined, [4e784e9e255679bd1190c40f3cc6b050], 

PUP.Optional.TornTV.A, C:\Program Files (x86)\TornTV.com, Quarantined, [facc1ece9eddb97de19b35a1fd0560a0], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\mz, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService, Quarantined, [ba0c30bc304b7db90182e10be81a8a76], 

 

Files: 63

PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-86388601-3102729420-1138137104-1001\$R10Z8XL.exe, Quarantined, [9b2b40ac6a11a3930034b0ad16eb0000], 

PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-86388601-3102729420-1138137104-1001\$RF2Y79P.exe, Quarantined, [1caa63894d2e9f97d4600756d52c2cd4], 

PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-86388601-3102729420-1138137104-1001\$RHBAFBH.exe, Quarantined, [d8ee88640774a195a391fb624fb2e61a], 

PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-86388601-3102729420-1138137104-1001\$RC0645L.exe, Quarantined, [378f1bd1c8b3e94df63e263724dd19e7], 

PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, Quarantined, [b2149557d7a40f27fb0afb26c13f946c], 

PUP.Optional.Spigot, C:\Users\Phillip\AppData\Local\Temp\~sp6976.tmp, Quarantined, [cef816d6601b5bdb242f307a31d0619f], 

Trojan.RotBrowse, C:\Users\Phillip\AppData\Local\Temp\3E83.tmp, Quarantined, [b01647a57dfe35012ae00fce81836a96], 

Trojan.Agent, C:\Users\Phillip\AppData\Local\Temp\GPUpd5410CB401.exe, Quarantined, [0eb8717ba4d75adcb118318919e801ff], 

PUP.Optional.Conduit.A, C:\Users\Phillip\AppData\Local\Temp\nsc6572.exe, Quarantined, [6c5a727a205b1f17ca10e7aa8e737e82], 

PUP.Optional.Conduit.A, C:\Users\Phillip\AppData\Local\Temp\nsc6B8B.exe, Quarantined, [b511ffed7209c6708e4c5140c938cd33], 

PUP.Optional.Conduit.A, C:\Users\Phillip\AppData\Local\Temp\nsh3876.exe, Quarantined, [883e10dca8d3ae88d109ccc5e819827e], 

Trojan.Sefnit, C:\Users\Phillip\AppData\Local\Temp\setup_fsu_cid.exe, Quarantined, [18aeb9330576ed493fd34016df2336ca], 

PUP.Optional.PerformerSoft.A, C:\Users\Phillip\AppData\Local\Temp\78DC.tmp, Quarantined, [a71f3eae6d0ef6403af49c8a867bc53b], 

PUP.Optional.FileScout.A, C:\Users\Phillip\AppData\Local\Temp\9F0E.tmp, Quarantined, [6b5b31bbc7b449edcf94de39e61b27d9], 

PUP.Optional.Spigot, C:\Users\Phillip\AppData\Local\Temp\SearchProtectionSetup.exe, Quarantined, [735374782d4ec373d67dd1d97c85728e], 

PUP.Optional.Conduit.A, C:\Users\Phillip\AppData\Local\Temp\nsx3441.exe, Quarantined, [ffc78d5f95e669cdb129038e8a7706fa], 

PUP.Optional.Conduit.A, C:\Users\Phillip\AppData\Local\Temp\nsxDAF3.exe, Quarantined, [7056628adc9fd46226b46b26ad54e21e], 

PUP.Optional.SearchProtect.A, C:\Users\Phillip\AppData\Local\Temp\nsxE68E.tmp, Quarantined, [8c3aa04c0576c96d12eea5f729d8bf41], 

PUP.Optional.AdLyrics, C:\Users\Phillip\AppData\Local\Temp\obtfan32.jba.exe, Quarantined, [72546f7d4437fa3cd6906ae9a75953ad], 

Trojan.RotBrowse, C:\Users\Phillip\AppData\Local\Temp\0E06C1CA-BAB0-7891-A564-2ACEDD42404E\ccp.exe, Quarantined, [8e38806cbfbcdb5b69a18558bf45847c], 

PUP.Optional.Babylon.A, C:\Users\Phillip\AppData\Local\Temp\0E06C1CA-BAB0-7891-A564-2ACEDD42404E\CrxInstaller.dll, Quarantined, [09bd8a62cfacee48029d9d8bf9088080], 

PUP.Optional.Delta.A, C:\Users\Phillip\AppData\Local\Temp\0E06C1CA-BAB0-7891-A564-2ACEDD42404E\MyBabylonTB.exe, Quarantined, [4e78905cb6c50234f2cf77086998b947], 

PUP.Optional.BabSolution.A, C:\Users\Phillip\AppData\Local\Temp\bus3BA5\BUSolution.dll, Quarantined, [ae1854984a31a3937278ec2f18e9ad53], 

PUP.Optional.OpenCandy, C:\Users\Phillip\AppData\Local\Temp\nsq4D18.tmp\OCSetupHlp.dll, Quarantined, [b51123c9d6a51323a353de42ca3baf51], 

PUP.Optional.Superfish.A, C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [e0e62cc088f31a1c5bb729ef000322de], 

PUP.Optional.Superfish.A, C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Delete-on-Reboot, [c8fe14d8d7a4a78f21f165b3c340ed13], 

PUP.Optional.OpenCandy, C:\Users\Phillip\AppData\Roaming\OpenCandy\1EDD677395C94862BD32757479546B28\qms.exe, Quarantined, [f8cefbf185f6f442bed024ab36ccfc04], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\speedtest4354\install_helper.exe, Quarantined, [c600ab410279ee488bcf9938b2508f71], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\speedtest4354\speedtest4354.crx, Quarantined, [c600ab410279ee488bcf9938b2508f71], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\speedtest4354\speedtest4354DeskTopIcon.ico, Quarantined, [c600ab410279ee488bcf9938b2508f71], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome.manifest, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\icon.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\install.rdf, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\background.html, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\bg.js, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.xml, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\config.js, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\content.js, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.js, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.xul, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.ico, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.ico, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.ico, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.ico, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.ico, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.ico, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.ico, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.png, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\jquery-1.9.1.min.js, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\options.xul, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\settings.json, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\mz\background.js, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\mz\content.js, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.SpeedTest.A, C:\Users\Phillip\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin\framework.css, Quarantined, [c600b6361e5d60d6d3218463f40e03fd], 

PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml, Quarantined, [ba0c30bc304b7db90182e10be81a8a76], 

PUP.Optional.Trovi.A, C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://www.trovi.com/?gd=&ctid=CT3326582&octid=EB_ORIGINAL_CTID&ISID=M2C22076A-CFD5-4E7F-BE0B-894A53752670&SearchSource=55&CUI=&UM=6&UP=SPA2D3283F-A3D2-4E6E-8BCD-AE0BE739E397&SSPV=",), Replaced,[6264e507205bd85e3caf002dba4b60a0]

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

Protection Log 1

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

 

Protection, 9/12/2014 1:22:53 PM, SYSTEM, PHILLIP-PC, Protection, Malware Protection, Starting, 

Protection, 9/12/2014 1:22:53 PM, SYSTEM, PHILLIP-PC, Protection, Malware Protection, Started, 

Protection, 9/12/2014 1:22:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Starting, 

Protection, 9/12/2014 1:22:54 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Started, 

Update, 9/12/2014 1:23:02 PM, SYSTEM, PHILLIP-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.9.12.1, 

Update, 9/12/2014 1:23:29 PM, SYSTEM, PHILLIP-PC, Manual, Malware Database, 2014.3.4.9, 2014.9.12.6, 

Protection, 9/12/2014 1:23:30 PM, SYSTEM, PHILLIP-PC, Protection, Refresh, Starting, 

Protection, 9/12/2014 1:23:30 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 9/12/2014 1:23:30 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 9/12/2014 1:23:35 PM, SYSTEM, PHILLIP-PC, Protection, Refresh, Success, 

Protection, 9/12/2014 1:23:35 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Starting, 

Protection, 9/12/2014 1:23:36 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Started, 

Detection, 9/12/2014 1:24:05 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 55947, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:24:05 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 55948, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:24:05 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 55947, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:39:17 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56357, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:18 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56410, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:29 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56414, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:42 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56417, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:42 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56418, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:48 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56426, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:50 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56428, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56430, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56431, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:43:59 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56434, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:14 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56445, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:14 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56446, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:20 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56448, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:21 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56450, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:26 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56453, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:31 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56455, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:32 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56457, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:37 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56461, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56465, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:55 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56467, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:55 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56468, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:44:58 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56471, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:45:01 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56474, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:45:34 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56482, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:45:39 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56486, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:45:52 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56489, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:45:52 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, 56490, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56497, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56497, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:16 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56502, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:16 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56503, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:21 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56507, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:22 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56509, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:24 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56512, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:32 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56515, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56520, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:46:55 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56521, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:47:00 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56524, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:47:05 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56527, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:47:34 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56534, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:47:51 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56542, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:47:56 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56545, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:02 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56548, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:07 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56551, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:12 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56553, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:23 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56558, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:23 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56559, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:26 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56561, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:28 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56564, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:33 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56567, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:37 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56569, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:40 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56571, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:44 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56573, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:48 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56576, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:51 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56578, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:55 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56580, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:57 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56582, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:48:57 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56583, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56587, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:04 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56588, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:09 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56591, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:09 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56592, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:12 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56595, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:25 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56598, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:36 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56602, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:41 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56606, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:50 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56609, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:49:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56611, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:14 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56619, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:19 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56621, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:25 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56623, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:25 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56624, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:30 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56627, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:30 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56628, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:40 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56634, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:46 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56637, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:46 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56638, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:51 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56644, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:50:51 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56645, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:07 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56651, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:11 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56655, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:12 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56657, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:14 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56660, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:27 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56668, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:32 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56671, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:36 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56673, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:51:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56677, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:52:09 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56684, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:52:20 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56693, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:52:41 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56701, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:52:48 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56705, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:52:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56709, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:06 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56711, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:11 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56715, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:14 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56717, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:22 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56720, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:27 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56722, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:52 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56728, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:54 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56730, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:53:55 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56732, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:54:18 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56737, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:54:18 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56738, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:54:24 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56743, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:54:43 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56748, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:54:57 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56751, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:55:02 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56753, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:55:29 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56758, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:55:34 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56762, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:55:55 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56765, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:56:28 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56774, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:56:57 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56803, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:56:57 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56803, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56812, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56826, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56813, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56827, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56814, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56815, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56828, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56816, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56829, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56817, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56830, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56818, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56831, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56819, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56832, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56820, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56833, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56821, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56822, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56823, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56824, Outbound, 

Detection, 9/12/2014 1:57:03 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 56825, Outbound, 

Protection, 9/12/2014 9:34:38 PM, SYSTEM, PHILLIP-PC, Protection, Malware Protection, Starting, 

Protection, 9/12/2014 9:34:38 PM, SYSTEM, PHILLIP-PC, Protection, Malware Protection, Started, 

Protection, 9/12/2014 9:34:38 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Starting, 

Protection, 9/12/2014 9:34:38 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Started, 

Update, 9/12/2014 9:34:52 PM, SYSTEM, PHILLIP-PC, Manual, Malware Database, 2014.9.12.6, 2014.9.12.9, 

Protection, 9/12/2014 9:34:53 PM, SYSTEM, PHILLIP-PC, Protection, Refresh, Starting, 

Protection, 9/12/2014 9:34:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 9/12/2014 9:34:53 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 9/12/2014 9:34:59 PM, SYSTEM, PHILLIP-PC, Protection, Refresh, Success, 

Protection, 9/12/2014 9:34:59 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Starting, 

Protection, 9/12/2014 9:34:59 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Started, 

Protection, 9/12/2014 11:30:51 PM, SYSTEM, PHILLIP-PC, Protection, Malware Protection, Starting, 

Protection, 9/12/2014 11:30:51 PM, SYSTEM, PHILLIP-PC, Protection, Malware Protection, Started, 

Protection, 9/12/2014 11:30:51 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Starting, 

Update, 9/12/2014 11:30:57 PM, SYSTEM, PHILLIP-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.9.12.1, 

Protection, 9/12/2014 11:31:10 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Started, 

Update, 9/12/2014 11:31:33 PM, SYSTEM, PHILLIP-PC, Manual, Malware Database, 2014.3.4.9, 2014.9.12.9, 

Protection, 9/12/2014 11:31:33 PM, SYSTEM, PHILLIP-PC, Protection, Refresh, Starting, 

Protection, 9/12/2014 11:31:33 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 9/12/2014 11:31:33 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 9/12/2014 11:31:39 PM, SYSTEM, PHILLIP-PC, Protection, Refresh, Success, 

Protection, 9/12/2014 11:31:39 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Starting, 

Protection, 9/12/2014 11:31:39 PM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, Started, 

 

(end)

 

Protection Log 2

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

 

Detection, 9/13/2014 12:17:44 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 51467, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 12:17:44 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 94.242.255.228, www.asiatorrents.me, 51467, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 12:17:57 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 176.120.38.238, 44152, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 12:17:57 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 176.120.38.238, 44152, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 12:20:02 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 91.212.124.13, 44152, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 12:20:02 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 91.212.124.13, 44152, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:03:07 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 194.44.235.219, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:03:07 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 194.44.235.219, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:17:46 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 185.21.216.133, 44152, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:17:46 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 185.21.216.133, 44152, Outbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:21:51 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 188.64.170.221, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:21:51 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 188.64.170.221, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:21:51 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 188.64.170.221, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 1:46:19 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 188.64.170.221, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 2:09:27 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 188.64.170.221, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 2:56:43 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.203.69.14, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 2:56:43 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.203.69.14, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 3:08:36 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 95.31.245.91, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 3:08:37 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 95.31.245.91, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 3:12:53 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 95.58.99.234, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 3:12:53 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 95.58.99.234, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 3:39:54 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 91.188.45.183, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 3:39:54 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 91.188.45.183, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 4:44:28 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 159.224.151.223, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 4:44:28 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 159.224.151.223, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 5:17:26 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 85.234.190.78, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 5:17:26 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 85.234.190.78, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 5:42:13 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.81.209, 36728, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 

Detection, 9/13/2014 5:42:13 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.81.209, 36728, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 

Detection, 9/13/2014 5:42:14 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.81.209, 36728, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 

Detection, 9/13/2014 5:42:16 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.81.209, 36728, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 

Detection, 9/13/2014 5:42:18 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.81.209, 36728, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 

Detection, 9/13/2014 5:42:19 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.81.209, 36728, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 

Detection, 9/13/2014 5:42:22 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.81.209, 36728, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 

Detection, 9/13/2014 5:46:36 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 85.234.190.78, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 5:52:05 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 79.135.147.189, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 5:52:05 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 79.135.147.189, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 7:40:51 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.55.216, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 7:40:51 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.55.216, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 7:48:14 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 93.170.51.40, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 7:48:15 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 93.170.51.40, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 7:50:05 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 194.44.235.219, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 7:50:05 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 194.44.235.219, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 8:29:26 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.14.78, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

Detection, 9/13/2014 8:29:26 AM, SYSTEM, PHILLIP-PC, Protection, Malicious Website Protection, IP, 41.35.14.78, 44152, Inbound, C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe, 

 

(end)

Link to post
Share on other sites

FRST 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014

Ran by Phillip (administrator) on PHILLIP-PC on 13-09-2014 08:57:09

Running from C:\Users\Phillip\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe

() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.06\AsusFanControlService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe

(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(BitTorrent Inc.) C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1304296 2012-12-18] (Trend Micro Inc.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2012-02-27] (Trend Micro Inc.)

HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2011-09-27] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe [737104 2011-07-05] (ecareme)

HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [188416 2011-12-21] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-09] (Valve Corporation)

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [uTorrent] => C:\Users\Phillip\AppData\Roaming\uTorrent\uTorrent.exe [1329744 2014-07-20] (BitTorrent Inc.)

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [steelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent

HKU\S-1-5-21-86388601-3102729420-1138137104-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21652064 2014-07-24] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk

ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()

ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com/




SearchScopes: HKCU - {E8E9D813-B9CC-4FD3-B14C-9721DA220C51} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}

BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)

BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.203.226

 

FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Phillip\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Phillip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF HKLM-x32\...\Firefox\Extensions: [{38783831-6098-4faa-A9C9-1EE1E343F4D2}] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension

FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension [2013-05-02]

FF HKLM-x32\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-04-04]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension

FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension [2013-05-02]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3326582&octid=EB_ORIGINAL_CTID&ISID=M2C22076A-CFD5-4E7F-BE0B-894A53752670&SearchSource=55&CUI=&UM=6&UP=SPA2D3283F-A3D2-4E6E-8BCD-AE0BE739E397&SSPV=

CHR NewTab: Default -> "chrome-extension://dgpdioedihjhncjafcpgbbjdpbbkikmi/speeddial.html"

CHR DefaultSuggestURL: Default -> 

CHR Profile: C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-13]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]

CHR Extension: (YouTube) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-11]

CHR Extension: (Adblock Plus) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-26]

CHR Extension: (Google Search) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-11]

CHR Extension: (Speed Dial) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-12-11]

CHR Extension: (Google Wallet) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

CHR Extension: (Gmail) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-11]

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-05] (Advanced Micro Devices, Inc.) [File not signed]

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]

R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()

R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.06\AsusFanControlService.exe [1399296 2011-09-02] (ASUSTeK Computer Inc.) [File not signed]

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]

R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-04-20] ()

R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()

R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-21] (ASUSTek Computer Inc.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)

R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-12] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)

R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [107048 2012-09-24] (Trend Micro Inc.)

R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [173504 2012-09-24] (Trend Micro Inc.)

R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [77184 2012-09-24] (Trend Micro Inc.)

R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-09-29] (Trend Micro Inc.)

S3 VIAHdAudAddService; system32\drivers\viahduaa.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-09-13 08:45 - 2014-09-13 08:46 - 00038326 _____ () C:\Users\Phillip\Downloads\Addition.txt

2014-09-13 08:44 - 2014-09-13 08:57 - 00022513 _____ () C:\Users\Phillip\Downloads\FRST.txt

2014-09-13 08:44 - 2014-09-13 08:57 - 00000000 ____D () C:\FRST

2014-09-13 08:43 - 2014-09-13 08:44 - 02105856 _____ (Farbar) C:\Users\Phillip\Downloads\FRST64.exe

2014-09-13 00:06 - 2014-09-13 00:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-09-12 23:30 - 2014-09-12 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-12 23:19 - 2014-09-12 23:19 - 00003218 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-86388601-3102729420-1138137104-1001

2014-09-12 23:09 - 2014-09-12 23:09 - 00000000 ____D () C:\Users\Phillip\AppData\Roaming\Malwarebytes

2014-09-12 23:09 - 2014-09-12 23:09 - 00000000 ____D () C:\Users\phill\AppData\Roaming\Malwarebytes

2014-09-12 23:09 - 2014-09-12 23:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Malwarebytes

2014-09-12 23:09 - 2014-09-12 23:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Malwarebytes

2014-09-12 23:08 - 2014-09-13 00:06 - 00000000 ____D () C:\Users\Phillip\Downloads\mbam-repair-1.08.0.1000

2014-09-12 23:07 - 2014-09-12 23:08 - 07671758 _____ () C:\Users\Phillip\Downloads\mbam-repair-1.08.0.1000.zip

2014-09-12 22:37 - 2014-09-12 22:37 - 00000000 __SHD () C:\Users\phill\AppData\Local\EmieUserList

2014-09-12 22:37 - 2014-09-12 22:37 - 00000000 __SHD () C:\Users\phill\AppData\Local\EmieSiteList

2014-09-12 22:37 - 2014-09-12 22:37 - 00000000 ____D () C:\Users\phill\AppData\Roaming\Macromedia

2014-09-12 22:36 - 2014-09-12 22:36 - 00000000 ____D () C:\Users\phill\AppData\Local\Apple

2014-09-12 22:35 - 2014-09-12 22:36 - 00000000 ____D () C:\Users\phill\AppData\Roaming\Apple Computer

2014-09-12 22:35 - 2014-09-12 22:35 - 00107968 _____ () C:\Users\phill\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-12 22:35 - 2014-09-12 22:35 - 00000000 ____D () C:\Users\phill\AppData\Roaming\ATI

2014-09-12 22:35 - 2014-09-12 22:35 - 00000000 ____D () C:\Users\phill\AppData\Local\ATI

2014-09-12 22:35 - 2014-09-12 22:35 - 00000000 ____D () C:\Users\phill\AppData\Local\Apple Computer

2014-09-12 22:35 - 2014-09-12 22:35 - 00000000 ____D () C:\Users\phill\AppData\Local\AMD

2014-09-12 22:34 - 2014-09-12 22:57 - 00000000 ____D () C:\Users\phill

2014-09-12 22:34 - 2014-09-12 22:55 - 00000000 ___RD () C:\Users\phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-09-12 22:34 - 2014-09-12 22:55 - 00000000 ___RD () C:\Users\phill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-12 22:34 - 2014-09-12 22:34 - 00000000 ____D () C:\Users\phill\AppData\Roaming\Adobe

2014-09-12 22:34 - 2014-09-12 22:34 - 00000000 ____D () C:\Users\phill\AppData\Local\VirtualStore

2014-09-12 22:34 - 2014-09-12 22:34 - 00000000 ____D () C:\Users\phill\AppData\Local\Google

2014-09-12 22:34 - 2013-09-15 21:22 - 00000000 ____D () C:\Users\phill\AppData\Local\Microsoft Help

2014-09-12 20:36 - 2014-09-12 20:36 - 00918440 _____ (Oracle Corporation) C:\Users\Phillip\Downloads\chromeinstall-7u67.exe

2014-09-12 14:01 - 2014-09-12 23:18 - 00003348 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-86388601-3102729420-1138137104-1001

2014-09-12 13:22 - 2014-09-12 23:31 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-12 13:22 - 2014-09-12 23:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-12 13:22 - 2014-09-12 23:09 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-12 13:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-09-12 13:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

2014-09-12 13:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-09-12 13:20 - 2014-09-12 13:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Phillip\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-11 23:36 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-09-11 23:36 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-09-11 23:36 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-09-11 23:36 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-09-11 23:36 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-09-11 23:36 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-09-11 23:36 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-09-11 23:36 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-09-11 23:36 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-09-11 23:36 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-09-11 23:36 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2014-09-11 23:36 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-09-11 23:36 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-09-11 23:36 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-09-11 23:36 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-09-11 23:36 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-09-11 23:36 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-09-11 23:36 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-09-11 23:36 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-09-11 23:36 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-09-11 23:36 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-09-11 23:36 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-09-11 23:36 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-09-11 23:36 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-09-11 23:36 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-09-11 23:36 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2014-09-11 23:36 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-09-11 23:36 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-09-11 23:36 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-09-11 23:36 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-09-11 23:36 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-09-11 23:36 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-09-11 23:36 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-09-11 23:36 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-09-11 23:36 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-09-11 23:36 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-09-11 23:36 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-09-11 23:36 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-09-11 23:36 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-09-11 23:36 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-09-11 23:36 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-09-11 23:36 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-09-11 23:36 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-09-11 23:36 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-09-11 23:36 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-09-11 23:36 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-09-11 23:36 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-09-11 23:36 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-09-11 23:36 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-09-11 23:36 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-09-11 23:36 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-09-11 23:36 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-09-11 23:36 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-09-11 23:36 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-09-11 23:36 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-09-11 23:36 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-09-11 23:29 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll

2014-09-11 23:29 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll

2014-09-11 23:23 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-09-11 23:23 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-09-11 23:23 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll

2014-09-11 23:23 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll

2014-09-11 23:23 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2014-09-11 23:23 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll

2014-09-11 23:23 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll

2014-09-11 23:23 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll

2014-09-11 23:23 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll

2014-09-11 23:23 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll

2014-09-11 23:23 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll

2014-09-11 18:05 - 2014-09-12 22:55 - 00000000 ____D () C:\Program Files (x86)\Techsnab

2014-09-11 18:05 - 2014-09-12 18:05 - 00003308 _____ () C:\windows\System32\Tasks\Chrome Launcher

2014-09-10 18:03 - 2014-09-12 18:03 - 00070144 _____ () C:\windows\SysWOW64\tasks.dll

2014-09-09 18:04 - 2014-09-09 18:04 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf

2014-09-09 18:03 - 2014-09-12 22:56 - 00000000 ____D () C:\Users\Phillip\AppData\Roaming\GetPrivate

2014-09-09 18:03 - 2014-09-12 22:55 - 00000000 ____D () C:\Program Files (x86)\GetPrivate

2014-09-09 18:03 - 2014-09-09 18:03 - 00003264 _____ () C:\windows\System32\Tasks\GPUP

2014-09-09 18:00 - 2014-09-09 18:01 - 00902664 _____ () C:\Users\Phillip\Downloads\piXlogic_ZBRUSH__4R6_Mac_OSX_XFORCE.exe

2014-09-08 19:39 - 2014-09-08 19:39 - 00000000 ____D () C:\Users\Phillip\AppData\Local\Windows Live

2014-09-08 19:39 - 2014-09-08 19:39 - 00000000 ____D () C:\Users\Phillip\AppData\Local\{11B5785A-BBC5-4174-9A8F-22940E0A14CA}

2014-09-08 19:28 - 2014-09-08 19:28 - 00049281 _____ () C:\Users\Phillip\Downloads\attachment

2014-09-08 19:28 - 2014-09-08 19:28 - 00041898 _____ () C:\Users\Phillip\Downloads\attachment (1)

2014-09-08 19:28 - 2014-09-08 19:28 - 00021049 _____ () C:\Users\Phillip\Downloads\attachment (2)

2014-09-08 13:05 - 2014-09-08 13:05 - 00019006 _____ () C:\Users\Phillip\Downloads\Running Man E212 720p LIMO.torrent

2014-09-08 13:05 - 2014-09-08 13:05 - 00018366 _____ () C:\Users\Phillip\Downloads\Running Man E211 720p LIMO.torrent

2014-09-08 13:05 - 2014-09-08 13:05 - 00017826 _____ () C:\Users\Phillip\Downloads\Running Man E210 720p LIMO.torrent

2014-09-07 22:48 - 2014-09-07 22:48 - 00084480 _____ () C:\Users\Phillip\Downloads\WALMART_stock_prices.xls

2014-09-07 22:47 - 2014-09-07 22:48 - 00191488 _____ () C:\Users\Phillip\Downloads\Project 1.xls

2014-09-07 22:47 - 2014-09-07 22:47 - 00009318 _____ () C:\Users\Phillip\Downloads\part 2.xlsx

2014-09-07 22:46 - 2014-09-07 22:46 - 00087552 _____ () C:\Users\Phillip\Downloads\GENERAL_ELECTRIC_stock_prices.xls

2014-09-07 22:46 - 2014-09-07 22:46 - 00085504 _____ () C:\Users\Phillip\Downloads\MICROSOFT_stock_prices.xls

2014-09-07 22:46 - 2014-09-07 22:46 - 00085504 _____ () C:\Users\Phillip\Downloads\DELL_stock_prices.xls

2014-09-07 22:45 - 2014-09-07 22:46 - 00051712 _____ () C:\Users\Phillip\Downloads\ADM_data_project1.xls

2014-09-07 22:44 - 2014-09-07 22:45 - 00033280 _____ () C:\Users\Phillip\Downloads\ADM_data_project1 (2).xls

2014-08-31 20:42 - 2014-09-12 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-08-31 20:42 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-31 20:42 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-08-31 20:42 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-08-31 20:42 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-08-31 20:41 - 2014-08-31 20:42 - 00004489 _____ () C:\windows\SysWOW64\jupdate-1.7.0_67-b01.log

2014-08-28 03:23 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2014-08-28 03:23 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2014-08-28 03:23 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-08-15 16:01 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll

2014-08-15 16:01 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll

2014-08-15 16:01 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe

2014-08-15 16:01 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe

2014-08-15 16:01 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe

2014-08-15 16:01 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll

2014-08-15 16:01 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe

2014-08-15 16:01 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll

2014-08-15 04:05 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll

2014-08-15 04:05 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll

2014-08-15 04:05 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL

2014-08-15 04:05 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL

2014-08-15 04:05 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL

2014-08-15 04:05 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL

2014-08-15 04:05 - 2014-07-08 22:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL

2014-08-15 04:05 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL

2014-08-15 04:05 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL

2014-08-15 04:05 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL

2014-08-15 04:05 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL

2014-08-15 04:05 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL

2014-08-15 04:05 - 2014-07-08 18:38 - 00419992 _____ () C:\windows\system32\locale.nls

2014-08-15 04:05 - 2014-07-08 18:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls

2014-08-15 04:05 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll

2014-08-15 04:05 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll

2014-08-15 04:05 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys

2014-08-15 04:05 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll

2014-08-15 04:05 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll

2014-08-15 04:05 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll

2014-08-15 04:05 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe

2014-08-15 04:05 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll

2014-08-15 04:05 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll

2014-08-15 04:05 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll

2014-08-15 04:02 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll

2014-08-15 04:02 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll

 

 

Addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014

Ran by Phillip at 2014-09-13 08:57:40

Running from C:\Users\Phillip\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Trend Micro Titanium Internet Security 2012 (Disabled - Out of date) {B7599298-8445-728A-A5C7-A26A082C8BDA}

AS: Trend Micro Titanium Internet Security 2012 (Disabled - Out of date) {0C38737C-A27F-7D04-9F77-991873ABC167}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden

AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)

Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.10 - Adobe Systems Incorporated)

Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)

AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.07 - ASUSTeK Computer Inc.)

AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.15 - ASUSTeK Computer Inc.)

Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version:  - Spicy Horse Games)

ALTools Update (HKLM-x32\...\ALUpdate_is1) (Version: v11.4 - ESTsoft Corp.)

altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC)

ALZip 8.51 (HKLM-x32\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.)

AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden

AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{E4490157-303F-F06F-FB6E-D2053A43A182}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Fuel (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden

AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden

AMD VISION Engine Control Center (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.01.00 - ASUSTeK Computer Inc.)

ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.01.00 - ASUSTeK Computer Inc.)

ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.26 - ASUSTeK Computer Inc)

ASUS Music Maker (HKLM-x32\...\MAGIX_MSI_mm17_silver_asus) (Version: 17.0.2.32 - MAGIX AG)

ASUS Music Maker (x32 Version: 17.0.2.32 - MAGIX AG) Hidden

ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.104.216 - eCareme Technologies, Inc.)

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.628 - ASUSTEK)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)

Atheros Ethernet Utility (HKLM-x32\...\{FB686487-C637-4EEF-BCB1-C92463F2CC05}) (Version: 1.1.0.9 - Atheros Communications Inc.)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden

Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)

Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)

Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5207 - Gretech Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

GoToMeeting 5.9.0.1216 (HKCU\...\GoToMeeting) (Version: 5.9.0.1216 - CitrixOnline)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)

Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.8022 - ooVoo LLC.)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.171.34768 - SteelSeries)

System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

Trend Micro Titanium (Version: 5.00 - Trend Micro Inc.) Hidden

Trend Micro Titanium Internet Security 2012 (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 5.4 - Trend Micro Inc.)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)

Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-86388601-3102729420-1138137104-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1216\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

 

==================== Restore Points  =========================

 

08-09-2014 07:14:15 Scheduled Checkpoint

12-09-2014 03:28:58 Windows Update

13-09-2014 01:50:46 Restore Operation

13-09-2014 02:31:40 Windows Update

13-09-2014 02:44:16 Restore Operation

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0A4510E0-7764-41D2-9EEC-536B768DBDA3} - System32\Tasks\Chrome Launcher => C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe [2014-09-12] ()

Task: {2A17D5C5-AF63-4FFB-9F10-646BBAF8A5FA} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION

Task: {31307B90-5354-43D8-AD02-004DB77E0E98} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {48751915-516A-4FF2-884A-53E73A70910A} - System32\Tasks\{40B3A027-E6AD-4B98-B73F-2DEE40BF1631} => Chrome.exe http://ui.skype.com/ui/0/6.3.60.105/en/go/help.faq.installer?LastError=1618

Task: {86CF363C-DB48-49B2-9C82-CED71EDD3EE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)

Task: {B0AB9E72-C0BB-492B-B771-BAED8B623487} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION

Task: {CA567599-19F2-489E-9DFB-88F90831C6B1} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)

Task: {CDAE5C46-D512-4544-ACBD-29C4EC50A3AB} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-23] (ASUSTeK Computer Inc.)

Task: {CF552106-5042-432E-A887-8EC8E81984C5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-86388601-3102729420-1138137104-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)

Task: {D2C60588-82FB-4311-945B-60B8D15B7076} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe [2014-09-09] ()

Task: {D8B37B5F-011E-4FA7-9359-543023D01FE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)

Task: {E025AA17-1D1E-4429-8D26-9C7A5A08D9B6} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-86388601-3102729420-1138137104-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-04-11 20:08 - 2012-09-18 15:27 - 00192512 _____ () C:\windows\System32\zlhp1020.dll

2013-04-11 20:09 - 2012-09-18 15:27 - 00065024 _____ () C:\windows\system32\spool\PRTPROCS\x64\pphp1020.dll

2012-02-09 13:14 - 2011-08-02 16:45 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll

2012-02-09 13:14 - 2011-08-02 16:45 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll

2012-02-09 13:14 - 2011-08-02 16:45 - 00731136 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll

2012-02-09 13:14 - 2011-08-02 16:45 - 01719808 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll

2012-02-09 13:14 - 2011-08-02 16:45 - 00016384 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_36.dll

2012-02-09 12:30 - 2011-08-02 16:33 - 00289056 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll

2012-04-05 22:58 - 2012-04-05 22:58 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll

2012-03-05 17:03 - 2012-03-05 17:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll

2012-02-16 15:53 - 2012-02-16 15:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll

2012-04-05 22:57 - 2012-04-05 22:57 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2012-02-09 12:43 - 2011-10-29 13:59 - 00918448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe

2012-02-09 12:43 - 2010-10-21 21:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe

2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00708096 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll

2013-12-02 13:11 - 2013-12-02 13:11 - 00089915 _____ () C:\Users\Phillip\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00280064 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll

2013-01-10 01:46 - 2013-01-10 01:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 09562112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll

2013-01-10 01:46 - 2013-01-10 01:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll

2013-11-05 13:19 - 2013-11-05 13:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll

2014-04-20 23:16 - 2014-04-20 23:16 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe

2013-03-06 02:21 - 2013-03-06 02:21 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

2012-04-05 22:57 - 2012-04-05 22:57 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2012-04-05 23:00 - 2012-04-05 23:00 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-02-09 12:43 - 2014-09-12 23:18 - 00022528 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll

2012-02-09 12:43 - 2010-06-29 14:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll

2014-09-11 18:05 - 2014-09-11 18:05 - 00203176 _____ () C:\Program Files (x86)\Techsnab\Chrome Launcher\chromelauncher.dll

2014-09-10 19:26 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll

2014-09-10 19:26 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll

2014-09-10 19:26 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll

2014-09-10 19:26 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll

2014-09-10 19:26 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

2014-09-10 19:26 - 2014-09-03 23:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\Phillip\.DS_Store:AFP_AfpInfo

AlternateDataStreams: C:\Users\Phillip\Documents\.DS_Store:AFP_AfpInfo

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (09/13/2014 00:41:55 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".

Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (09/12/2014 11:29:54 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: chrome.exe, version: 37.0.2062.120, time stamp: 0x5407bf0e

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000

Faulting process id: 0x420

Faulting application start time: 0xchrome.exe0

Faulting application path: chrome.exe1

Faulting module path: chrome.exe2

Report Id: chrome.exe3

 

Error: (09/12/2014 11:19:58 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (09/12/2014 11:17:25 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x4f7e4d8c

Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b

Exception code: 0xc0000005

Fault offset: 0x00000000000033c1

Faulting process id: 0x700

Faulting application start time: 0xFuel.Service.exe0

Faulting application path: Fuel.Service.exe1

Faulting module path: Fuel.Service.exe2

Report Id: Fuel.Service.exe3

 

Error: (09/12/2014 11:12:45 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (09/12/2014 11:10:20 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x4f7e4d8c

Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b

Exception code: 0xc0000005

Fault offset: 0x00000000000033c1

Faulting process id: 0x72c

Faulting application start time: 0xFuel.Service.exe0

Faulting application path: Fuel.Service.exe1

Faulting module path: Fuel.Service.exe2

Report Id: Fuel.Service.exe3

 

Error: (09/12/2014 10:59:41 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (09/12/2014 10:48:25 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x4f7e4d8c

Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b

Exception code: 0xc0000005

Fault offset: 0x00000000000033c1

Faulting process id: 0x708

Faulting application start time: 0xFuel.Service.exe0

Faulting application path: Fuel.Service.exe1

Faulting module path: Fuel.Service.exe2

Report Id: Fuel.Service.exe3

 

Error: (09/12/2014 10:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: chrome.exe, version: 37.0.2062.102, time stamp: 0x53fe8ce8

Faulting module name: chrome.dll, version: 37.0.2062.102, time stamp: 0x53fe8a32

Exception code: 0x80000003

Fault offset: 0x004f37dc

Faulting process id: 0xcfc

Faulting application start time: 0xchrome.exe0

Faulting application path: chrome.exe1

Faulting module path: chrome.exe2

Report Id: chrome.exe3

 

Error: (09/12/2014 10:39:57 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: chrome.exe, version: 37.0.2062.102, time stamp: 0x53fe8ce8

Faulting module name: chrome.dll, version: 37.0.2062.102, time stamp: 0x53fe8a32

Exception code: 0x80000003

Fault offset: 0x004f37dc

Faulting process id: 0x590

Faulting application start time: 0xchrome.exe0

Faulting application path: chrome.exe1

Faulting module path: chrome.exe2

Report Id: chrome.exe3

 

 

System errors:

=============

Error: (09/13/2014 00:17:34 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR1.

 

Error: (09/13/2014 00:07:38 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {3C5E2B20-B911-44E2-A2DD-9F05E7B5E775}

 

Error: (09/12/2014 11:18:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The MBAMScheduler service failed to start due to the following error: 

%%1053

 

Error: (09/12/2014 11:18:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

 

Error: (09/12/2014 11:17:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (09/12/2014 11:11:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The MBAMScheduler service failed to start due to the following error: 

%%1053

 

Error: (09/12/2014 11:11:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

 

Error: (09/12/2014 11:10:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (09/12/2014 11:00:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The MBAMService service hung on starting.

 

Error: (09/12/2014 10:58:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The MBAMScheduler service failed to start due to the following error: 

%%1053

 

 

Microsoft Office Sessions:

=========================

Error: (09/15/2013 05:58:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 811 seconds with 240 seconds of active time.  This session ended with a crash.

 

 

==================== Memory info =========================== 

 

Processor: AMD A8-3820 APU with Radeon HD Graphics

Percentage of memory in use: 35%

Total physical RAM: 7657.33 MB

Available physical RAM: 4972.54 MB

Total Pagefile: 15312.84 MB

Available Pagefile: 11942.22 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB

 

==================== Drives ================================

 

Drive c: (WIN7) (Fixed) (Total:912.83 GB) (Free:764.15 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:1863.01 GB) (Free:1395.35 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 60C2E85B)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=18.6 GB) - (Type=1B)

Partition 3: (Not Active) - (Size=912.8 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (Size: 1863 GB) (Disk ID: A4B57300)

Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.