Jump to content

yet another searchnet.blinkxcore.com


mrboonmee

Recommended Posts

  • Root Admin

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

General P2P/Piracy Warning:
 
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.



 
Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)


 
STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.
 


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
 
 
STEP 03
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


Thank you
 

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: Tuesday 9/23/2014
Scan Time: 9:53:18 PM
Logfile: mbam.txt
Administrator: No

Version: 2.00.2.1012
Malware Database: v2014.09.24.04
Rootkit Database: v2014.09.19.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tim

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 313954
Time Elapsed: 3 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


RogueKiller V9.2.12.0 (x64) [sep 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tim [Admin rights]
Mode : Scan -- Date : 09/23/2014  22:06:28

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] f581sqav.default-1403033947623 : user_pref("browser.startup.homepage", "http://www.dailyrotation.com/"); -> FOUND

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 035d8350bb0f05bc331e48e436dde277
[bSP] d45b703ec3f76d0ce0feefe2f430f35b : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1:  +++++
--- User ---
[MBR] 5ebe3720e7f232b7cd0784e877de7079
[bSP] a1521b27ec42b24fca97dfe523da4a69 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 122002 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2:  +++++
--- User ---
[MBR] c6ea920e620c2c2c515db1f55fccc266
[bSP] c808ed375e9b3d42aaee2d2376144f7c : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3:  +++++
--- User ---
[MBR] 396de3cfd556770860910392f27bcf9a
[bSP] abbe1a2a97c15fc1be0061a8b048f19a : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_08242014_235240.log - RKreport_SCN_05292014_080824.log - RKreport_SCN_06212014_222550.log - RKreport_SCN_08242014_235148.log
RKreport_SCN_09232014_113854.log - RKreport_SCN_09232014_193033.log

Link to post
Share on other sites

  • Root Admin

Okay, let me get a new fresh FRST log.

 

Make sure you place a check mark in the Additions.txt check box and post back both new logs.

 

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Tim (administrator) on TIMS-X64PC on 24-09-2014 01:32:08
Running from C:\Users\Tim\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
() C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
() C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2014-05-06] (Realtek Semiconductor)
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-04-30] ()
HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2011-10-18] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-1635314408-132208643-1039462560-1000\...\Run: [Google Update] => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-29] (Google Inc.)
HKU\S-1-5-21-1635314408-132208643-1039462560-1000\...\Run: [skyDrive] => C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-03] (Microsoft Corporation)
HKU\S-1-5-21-1635314408-132208643-1039462560-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1635314408-132208643-1039462560-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-1635314408-132208643-1039462560-1000\...\MountPoints2: {1a2db07f-1132-11e1-a187-14dae9cd7f21} - V:\setup.exe
HKU\S-1-5-21-1635314408-132208643-1039462560-1000\...\MountPoints2: {b315489f-0a88-11e1-9080-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-1635314408-132208643-1039462560-1000\...\MountPoints2: {f9b6a2f4-2928-11e1-b7e7-14dae9cd7f21} - V:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x34E51324F71DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {4DABCD24-F3F4-4D31-BF1D-A3A46744878B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4DABCD24-F3F4-4D31-BF1D-A3A46744878B} URL = https://www.google.com/search?q={searchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\shell32.dll (Microsoft Corporation)
DPF: HKLM-x32 {1FDFCFC3-B893-43E1-9138-4A2D2452A551} https://www.t-mobilepictures.com/myalbum/scripts/downloader/FileDownloader7.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1364619516710
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\f581sqav.default-1403033947623
FF DefaultSearchEngine: Wikipedia (en)
FF SelectedSearchEngine: Wikipedia (en)
FF Homepage: hxxp://www.dailyrotation.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Xmarks - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\f581sqav.default-1403033947623\Extensions\foxmarks@kei.com [2014-09-17]
FF Extension: LastPass - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\f581sqav.default-1403033947623\Extensions\support@lastpass.com [2014-08-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-18]

Chrome:
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-23]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-23]
CHR Extension: (Google Docs) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-23]
CHR Extension: (Google Drive) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (YouTube) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-23]
CHR Extension: (Google Search) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-23]
CHR Extension: (Google Sheets) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-09-23]
CHR Extension: (Hangouts) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-23]
CHR Extension: (Gmail) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-09-11] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-09-11] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2012-11-09] (ASUSTeK Computer Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2011-11-15] (Brother Industries, Ltd.) [File not signed]
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-04-30] ()
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Media Center 19 Service; C:\Program Files (x86)\J River\Media Center 19\JRService.exe [397896 2014-08-11] (JRiver, Inc.)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-09-11] ()
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-09-17] (REALiX)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [43456 2011-09-22] (http://libusb-win32.sourceforge.net)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation                           )
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [149240 2014-01-14] (Ray Hinchliffe)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 01:32 - 2014-09-24 01:32 - 00017519 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-09-24 01:30 - 2014-09-24 01:30 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-09-24 01:28 - 2014-09-24 01:30 - 00020994 _____ () C:\Windows\DPINST.LOG
2014-09-24 01:25 - 2014-09-24 01:25 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\NVIDIA
2014-09-24 01:15 - 2014-09-24 01:15 - 02106880 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2014-09-23 22:02 - 2014-09-23 22:07 - 00003319 _____ () C:\Users\Tim\Desktop\mbam.txt
2014-09-23 21:52 - 2014-09-23 21:52 - 00002040 _____ () C:\Users\Tim\Desktop\Rkill.txt
2014-09-23 21:49 - 2014-09-23 21:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Tim\Desktop\rkill.exe
2014-09-23 21:42 - 2014-09-23 21:42 - 00098035 _____ () C:\ProgramData\1411533698.bdinstall.bin
2014-09-23 21:41 - 2014-09-23 21:41 - 00037823 _____ () C:\ProgramData\1411533697.bdinstall.bin
2014-09-23 20:15 - 2014-09-23 20:15 - 00000631 _____ () C:\Users\Tim\Desktop\JRT.txt
2014-09-23 19:26 - 2014-09-23 19:26 - 04893784 _____ () C:\Users\Tim\Desktop\RogueKiller.exe
2014-09-23 19:20 - 2014-09-23 19:20 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-23 19:20 - 2014-09-23 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-23 15:16 - 2014-09-23 15:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
2014-09-23 13:17 - 2014-09-23 13:17 - 00065624 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-23 13:15 - 2014-09-24 01:31 - 00000448 _____ () C:\Windows\setupact.log
2014-09-23 13:15 - 2014-09-24 01:29 - 00115014 _____ () C:\Windows\PFRO.log
2014-09-23 13:15 - 2014-09-23 13:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-23 13:06 - 2014-09-24 01:32 - 00000000 ____D () C:\FRST
2014-09-23 11:40 - 2014-09-23 11:40 - 01373475 _____ () C:\Users\Tim\Desktop\AdwCleaner.exe
2014-09-23 11:36 - 2014-09-23 11:36 - 05472344 _____ () C:\Users\Tim\Desktop\RogueKillerX64.exe
2014-09-20 17:47 - 2014-09-23 20:05 - 01024790 _____ (Thisisu) C:\Users\Tim\Desktop\JRT.exe
2014-09-20 16:37 - 2014-09-20 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-20 16:36 - 2014-09-20 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-20 10:29 - 2014-09-20 10:29 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-09-20 10:29 - 2014-09-20 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-20 00:03 - 2014-09-20 00:03 - 00000147 _____ () C:\Users\Tim\Desktop\Arcadia Weather.url
2014-09-20 00:02 - 2014-09-20 00:02 - 00000108 _____ () C:\Users\Tim\Desktop\Forcast.io.url
2014-09-20 00:00 - 2014-09-20 00:00 - 00000137 _____ () C:\Users\Tim\Desktop\RetireCheapJC.url
2014-09-19 23:51 - 2014-09-19 23:51 - 00000000 ____D () C:\ProgramData\privazer
2014-09-19 21:32 - 2014-09-24 01:29 - 00228349 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 21:31 - 2014-09-19 21:31 - 00022186 _____ () C:\Windows\system32\cc_20140919_213123.reg
2014-09-19 21:23 - 2014-09-19 21:24 - 00170784 _____ () C:\Windows\system32\cc_20140919_212356.reg
2014-09-19 21:12 - 2014-09-19 21:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-19 21:12 - 2014-09-19 21:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-19 21:12 - 2014-09-13 14:53 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-19 21:12 - 2014-09-13 14:53 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-19 21:12 - 2014-09-13 14:53 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-19 21:12 - 2014-09-13 14:53 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-19 21:12 - 2014-09-13 14:53 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-19 21:12 - 2014-09-11 08:37 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-19 21:11 - 2014-09-16 21:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-19 21:11 - 2014-09-16 21:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-19 21:11 - 2014-09-13 16:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-19 21:11 - 2014-09-13 16:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-18 12:53 - 2014-09-19 21:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 07:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-17 07:16 - 2014-09-17 07:16 - 01373475 _____ () C:\Users\Tim\Desktop\adwcleaner_3.310.exe
2014-09-17 06:13 - 2014-09-17 06:13 - 00000000 ____D () C:\Program Files (x86)\BDtoAVCHD
2014-09-17 04:59 - 2014-09-17 04:59 - 00027552 _____ (REALiX) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2014-09-17 04:59 - 2014-09-17 04:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-09-17 04:59 - 2014-09-17 04:59 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-09-17 04:03 - 2014-09-17 04:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-17 04:03 - 2014-09-17 04:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 03:03 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 03:03 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-17 03:03 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 03:03 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-17 03:03 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-17 03:03 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-17 03:03 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 03:03 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 03:03 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 03:03 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-17 03:03 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 03:03 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-17 03:03 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-17 03:03 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 03:03 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-17 03:03 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-17 03:03 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 03:03 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-17 03:03 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-17 03:03 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-17 03:03 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-17 03:03 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 03:03 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-17 03:03 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 03:03 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-17 03:03 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-17 03:03 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-17 03:03 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-17 03:03 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-17 03:03 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 03:03 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-17 03:03 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-17 03:03 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 03:03 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-17 03:03 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-17 03:03 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-17 03:03 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-17 03:03 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 03:03 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 03:03 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 03:03 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-17 03:03 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-17 03:03 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-17 03:03 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-17 03:03 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-17 03:03 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 03:03 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-17 03:03 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 03:03 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-17 03:03 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-17 03:03 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-17 03:03 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 03:03 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-17 03:03 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-17 03:03 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 03:03 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-16 17:12 - 2014-09-16 17:12 - 00000260 _____ () C:\Windows\system32\bddel.dat
2014-09-16 13:49 - 2014-09-16 13:49 - 00017920 _____ () C:\Users\Tim\Desktop\trip expenses.xls
2014-09-16 13:26 - 2014-09-19 21:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-16 11:49 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-16 11:49 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-16 11:49 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-16 11:49 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-16 11:49 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-09 01:00 - 2014-09-09 00:31 - 00166384 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\psmounterex.sys
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Standard
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Shark007
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\Program Files\Shark007
2014-09-02 07:36 - 2014-09-01 22:37 - 01712512 _____ (MPC-BE Team) C:\Windows\system32\VSFilter.dll
2014-09-02 07:36 - 2014-06-05 14:00 - 02050560 _____ (xy-VSFilter Team) C:\Windows\system32\VSFilter.dll.bak
2014-09-02 07:36 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm.new
2014-09-02 07:36 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm
2014-09-02 07:36 - 2013-04-06 00:26 - 01679360 _____ () C:\Windows\SysWOW64\ac3filter.acm.new
2014-09-02 07:36 - 2012-07-17 18:21 - 00206336 _____ () C:\Windows\system32\unrar64.dll
2014-09-02 07:36 - 2010-11-20 20:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll.bak
2014-09-02 07:36 - 2010-11-20 20:24 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll.bak
2014-09-02 07:36 - 2009-08-11 21:22 - 00580096 _____ () C:\Windows\system32\ac3filter.acm.old
2014-09-02 07:36 - 2007-02-05 20:05 - 00000038 _____ () C:\Windows\AviSplitter.INI
2014-09-01 22:16 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-01 22:16 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-01 22:16 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 10:45 - 2014-09-21 03:23 - 00000911 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2014-08-26 10:45 - 2014-09-21 03:23 - 00000899 _____ () C:\Users\Public\Desktop\EZ CD Audio Converter.lnk
2014-08-26 10:45 - 2014-08-26 10:45 - 00000000 ____D () C:\ProgramData\EZ CD Audio Converter
2014-08-26 10:45 - 2014-08-26 10:45 - 00000000 ____D () C:\Program Files\EZ CD Audio Converter
2014-08-25 08:59 - 2014-08-25 08:59 - 00000000 ___HD () C:\Windows\AxInstSV

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 01:32 - 2014-09-24 01:32 - 00017519 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-09-24 01:32 - 2014-09-23 13:06 - 00000000 ____D () C:\FRST
2014-09-24 01:32 - 2012-10-07 00:22 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-24 01:31 - 2014-09-23 13:15 - 00000448 _____ () C:\Windows\setupact.log
2014-09-24 01:31 - 2014-06-20 22:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8d0e39de476a.job
2014-09-24 01:31 - 2014-05-13 11:34 - 00000328 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-09-24 01:31 - 2014-03-24 22:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 01:31 - 2014-01-06 23:13 - 00000000 ___RD () C:\Users\Tim\SkyDrive
2014-09-24 01:31 - 2012-07-30 20:02 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-24 01:31 - 2011-11-21 20:48 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Skype
2014-09-24 01:31 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 01:30 - 2014-09-24 01:30 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2014-09-24 01:30 - 2014-09-24 01:28 - 00020994 _____ () C:\Windows\DPINST.LOG
2014-09-24 01:29 - 2014-09-23 13:15 - 00115014 _____ () C:\Windows\PFRO.log
2014-09-24 01:29 - 2014-09-19 21:32 - 00228349 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 01:25 - 2014-09-24 01:25 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\NVIDIA
2014-09-24 01:25 - 2013-03-01 00:27 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Amazon
2014-09-24 01:25 - 2013-03-01 00:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-09-24 01:25 - 2013-03-01 00:27 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-09-24 01:21 - 2014-06-19 00:16 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA1cf8b8e733cb33c.job
2014-09-24 01:16 - 2012-05-29 22:15 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA.job
2014-09-24 01:15 - 2014-09-24 01:15 - 02106880 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2014-09-24 01:09 - 2014-06-20 22:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d0e3c54a7d5.job
2014-09-24 01:03 - 2012-07-30 20:02 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-24 00:33 - 2012-03-29 07:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 00:21 - 2014-06-19 00:16 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core1cf8b8e70a7f4f0.job
2014-09-23 22:56 - 2013-08-26 08:25 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2002CE71-640F-4112-83BD-ABCEB4792A2F}
2014-09-23 22:07 - 2014-09-23 22:02 - 00003319 _____ () C:\Users\Tim\Desktop\mbam.txt
2014-09-23 22:03 - 2014-08-24 23:48 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-23 21:53 - 2009-07-13 21:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 21:53 - 2009-07-13 21:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 21:52 - 2014-09-23 21:52 - 00002040 _____ () C:\Users\Tim\Desktop\Rkill.txt
2014-09-23 21:49 - 2014-09-23 21:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Tim\Desktop\rkill.exe
2014-09-23 21:42 - 2014-09-23 21:42 - 00098035 _____ () C:\ProgramData\1411533698.bdinstall.bin
2014-09-23 21:41 - 2014-09-23 21:41 - 00037823 _____ () C:\ProgramData\1411533697.bdinstall.bin
2014-09-23 20:15 - 2014-09-23 20:15 - 00000631 _____ () C:\Users\Tim\Desktop\JRT.txt
2014-09-23 20:05 - 2014-09-20 17:47 - 01024790 _____ (Thisisu) C:\Users\Tim\Desktop\JRT.exe
2014-09-23 19:26 - 2014-09-23 19:26 - 04893784 _____ () C:\Users\Tim\Desktop\RogueKiller.exe
2014-09-23 19:20 - 2014-09-23 19:20 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-23 19:20 - 2014-09-23 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-23 19:20 - 2011-12-07 21:19 - 00000000 ____D () C:\Users\Tim\AppData\Local\Google
2014-09-23 19:20 - 2011-12-07 21:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-23 15:16 - 2014-09-23 15:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
2014-09-23 14:33 - 2014-06-17 12:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 14:33 - 2014-06-17 12:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 14:33 - 2012-03-29 07:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 13:17 - 2014-09-23 13:17 - 00065624 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-23 13:16 - 2012-05-29 22:15 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core.job
2014-09-23 13:15 - 2014-09-23 13:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-23 11:40 - 2014-09-23 11:40 - 01373475 _____ () C:\Users\Tim\Desktop\AdwCleaner.exe
2014-09-23 11:40 - 2013-11-25 00:45 - 00000000 ____D () C:\AdwCleaner
2014-09-23 11:36 - 2014-09-23 11:36 - 05472344 _____ () C:\Users\Tim\Desktop\RogueKillerX64.exe
2014-09-23 11:27 - 2014-01-15 19:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Wise Disk Cleaner
2014-09-23 11:25 - 2014-01-15 19:23 - 00001204 _____ () C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2014-09-23 11:25 - 2014-01-15 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2014-09-22 21:20 - 2009-07-13 22:13 - 00783826 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 00:31 - 2011-11-15 21:44 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Mp3tag
2014-09-22 00:29 - 2014-04-02 23:56 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\CUE Tools
2014-09-21 03:23 - 2014-08-26 10:45 - 00000911 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2014-09-21 03:23 - 2014-08-26 10:45 - 00000899 _____ () C:\Users\Public\Desktop\EZ CD Audio Converter.lnk
2014-09-21 01:09 - 2011-11-08 21:08 - 00019840 _____ () C:\Windows\system32\results.xml
2014-09-21 01:07 - 2012-06-28 21:31 - 00000000 ___RD () C:\Users\Tim\Dropbox
2014-09-21 01:07 - 2011-11-08 21:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-21 00:44 - 2011-11-14 02:14 - 00000000 ____D () C:\Users\Tim\AppData\Local\QuickPar
2014-09-20 21:35 - 2012-06-28 21:29 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Dropbox
2014-09-20 21:34 - 2012-06-28 21:31 - 00001013 _____ () C:\Users\Tim\Desktop\Dropbox.lnk
2014-09-20 21:34 - 2012-06-28 21:30 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-20 16:37 - 2014-09-20 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-20 16:37 - 2011-11-08 21:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-20 16:36 - 2014-09-20 16:36 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-20 16:36 - 2011-11-10 20:54 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-20 10:29 - 2014-09-20 10:29 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-09-20 10:29 - 2014-09-20 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-09-20 10:29 - 2011-11-15 21:44 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-09-20 00:03 - 2014-09-20 00:03 - 00000147 _____ () C:\Users\Tim\Desktop\Arcadia Weather.url
2014-09-20 00:02 - 2014-09-20 00:02 - 00000108 _____ () C:\Users\Tim\Desktop\Forcast.io.url
2014-09-20 00:01 - 2013-06-03 15:57 - 00000114 _____ () C:\Users\Tim\Desktop\Google Keep.url
2014-09-20 00:00 - 2014-09-20 00:00 - 00000137 _____ () C:\Users\Tim\Desktop\RetireCheapJC.url
2014-09-19 23:59 - 2013-06-04 07:29 - 00000131 _____ () C:\Users\Tim\Desktop\Google Contacts.URL
2014-09-19 23:51 - 2014-09-19 23:51 - 00000000 ____D () C:\ProgramData\privazer
2014-09-19 21:31 - 2014-09-19 21:31 - 00022186 _____ () C:\Windows\system32\cc_20140919_213123.reg
2014-09-19 21:28 - 2014-09-18 12:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 21:28 - 2014-09-16 13:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-19 21:28 - 2014-03-17 22:43 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\WiseUpdate
2014-09-19 21:28 - 2012-01-25 20:53 - 00000000 ____D () C:\Program Files (x86)\Tinnitus Masker Deluxe
2014-09-19 21:26 - 2014-04-18 18:51 - 00000000 ____D () C:\Users\Tim\Desktop\PDFs
2014-09-19 21:26 - 2011-11-14 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-09-19 21:24 - 2014-09-19 21:23 - 00170784 _____ () C:\Windows\system32\cc_20140919_212356.reg
2014-09-19 21:20 - 2014-02-14 18:30 - 00000174 _____ () C:\Users\Tim\cssdt.log
2014-09-19 21:19 - 2013-06-06 19:24 - 00000000 ____D () C:\ProgramData\MediaBrowser-Classic
2014-09-19 21:17 - 2014-06-17 00:26 - 00000000 ____D () C:\Program Files (x86)\PrivaZer
2014-09-19 21:16 - 2013-02-08 07:59 - 00000000 ____D () C:\ProgramData\abelhadigital.com
2014-09-19 21:16 - 2013-02-08 07:59 - 00000000 ____D () C:\Program Files (x86)\HostsMan
2014-09-19 21:15 - 2013-12-29 21:30 - 00000000 ____D () C:\Users\Tim\Desktop\Nisa
2014-09-19 21:12 - 2014-09-19 21:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-19 21:12 - 2014-09-19 21:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-19 21:12 - 2014-01-10 08:37 - 00000000 ____D () C:\TEMP
2014-09-19 21:12 - 2014-01-09 00:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-19 21:12 - 2011-11-08 21:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-19 21:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2014-09-19 20:57 - 2014-01-09 00:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-19 19:37 - 2014-02-20 09:56 - 00000000 ____D () C:\Users\Tim\AppData\Local\CrashDumps
2014-09-19 19:31 - 2014-04-18 11:03 - 00000000 ____D () C:\Users\Tim\Desktop\GIFs
2014-09-19 17:11 - 2014-04-09 12:17 - 00000173 _____ () C:\Users\Tim\Desktop\Scott Mallon - YouTube.URL
2014-09-19 09:42 - 2012-04-21 18:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 12:55 - 2014-06-17 12:21 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 12:55 - 2014-06-17 12:21 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-17 10:44 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-09-17 07:16 - 2014-09-17 07:16 - 01373475 _____ () C:\Users\Tim\Desktop\adwcleaner_3.310.exe
2014-09-17 06:13 - 2014-09-17 06:13 - 00000000 ____D () C:\Program Files (x86)\BDtoAVCHD
2014-09-17 06:13 - 2014-07-29 12:32 - 00001109 _____ () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BDtoAVCHD.lnk
2014-09-17 06:13 - 2014-07-29 12:32 - 00001079 _____ () C:\Users\Tim\Desktop\BDtoAVCHD.lnk
2014-09-17 04:59 - 2014-09-17 04:59 - 00027552 _____ (REALiX) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2014-09-17 04:59 - 2014-09-17 04:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-09-17 04:59 - 2014-09-17 04:59 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-09-17 04:55 - 2014-07-12 12:49 - 00000000 ____D () C:\Users\Tim\AppData\Local\Adobe
2014-09-17 04:03 - 2014-09-17 04:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-17 04:03 - 2014-09-17 04:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 04:03 - 2011-11-21 20:48 - 00000000 ____D () C:\ProgramData\Skype
2014-09-17 03:03 - 2011-11-09 10:31 - 00775948 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-17 03:02 - 2013-08-16 01:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-17 03:00 - 2011-11-08 23:52 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-16 21:51 - 2014-09-19 21:11 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-16 21:51 - 2014-09-19 21:11 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-16 21:51 - 2013-02-18 19:57 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-16 17:12 - 2014-09-16 17:12 - 00000260 _____ () C:\Windows\system32\bddel.dat
2014-09-16 13:49 - 2014-09-16 13:49 - 00017920 _____ () C:\Users\Tim\Desktop\trip expenses.xls
2014-09-13 16:48 - 2014-09-19 21:11 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-13 16:48 - 2014-09-19 21:11 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-13 16:48 - 2014-09-19 21:11 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-13 16:48 - 2013-03-25 22:32 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-13 16:48 - 2013-03-25 22:32 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-13 14:53 - 2014-09-19 21:12 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-13 14:53 - 2014-09-19 21:12 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-13 14:53 - 2014-09-19 21:12 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-13 14:53 - 2014-09-19 21:12 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-13 14:53 - 2014-09-19 21:12 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-11 08:37 - 2014-09-19 21:12 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-09 00:31 - 2014-09-09 01:00 - 00166384 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\psmounterex.sys
2014-09-02 22:43 - 2011-11-13 23:56 - 00000000 ____D () C:\Users\Tim\AppData\Local\Thunderbird
2014-09-02 07:37 - 2011-11-13 23:56 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-09-02 07:37 - 2011-11-13 23:56 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Standard
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Shark007
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
2014-09-02 07:36 - 2014-09-02 07:36 - 00000000 ____D () C:\Program Files\Shark007
2014-09-02 07:36 - 2014-07-16 03:37 - 00000000 ____D () C:\ProgramData\Standard
2014-09-02 07:36 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-01 22:37 - 2014-09-02 07:36 - 01712512 _____ (MPC-BE Team) C:\Windows\system32\VSFilter.dll
2014-09-01 22:31 - 2011-12-14 00:49 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TeamViewer
2014-09-01 22:30 - 2011-11-14 01:28 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-01 22:30 - 2011-11-14 01:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-01 22:24 - 2014-06-17 07:18 - 00298808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-26 10:45 - 2014-08-26 10:45 - 00000000 ____D () C:\ProgramData\EZ CD Audio Converter
2014-08-26 10:45 - 2014-08-26 10:45 - 00000000 ____D () C:\Program Files\EZ CD Audio Converter
2014-08-26 10:45 - 2012-12-09 00:53 - 00000000 ____D () C:\Users\Tim\AppData\Local\EZ CD Audio Converter
2014-08-25 17:08 - 2012-03-10 22:54 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\MusicBee
2014-08-25 16:56 - 2014-07-13 00:41 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\eM Client
2014-08-25 16:56 - 2014-07-13 00:40 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2014-08-25 16:56 - 2014-07-13 00:40 - 00000000 ____D () C:\Program Files (x86)\eM Client
2014-08-25 15:45 - 2012-03-19 11:13 - 00000000 ____D () C:\Program Files (x86)\EASEUS
2014-08-25 14:19 - 2014-04-27 18:35 - 00000000 ____D () C:\Users\Tim\Desktop\clean
2014-08-25 08:59 - 2014-08-25 08:59 - 00000000 ___HD () C:\Windows\AxInstSV

Files to move or delete:
====================
C:\Users\Tim\g2ax_expert_downloadhelper_win32_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 16:35

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
Ran by Tim at 2014-09-24 01:32:25
Running from C:\Users\Tim\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
7-Zip 9.26 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0926-000001000000}) (Version: 9.26.00.0 - Igor Pavlov)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Alpha Zawgyi Unicode System (HKLM-x32\...\Alpha Zawgyi Unicode System) (Version:  - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.16.0 - Asmedia Technology)
BDtoAVCHD 2.1.7 (HKLM-x32\...\{DFAADDC0-2978-4190-A617-0956841ACF41}) (Version: 2.1.7 - Joel Gali)
calibre (HKLM-x32\...\{1BFDD064-4C67-4156-A6C6-6E8D63563B3B}) (Version: 1.20.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4954 - CDBurnerXP)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Delta Flight Schedules (HKLM-x32\...\DL) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
eM Client (HKLM-x32\...\{82AA05E0-C204-4057-A5B2-014F43A280C1}) (Version: 6.0.20648.0 - eM Client Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 2.2.1 - Poikosoft)
FastStone Image Viewer 5.0 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.0 - FastStone Soft)
FreeFileSync 6.3 (HKLM-x32\...\FreeFileSync) (Version: 6.3 - Zenju)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToAssist Expert 2.1.0.715 (HKCU\...\GoToAssist Remote Support Expert) (Version: 2.1.0.715 - Citrix Online)
HDD Regenerator (HKLM-x32\...\{CC5DA723-D428-40D1-B82B-21EB64B1273C}) (Version: 20.11.0011 - Abstradrome)
HL-5470DW (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.5.1367 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Network Connections 19.1.51.0 (Version: 19.1.51.0 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.9.4.1000 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
join.me (HKCU\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
JRiver Media Center 19 (HKLM-x32\...\Media Center 19) (Version: 19 - J. River, Inc.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech) Hidden
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
Macrium Reflect Professional Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Professional Edition (Version: 5.3.7086 - Paramount Software (UK) Ltd.) Hidden
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.9.8 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
Mozilla Thunderbird 31.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.1.1 (x86 en-US)) (Version: 31.1.1 - Mozilla)
Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MPC BE (HKLM-x32\...\MPC BE_is1) (Version: 1.4.3.5311 - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
NewsLeecher v6.5 Beta 6 (HKLM-x32\...\NewsLeecher_is1) (Version:  - )
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QT Lite 4.1.0 (HKLM-x32\...\quicktime_lite_is1) (Version: 4.1.0 - )
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Sansa Updater (HKCU\...\Sansa Updater) (Version: 1.313 - SanDisk Corporation)
Shark007 Standard Codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 2.1.5 - Shark007)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
WinRAR (64-bit) x3xpl05iv3x version 4.20 (HKLM-x32\...\{F1F5D2D3-7746-44E4-AC29-ABEE52B6B35F}_is1) (Version: 4.20 - x3xpl05iv3x©2012)
Wise Disk Cleaner 8.31 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 8.31 - WiseCleaner.com, Inc.)
x64Components v2.1.5 (HKLM\...\Standard x64Components_is1) (Version: 2.1.5 - Shark007)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635314408-132208643-1039462560-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-09-2014 04:19:40 Removed Media Browser Classic
20-09-2014 23:33:32 Removed FAN Xpert 2
20-09-2014 23:33:41 Removed Probe II
20-09-2014 23:33:55 Removed AI Suite II
20-09-2014 23:36:52 Installed AI Suite II
20-09-2014 23:37:06 Installed FAN Xpert
20-09-2014 23:37:15 Installed Probe II
24-09-2014 08:28:29 Removed Asmedia ASM104x USB 3.0 Host Controller Driver.
24-09-2014 08:30:36 Installed Asmedia ASM104x USB 3.0 Host Controller Driver.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2014-09-19 21:16 - 00000827 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05385791-7CF0-48EC-8BE8-BBEC56F194AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-30] (Google Inc.)
Task: {0EAB2C42-D8EB-41E4-8F63-B5B76F2ECD5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {1D8DF938-0823-4C4E-8C91-ED1548034C10} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29] (Google Inc.)
Task: {20A56A38-3D96-4A28-B3E4-6E773841DF16} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {5C32AF11-4601-4701-98F4-0448BE26F6BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6A81C73F-F460-4271-8E4B-B778DDB0AEC1} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {73D49CE0-CD5D-47E8-813E-FBE86B5982AA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA1cf8b8e733cb33c => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29] (Google Inc.)
Task: {7ABB92AE-D3D9-4066-B72A-9EB9082D778D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core1cf8b8e70a7f4f0 => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29] (Google Inc.)
Task: {8B287655-293C-4F92-AAE4-A0B3908444AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29] (Google Inc.)
Task: {B0169496-57C6-4ED4-8FBB-46EA8DC720F9} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8d0e39de476a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-30] (Google Inc.)
Task: {B532D39F-2A4B-4004-A53B-447632B926D6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C3B25A84-F106-4743-9D6B-ABA0338906B7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8d0e3c54a7d5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-30] (Google Inc.)
Task: {D2397668-C8B3-405F-9AFC-C313E4C6C425} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-30] (Google Inc.)
Task: {D5EFA7A5-2E91-4A0F-9D4B-5C2E300D906D} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8d0e39de476a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d0e3c54a7d5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core.job => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core1cf8b8e70a7f4f0.job => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA.job => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA1cf8b8e733cb33c.job => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-19 21:12 - 2014-09-13 14:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-04-30 15:35 - 2013-04-30 15:35 - 00082144 _____ () C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
2011-11-08 21:03 - 2011-08-31 13:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-02 10:30 - 2013-09-17 18:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-04-30 15:35 - 2013-04-30 15:35 - 01954544 _____ () C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
2013-07-02 10:30 - 2014-09-24 01:31 - 00027136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-07-02 10:30 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-09-13 14:37 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-09-20 16:36 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-09-20 16:36 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-09-20 16:37 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-09-20 16:37 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-09-20 16:37 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-09-20 16:37 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-09-20 16:37 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-09-20 16:36 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-09-20 16:37 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-07-02 10:30 - 2012-09-11 16:52 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-09-20 16:36 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-09-20 16:36 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:15B79D44
AlternateDataStreams: C:\ProgramData\TEMP:3E7908F7
AlternateDataStreams: C:\ProgramData\TEMP:7BEAD6C2
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Tim\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Tim\Desktop\adwcleaner_3.310.exe:BDU
AlternateDataStreams: C:\Users\Tim\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Tim\Desktop\RogueKiller.exe:BDU
AlternateDataStreams: C:\Users\Tim\Desktop\RogueKillerX64.exe:BDU
AlternateDataStreams: C:\Users\Tim\Desktop\tdsskiller.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08684202.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08684202.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: SansaDispatch => :C:\Users\Tim\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2014 10:03:24 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5616.  Message ID: [0x2509].

Error: (09/23/2014 09:47:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2014 08:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/23/2014 09:45:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:44:53 PM on ‎9/‎23/‎2014 was unexpected.

Error: (09/23/2014 09:41:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
%%5

Error: (09/23/2014 09:41:41 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (09/23/2014 08:15:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:14:42 PM on ‎9/‎23/‎2014 was unexpected.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-19 14:48:00.763
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Clients\Nick\New\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:48:00.723
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Clients\Nick\New\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:48:00.653
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tim\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:48:00.613
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tim\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:47:52.484
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Clients\Nick\New\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:47:52.454
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Clients\Nick\New\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:47:52.364
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tim\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:47:52.334
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tim\AppData\Local\Temp\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:47:39.114
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Clients\Nick\New\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-06-19 14:47:39.084
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Clients\Nick\New\PCIUtil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 20%
Total physical RAM: 8089.14 MB
Available physical RAM: 6434.02 MB
Total Pagefile: 16176.46 MB
Available Pagefile: 14409.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:65.41 GB) NTFS
Drive d: (hitachi_2g) (Fixed) (Total:1863.01 GB) (Free:140.58 GB) NTFS
Drive e: (2tb) (Fixed) (Total:1863.01 GB) (Free:92.25 GB) NTFS
Drive f: (wd_green) (Fixed) (Total:1863.01 GB) (Free:241.02 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites

ComboFix 14-09-22.01 - Tim 09/24/2014   3:57.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8089.6079 [GMT -7:00]
Running from: c:\users\Tim\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1399906289.bdinstall.bin
c:\programdata\1411533697.bdinstall.bin
c:\programdata\1411533698.bdinstall.bin
c:\users\Tim\AppData\Roaming\dvdae
c:\users\Tim\AppData\Roaming\dvdae\dvdae.config
c:\users\Tim\AppData\Roaming\dvdae\dvdae.lic
c:\users\Tim\AppData\Roaming\vso_ts_preview.xml
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
(((((((((((((((((((((((((   Files Created from 2014-08-24 to 2014-09-24  )))))))))))))))))))))))))))))))
.
.
2014-09-24 11:00 . 2014-09-24 11:00    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-09-24 08:30 . 2014-09-24 08:30    --------    d-----w-    c:\program files (x86)\ASM104xUSB3
2014-09-24 08:25 . 2014-09-24 08:25    --------    d-----w-    c:\users\Tim\AppData\Roaming\NVIDIA
2014-09-23 20:06 . 2014-09-24 08:32    --------    d-----w-    C:\FRST
2014-09-20 06:51 . 2014-09-20 06:51    --------    d-----w-    c:\programdata\privazer
2014-09-20 04:31 . 2014-09-20 04:31    22186    ----a-w-    c:\windows\system32\cc_20140919_213123.reg
2014-09-20 04:23 . 2014-09-20 04:24    170784    ----a-w-    c:\windows\system32\cc_20140919_212356.reg
2014-09-20 04:12 . 2014-09-20 04:12    --------    d-----w-    c:\program files (x86)\AGEIA Technologies
2014-09-20 04:12 . 2014-09-20 04:12    --------    d-----w-    c:\programdata\NVIDIA
2014-09-20 04:12 . 2014-09-13 21:53    6890696    ----a-w-    c:\windows\system32\nvcpl.dll
2014-09-20 04:12 . 2014-09-13 21:53    3529872    ----a-w-    c:\windows\system32\nvsvc64.dll
2014-09-20 04:12 . 2014-09-13 21:53    934216    ----a-w-    c:\windows\system32\nvvsvc.exe
2014-09-20 04:12 . 2014-09-13 21:53    62608    ----a-w-    c:\windows\system32\nvshext.dll
2014-09-20 04:12 . 2014-09-13 21:53    385168    ----a-w-    c:\windows\system32\nvmctray.dll
2014-09-20 04:12 . 2014-09-11 15:37    3961833    ----a-w-    c:\windows\system32\nvcoproc.bin
2014-09-17 14:17 . 2010-08-30 15:34    536576    ----a-w-    c:\windows\SysWow64\sqlite3.dll
2014-09-17 13:13 . 2014-09-17 13:13    --------    d-----w-    c:\program files (x86)\BDtoAVCHD
2014-09-17 11:59 . 2014-09-17 11:59    27552    ----a-w-    c:\windows\system32\drivers\HWiNFO64A.SYS
2014-09-17 11:59 . 2014-09-17 11:59    --------    d-----w-    c:\program files\HWiNFO64
2014-09-17 11:03 . 2014-09-17 11:03    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2014-09-17 11:03 . 2014-09-17 11:03    --------    d-----r-    c:\program files (x86)\Skype
2014-09-16 20:26 . 2014-09-20 04:28    --------    d-----w-    c:\program files (x86)\Mozilla Thunderbird
2014-09-16 18:49 . 2014-07-07 02:06    728064    ----a-w-    c:\windows\system32\kerberos.dll
2014-09-16 18:49 . 2014-07-07 02:06    1460736    ----a-w-    c:\windows\system32\lsasrv.dll
2014-09-16 18:49 . 2014-07-07 01:40    22016    ----a-w-    c:\windows\SysWow64\secur32.dll
2014-09-16 18:49 . 2014-07-07 01:40    550912    ----a-w-    c:\windows\SysWow64\kerberos.dll
2014-09-16 18:49 . 2014-07-07 01:39    96768    ----a-w-    c:\windows\SysWow64\sspicli.dll
2014-09-09 08:00 . 2014-09-09 07:31    166384    ----a-w-    c:\windows\system32\drivers\psmounterex.sys
2014-09-02 14:36 . 2010-11-21 03:24    381440    ----a-w-    c:\windows\system32\mfds.dll.bak
2014-09-02 14:36 . 2010-11-21 03:25    296448    ----a-w-    c:\windows\SysWow64\mfds.dll.bak
2014-09-02 14:36 . 2014-09-02 14:36    --------    d-----w-    c:\users\Tim\AppData\Roaming\Shark007
2014-09-02 14:36 . 2014-09-02 14:36    --------    d-----w-    c:\programdata\Shark007
2014-09-02 14:36 . 2014-09-02 14:36    --------    d-----w-    c:\program files\Shark007
2014-09-02 14:36 . 2014-09-02 05:37    1712512    ----a-w-    c:\windows\system32\VSFilter.dll
2014-09-02 14:36 . 2013-04-06 07:27    2231296    ----a-w-    c:\windows\system32\ac3filter.acm
2014-09-02 14:36 . 2012-07-18 01:21    206336    ----a-w-    c:\windows\system32\unrar64.dll
2014-09-02 14:36 . 2013-04-06 07:26    1679360    ----a-w-    c:\windows\SysWow64\ac3filter.acm.new
2014-09-02 14:36 . 2014-09-02 14:36    --------    d-----w-    c:\users\Tim\AppData\Roaming\Standard
2014-09-02 05:16 . 2014-08-23 02:07    404480    ----a-w-    c:\windows\system32\gdi32.dll
2014-09-02 05:16 . 2014-08-23 01:45    311808    ----a-w-    c:\windows\SysWow64\gdi32.dll
2014-09-02 05:16 . 2014-08-23 00:59    3163648    ----a-w-    c:\windows\system32\win32k.sys
2014-08-26 17:45 . 2014-08-26 17:45    --------    d-----w-    c:\programdata\EZ CD Audio Converter
2014-08-26 17:45 . 2014-08-26 17:45    --------    d-----w-    c:\program files\EZ CD Audio Converter
2014-08-25 15:59 . 2014-08-25 15:59    --------    d--h--w-    c:\windows\AxInstSV
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-24 10:09 . 2014-03-25 05:10    122584    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-24 05:03 . 2014-08-25 06:48    37624    ----a-w-    c:\windows\system32\drivers\TrueSight.sys
2014-09-23 21:33 . 2014-06-17 19:17    71344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-23 21:33 . 2014-06-17 19:17    701104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-17 10:00 . 2011-11-09 06:52    101694776    ----a-w-    c:\windows\system32\MRT.exe
2014-09-17 04:51 . 2013-02-19 02:57    1538880    ----a-w-    c:\windows\system32\nvhdagenco6420103.dll
2014-09-13 23:48 . 2013-03-26 05:32    19954520    ----a-w-    c:\windows\system32\nvd3dumx.dll
2014-08-14 07:52 . 2014-05-04 15:23    61000    ----a-w-    c:\windows\system32\drivers\eubakup.sys
2014-08-14 07:52 . 2014-05-04 15:23    189000    ----a-w-    c:\windows\system32\drivers\EuFdDisk.sys
2014-08-14 07:52 . 2014-05-04 15:23    18504    ----a-w-    c:\windows\system32\drivers\eudskacs.sys
2014-08-14 07:52 . 2014-05-04 15:23    48200    ----a-w-    c:\windows\system32\drivers\EUBKMON.sys
2014-08-11 17:06 . 2013-10-01 19:57    549448    ------w-    c:\windows\SysWow64\MC19.exe
2014-08-11 17:06 . 2013-10-01 19:57    549448    ------w-    c:\windows\system32\MC19.exe
2014-08-11 06:06 . 2013-03-26 21:46    15000576    ----a-w-    c:\program files (x86)\Common Files\lpuninstall.exe
2014-07-25 09:35 . 2014-07-25 09:35    875688    ----a-w-    c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 06:47 . 2014-07-25 06:47    869544    ----a-w-    c:\windows\system32\msvcr120_clr0400.dll
2014-07-21 11:36 . 2014-07-21 11:55    12760    ----a-w-    c:\windows\system32\drivers\PSVolAcc.sys
2014-07-16 03:23 . 2014-08-13 01:28    2048    ----a-w-    c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 01:28    2048    ----a-w-    c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-13 01:28    1216000    ----a-w-    c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 01:28    664064    ----a-w-    c:\windows\SysWow64\rpcrt4.dll
2014-07-11 07:59 . 2014-07-11 07:59    58192    ----a-w-    c:\windows\system32\cc_20140711_005908.reg
2014-06-30 22:24 . 2014-08-13 01:29    8856    ----a-w-    c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-13 01:29    8856    ----a-w-    c:\windows\SysWow64\icardres.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-08-04 04:17    233128    ----a-w-    c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-08-04 04:17    233128    ----a-w-    c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-08-04 04:17    233128    ----a-w-    c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="c:\users\Tim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-08-04 251040]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-08-27 22041192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-13 204136]
"HDD Regenerator"="c:\program files (x86)\HDD Regenerator\Shell.exe" [2013-04-30 90336]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2011-10-18 2678784]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Install LastPass FF RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -q -name=LastPass -ffuuid support@lastpass.com [2013-3-26 15000576]
Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid support@lastpass.com [2013-3-26 15000576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"EaseUs Watch"="c:\program files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
"EaseUs Tray"="c:\program files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
R3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver 06/04/2010,1.12.1.1;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Media Center 19 Service;JRiver Media Center 19 Service;c:\program files (x86)\J River\Media Center 19\JRService.exe;c:\program files (x86)\J River\Media Center 19\JRService.exe [x]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8187B.sys [x]
R3 SIVDriver;SIV Kernel Driver;c:\windows\system32\Drivers\SIVX64.sys;c:\windows\SYSNATIVE\Drivers\SIVX64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [x]
S2 hddrsrv;hddrsrv;c:\program files (x86)\HDD Regenerator\hrsrv.exe;c:\program files (x86)\HDD Regenerator\hrsrv.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe;c:\program files\Macrium\Reflect\ReflectService.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-24 02:20    1096520    ----a-w-    c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17 21:33]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-31 03:02]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf8d0e39de476a.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-31 03:02]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-31 03:02]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8d0e3c54a7d5.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-31 03:02]
.
2014-09-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 05:15]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000Core1cf8b8e70a7f4f0.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 05:15]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 05:15]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1635314408-132208643-1039462560-1000UA1cf8b8e733cb33c.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-08-04 04:17    260776    ----a-w-    c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-08-04 04:17    260776    ----a-w-    c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-08-04 04:17    260776    ----a-w-    c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10    164760    ----a-w-    c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 17:34    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 17:34    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 17:34    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 17:34    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 17:34    777032    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-06 7573720]
"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2014-04-24 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-04-09 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-04-09 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-04-09 442352]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.1.1
DPF: {1FDFCFC3-B893-43E1-9138-4A2D2452A551} - hxxps://www.t-mobilepictures.com/myalbum/scripts/downloader/FileDownloader7.cab
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\f581sqav.default-1403033947623\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: browser.startup.homepage - hxxp://www.dailyrotation.com/
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-08684202.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
   fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
   b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
"{9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5}"=hex:51,66,7a,6c,4c,1d,38,12,ad,5f,78,
   9b,49,12,32,0e,e8,b9,5a,9e,c4,bd,c4,f1
"{95D9ECF5-2A4D-4550-BE49-70D42F71296E}"=hex:51,66,7a,6c,4c,1d,38,12,9b,ef,ca,
   91,7f,64,3e,00,c1,5f,33,94,2a,2f,6d,7a
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:c3,90,27,ed,85,47,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ec,71,01,a8,4f,0c,bd,49,98,3f,f1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0e,29,3b,d2,ef,97,90,48,8b,30,d3,\
.
[HKEY_USERS\S-1-5-21-1635314408-132208643-1039462560-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{75DD4672-3101-1480-27EF-1D6ACF475D72}*]
@Allowed: (Read) (RestrictedCode)
"oadnlgmcadpedfenccdkgchoipfiin"=hex:6a,61,63,63,6a,62,63,6a,63,63,6d,69,6a,69,
   68,67,6f,69,64,6e,00,00
"nanjbcldomohlehlemjcpojjbkhm"=hex:6a,61,63,63,6a,62,63,6a,63,63,6d,69,6a,69,
   68,67,6f,69,64,6e,00,00
"gblljiaiopbhlmocfmcdlfnneeiiiengcehkdlkpkbinoi"=hex:65,61,66,6f,61,67,6c,6a,
   6a,62,00,00
"bbfpdldniloldkcmadpcpihpfgabneidglfi"=hex:67,61,70,62,6e,6f,69,66,6e,69,6e,66,
   6b,6d,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"v5Licence0"="15-Y2FF-2C7Y-MQ71-AE5R-TN8S-9QEAQRD"
"Activated"="Y"
"v5Licence"="17-3QPQ-TZ38-DTD7-AXW7-TNVY-C48XSA1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-09-24  04:01:54
ComboFix-quarantined-files.txt  2014-09-24 11:01
.
Pre-Run: 70,243,229,696 bytes free
Post-Run: 69,702,541,312 bytes free
.
- - End Of File - - BEF4955B70C6980206BFCF8BFC37FE47
A36C5E4F47E84449FF07ED3517B43A31
 

Link to post
Share on other sites

  • Root Admin

Assuming you only see this in Chrome do the following.
 
 
 
You need to sign into your Google Chrome account and UN SYNC everything.
If you have APPS you're using then make sure you have them written down and the credentials needed to reinstall them again later on.

Make sure you make a backup of your bookmarks and know your passwords.

Then Unsync Google Chrome and restart your computer.
Then log back into Google Chrome and make sure that nothing is being synced.

Then Reset Google Chrome browser settings back to Default.


Next,

Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

Then restart the computer and do another MBAM scan and it should come back clean this time. Please post back that new log as well.

Link to post
Share on other sites

  • Root Admin

Basically do the same thing for Firefox. Logon to your account and Turn off Sync

 

You can enable and disable Firefox Sync through the Tools section of Firefox.

 

After you turn of Sync then reset Firefox back to defaults

 

Firefox
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

 

Then scan and clean if needed with MBAM and restart the computer. Then rescan again and make sure it's still clean.

 

Post back your new log and let me know if that corrected the issue.

 

Getting late here so I probably check back on you again sometime tomorrow.

 

Thanks again

 

Link to post
Share on other sites

I don't use the Sync feature in Firefox, I use lastpass and xmarks. I did reset Firefox. Here is my MBAM log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: Thursday 9/25/2014
Scan Time: 12:00:06 AM
Logfile: mbam.txt
Administrator: No

Version: 2.00.2.1012
Malware Database: v2014.09.25.03
Rootkit Database: v2014.09.19.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tim

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 325789
Time Elapsed: 4 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

i have only been using Firefox, but it also came up when i open a piece of software. only pops up when browser is open. i reset Firefox also.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Detection, Thursday 9/25/2014 12:05:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59473, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:05:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59474, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:05:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59473, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:05:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59483, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:05:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59484, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:50:55 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62006, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:50:55 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62007, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Protection, Thursday 9/25/2014 8:58:25 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Thursday 9/25/2014 8:58:25 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Thursday 9/25/2014 8:58:25 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 8:58:30 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 9:03:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49464, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:03:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49464, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:03:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49475, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:06:33 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49741, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:06:33 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49742, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:22:40 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50366, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:41:10 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 52736, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Thursday 9/25/2014 9:42:56 AM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.3, 2014.9.25.8,
Protection, Thursday 9/25/2014 9:42:58 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Thursday 9/25/2014 9:42:58 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 9:42:58 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 9:43:01 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Thursday 9/25/2014 9:43:02 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 9:43:02 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 9:46:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53427, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:46:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53428, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:46:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53427, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:46:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53430, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:46:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53431, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:58:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54779, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:58:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54780, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 10:21:28 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56370, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 10:21:29 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56371, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Thursday 9/25/2014 11:22:12 AM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.8, 2014.9.25.9,
Protection, Thursday 9/25/2014 11:22:13 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Thursday 9/25/2014 11:22:13 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 11:22:13 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 11:22:17 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Thursday 9/25/2014 11:22:17 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 11:22:17 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 11:37:16 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58779, Outbound, C:\Program Files (x86)\BDtoAVCHD\BDtoAVCHD.exe,
Detection, Thursday 9/25/2014 11:37:16 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58779, Outbound, C:\Program Files (x86)\BDtoAVCHD\BDtoAVCHD.exe,
Detection, Thursday 9/25/2014 11:40:07 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59014, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 11:40:07 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59015, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 11:52:10 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59154, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 11:58:51 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 59446, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Protection, Thursday 9/25/2014 12:19:07 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Thursday 9/25/2014 12:19:07 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Thursday 9/25/2014 12:19:07 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 12:19:12 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 12:32:50 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51116, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:32:50 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51116, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:32:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51122, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:36:30 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51545, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:39:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51880, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 12:39:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51881, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Thursday 9/25/2014 3:14:40 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.9, 2014.9.25.10,
Protection, Thursday 9/25/2014 3:14:41 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Thursday 9/25/2014 3:14:41 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 3:14:42 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 3:14:45 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Thursday 9/25/2014 3:14:45 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 3:14:45 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 4:57:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57121, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 4:57:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57121, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 4:57:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57122, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 4:57:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57123, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 4:57:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57124, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Thursday 9/25/2014 5:02:35 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.10, 2014.9.25.11,
Protection, Thursday 9/25/2014 5:02:36 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Thursday 9/25/2014 5:02:36 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 5:02:36 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 5:02:39 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Thursday 9/25/2014 5:02:39 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 5:02:40 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 5:07:29 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57402, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 5:07:29 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57402, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 5:07:30 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57403, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 5:07:30 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57409, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 5:07:30 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57410, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Thursday 9/25/2014 6:10:04 PM, SYSTEM, TIMS-X64PC, Manual, Malware Database, 2014.9.25.11, 2014.9.26.1,
Protection, Thursday 9/25/2014 6:10:05 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Thursday 9/25/2014 6:10:05 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 6:10:05 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 6:10:08 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Thursday 9/25/2014 6:10:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 6:10:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Protection, Thursday 9/25/2014 6:20:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 6:20:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 6:20:28 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Thursday 9/25/2014 6:20:28 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Thursday 9/25/2014 6:20:32 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Thursday 9/25/2014 6:20:33 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Thursday 9/25/2014 8:12:12 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Thursday 9/25/2014 8:12:12 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Thursday 9/25/2014 8:12:12 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 8:12:12 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 8:18:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 60615, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:18:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 60615, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:18:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 60616, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:18:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 60619, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:18:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 60620, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:19:57 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 61185, Outbound, C:\Program Files (x86)\BDtoAVCHD\BDtoAVCHD.exe,
Detection, Thursday 9/25/2014 8:23:57 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62491, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:23:57 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62492, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:30:00 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63833, Outbound, C:\Program Files (x86)\BDtoAVCHD\BDtoAVCHD.exe,
Detection, Thursday 9/25/2014 8:36:57 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 64370, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 8:36:57 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 64371, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Protection, Thursday 9/25/2014 8:39:49 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 8:39:49 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 8:39:52 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Thursday 9/25/2014 8:39:52 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Thursday 9/25/2014 9:20:29 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Thursday 9/25/2014 9:20:29 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Thursday 9/25/2014 9:20:29 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 9:20:30 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Thursday 9/25/2014 9:37:12 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50852, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:37:12 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50852, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:37:12 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50853, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:37:13 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50855, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:37:13 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50856, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:41:10 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50977, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Thursday 9/25/2014 9:41:10 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50978, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Thursday 9/25/2014 11:08:46 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.26.1, 2014.9.26.2,
Protection, Thursday 9/25/2014 11:08:48 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Thursday 9/25/2014 11:08:48 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Thursday 9/25/2014 11:08:48 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Thursday 9/25/2014 11:08:51 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Thursday 9/25/2014 11:08:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Thursday 9/25/2014 11:08:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,

(end)

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, Wednesday 9/24/2014 1:29:51 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 1:29:51 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 1:29:52 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 1:29:56 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Protection, Wednesday 9/24/2014 1:31:40 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 1:31:40 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 1:31:40 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 1:31:44 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 1:57:20 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 3214, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 1:57:20 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 3214, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 1:57:21 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 3219, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:13:32 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 5226, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:13:32 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 5227, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:22:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 5852, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:36:31 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 7095, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:39:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 8767, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:39:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 8768, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:43:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 10189, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:43:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 10190, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:46:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 11317, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:46:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 11318, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 3:09:52 AM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.4, 2014.9.24.5,
Protection, Wednesday 9/24/2014 3:09:53 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 3:09:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:09:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:09:56 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 3:09:56 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 3:09:57 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 3:10:41 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 12401, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:10:41 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 12401, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:33:27 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 14669, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:37:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 15382, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Protection, Wednesday 9/24/2014 3:55:00 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:55:00 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:55:03 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:55:03 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 3:55:44 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:55:44 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Protection, Wednesday 9/24/2014 4:07:38 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 4:07:38 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 4:07:38 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:07:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 4:08:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49471, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:08:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49471, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:08:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49478, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Protection, Wednesday 9/24/2014 9:56:09 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 9:56:09 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 9:56:09 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 9:56:14 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 10:21:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51389, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:21:19 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51389, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:21:19 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51399, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 10:22:55 AM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.5, 2014.9.24.9,
Protection, Wednesday 9/24/2014 10:22:57 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 10:22:57 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 10:22:57 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 10:23:01 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 10:23:01 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 10:23:01 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 10:51:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54821, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:51:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54821, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:51:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54824, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:56:50 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 55477, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:56:50 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 55478, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:18:59 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58759, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:18:59 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58760, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:32:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 60652, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:45:38 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62212, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:45:38 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62213, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:09:06 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62711, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.9, 2014.9.24.10,
Protection, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 12:29:47 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 12:29:48 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 12:29:48 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63759, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63759, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63760, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63768, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63769, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:19:01 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51042, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:00:38 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54381, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:02:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 55223, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:04:41 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56253, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:04:42 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56254, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:07:29 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56384, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 3:11:23 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.10, 2014.9.24.11,
Protection, Wednesday 9/24/2014 3:11:24 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 3:11:24 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:11:24 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:11:27 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 3:11:27 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 3:11:27 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Protection, Wednesday 9/24/2014 3:39:41 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:39:41 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 3:39:42 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:39:42 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:40:01 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:40:02 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Update, Wednesday 9/24/2014 4:16:49 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.11, 2014.9.24.12,
Protection, Wednesday 9/24/2014 4:16:51 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 4:16:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 4:16:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 4:16:54 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 4:16:54 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:16:54 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50674, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50674, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50675, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50678, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50679, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:33:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50792, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:33:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50793, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53975, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53975, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53976, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53983, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53984, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 6:07:27 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.12, 2014.9.25.1,
Protection, Wednesday 9/24/2014 6:07:28 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 6:07:28 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 6:07:28 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 6:07:31 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 6:07:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 6:07:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 7:16:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56090, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56090, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56091, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56097, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56098, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 8:30:09 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.1, 2014.9.25.2,
Protection, Wednesday 9/24/2014 8:30:10 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 8:30:10 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 8:30:10 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 8:30:14 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 8:30:14 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 8:30:14 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Update, Wednesday 9/24/2014 10:36:24 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.2, 2014.9.25.3,
Protection, Wednesday 9/24/2014 10:36:25 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 10:36:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 10:36:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 10:36:30 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 10:36:30 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 10:36:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57742, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57742, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57743, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57762, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57763, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:56:38 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58971, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:56:38 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58972, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,

(end)

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, Wednesday 9/24/2014 1:29:51 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 1:29:51 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 1:29:52 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 1:29:56 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Protection, Wednesday 9/24/2014 1:31:40 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 1:31:40 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 1:31:40 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 1:31:44 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 1:57:20 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 3214, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 1:57:20 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 3214, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 1:57:21 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 3219, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:13:32 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 5226, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:13:32 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 5227, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:22:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 5852, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:36:31 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 7095, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:39:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 8767, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:39:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 8768, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:43:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 10189, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:43:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 10190, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:46:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 11317, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:46:46 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 11318, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 3:09:52 AM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.4, 2014.9.24.5,
Protection, Wednesday 9/24/2014 3:09:53 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 3:09:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:09:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:09:56 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 3:09:56 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 3:09:57 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 3:10:41 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 12401, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:10:41 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 12401, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:33:27 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 14669, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:37:42 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 15382, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Protection, Wednesday 9/24/2014 3:55:00 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:55:00 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:55:03 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:55:03 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 3:55:44 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:55:44 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:06:17 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Protection, Wednesday 9/24/2014 4:07:38 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 4:07:38 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 4:07:38 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:07:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 4:08:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49471, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:08:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49471, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:08:43 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 49478, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Protection, Wednesday 9/24/2014 9:56:09 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 9:56:09 AM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 9:56:09 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 9:56:14 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 10:21:18 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51389, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:21:19 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51389, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:21:19 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51399, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 10:22:55 AM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.5, 2014.9.24.9,
Protection, Wednesday 9/24/2014 10:22:57 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 10:22:57 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 10:22:57 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 10:23:01 AM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 10:23:01 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 10:23:01 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 10:51:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54821, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:51:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54821, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:51:45 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54824, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:56:50 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 55477, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 10:56:50 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 55478, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:18:59 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58759, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:18:59 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58760, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:32:53 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 60652, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:45:38 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62212, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:45:38 AM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62213, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:09:06 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 62711, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.9, 2014.9.24.10,
Protection, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 12:29:44 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 12:29:47 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 12:29:48 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 12:29:48 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63759, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63759, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63760, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63768, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 12:33:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 63769, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 2:19:01 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 51042, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:00:38 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 54381, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:02:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 55223, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:04:41 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56253, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:04:42 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56254, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 3:07:29 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56384, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 3:11:23 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.10, 2014.9.24.11,
Protection, Wednesday 9/24/2014 3:11:24 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 3:11:24 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:11:24 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:11:27 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 3:11:27 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 3:11:27 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Protection, Wednesday 9/24/2014 3:39:41 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:39:41 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 3:39:42 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 3:39:42 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 3:40:01 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopping,
Protection, Wednesday 9/24/2014 3:40:02 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Stopped,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Starting,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malware Protection, Started,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:04:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Update, Wednesday 9/24/2014 4:16:49 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.11, 2014.9.24.12,
Protection, Wednesday 9/24/2014 4:16:51 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 4:16:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 4:16:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 4:16:54 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 4:16:54 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 4:16:54 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50674, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50674, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50675, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50678, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:29:51 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50679, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:33:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50792, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 4:33:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 50793, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53975, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53975, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53976, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53983, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 6:03:20 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53984, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 6:07:27 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.24.12, 2014.9.25.1,
Protection, Wednesday 9/24/2014 6:07:28 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 6:07:28 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 6:07:28 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 6:07:31 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 6:07:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 6:07:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 7:16:08 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56090, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56090, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56091, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56097, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 7:16:09 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 56098, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Update, Wednesday 9/24/2014 8:30:09 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.1, 2014.9.25.2,
Protection, Wednesday 9/24/2014 8:30:10 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 8:30:10 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 8:30:10 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 8:30:14 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 8:30:14 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 8:30:14 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Update, Wednesday 9/24/2014 10:36:24 PM, SYSTEM, TIMS-X64PC, Scheduler, Malware Database, 2014.9.25.2, 2014.9.25.3,
Protection, Wednesday 9/24/2014 10:36:25 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Starting,
Protection, Wednesday 9/24/2014 10:36:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopping,
Protection, Wednesday 9/24/2014 10:36:25 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Stopped,
Protection, Wednesday 9/24/2014 10:36:30 PM, SYSTEM, TIMS-X64PC, Protection, Refresh, Success,
Protection, Wednesday 9/24/2014 10:36:30 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Starting,
Protection, Wednesday 9/24/2014 10:36:31 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, Started,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57742, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57742, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57743, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57762, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:43:22 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 57763, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:56:38 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58971, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, Wednesday 9/24/2014 11:56:38 PM, SYSTEM, TIMS-X64PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 58972, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,

(end)

Link to post
Share on other sites

  • Root Admin

Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:
  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.


 
 

 

Next,

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.



If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.
 

 

 

Next,

 

Please download the correct version of SystemLook for your computer and save it to your desktop.
You can check here if you're not sure if your computer is 32-bit or 64-bit

SystemLook 32-bit x86 | or | SystemLook 64-bit x64

  • If using Windows XP just double click on SystemLook.exe to run it.
  • For all other versions of Windows, right click over SystemLook.exe or SystemLook_x64.exe and choose Run as administrator to run it
  • Copy the contents of the following code box into the main text field - including the colon characters.
    :filefind*blinkxcore*:folderfind*blinkxcore*:regfindblinkxcore
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop named SystemLook.txt


 

Link to post
Share on other sites

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Sep 25 23:55:00 2014

Found and removed: Software\JavaSoft\Java2D\1.5.0_11

Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

Found and removed: SOFTWARE\JavaSoft

Found and removed: SOFTWARE\JreMetrics

Found and removed: SOFTWARE\MozillaPlugins

------------------------------------

Finished reporting.

 

SystemLook 30.07.11 by jpshortstuff
Log created at 00:09 on 26/09/2014 by Tim
Administrator - Elevation successful

========== filefind ==========

Searching for "*blinkxcore*"
No files found.

========== folderfind ==========

Searching for "*blinkxcore*"
No folders found.

========== regfind ==========

Searching for "blinkxcore"
No data found.

-= EOF =-
 

TDSSKiller.3.0.0.40_26.09.2014_00.04.36_log.txt

Link to post
Share on other sites

  • 2 months later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.

Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.