Jump to content

Recommended Posts

I am good with computers but i am struggling with this browser hijack as it is nowhere to be found in any browser extension but when i start ie firefox or chrome it redirects to   http://www.bing.com/?pc=COSP&ptag=AABF01BDF90604DD4AEF&form=CONMHP&conlogo=CT3210127 however when i look at the browser settings they all appear in normal order. I have used revo uninstaller to get rid of any strange programs but i still get popups from malwarebytes blocking ids.idlecrawler outgoing process. I was getting some dll extension errors but i believe that  i have resolved that but thought  i would mention it in case it was connected. From what i have found on the internet this is supposed to be simply removing and extension but it does not seem that easy. I am scanning for rootkits with MBAM now. Any help would help would be much appreciated,, also browser is going very slow!

 

Thanks,

Chip

Link to post
Share on other sites
  • Staff
Hello,

    

 

They call me TwinHeadedEagle around here, and I'll be working with you.

 

     

    

Before we start please read and note the following:


Limit your internet access to posting here, some infections just wait to steal typed-in passwords.

Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.

Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.

Do not paste the logs in your posts, attachments make my work easier. There is a Upload Files option below which you can use to attach your reports. Always attach reports from all tools.

Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.

Note that we may live in totally different time zones, what may cause some delays between answers.

Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.

If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.


:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 

 

Please post malwarebytes report/s when you finish.

Link to post
Share on other sites

Here is a copy of the scan report, but even after that ran, as you will see from the threat report i posted below i still had mbam continually telling me it was blocking something. I tried uninstalling chrome and firefox and the home page is no longer hijacked, I was not able to uninstall IE and that browser homepage is still hijacked even though if you look under setting it appears everything is normal. However, across all browser performance is down. I also tried getting rid of all temp. internet files but idk if that did anything.....Also I apologize I am not seeing and upload file option

 

Scan Results:

 Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 10/1/2014
Scan Time: 12:53:21 AM
Logfile: mbam threats.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.10.01.01
Rootkit Database: v2014.09.19.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Samual
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 755399
Time Elapsed: 11 hr, 15 min, 22 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 4
PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1QULSRY0\GenericSS[1].zip, Quarantined, [acd942ad2457a591714376b8936e12ee], 
PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6GOWSYR\SPSetup[1].exe, Quarantined, [3a4b8d623f3cf343b2c685ab9c6507f9], 
PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QVCUIBIV\SPIdentifierImpl[1].exe, Quarantined, [3d48a847047765d113d08d0854ad03fd], 
PUP.Optional.Conduit.A, C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SHGUKD3B\spstub[1].exe, Quarantined, [add87679d3a8f4420aaa3fef42bf6a96], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 

 

 

Threat LOG:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Detection, 10/1/2014 12:01:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49368, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:01:26 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49406, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:01:41 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49432, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:01:59 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49472, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:02:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49522, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:03:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57493, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:04:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57622, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Protection, 10/1/2014 12:11:29 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, 
Protection, 10/1/2014 12:11:29 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, 
Protection, 10/1/2014 12:11:29 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 12:12:08 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 12:21:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50922, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50922, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50924, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:34 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50944, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:34 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50945, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50947, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:44 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50960, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:44 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50961, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50967, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50970, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50972, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:21:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50973, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50978, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50988, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50989, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50994, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:13 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51074, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51424, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:32 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51459, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:22:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51662, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:23:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51682, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:23:04 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51683, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:23:10 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51719, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:23:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51941, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:24:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52506, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:24:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52685, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:25:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53424, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:25:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53726, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:27:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 64162, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:27:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 64290, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:29:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49549, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:29:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49812, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Protection, 10/1/2014 12:33:33 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, 
Protection, 10/1/2014 12:33:33 AM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, 
Protection, 10/1/2014 12:33:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 12:34:09 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 12:54:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55176, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55176, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55177, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55218, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:25 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55219, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:25 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55224, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:25 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55230, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55274, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:54:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55402, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:55:21 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55757, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:56:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 56044, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:57:05 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 56328, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:58:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 56875, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 1:00:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57153, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Update, 10/1/2014 1:56:06 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.1, 2014.10.1.2, 
Protection, 10/1/2014 1:56:07 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 1:56:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 1:56:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 1:56:22 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 1:56:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 1:56:27 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 2:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53365, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 2:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53365, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 2:21:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 66.45.56.109, searchnet.blinkxcore.com, 53366, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 2:48:11 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61408, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 2:48:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61409, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 2:48:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61408, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 2:48:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61545, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 2:48:36 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 61640, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Update, 10/1/2014 3:31:00 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.2, 2014.10.1.3, 
Protection, 10/1/2014 3:31:01 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 3:31:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 3:31:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 3:31:08 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 3:31:08 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 3:31:10 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Update, 10/1/2014 5:30:23 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.3, 2014.10.1.4, 
Protection, 10/1/2014 5:30:24 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 5:30:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 5:30:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 5:30:37 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 5:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 5:30:43 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 6:00:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50422, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:00:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50423, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:00:28 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50422, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:00:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50546, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:00:52 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50618, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:01:09 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50740, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:01:37 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50900, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:02:15 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51076, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:03:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51380, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:03:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51381, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:04:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51764, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:06:39 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52326, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:08:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53001, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:09:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53200, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53213, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53214, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:01 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53215, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:02 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53219, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:02 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53220, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:11 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53283, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:14 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53291, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53447, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53448, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52329, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:10:57 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52560, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:11:35 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52681, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:12:32 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 52854, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:13:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53093, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:15:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53533, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:15:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53534, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:17:58 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53917, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:29:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57482, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:30:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57526, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:30:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57577, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:30:41 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57623, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:31:07 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57687, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:31:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57765, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:23:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55063, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:23:20 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55074, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:23:32 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55185, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:23:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55298, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:24:15 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55403, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:24:15 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55404, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:24:54 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55515, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:25:52 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55639, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:27:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55889, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:27:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 55891, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Update, 10/1/2014 11:30:37 AM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.4, 2014.10.1.6, 
Protection, 10/1/2014 11:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 11:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 11:30:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 11:30:59 AM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 11:30:59 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 11:31:06 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 11:38:35 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57891, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:35 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57891, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:36 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57894, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:43 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57954, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57967, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57968, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:45 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 57969, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58042, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58076, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:57 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58077, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:38:57 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58078, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:39:12 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58176, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:39:38 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58346, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:39:39 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58347, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:40:21 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58665, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:41:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59239, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:41:23 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59240, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:42:48 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 60147, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:42:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 60149, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:44:49 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58763, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:46:51 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59609, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:56:16 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58617, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:56:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58618, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:56:24 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58660, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:14 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58817, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:14 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58818, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58846, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:19 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58847, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:22 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58866, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:30 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58917, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:31 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58918, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:33 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58937, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58959, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:40 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 58960, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:57:51 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59104, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:58:17 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59192, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:58:55 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59385, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:58:56 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59388, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 11:59:53 AM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59716, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:01:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59924, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:01:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59976, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:01:34 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 59977, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:03:20 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50860, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:03:20 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50861, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:05:20 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51307, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:37 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51494, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:38 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51495, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:38 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51496, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:45 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51515, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:45 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51516, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:47 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51528, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:57 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51590, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:58 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51594, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:06:58 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51595, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:00 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51629, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:07 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51700, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:08 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51701, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:09 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51702, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51717, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51721, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:36 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51756, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:07:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51764, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:08:02 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51826, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:08:18 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51875, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:08:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51896, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Protection, 10/1/2014 12:11:14 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, 
Protection, 10/1/2014 12:11:14 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, 
Protection, 10/1/2014 12:11:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 12:11:50 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 12:13:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57413, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:13:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57413, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:13:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57415, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:13:44 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57477, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:13:44 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 57478, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:15:51 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 58302, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 12:15:51 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 58303, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Update, 10/1/2014 12:27:08 PM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.6, 2014.10.1.7, 
Protection, 10/1/2014 12:27:10 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 12:27:10 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 12:27:10 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 12:27:19 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 12:27:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 12:27:22 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Protection, 10/1/2014 1:08:45 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, 
Protection, 10/1/2014 1:08:46 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, 
Protection, 10/1/2014 1:08:46 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 1:09:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Protection, 10/1/2014 1:30:11 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Starting, 
Protection, 10/1/2014 1:30:11 PM, SYSTEM, SAMUAL-PC, Protection, Malware Protection, Started, 
Protection, 10/1/2014 1:30:11 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 1:30:26 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Update, 10/1/2014 1:31:39 PM, SYSTEM, SAMUAL-PC, Manual, Malware Database, 2014.10.1.7, 2014.10.1.9, 
Protection, 10/1/2014 1:31:41 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 1:31:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 1:31:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 1:31:47 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 1:31:47 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 1:31:48 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Update, 10/1/2014 4:45:23 PM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.9, 2014.10.1.10, 
Protection, 10/1/2014 4:45:24 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 4:45:24 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 4:45:24 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 4:45:32 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 4:45:32 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 4:45:34 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 5:48:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62362, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 5:48:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62362, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 5:48:18 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62402, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 5:48:30 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62422, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 5:48:47 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62453, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 5:49:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 62500, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 5:49:29 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 62653, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 5:49:30 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 212.124.127.198, n80adshostnet.com, 62653, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Update, 10/1/2014 5:59:59 PM, SYSTEM, SAMUAL-PC, Scheduler, Malware Database, 2014.10.1.10, 2014.10.1.11, 
Protection, 10/1/2014 6:00:00 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Starting, 
Protection, 10/1/2014 6:00:00 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 10/1/2014 6:00:00 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 10/1/2014 6:00:14 PM, SYSTEM, SAMUAL-PC, Protection, Refresh, Success, 
Protection, 10/1/2014 6:00:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Starting, 
Protection, 10/1/2014 6:00:17 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, Started, 
Detection, 10/1/2014 6:35:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49732, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:35:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49732, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:35:33 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49748, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:35:44 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49789, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:35:56 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49875, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:36:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 49962, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:36:40 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50100, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:37:18 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50404, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:38:15 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 50631, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:39:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51025, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:41:41 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51463, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 6:43:42 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 51794, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:09:31 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53636, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:09:42 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53798, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:09:56 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 53911, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:10:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54107, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:10:14 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54108, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:10:39 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54333, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:11:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54593, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:11:19 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54594, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:12:05 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54850, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:12:05 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54851, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:12:06 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54852, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
Detection, 10/1/2014 7:12:17 PM, SYSTEM, SAMUAL-PC, Protection, Malicious Website Protection, IP, 195.66.79.101, tds.idlecrawler.com, 54913, Outbound, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, 
 
(end)
Link to post
Share on other sites
  • Staff

51a612a8b27e2-Zoek.png Scan with ZOEK
 
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;autoclean;emptyalltemp;ipconfig /flushdns;b
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Link to post
Share on other sites

I dont know if the data base got updated or something, but the other day MBAM actually detected in a scan the malicious  files that have been popping up rather than just blocking them when they tried to run so I will post that log.

Also I ran the ZOEK program and will post that log as well. What is it that the ZOEK program does? And how/where does this virus hide such that i can find it when looking through task manager or in my programs or add ons to internet browsers? In my previous experience i can usually find the source of the add ware.

 

ZOEK LOG

 
Zoek.exe v5.0.0.0 Updated 03-October-2014
Tool run by Samual on Fri 10/03/2014 at 13:23:16.37.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\SAMUAL~1.SAM\AppData\Local\Temp\Rar$DIa0.697\zoek.com [scan all users] [script inserted] 
 
==== System Restore Info ======================
 
10/3/2014 1:26:39 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMUpd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SMUpd deleted successfully
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Samual.Samual-PC\AppData\Local\CrashRpt deleted
C:\END deleted
C:\Users\SAMUAL~1.SAM\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\jetpack deleted
"C:\ProgramData\InkjetPrinter" deleted
"C:\ProgramData\Installer Plugin" deleted
"C:\Users\SAMUAL~1.SAM\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\extensions\jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack" deleted
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\SAMUAL~1.SAM\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default
- Google Search by Image - %ProfilePath%\extensions\google@hitachi.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
FB5621842FDABF9F8359775573498FBC - C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
5CB01CF141E021DAAE96991A5BA57944 - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
DD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
EC401349BFA64BD6232C746046AEC0B5 - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npoctoshape.dll - Octoshape Streaming Services
99F97C9FE748C37528C338A423577FCB - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
 
 
==== Chromium Look ======================
 
Google Voice Search Hotword (Beta) - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Skype Links - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbmllnadbdnppblcebkkmapkinkdchd
Google Voice (by Google) - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo
Alarm Clock Radio - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi
Numerics Calculator & Converter - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe
Poppit - Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Cache found
 
==== Empty Chrome Cache ======================
 
C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=108 folders=45 14608417 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Samual.Samual-PC\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\SAMUAL~1.SAM\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
 
 
MBAM LOG
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 7
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\extensions, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Data, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules, Quarantined, [dc1342cd85f733030070a367db28ba46], 
 
Files: 87
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\uninstall.exe, Quarantined, [0de2937cf58785b1cbac67db749127d9], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcp110.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\msvcr110.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome.exe, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome_100_percent.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\chrome_child.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\content_resources.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\d3dcompiler_46.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\debug.log, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\ffmpegsumo.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\First Run, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\icudt.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\libEGL.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\libGLESv2.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\metro_driver.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl64.exe, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl_irt_x86_32.nexe, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\nacl_irt_x86_64.nexe, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\ppGoogleNaClPluginChrome.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\resources.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hi.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\am.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ar.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\bg.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\bn.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ca.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\cs.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\da.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\de.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\el.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\en-GB.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\en-US.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\es-419.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\es.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\et.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fa.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fi.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fil.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\fr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\gu.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\he.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\hu.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\id.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\it.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ja.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\kn.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ko.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\lt.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\lv.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ml.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\mr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ms.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\nb.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\nl.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pl.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pt-BR.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\pt-PT.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ro.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ru.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sk.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sl.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sv.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\sw.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\ta.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\te.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\th.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\tr.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\uk.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\vi.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\zh-CN.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\locales\zh-TW.pak, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash\manifest.json, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Chrome-bin\PepperFlash\pepflashplayer.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Data\ResPack2.bin, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmdProc.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmlProc.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\CmnUtls.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\InSes.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\ManXec.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\NavSupp.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\PrfIns.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WblSupp.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WbSes.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
PUP.Optional.IdleCrawler.A, C:\Users\Samual.Samual-PC\AppData\Local\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\Modules\WdcMan.dll, Quarantined, [dc1342cd85f733030070a367db28ba46], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
ALSO HERE IS A LOG FROM A BITDEFENDER Scan
</ExcludedPaths>
 
<ExcludedExtensions>
</ExcludedExtensions>
 
</ScanSettings>
 
<EngineSummary
totalSignatures="6328868"
/>
 
<ScanSummary
scannedArchives="524"
scannedPacked="1075"
startTime="1412234880"
duration="7413418"
>
 
<TypeSummary type="1"
scanned="29"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
 
<TypeSummary type="4"
scanned="562"
infected="4"
suspicious="0"
disinfected="0"
deleted="4"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
 
<TypeSummary type="0"
scanned="2492207"
infected="4"
suspicious="0"
disinfected="0"
deleted="0"
moved="2"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
 
<TypeSummary type="5"
scanned="0"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
 
<TypeSummary type="2"
scanned="4997"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
 
<TypeSummary type="3"
scanned="4180"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
 
<TypeSummary type="6"
scanned="269"
infected="0"
suspicious="0"
disinfected="0"
deleted="0"
moved="0"
moved_reboot="0"
delete_reboot="0"
renamed="0"
hidden="0"
/>
 
</ScanSummary>
 
<ScanDetails>
 
<ResolvedDetails>
<Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\MZ7XXYFF.txt" threatType="0" threatName="Cookie.Advertising" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\MARXOT4F.txt" threatType="0" threatName="Cookie.DoubleClick" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="0" path="C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6GOWSYR\setup[1].exe=>(NSIS o)=>lzma_solid_nsis0008" threatType="0" threatName="Trojan.Generic.11822573" action="9" allActions="3 7 1 9 1 9" initialStatus="3" finalStatus="6" quarId="7a8f9bea-fd6d-4325-80bd-823ec4ab43d0" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\K52XKX7H.txt" threatType="0" threatName="Cookie.QuestionMarket" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
<Item type="0" objectType="0" path="C:\Users\Samual.Samual-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6GOWSYR\setup[1].exe=>(NSIS o)=>lzma_solid_nsis0024" threatType="0" threatName="Trojan.Generic.11822528" action="9" allActions="3 7 1 9 1 9" initialStatus="3" finalStatus="6" quarId="7a8f9bea-fd6d-4325-80bd-823ec4ab43d0" failReason="0" />
<Item type="0" objectType="4" path="C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ENKB1X8.txt" threatType="0" threatName="Cookie.Casalemedia" action="3" allActions="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
</ResolvedDetails>
 
<IgnoredDetails>
</IgnoredDetails>
 
<QuickScanDetails>
</QuickScanDetails>
<NotScannedDetails
skipped="106393"
ioerrors="15"
archiveBombs="0"
passwordProtected="630"
>
 
 
Link to post
Share on other sites
  • Staff

Very good. We will perform one more final scan. How is the situation now?
 
 
Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01

Ran by Samual (administrator) on SAMUAL-PC on 07-10-2014 15:34:17

Running from C:\Users\Samual.Samual-PC\Downloads

Loaded Profile: Samual (Available profiles: Samual)

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 10

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Microsoft Corporation) C:\Windows\System32\audiodg.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scManager.sys

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe

(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

(Flux Software LLC) C:\Users\Samual.Samual-PC\AppData\Local\FluxSoftware\Flux\flux.exe

(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe

(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\SafeConnectClient.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)

HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)

HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [Google Update] => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-24] (Google Inc.)

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [F.lux] => C:\Users\Samual.Samual-PC\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [8877232 2014-08-01] (Visicom Media Inc.)

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\Run: [GoogleChromeAutoLaunch_6AA41AA3045E9591C644B35AAD2526D6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-22] (Google Inc.)

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {32b924eb-9b8b-11e3-9388-001e3deab81c} - F:\Launch.exe

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {972654e6-1956-11e3-82e9-001e3deab81c} - G:\TL-Bootstrap.exe

HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-18] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk

ShortcutTarget: SafeConnect.lnk -> C:\Program Files (x86)\SafeConnect\SCClient.exe (Impulse Point, LLC)

ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

ShellIconOverlayIdentifiers-x32: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} =>  No File

ShellIconOverlayIdentifiers-x32: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} =>  No File

ShellIconOverlayIdentifiers-x32: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} =>  No File

ShellIconOverlayIdentifiers-x32: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} =>  No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

Handler: WSISVCUchrome - No CLSID Value - 

Handler-x32: WSISVCUchrome - No CLSID Value - 

Tcpip\Parameters: [DhcpNameServer] 24.220.0.10 24.220.0.11

 

FireFox:

========

FF ProfilePath: C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default

FF Homepage: google.com

FF Keyword.URL: user_pref("keyword.URL", "");

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Samual.Samual-PC\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Samual.Samual-PC\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)

FF Extension: Google Search by Image - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\Extensions\google@hitachi.com.xpi [2013-08-23]

FF Extension: Adblock Plus - C:\Users\Samual.Samual-PC\AppData\Roaming\Mozilla\Firefox\Profiles\gbnq3n8z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-19]

FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext

FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-08-20]

FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext

 

Chrome: 

=======


CHR Profile: C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-19]

CHR Extension: (Google Drive) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-19]

CHR Extension: (Raindrops) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil [2013-08-19]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-01]

CHR Extension: (Web Developer) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2013-08-19]

CHR Extension: (YouTube) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-19]

CHR Extension: (Adblock Plus) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-19]

CHR Extension: (Google Search) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-19]

CHR Extension: (Skype Links) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbmllnadbdnppblcebkkmapkinkdchd [2013-08-19]

CHR Extension: (Google Voice (by Google)) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-09-14]

CHR Extension: (Alarm Clock Radio) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2013-08-19]

CHR Extension: (Numerics Calculator & Converter) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2013-08-19]

CHR Extension: (Poppit!) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-08-19]

CHR Extension: (Google Wallet) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]

CHR Extension: (Gmail) - C:\Users\Samual.Samual-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-19]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-11-20] (Bitdefender)

R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2012-06-25] (Bitdefender)

R2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [176520 2012-11-19] (Impulse Point, LLC)

S4 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [67392 2014-08-23] (Hewlett-Packard)

R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-09-25] (Bitdefender)

R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-11-20] (Bitdefender)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-01-16] (BitDefender)

R0 avc3; C:\Windows\SysWOW64\DRIVERS\avc3.sys [596600 2011-09-01] (BitDefender)

R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)

R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-01-16] (BitDefender)

R3 avckf; C:\Windows\SysWOW64\DRIVERS\avckf.sys [454960 2011-09-01] (BitDefender)

R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)

S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-20] (BitDefender SRL)

S3 bdsandbox; C:\Windows\SysWOW64\drivers\bdsandbox.sys [63056 2011-09-29] (BitDefender SRL)

R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)

R1 BDVEDISK; C:\Windows\SysWOW64\DRIVERS\bdvedisk.sys [85128 2010-01-19] (BitDefender)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-02-22] (DT Soft Ltd)

R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)

R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-07] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-02-22] (Duplex Secure Ltd.)

R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-10-07 15:34 - 2014-10-07 15:34 - 00018781 _____ () C:\Users\Samual.Samual-PC\Downloads\FRST.txt

2014-10-07 15:34 - 2014-10-07 15:34 - 00000000 ____D () C:\FRST

2014-10-07 15:33 - 2014-10-07 15:33 - 02109952 _____ (Farbar) C:\Users\Samual.Samual-PC\Downloads\FRST64.exe

2014-10-06 21:29 - 2014-10-06 21:29 - 11840839 _____ () C:\Users\Samual.Samual-PC\Downloads\Windows6.1-KB2670838-x64.msu

2014-10-06 20:04 - 2014-10-06 21:30 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\BeamNG

2014-10-06 20:02 - 2014-10-06 20:04 - 98903976 _____ () C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe

2014-10-05 12:15 - 2014-10-05 12:15 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\Program Files\iTunes

2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\Program Files\iPod

2014-10-05 12:15 - 2014-10-05 12:15 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-10-03 14:16 - 2014-10-03 14:16 - 00003496 ____N () C:\bootsqm.dat

2014-10-03 14:02 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe

2014-10-03 13:52 - 2014-10-03 14:02 - 00000000 ____D () C:\zoek

2014-10-03 13:25 - 2014-10-03 14:07 - 00006835 _____ () C:\zoek-results.log

2014-10-03 13:21 - 2014-10-03 13:53 - 00000000 ____D () C:\zoek_backup

2014-10-03 13:21 - 2014-10-03 13:21 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (4).zip

2014-10-03 13:20 - 2014-10-03 13:20 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (3).zip

2014-10-03 13:20 - 2014-10-03 13:20 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (2).zip

2014-10-03 13:19 - 2014-10-03 13:20 - 04256073 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek.rar

2014-10-03 13:19 - 2014-10-03 13:19 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek.zip

2014-10-03 13:19 - 2014-10-03 13:19 - 04114148 _____ () C:\Users\Samual.Samual-PC\Downloads\zoek (1).zip

2014-10-02 10:44 - 2014-10-02 10:44 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\bdch

2014-10-02 10:43 - 2014-10-02 10:43 - 00000000 ____D () C:\ProgramData\bdch

2014-10-01 20:32 - 2014-10-01 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-10-01 20:30 - 2014-10-01 20:30 - 00895120 _____ (Google Inc.) C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe

2014-10-01 13:13 - 2014-10-01 13:13 - 00000385 _____ () C:\Users\Samual.Samual-PC\AppData\Roaminguser_gensett.xml

2014-10-01 12:49 - 2014-10-01 12:49 - 00007581 _____ () C:\Users\Samual.Samual-PC\Downloads\Bookmarks.csv

2014-10-01 11:55 - 2014-10-01 11:55 - 00418786 _____ () C:\Users\Samual.Samual-PC\Downloads\Unconfirmed 270251.crdownload

2014-10-01 02:20 - 2014-10-01 13:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-01 02:20 - 2014-10-01 13:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-10-01 02:20 - 2014-10-01 02:20 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-10-01 02:19 - 2014-10-01 02:19 - 00244136 _____ () C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe

2014-10-01 00:18 - 2014-10-01 00:18 - 00511633 _____ () C:\Users\Samual.Samual-PC\Downloads\Autoruns.zip

2014-09-30 23:19 - 2014-09-30 23:19 - 00238444 _____ () C:\Users\Samual.Samual-PC\Downloads\Unconfirmed 159296.crdownload

2014-09-30 22:08 - 2014-09-30 22:08 - 00004644 _____ () C:\Windows\System32\Tasks\IC Running Procedure

2014-09-29 18:58 - 2014-10-01 13:07 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter Ultimate

2014-09-29 18:58 - 2014-09-30 21:23 - 00000000 ____D () C:\ProgramData\iSkysoft

2014-09-29 18:58 - 2014-09-29 18:58 - 00000000 ____D () C:\Users\Samual.Samual-PC\Documents\iSkysoft Video Converter Ultimate

2014-09-29 18:58 - 2014-09-29 18:58 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\iSkysoft

2014-09-29 18:58 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll

2014-09-29 18:57 - 2014-10-01 13:07 - 00000000 ____D () C:\Users\Public\Documents\iSkysoft

2014-09-29 18:35 - 2014-09-29 18:35 - 41945432 _____ (Apple Inc.) C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe

2014-09-29 14:38 - 2014-09-29 14:38 - 00689664 _____ () C:\Users\Samual.Samual-PC\Downloads\MicrosoftFixit50202.msi

2014-09-29 14:23 - 2014-09-30 21:45 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Sony

2014-09-29 14:07 - 2014-09-29 14:07 - 00000000 ____D () C:\Users\Samual.Samual-PC\Downloads\Sony Vegas Movie Studio HD Platinum 10.0.179 + Keygen [RH]

2014-09-29 13:41 - 2014-09-30 23:51 - 00000000 ____D () C:\Users\Samual.Samual-PC\Desktop\vids

2014-09-28 22:58 - 2014-09-28 22:58 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\ManyCam

2014-09-28 22:57 - 2014-09-28 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam

2014-09-28 22:55 - 2014-10-01 13:08 - 00000000 ____D () C:\Program Files (x86)\ManyCam

2014-09-28 22:55 - 2014-09-28 23:49 - 00000000 ____D () C:\ProgramData\ManyCam

2014-09-28 22:55 - 2014-09-28 22:55 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\ManyCam

2014-09-28 22:53 - 2014-09-28 22:54 - 41184136 _____ (Visicom Media Inc.) C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe

2014-09-28 22:16 - 2014-09-28 22:34 - 00014953 _____ () C:\Users\Samual.Samual-PC\Documents\recorder.log

2014-09-28 22:16 - 2014-09-28 22:16 - 00000000 ____D () C:\ProgramData\TEMP

2014-09-22 17:05 - 2014-10-01 13:10 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Skype

2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\Skype

2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ____D () C:\ProgramData\Skype

2014-09-22 17:05 - 2014-09-22 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-09-22 00:58 - 2014-09-22 00:58 - 00919704 _____ () C:\Users\Samual.Samual-PC\Downloads\5854_aircraft_ppt.zip

2014-09-10 15:28 - 2014-09-10 18:50 - 00013520 _____ () C:\Users\Samual.Samual-PC\Downloads\502Airline1203.xlsx

2014-09-08 16:41 - 2014-10-01 13:07 - 00000000 ____D () C:\Windows\SysWOW64\apigidsys

2014-09-08 16:41 - 2014-10-01 13:07 - 00000000 ____D () C:\Windows\msagent

2014-09-08 16:41 - 2014-09-30 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Hal Assistant

2014-09-08 16:41 - 2014-09-30 21:21 - 00000000 ____D () C:\Windows\lhsp

2014-09-08 16:41 - 2014-09-30 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haptek Player

2014-09-08 16:41 - 2014-09-08 16:41 - 00003196 _____ () C:\Windows\System32\Tasks\{6560C5AB-347B-4349-B287-3AB213648944}

2014-09-08 16:41 - 2014-09-08 16:41 - 00003192 _____ () C:\Windows\System32\Tasks\{BBC8A555-0145-4D48-82C7-7DB42C39A348}

2014-09-08 16:41 - 2014-09-08 16:41 - 00003192 _____ () C:\Windows\System32\Tasks\{5FF18776-7FFF-4B3C-BAB2-961F83E6774D}

2014-09-08 15:51 - 2014-10-03 19:46 - 00000000 ____D () C:\Users\Samual.Samual-PC\Desktop\Avit

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-10-07 15:34 - 2013-08-18 17:22 - 01975538 _____ () C:\Windows\WindowsUpdate.log

2014-10-07 15:33 - 2013-08-18 23:10 - 00494858 _____ () C:\Windows\system32\perfh014.dat

2014-10-07 15:33 - 2013-08-18 23:10 - 00095776 _____ () C:\Windows\system32\perfc014.dat

2014-10-07 15:33 - 2013-08-18 23:02 - 00607332 _____ () C:\Windows\system32\perfh008.dat

2014-10-07 15:33 - 2013-08-18 23:02 - 00111534 _____ () C:\Windows\system32\perfc008.dat

2014-10-07 15:33 - 2013-08-18 22:54 - 00664064 _____ () C:\Windows\system32\perfh01D.dat

2014-10-07 15:33 - 2013-08-18 22:54 - 00142846 _____ () C:\Windows\system32\perfc01D.dat

2014-10-07 15:33 - 2013-08-18 22:46 - 00428770 _____ () C:\Windows\system32\perfh012.dat

2014-10-07 15:33 - 2013-08-18 22:46 - 00120756 _____ () C:\Windows\system32\perfc012.dat

2014-10-07 15:33 - 2013-08-18 22:39 - 00669186 _____ () C:\Windows\system32\perfh005.dat

2014-10-07 15:33 - 2013-08-18 22:39 - 00141798 _____ () C:\Windows\system32\perfc005.dat

2014-10-07 15:33 - 2013-08-18 22:22 - 00743842 _____ () C:\Windows\system32\perfh013.dat

2014-10-07 15:33 - 2013-08-18 22:22 - 00153474 _____ () C:\Windows\system32\perfc013.dat

2014-10-07 15:33 - 2013-08-18 22:11 - 00481846 _____ () C:\Windows\system32\perfh00B.dat

2014-10-07 15:33 - 2013-08-18 22:11 - 00101892 _____ () C:\Windows\system32\perfc00B.dat

2014-10-07 15:33 - 2013-08-18 22:06 - 00684094 _____ () C:\Windows\system32\perfh00E.dat

2014-10-07 15:33 - 2013-08-18 22:06 - 00171646 _____ () C:\Windows\system32\perfc00E.dat

2014-10-07 15:33 - 2013-08-18 21:57 - 00745800 _____ () C:\Windows\system32\perfh00A.dat

2014-10-07 15:33 - 2013-08-18 21:57 - 00158840 _____ () C:\Windows\system32\perfc00A.dat

2014-10-07 15:33 - 2013-08-18 21:52 - 00392734 _____ () C:\Windows\system32\perfh00D.dat

2014-10-07 15:33 - 2013-08-18 21:52 - 00085130 _____ () C:\Windows\system32\perfc00D.dat

2014-10-07 15:33 - 2013-08-18 21:44 - 00740390 _____ () C:\Windows\system32\perfh010.dat

2014-10-07 15:33 - 2013-08-18 21:44 - 00147218 _____ () C:\Windows\system32\perfc010.dat

2014-10-07 15:33 - 2013-08-18 21:40 - 00746060 _____ () C:\Windows\system32\perfh00C.dat

2014-10-07 15:33 - 2013-08-18 21:40 - 00479358 _____ () C:\Windows\system32\perfh001.dat

2014-10-07 15:33 - 2013-08-18 21:40 - 00149952 _____ () C:\Windows\system32\perfc00C.dat

2014-10-07 15:33 - 2013-08-18 21:40 - 00095144 _____ () C:\Windows\system32\perfc001.dat

2014-10-07 15:33 - 2013-08-18 21:32 - 00697552 _____ () C:\Windows\system32\perfh007.dat

2014-10-07 15:33 - 2013-08-18 21:32 - 00149488 _____ () C:\Windows\system32\perfc007.dat

2014-10-07 15:33 - 2009-07-14 00:13 - 11049694 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-07 15:27 - 2014-05-18 00:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-07 15:26 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-07 15:26 - 2009-07-13 23:51 - 00037862 _____ () C:\Windows\setupact.log

2014-10-07 11:53 - 2009-07-13 23:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-07 11:53 - 2009-07-13 23:45 - 00010416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-07 11:47 - 2014-03-11 07:26 - 00000501 _____ () C:\Windows\system32\checkdnsid.xml

2014-10-07 11:40 - 2013-08-21 01:37 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-03 14:03 - 2013-08-18 20:02 - 00314374 _____ () C:\Windows\PFRO.log

2014-10-02 17:12 - 2013-08-18 21:51 - 00000000 ____D () C:\Windows\he-IL

2014-10-01 13:08 - 2014-06-23 11:06 - 00000000 ____D () C:\Program Files (x86)\SafeConnect

2014-10-01 13:08 - 2014-05-18 00:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-10-01 13:08 - 2014-03-02 13:06 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-10-01 13:08 - 2014-02-22 02:06 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro

2014-10-01 13:08 - 2013-09-14 11:23 - 00000000 ____D () C:\Program Files (x86)\Bonjour

2014-10-01 13:07 - 2013-09-14 11:24 - 00000000 ____D () C:\Windows\System32\Tasks\Apple

2014-10-01 13:07 - 2013-09-14 11:24 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

2014-10-01 13:07 - 2013-09-14 11:23 - 00000000 ____D () C:\Program Files\Bonjour

2014-10-01 13:07 - 2013-08-19 22:01 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\vlc

2014-10-01 13:07 - 2013-08-19 21:00 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-10-01 13:07 - 2013-08-19 20:36 - 00000000 ____D () C:\Program Files\tixati

2014-10-01 13:07 - 2013-08-19 11:22 - 00000000 ____D () C:\Program Files\WinRAR

2014-10-01 13:07 - 2013-08-18 19:41 - 00000000 ____D () C:\Windows\system32\SPReview

2014-10-01 13:07 - 2013-08-18 17:24 - 00000000 ____D () C:\Users\Samual.Samual-PC

2014-10-01 13:07 - 2009-07-14 02:46 - 00000000 ____D () C:\Program Files\Windows Journal

2014-10-01 13:07 - 2009-07-14 02:45 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar

2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices

2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender

2014-10-01 13:07 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\DVD Maker

2014-10-01 13:07 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\com

2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Setup

2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\com

2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers

2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Speech

2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\servicing

2014-10-01 13:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration

2014-10-01 12:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Help

2014-10-01 00:33 - 2013-08-24 18:24 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA.job

2014-10-01 00:33 - 2013-08-24 18:24 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core.job

2014-10-01 00:33 - 2013-08-19 00:02 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-01 00:33 - 2013-08-19 00:02 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-01 00:22 - 2013-08-24 18:24 - 00003916 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA

2014-10-01 00:22 - 2013-08-24 18:24 - 00003520 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core

2014-10-01 00:22 - 2013-08-19 00:02 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-10-01 00:22 - 2013-08-19 00:02 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-09-30 23:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system

2014-09-30 22:59 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-09-30 22:09 - 2013-08-18 17:24 - 00001593 _____ () C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-30 21:44 - 2014-08-22 13:14 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT

2014-09-30 21:15 - 2014-02-25 20:44 - 00000000 ____D () C:\Users\Samual.Samual-PC\Documents\My Games

2014-09-30 21:15 - 2013-08-28 22:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-09-29 18:40 - 2013-09-14 11:25 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Local\Apple Computer

2014-09-29 14:15 - 2013-08-19 20:34 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\tixati

2014-09-28 23:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\catroot2.bak

2014-09-24 15:29 - 2014-02-24 16:18 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Foxit Software

2014-09-24 02:40 - 2013-08-21 01:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-09-24 02:40 - 2013-08-21 01:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-09-24 02:40 - 2013-08-21 01:37 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-09-22 15:15 - 2013-08-19 20:37 - 00000784 _____ () C:\Users\Samual.Samual-PC\Desktop\Tixati.lnk

2014-09-22 15:15 - 2013-08-19 20:37 - 00000000 ____D () C:\Users\Samual.Samual-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati

2014-09-11 03:05 - 2013-08-19 20:59 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-11 03:05 - 2013-08-18 18:39 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-11 03:01 - 2013-08-18 18:39 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-09-26 06:38

 

==================== End Of Log ============================

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01

Ran by Samual at 2014-10-07 15:34:58

Running from C:\Users\Samual.Samual-PC\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,9,971,247 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden

AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden

Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Backyard Baseball 2003 (HKLM-x32\...\Backyard Baseball 2003) (Version:  - )

Bitdefender Total Security 2013 (HKLM\...\Bitdefender) (Version: 16.32.0.1882 - Bitdefender)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden

DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)

f.lux (HKCU\...\Flux) (Version:  - )

Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)

Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.650 - Oracle)

Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden

LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )

ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)

Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)

Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)

Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)

Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.0 - Nikon)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)

SafeConnect (HKLM-x32\...\SafeConnect) (Version:  - )

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)

SofTest v11 (HKLM-x32\...\InstallShield_{EC327490-F425-4974-A1B3-4695201ABD26}) (Version: 11.6.8 - Examsoft)

SofTest v11 (x32 Version: 11.6.8 - Examsoft) Hidden

Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)

Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)

ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.0 - Nikon)

VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)

WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 2.0.6.9 - HTC)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2227428012-852200846-1799366619-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

 

==================== Restore Points  =========================

 

03-10-2014 08:00:12 Windows Update

03-10-2014 18:25:58 zoek.exe restore point

04-10-2014 08:00:13 Windows Update

05-10-2014 08:00:11 Windows Update

06-10-2014 08:00:11 Windows Update

07-10-2014 08:00:11 Windows Update

07-10-2014 16:53:04 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {3A4DA79D-5D98-4FAA-932C-36C4368F0B8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)

Task: {41C572C9-29B7-49B0-B927-A2F8B61FC942} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe

Task: {495D9441-1287-41A7-9D32-566713D6F6D4} - \YTDownloaderUpd No Task File <==== ATTENTION

Task: {5D0C67B5-E8D8-4731-883F-A2B63D6A53FF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.)

Task: {870F93AB-ADB4-480D-B8DF-7EED4930AB93} - System32\Tasks\IC Running Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe

Task: {8BC91A06-299D-425F-9306-197230FA2974} - \YTDownloader No Task File <==== ATTENTION

Task: {92BCC57C-833D-4CE5-A39F-E7FC6B5FC38D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)

Task: {AE55A88D-A919-4F26-AC12-3D9F75ED6C45} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.)

Task: {B3D35F06-605D-46A4-9ABA-C805D26335A6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {EEF6C75D-90B7-42DF-8406-E3CDEFD52CB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001Core.job => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2227428012-852200846-1799366619-1001UA.job => C:\Users\Samual.Samual-PC\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-09-25 23:17 - 2013-09-25 23:17 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll

2013-09-25 23:17 - 2013-09-25 23:17 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui

2013-08-20 17:15 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll

2013-08-20 17:15 - 2013-09-25 23:16 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui

2014-07-24 05:18 - 2014-07-24 05:18 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttpbr.mdl

2014-07-24 05:18 - 2014-07-24 05:18 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttpdsp.mdl

2014-07-24 05:18 - 2014-07-24 05:18 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttpph.mdl

2014-07-24 05:18 - 2014-07-24 05:18 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_022\ashttprbl.mdl

2011-06-22 07:48 - 2011-06-22 07:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll

2013-08-20 17:15 - 2012-06-21 14:01 - 01117480 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-11-13 22:22 - 2012-11-13 22:22 - 02010624 _____ () C:\Program Files (x86)\ManyCam\opencv_core220.dll

2012-11-13 22:23 - 2012-11-13 22:23 - 01241088 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc220.dll

2012-11-13 22:23 - 2012-11-13 22:23 - 00241152 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect220.dll

2012-11-13 22:23 - 2012-11-13 22:23 - 00775680 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui220.dll

2012-11-13 22:23 - 2012-11-13 22:23 - 00201216 _____ () C:\Program Files (x86)\ManyCam\opencv_video220.dll

2014-10-01 20:32 - 2014-09-22 23:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll

2014-10-01 20:32 - 2014-09-22 23:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll

2014-10-01 20:32 - 2014-09-22 23:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll

2014-10-01 20:32 - 2014-09-22 23:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll

2014-10-01 20:32 - 2014-09-22 23:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

2014-10-01 20:32 - 2014-09-22 23:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\FRST64.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\Lightroom_5_LS11_win_5_6.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (1).exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (2).exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller.exe:BDU

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^Users^Samual.Samual-PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NexDef Plug-in.lnk => C:\Windows\pss\NexDef Plug-in.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Samual.Samual-PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Samual.Samual-PC\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun

MSCONFIG\startupreg: VMM Mode Selection => C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-2227428012-852200846-1799366619-500 - Administrator - Disabled)

Guest (S-1-5-21-2227428012-852200846-1799366619-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2227428012-852200846-1799366619-1002 - Limited - Enabled)

Samual (S-1-5-21-2227428012-852200846-1799366619-1001 - Administrator - Enabled) => C:\Users\Samual.Samual-PC

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (10/07/2014 03:26:57 PM) (Source: Winlogon) (EventID: 4103) (User: )

Description: Windows license activation failed. Error 0x80070005.

 

Error: (10/07/2014 11:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 10:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 09:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 08:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 07:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 06:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 05:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 04:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

Error: (10/07/2014 03:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:

0x80070005

 

 

System errors:

=============

Error: (10/07/2014 03:28:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Peer Name Resolution Protocol service terminated with the following error: 

%%-2140993535

 

Error: (10/07/2014 03:28:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 

%%-2140993535

 

Error: (10/07/2014 03:28:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Peer Name Resolution Protocol service terminated with the following error: 

%%-2140993535

 

Error: (10/07/2014 03:28:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 

%%-2140993535

 

Error: (10/07/2014 03:28:31 PM) (Source: PNRPSvc) (EventID: 102) (User: )

Description: 0x80630801

 

Error: (10/07/2014 03:28:30 PM) (Source: PNRPSvc) (EventID: 102) (User: )

Description: 0x80630801

 

Error: (10/07/2014 03:28:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Peer Name Resolution Protocol service terminated with the following error: 

%%-2140993535

 

Error: (10/07/2014 03:28:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 

%%-2140993535

 

Error: (10/07/2014 03:28:16 PM) (Source: PNRPSvc) (EventID: 102) (User: )

Description: 0x80630801

 

Error: (10/07/2014 11:53:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Peer Name Resolution Protocol service terminated with the following error: 

%%-2140993535

 

 

Microsoft Office Sessions:

=========================

Error: (10/07/2014 03:26:57 PM) (Source: Winlogon) (EventID: 4103) (User: )

Description: 0x800700050x00000000

 

Error: (10/07/2014 11:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 10:46:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 09:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 08:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 07:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 06:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 05:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 04:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

Error: (10/07/2014 03:46:19 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )

Description: 0x80070005

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core2 Duo CPU P8400 @ 2.26GHz

Percentage of memory in use: 64%

Total physical RAM: 4094.04 MB

Available physical RAM: 1463.3 MB

Total Pagefile: 8186.26 MB

Available Pagefile: 4797.38 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:232.79 GB) (Free:127.77 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: CF70327E)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites
  • Staff

Okay, we will perform one more fix. Tell me how is your PC now, any issue?
 
 
FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

fixlist.txt

Link to post
Share on other sites
Thanks so much for your help thus far, if I may ask why was the particular piece of adware so good at hiding and hard to remove???? As far as performance mbam is not going nuts anymore trying to block tons of stuff and performance seems normal. The only lingering issue is that IE still seems corrupt as no matter what I do it will not change the home page from shitty bing, I never use IE unless i need to use a website that is giving the other browser trouble or something wierd with the cookies, so its not a big deal, but I only bring it up incase it is a sign of something else. Possiley IE is just corrupted, but Windows literally wont let you uninstall IE

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01

Ran by Samual at 2014-10-07 20:46:31 Run:1

Running from C:\Users\Samual.Samual-PC\Downloads

Loaded Profile: Samual (Available profiles: Samual)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

closeprocesses:

emptytemp:

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {32b924eb-9b8b-11e3-9388-001e3deab81c} - F:\Launch.exe

HKU\S-1-5-21-2227428012-852200846-1799366619-1001\...\MountPoints2: {972654e6-1956-11e3-82e9-001e3deab81c} - G:\TL-Bootstrap.exe

ShellIconOverlayIdentifiers-x32: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} =>  No File

ShellIconOverlayIdentifiers-x32: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} =>  No File

ShellIconOverlayIdentifiers-x32: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} =>  No File

ShellIconOverlayIdentifiers-x32: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} =>  No File

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...q={searchTerms}

Handler: WSISVCUchrome - No CLSID Value - 

Handler-x32: WSISVCUchrome - No CLSID Value - 

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

Task: {41C572C9-29B7-49B0-B927-A2F8B61FC942} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe

Task: {495D9441-1287-41A7-9D32-566713D6F6D4} - \YTDownloaderUpd No Task File <==== ATTENTION

Task: {870F93AB-ADB4-480D-B8DF-7EED4930AB93} - System32\Tasks\IC Running Procedure => %LOCALAPPDATA%\I-._d-._l-._e~ ~C_.-r_.-a_.-w_.-l_.-e_.-r\I~..C~..Runner.exe

Task: {8BC91A06-299D-425F-9306-197230FA2974} - \YTDownloader No Task File <==== ATTENTION

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\FRST64.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (1).exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (2).exe:BDU

AlternateDataStreams: C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller.exe:BDU

 

*****************

 

Processes closed successfully.

"HKU\S-1-5-21-2227428012-852200846-1799366619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32b924eb-9b8b-11e3-9388-001e3deab81c}" => Key deleted successfully.

"HKCR\CLSID\{32b924eb-9b8b-11e3-9388-001e3deab81c}" => Key not found.

"HKU\S-1-5-21-2227428012-852200846-1799366619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{972654e6-1956-11e3-82e9-001e3deab81c}" => Key deleted successfully.

"HKCR\CLSID\{972654e6-1956-11e3-82e9-001e3deab81c}" => Key not found.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox1" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" => Key not found.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox2" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}" => Key not found.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox3" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" => Key not found.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\__SafeBox4" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}" => Key not found.

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully.

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => value deleted successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.

"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.

"HKCR\PROTOCOLS\Handler\WSISVCUchrome" => Key deleted successfully.

"HKCR\Wow6432Node\PROTOCOLS\Handler\WSISVCUchrome" => Key not found.

Synth3dVsc => Service deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41C572C9-29B7-49B0-B927-A2F8B61FC942}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41C572C9-29B7-49B0-B927-A2F8B61FC942}" => Key deleted successfully.

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\IC Update Procedure" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{495D9441-1287-41A7-9D32-566713D6F6D4}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{495D9441-1287-41A7-9D32-566713D6F6D4}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{870F93AB-ADB4-480D-B8DF-7EED4930AB93}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{870F93AB-ADB4-480D-B8DF-7EED4930AB93}" => Key deleted successfully.

C:\Windows\System32\Tasks\IC Running Procedure => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IC Running Procedure" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8BC91A06-299D-425F-9306-197230FA2974}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BC91A06-299D-425F-9306-197230FA2974}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader" => Key deleted successfully.

C:\Users\Samual.Samual-PC\Downloads\BeamNG-Techdemo-0.3-setup.exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\ChromeSetup.exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\Firefox Setup Stub 32.0.3.exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\FRST64.exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\Lightroom_5_LS11_win_5_6.exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\ManyCamSetup_4-0-109.exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\QuickTimeInstaller.exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (1).exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller (2).exe => ":BDU" ADS removed successfully.

C:\Users\Samual.Samual-PC\Downloads\ServiceInstaller.exe => ":BDU" ADS removed successfully.

EmptyTemp: => Removed 562.6 MB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog ====

Link to post
Share on other sites
  • Staff

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifFiheHippo.com Update Checker - to keep your programs up-to-date.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: xbtn_donate_SM.gif.pagespeed.ic.MMi5tqVp

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.