Jump to content

joeperry41

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014Ran by joe (administrator) on JOE-PC on 12-04-2014 14:25:27Running from C:\Users\joe\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Safe Mode (with Networking) The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2010-10-31] (Synaptics Incorporated)HKLM\...\Run: [smartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-10-31] (Sun Microsystems, Inc.)HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-10-31] (IDT, Inc.)HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-05] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [HPCam_Menu] - c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)HKLM-x32\...\Run: [] - [X]HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)HKLM-x32\...\Run: [brunel University Connect Assistant] - C:\Program Files (x86)\Brunel University\Connect\Assistant\BrunelConnectAssistant.exe [1280864 2012-07-31] (Brunel University)HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()HKLM-x32\...\Run: [sSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)HKLM-x32\...\Run: [DATAMNGR] - C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXEHKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)HKLM-x32\...\Runonce: [removeiMeshtoolbar] - cmd.exe /c RD /S /Q "C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar" [X]HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-21] (Microsoft Corporation)HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [Facebook Update] - C:\Users\joe\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-27] (Facebook Inc.)HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [spotify Web Helper] - C:\Users\joe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-20] (Spotify Ltd)HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [showBatteryBar] - C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2009-05-28] ()HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [spotify] - C:\Users\joe\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-20] (Spotify Ltd)HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [searchProtection] - "C:\Users\joe\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostartHKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-09-28] (Google Inc.)HKU\S-1-5-21-1363017302-3044177764-3311269960-1000\...\MountPoints2: G - G:\LaunchU3.exe -aIFEO\bitguard.exe: [Debugger] tasklist.exeIFEO\bprotect.exe: [Debugger] tasklist.exeIFEO\bpsvc.exe: [Debugger] tasklist.exeIFEO\browserdefender.exe: [Debugger] tasklist.exeIFEO\browserprotect.exe: [Debugger] tasklist.exeIFEO\browsersafeguard.exe: [Debugger] tasklist.exeIFEO\dprotectsvc.exe: [Debugger] tasklist.exeIFEO\protectedsearch.exe: [Debugger] tasklist.exeIFEO\searchprotection.exe: [Debugger] tasklist.exeIFEO\searchprotector.exe: [Debugger] tasklist.exeIFEO\searchsettings.exe: [Debugger] tasklist.exeIFEO\searchsettings64.exe: [Debugger] tasklist.exeIFEO\snapdo.exe: [Debugger] tasklist.exeIFEO\stinst32.exe: [Debugger] tasklist.exeIFEO\stinst64.exe: [Debugger] tasklist.exeIFEO\utiljumpflip.exe: [Debugger] tasklist.exeStartup: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Banshee Screamer Alarm.lnkShortcutTarget: Banshee Screamer Alarm.lnk -> C:\Program Files (x86)\Banshee Screamer Alarm\alarm.exe ()Startup: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnkShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTIONHKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll <===== ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyyDyC0Bzz0DtDyE0B0AyBtN0D0Tzu0SzztByCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StB0CzztCyDtCzzyEtGzztCyC0DtG0B0D0ByDtGzz0Czz0DtGyB0FyCyByEtBtDtB0CyCyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EzyzytB0CyE0DtG0C0Czz0BtGtDyDyDyBtG0AzzzytAtGyC0AtAtD0ByC0B0Bzz0EtCzz2Q&cr=332904092&ir=HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyyDyC0Bzz0DtDyE0B0AyBtN0D0Tzu0SzztByCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StB0CzztCyDtCzzyEtGzztCyC0DtG0B0D0ByDtGzz0Czz0DtGyB0FyCyByEtBtDtB0CyCyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EzyzytB0CyE0DtG0C0Czz0BtGtDyDyDyBtG0AzzzytAtGyC0AtAtD0ByC0B0Bzz0EtCzz2Q&cr=332904092&ir=HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyyDyC0Bzz0DtDyE0B0AyBtN0D0Tzu0SzztByCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StB0CzztCyDtCzzyEtGzztCyC0DtG0B0D0ByDtGzz0Czz0DtGyB0FyCyByEtBtDtB0CyCyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EzyzytB0CyE0DtG0C0Czz0BtGtDyDyDyBtG0AzzzytAtGyC0AtAtD0ByC0B0Bzz0EtCzz2Q&cr=332904092&ir=URLSearchHook: HKCU - (No Name) - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - No FileSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=905&systemid=406&v=u12130-308&apn_uid=4524492026584218&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=905&systemid=406&v=u12130-308&apn_uid=4524492026584218&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}SearchScopes: HKCU - DefaultScope {951FEC2F-27DB-47DA-A88C-7A5AA3AB26F5} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyyDyC0Bzz0DtDyE0B0AyBtN0D0Tzu0SzztByCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StB0CzztCyDtCzzyEtGzztCyC0DtG0B0D0ByDtGzz0Czz0DtGyB0FyCyByEtBtDtB0CyCyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EzyzytB0CyE0DtG0C0Czz0BtGtDyDyDyBtG0AzzzytAtGyC0AtAtD0ByC0B0Bzz0EtCzz2Q&cr=332904092&ir=SearchScopes: HKCU - {043C5167-00BB-4324-AF7E-62013FAEDACF} URL = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dspSearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119529&babsrc=SP_ss&mntrId=B40FF07BCB834742SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}SearchScopes: HKCU - {951FEC2F-27DB-47DA-A88C-7A5AA3AB26F5} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyyDyC0Bzz0DtDyE0B0AyBtN0D0Tzu0SzztByCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StB0CzztCyDtCzzyEtGzztCyC0DtG0B0D0ByDtGzz0Czz0DtGyB0FyCyByEtBtDtB0CyCyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EzyzytB0CyE0DtG0C0Czz0BtGtDyDyDyBtG0AzzzytAtGyC0AtAtD0ByC0B0Bzz0EtCzz2Q&cr=332904092&ir=SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=905&systemid=406&v=u12130-308&apn_uid=4524492026584218&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll ()BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll No FileBHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO-x32: Mega Browse - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - C:\Program Files (x86)\Mega Browse\MegaBrowsebho.dll No FileBHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll No FileBHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll ()BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll No FileToolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll ()Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll No FileToolbar: HKLM-x32 - Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll No FileToolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKLM-x32 - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll ()Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileToolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKCU - No Name - {B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} - No FileToolbar: HKCU - No Name - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No FileToolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileDPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-10-31] (EasyBits Software Corp.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Chrome: =======CHR DefaultSearchKeyword: google.co.ukCHR Extension: (Movies Toolbar) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2014-04-10]CHR Extension: (Google Docs) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-10]CHR Extension: (Google Drive) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-10]CHR Extension: (YouTube) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-10]CHR Extension: (McAfee Security Scan+) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-10]CHR Extension: (Adblock Plus) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-11]CHR Extension: (Google Search) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-10]CHR Extension: (Google Wallet) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10]CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-04-10]CHR Extension: (Gmail) - C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-10]CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\joe\AppData\Local\ilividmoviestoolbar181\GC\toolbar.crx [2013-12-11]CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-10-26] ==================== Services (Whitelisted) ================= S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2010-10-31] (Andrea Electronics Corporation)S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [66112 2010-09-01] (NOS Microsystems Ltd.)S2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-10-31] (IDT, Inc.)S2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [X]S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]S2 Update Mega Browse; "C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe" [X]S2 Util Mega Browse; "C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe" [X] ==================== Drivers (Whitelisted) ==================== S1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-04] (Symantec Corporation)S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-05] (Symantec Corporation)S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-05] (Symantec Corporation)S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg [36216 2014-03-24] (Bandoo Media Inc)S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20140306.003\IDSvia64.sys [524504 2014-02-25] (Symantec Corporation)S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140307.003\ENG64.SYS [126040 2014-01-05] (Symantec Corporation)S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140307.003\EX64.SYS [2099288 2014-01-05] (Symantec Corporation)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-22] (Symantec Corporation)S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-22] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-30] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-22] (Symantec Corporation)S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2014-01-05] (Symantec Corporation)S1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation)S1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-22] (Symantec Corporation)R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-06] (StdLib)S1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20090829.001\BHDrvx64.sys [X]U4 eabfiltr; S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-12 14:25 - 2014-04-12 14:26 - 00023066 _____ () C:\Users\joe\Downloads\FRST.txt2014-04-12 14:24 - 2014-04-12 14:25 - 00000000 ____D () C:\FRST2014-04-12 14:24 - 2014-04-12 14:24 - 02157056 _____ (Farbar) C:\Users\joe\Downloads\FRST64.exe2014-04-12 12:17 - 2014-04-12 12:18 - 00000000 ____D () C:\ProgramData\MFAData2014-04-12 12:17 - 2014-04-12 12:17 - 04435768 _____ (AVG Technologies) C:\Users\joe\Desktop\avg_avct_stb_all_2014_4259_cm10.exe2014-04-12 12:17 - 2014-04-12 12:17 - 00000000 ____D () C:\Users\joe\AppData\Local\MFAData2014-04-12 12:17 - 2014-04-12 12:17 - 00000000 ____D () C:\Users\joe\AppData\Local\Avg20142014-04-12 11:31 - 2014-04-12 11:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\joe\Downloads\mbam-setup-2.0.1.1004 (2).exe2014-04-12 11:06 - 2014-04-12 12:54 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-04-12 11:06 - 2014-04-12 11:06 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-12 11:06 - 2014-04-12 11:06 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-12 11:06 - 2014-04-12 11:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-12 11:06 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-12 11:06 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-04-12 11:06 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-04-12 11:05 - 2014-04-12 11:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\joe\Downloads\mbam-setup-2.0.1.1004 (1).exe2014-04-12 10:52 - 2014-04-12 10:55 - 00002590 _____ () C:\Users\joe\Desktop\Rkill.txt2014-04-12 10:52 - 2014-04-12 10:52 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\joe\Downloads\iExplore (1).exe2014-04-12 10:49 - 2014-04-12 10:49 - 00234592 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\26261955.sys2014-04-12 10:49 - 2014-04-11 09:32 - 00000000 ____D () C:\Program Files (x86)\TDSSKiller2014-04-12 10:48 - 2014-04-12 10:48 - 04118280 _____ () C:\Users\joe\Downloads\tdsskiller.zip2014-04-12 10:33 - 2014-04-12 10:33 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\joe\Downloads\tdsskiller.exe2014-04-12 10:19 - 2014-04-12 10:20 - 17101312 _____ () C:\Users\joe\Downloads\mbam-setup-2.0.1.1004.exe2014-04-12 10:16 - 2014-04-12 10:16 - 00003226 _____ () C:\Windows\System32\Tasks\{C3B26346-B6A0-4A1F-A003-F437D06FA6C6}2014-04-12 10:06 - 2014-04-12 10:06 - 01909384 _____ () C:\Users\joe\Downloads\iExplore.exe2014-04-12 09:24 - 2014-04-12 09:32 - 04388696 _____ () C:\Users\joe\Downloads\avg_isit_stb_all_2014_4569 (1).exe2014-04-12 09:14 - 2014-04-12 09:23 - 04471896 _____ (AVG Technologies) C:\Users\joe\Downloads\avg_isit_stb_all_2014_4569.exe2014-04-10 19:49 - 2014-04-10 19:49 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-04-10 19:46 - 2014-04-10 19:46 - 00246760 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-04-10 19:46 - 2014-04-10 19:46 - 00095208 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-04-09 21:04 - 2014-04-09 21:04 - 00000000 ____D () C:\Windows\Sun2014-04-08 07:44 - 2014-04-08 21:32 - 00000000 ____D () C:\Users\joe\Downloads\WWE.Raw.04.07.14.DSR.XviD-XWT2014-04-07 19:16 - 2014-04-07 19:21 - 00000000 ____D () C:\Users\joe\Downloads\WWE.Wrestlemania.XXX.WWENetwork.WEB-DL.H264-XWT2014-04-06 17:27 - 2014-04-06 17:27 - 00001788 _____ () C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShutdownGuard.lnk2014-04-06 17:27 - 2014-04-06 17:27 - 00000000 ____D () C:\Program Files\ShutdownGuard2014-04-06 12:46 - 2014-04-06 12:46 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys2014-04-06 11:51 - 2014-04-06 11:51 - 00417584 _____ (BitTorrent, Inc.) C:\Users\joe\Downloads\utorrent-falcon-2.1 (1).exe2014-04-06 11:43 - 2014-04-12 13:30 - 00000000 ____D () C:\Users\joe\.littleshoot2014-04-06 11:43 - 2014-04-06 11:43 - 00000000 ____D () C:\Users\joe\shared2014-04-06 11:43 - 2014-04-06 11:43 - 00000000 ____D () C:\Users\joe\AppData\Roaming\LittleShoot2014-04-06 11:41 - 2014-04-06 11:41 - 18199712 _____ (LittleShoot Labs) C:\Users\joe\Downloads\LittleShoot-09991.exe2014-04-06 11:07 - 2014-04-12 14:07 - 00000284 _____ () C:\Windows\Tasks\MySearchDial.job2014-04-06 11:07 - 2014-04-07 00:07 - 00003216 _____ () C:\Windows\System32\Tasks\MySearchDial2014-04-06 11:07 - 2014-04-07 00:07 - 00000086 _____ () C:\Users\joe\AppData\Roaming\WB.CFG2014-04-06 11:06 - 2014-04-12 13:05 - 00000000 ____D () C:\Program Files (x86)\Mega Browse2014-04-06 11:05 - 2014-04-06 11:07 - 00000000 ____D () C:\Users\joe\AppData\Roaming\mysearchdial2014-04-06 11:05 - 2014-04-06 11:05 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial2014-04-06 11:04 - 2014-04-06 11:03 - 00417584 _____ (BitTorrent, Inc.) C:\Users\joe\Downloads\utorrent-falcon-2.1.exe2014-04-06 11:02 - 2014-04-06 11:02 - 00683008 _____ ( ) C:\Users\joe\Downloads\utorrent-falcon-2-1-2763-en-setup.exe2014-04-06 10:03 - 2014-04-06 10:03 - 00000000 ____D () C:\Users\joe\AppData\Local\{A7D486D0-E09A-48E0-8433-ADE10028ED7B}2014-04-06 09:55 - 2014-04-06 09:55 - 00000000 ____D () C:\Users\joe\Downloads\WWE Hall of Fame 2014 HDTV x264 - SNHD2014-04-05 20:44 - 2014-04-05 20:44 - 00000000 ____D () C:\Users\joe\Documents\Any Video Converter2014-04-05 20:44 - 2014-04-05 20:44 - 00000000 ____D () C:\Users\joe\AppData\Roaming\AnvSoft2014-04-05 20:41 - 2014-04-05 20:42 - 31429160 _____ (Any-Video-Converter.com ) C:\Users\joe\Downloads\avc-free.exe2014-04-05 20:40 - 2014-04-05 20:40 - 00930952 _____ (CNET Download.com) C:\Users\joe\Downloads\cbsidlm-cbsi183-Free_MP4_to_MPG_Converter-SEO-75904806 (1).exe2014-04-05 20:39 - 2014-04-05 20:39 - 00930952 _____ (CNET Download.com) C:\Users\joe\Downloads\cbsidlm-cbsi183-MP4_to_MPEG_Converter-SEO-75279506.exe2014-04-05 20:38 - 2014-04-05 20:39 - 00930952 _____ (CNET Download.com) C:\Users\joe\Downloads\cbsidlm-cbsi183-Free_MP4_to_MPG_Converter-SEO-75904806.exe2014-04-05 20:37 - 2014-04-05 20:37 - 00000000 ____D () C:\Users\joe\Documents\Bigasoft Total Video Converter2014-04-05 20:35 - 2014-04-05 20:35 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Bigasoft Total Video Converter 42014-04-05 20:34 - 2014-04-05 20:34 - 14584477 _____ (Bigasoft Corporation ) C:\Users\joe\Downloads\b-total-video-converter.exe2014-04-05 17:41 - 2014-04-05 20:53 - 00000000 ____D () C:\Users\joe\Downloads\WWE Legends of WrestleMania 2014-04-04 720p AVCHD-SC-SDH2014-04-05 16:56 - 2014-04-05 16:56 - 00000000 ____D () C:\Users\joe\AppData\Local\ilividmoviestoolbar1812014-04-05 16:55 - 2014-04-09 18:30 - 00000000 ____D () C:\ProgramData\Datamngr2014-04-05 16:55 - 2014-04-05 16:55 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar2014-04-05 16:54 - 2014-04-05 16:54 - 00000000 ____D () C:\Users\joe\AppData\Local\iLivid2014-04-02 23:58 - 2014-04-02 23:58 - 00043206 _____ () C:\Users\joe\Downloads\TO THE RETARD FIXER.zip2014-04-02 20:19 - 2014-04-02 20:23 - 00000000 ____D () C:\ProgramData\PMS2014-04-02 20:19 - 2014-04-02 20:19 - 00000994 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk2014-04-02 20:17 - 2014-04-02 20:19 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server2014-04-02 20:13 - 2014-04-02 20:14 - 54431910 _____ () C:\Users\joe\Downloads\pms-1.90.1-setup-full-x64.exe2014-04-02 20:04 - 2014-04-12 12:54 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Search Protection2014-04-02 20:01 - 2014-04-12 11:52 - 00000000 ____D () C:\Users\joe\AppData\Roaming\uTorrent2014-04-02 20:00 - 2014-04-02 20:00 - 01671248 _____ (BitTorrent Inc.) C:\Users\joe\Downloads\uTorrent.exe2014-03-20 21:41 - 2014-03-20 21:41 - 00381440 _____ () C:\Users\joe\Downloads\Java (1).exe ==================== One Month Modified Files and Folders ======= 2014-04-12 14:26 - 2014-04-12 14:25 - 00023066 _____ () C:\Users\joe\Downloads\FRST.txt2014-04-12 14:25 - 2014-04-12 14:24 - 00000000 ____D () C:\FRST2014-04-12 14:24 - 2014-04-12 14:24 - 02157056 _____ (Farbar) C:\Users\joe\Downloads\FRST64.exe2014-04-12 14:24 - 2009-07-14 06:13 - 00798686 _____ () C:\Windows\system32\PerfStringBackup.INI2014-04-12 14:20 - 2010-05-13 21:35 - 00324326 _____ () C:\Windows\PFRO.log2014-04-12 14:19 - 2010-05-13 21:33 - 01886706 _____ () C:\Windows\WindowsUpdate.log2014-04-12 14:18 - 2010-11-05 15:31 - 00000416 _____ () C:\Windows\Tasks\DriverCure Startup.job2014-04-12 14:18 - 2009-07-14 05:51 - 02458751 _____ () C:\Windows\setupact.log2014-04-12 14:07 - 2014-04-06 11:07 - 00000284 _____ () C:\Windows\Tasks\MySearchDial.job2014-04-12 13:57 - 2009-10-31 10:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-04-12 13:53 - 2009-10-31 11:57 - 00000000 ____D () C:\Program Files (x86)\CyberLink2014-04-12 13:47 - 2010-09-28 11:45 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-04-12 13:35 - 2009-10-31 11:57 - 00000000 ____D () C:\ProgramData\CyberLink2014-04-12 13:30 - 2014-04-06 11:43 - 00000000 ____D () C:\Users\joe\.littleshoot2014-04-12 13:27 - 2010-09-28 11:45 - 00000000 ____D () C:\Program Files (x86)\Google2014-04-12 13:25 - 2012-10-31 19:50 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU2014-04-12 13:05 - 2014-04-06 11:06 - 00000000 ____D () C:\Program Files (x86)\Mega Browse2014-04-12 13:01 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-04-12 13:01 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-04-12 12:57 - 2013-02-26 17:50 - 00000000 ____D () C:\Program Files (x86)\Steam2014-04-12 12:56 - 2010-09-27 15:29 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Spotify2014-04-12 12:54 - 2014-04-12 11:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-04-12 12:54 - 2014-04-02 20:04 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Search Protection2014-04-12 12:52 - 2013-03-10 19:37 - 00000490 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job2014-04-12 12:52 - 2010-09-28 11:45 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-04-12 12:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-04-12 12:18 - 2014-04-12 12:17 - 00000000 ____D () C:\ProgramData\MFAData2014-04-12 12:17 - 2014-04-12 12:17 - 04435768 _____ (AVG Technologies) C:\Users\joe\Desktop\avg_avct_stb_all_2014_4259_cm10.exe2014-04-12 12:17 - 2014-04-12 12:17 - 00000000 ____D () C:\Users\joe\AppData\Local\MFAData2014-04-12 12:17 - 2014-04-12 12:17 - 00000000 ____D () C:\Users\joe\AppData\Local\Avg20142014-04-12 11:52 - 2014-04-02 20:01 - 00000000 ____D () C:\Users\joe\AppData\Roaming\uTorrent2014-04-12 11:31 - 2014-04-12 11:31 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\joe\Downloads\mbam-setup-2.0.1.1004 (2).exe2014-04-12 11:06 - 2014-04-12 11:06 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-12 11:06 - 2014-04-12 11:06 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-12 11:06 - 2014-04-12 11:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-12 11:06 - 2014-04-12 11:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\joe\Downloads\mbam-setup-2.0.1.1004 (1).exe2014-04-12 10:55 - 2014-04-12 10:52 - 00002590 _____ () C:\Users\joe\Desktop\Rkill.txt2014-04-12 10:52 - 2014-04-12 10:52 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\joe\Downloads\iExplore (1).exe2014-04-12 10:49 - 2014-04-12 10:49 - 00234592 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\26261955.sys2014-04-12 10:48 - 2014-04-12 10:48 - 04118280 _____ () C:\Users\joe\Downloads\tdsskiller.zip2014-04-12 10:33 - 2014-04-12 10:33 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\joe\Downloads\tdsskiller.exe2014-04-12 10:29 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini2014-04-12 10:20 - 2014-04-12 10:19 - 17101312 _____ () C:\Users\joe\Downloads\mbam-setup-2.0.1.1004.exe2014-04-12 10:16 - 2014-04-12 10:16 - 00003226 _____ () C:\Windows\System32\Tasks\{C3B26346-B6A0-4A1F-A003-F437D06FA6C6}2014-04-12 10:06 - 2014-04-12 10:06 - 01909384 _____ () C:\Users\joe\Downloads\iExplore.exe2014-04-12 09:32 - 2014-04-12 09:24 - 04388696 _____ () C:\Users\joe\Downloads\avg_isit_stb_all_2014_4569 (1).exe2014-04-12 09:27 - 2011-09-07 18:47 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1363017302-3044177764-3311269960-1000UA.job2014-04-12 09:26 - 2010-11-05 15:31 - 00000400 _____ () C:\Windows\Tasks\DriverCure.job2014-04-12 09:23 - 2014-04-12 09:14 - 04471896 _____ (AVG Technologies) C:\Users\joe\Downloads\avg_isit_stb_all_2014_4569.exe2014-04-12 09:18 - 2011-09-07 18:47 - 00000896 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1363017302-3044177764-3311269960-1000Core.job2014-04-12 09:14 - 2011-11-17 10:49 - 00000262 _____ () C:\Windows\Tasks\RMSchedule.job2014-04-12 09:12 - 2014-01-17 23:10 - 00000000 ____D () C:\Users\joe\AppData\Local\CrashDumps2014-04-12 09:11 - 2013-03-10 20:06 - 00000464 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job2014-04-11 09:32 - 2014-04-12 10:49 - 00000000 ____D () C:\Program Files (x86)\TDSSKiller2014-04-11 00:09 - 2010-11-05 15:31 - 00000000 ____D () C:\ProgramData\DriverCure2014-04-10 19:49 - 2014-04-10 19:49 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-04-10 19:49 - 2010-09-28 11:45 - 00000000 ____D () C:\Users\joe\AppData\Local\Google2014-04-10 19:46 - 2014-04-10 19:46 - 00246760 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-04-10 19:46 - 2014-04-10 19:46 - 00095208 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-04-10 19:46 - 2012-12-12 16:16 - 00174056 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-04-10 19:46 - 2012-12-12 16:16 - 00174056 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-04-10 19:46 - 2012-12-03 20:38 - 00821736 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll2014-04-10 19:46 - 2012-04-09 13:19 - 00000000 ____D () C:\Program Files (x86)\Java2014-04-10 19:46 - 2010-11-17 20:59 - 00746984 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll2014-04-10 19:39 - 2010-09-27 15:29 - 00000000 ____D () C:\Users\joe\AppData\Local\Spotify2014-04-09 21:04 - 2014-04-09 21:04 - 00000000 ____D () C:\Windows\Sun2014-04-09 19:31 - 2010-10-08 15:44 - 00000494 ____H () C:\Windows\Tasks\Norton Security Scan for joe.job2014-04-09 18:30 - 2014-04-05 16:55 - 00000000 ____D () C:\ProgramData\Datamngr2014-04-08 21:32 - 2014-04-08 07:44 - 00000000 ____D () C:\Users\joe\Downloads\WWE.Raw.04.07.14.DSR.XviD-XWT2014-04-07 19:21 - 2014-04-07 19:16 - 00000000 ____D () C:\Users\joe\Downloads\WWE.Wrestlemania.XXX.WWENetwork.WEB-DL.H264-XWT2014-04-07 00:07 - 2014-04-06 11:07 - 00003216 _____ () C:\Windows\System32\Tasks\MySearchDial2014-04-07 00:07 - 2014-04-06 11:07 - 00000086 _____ () C:\Users\joe\AppData\Roaming\WB.CFG2014-04-06 18:02 - 2012-09-28 16:43 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Plane92014-04-06 17:27 - 2014-04-06 17:27 - 00001788 _____ () C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ShutdownGuard.lnk2014-04-06 17:27 - 2014-04-06 17:27 - 00000000 ____D () C:\Program Files\ShutdownGuard2014-04-06 12:46 - 2014-04-06 12:46 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys2014-04-06 11:51 - 2014-04-06 11:51 - 00417584 _____ (BitTorrent, Inc.) C:\Users\joe\Downloads\utorrent-falcon-2.1 (1).exe2014-04-06 11:43 - 2014-04-06 11:43 - 00000000 ____D () C:\Users\joe\shared2014-04-06 11:43 - 2014-04-06 11:43 - 00000000 ____D () C:\Users\joe\AppData\Roaming\LittleShoot2014-04-06 11:43 - 2010-09-21 17:11 - 00000000 ____D () C:\Users\joe2014-04-06 11:41 - 2014-04-06 11:41 - 18199712 _____ (LittleShoot Labs) C:\Users\joe\Downloads\LittleShoot-09991.exe2014-04-06 11:07 - 2014-04-06 11:05 - 00000000 ____D () C:\Users\joe\AppData\Roaming\mysearchdial2014-04-06 11:05 - 2014-04-06 11:05 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial2014-04-06 11:03 - 2014-04-06 11:04 - 00417584 _____ (BitTorrent, Inc.) C:\Users\joe\Downloads\utorrent-falcon-2.1.exe2014-04-06 11:02 - 2014-04-06 11:02 - 00683008 _____ ( ) C:\Users\joe\Downloads\utorrent-falcon-2-1-2763-en-setup.exe2014-04-06 10:03 - 2014-04-06 10:03 - 00000000 ____D () C:\Users\joe\AppData\Local\{A7D486D0-E09A-48E0-8433-ADE10028ED7B}2014-04-06 10:02 - 2011-02-21 13:23 - 00000000 ____D () C:\Users\joe\AppData\Local\Windows Live2014-04-06 09:55 - 2014-04-06 09:55 - 00000000 ____D () C:\Users\joe\Downloads\WWE Hall of Fame 2014 HDTV x264 - SNHD2014-04-05 21:34 - 2011-11-17 03:20 - 00000000 ____D () C:\Users\joe\AppData\Roaming\DivX2014-04-05 20:53 - 2014-04-05 17:41 - 00000000 ____D () C:\Users\joe\Downloads\WWE Legends of WrestleMania 2014-04-04 720p AVCHD-SC-SDH2014-04-05 20:44 - 2014-04-05 20:44 - 00000000 ____D () C:\Users\joe\Documents\Any Video Converter2014-04-05 20:44 - 2014-04-05 20:44 - 00000000 ____D () C:\Users\joe\AppData\Roaming\AnvSoft2014-04-05 20:42 - 2014-04-05 20:41 - 31429160 _____ (Any-Video-Converter.com ) C:\Users\joe\Downloads\avc-free.exe2014-04-05 20:40 - 2014-04-05 20:40 - 00930952 _____ (CNET Download.com) C:\Users\joe\Downloads\cbsidlm-cbsi183-Free_MP4_to_MPG_Converter-SEO-75904806 (1).exe2014-04-05 20:39 - 2014-04-05 20:39 - 00930952 _____ (CNET Download.com) C:\Users\joe\Downloads\cbsidlm-cbsi183-MP4_to_MPEG_Converter-SEO-75279506.exe2014-04-05 20:39 - 2014-04-05 20:38 - 00930952 _____ (CNET Download.com) C:\Users\joe\Downloads\cbsidlm-cbsi183-Free_MP4_to_MPG_Converter-SEO-75904806.exe2014-04-05 20:37 - 2014-04-05 20:37 - 00000000 ____D () C:\Users\joe\Documents\Bigasoft Total Video Converter2014-04-05 20:35 - 2014-04-05 20:35 - 00000000 ____D () C:\Users\joe\AppData\Roaming\Bigasoft Total Video Converter 42014-04-05 20:34 - 2014-04-05 20:34 - 14584477 _____ (Bigasoft Corporation ) C:\Users\joe\Downloads\b-total-video-converter.exe2014-04-05 16:56 - 2014-04-05 16:56 - 00000000 ____D () C:\Users\joe\AppData\Local\ilividmoviestoolbar1812014-04-05 16:55 - 2014-04-05 16:55 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar2014-04-05 16:54 - 2014-04-05 16:54 - 00000000 ____D () C:\Users\joe\AppData\Local\iLivid2014-04-05 13:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF2014-04-05 10:17 - 2013-12-07 22:17 - 00387051 _____ () C:\Windows\IE11_main.log2014-04-03 19:42 - 2010-09-28 11:45 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-04-03 19:42 - 2010-09-28 11:45 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-04-03 09:51 - 2014-04-12 11:06 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-03 09:51 - 2014-04-12 11:06 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-04-03 09:50 - 2014-04-12 11:06 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-04-02 23:58 - 2014-04-02 23:58 - 00043206 _____ () C:\Users\joe\Downloads\TO THE RETARD FIXER.zip2014-04-02 21:29 - 2010-09-27 15:11 - 00000000 ____D () C:\Program Files (x86)\Brunel University2014-04-02 20:23 - 2014-04-02 20:19 - 00000000 ____D () C:\ProgramData\PMS2014-04-02 20:19 - 2014-04-02 20:19 - 00000994 _____ () C:\Users\Public\Desktop\PS3 Media Server.lnk2014-04-02 20:19 - 2014-04-02 20:17 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server2014-04-02 20:14 - 2014-04-02 20:13 - 54431910 _____ () C:\Users\joe\Downloads\pms-1.90.1-setup-full-x64.exe2014-04-02 20:00 - 2014-04-02 20:00 - 01671248 _____ (BitTorrent Inc.) C:\Users\joe\Downloads\uTorrent.exe2014-03-27 20:43 - 2012-10-30 16:46 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForjoe2014-03-27 20:43 - 2012-10-30 16:46 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForjoe.job2014-03-20 21:41 - 2014-03-20 21:41 - 00381440 _____ () C:\Users\joe\Downloads\Java (1).exe2014-03-19 08:37 - 2013-07-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT2014-03-19 08:23 - 2011-02-21 13:41 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete:====================C:\Users\joe\CeltxSetup-2.9.1.exeC:\Users\joe\ConnectAssistant.exeC:\Users\joe\WA_P3050_Beta2.exe Some content of TEMP:====================C:\Users\joe\AppData\Local\Temp\3pzg9mle.dllC:\Users\joe\AppData\Local\Temp\BrunelConnectAssistantSetup.exeC:\Users\joe\AppData\Local\Temp\BrunelConnectCONNECTASSISTANTALTUPGRADE.exeC:\Users\joe\AppData\Local\Temp\contentDATs.exeC:\Users\joe\AppData\Local\Temp\DeltaTB.exeC:\Users\joe\AppData\Local\Temp\DivXInstaller.exeC:\Users\joe\AppData\Local\Temp\Extract.exeC:\Users\joe\AppData\Local\Temp\GLF67F.tmp.ConduitEngineSetup.exeC:\Users\joe\AppData\Local\Temp\gtb.exeC:\Users\joe\AppData\Local\Temp\HPHelpUpdater.exeC:\Users\joe\AppData\Local\Temp\HPQSi.exeC:\Users\joe\AppData\Local\Temp\iMesh_setup.exeC:\Users\joe\AppData\Local\Temp\installhelper.dllC:\Users\joe\AppData\Local\Temp\install_reader10_uk_mssa_aih.exeC:\Users\joe\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exeC:\Users\joe\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exeC:\Users\joe\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exeC:\Users\joe\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exeC:\Users\joe\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exeC:\Users\joe\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exeC:\Users\joe\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exeC:\Users\joe\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-6u38-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exeC:\Users\joe\AppData\Local\Temp\kss_installer.exeC:\Users\joe\AppData\Local\Temp\MSNCCE.exeC:\Users\joe\AppData\Local\Temp\PreSetup.exeC:\Users\joe\AppData\Local\Temp\prxGLF67F.tmp.tbElf_.dllC:\Users\joe\AppData\Local\Temp\Resource.exeC:\Users\joe\AppData\Local\Temp\SearchWithGoogleUpdate.exeC:\Users\joe\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\joe\AppData\Local\Temp\Setup.exeC:\Users\joe\AppData\Local\Temp\SkypeSetup.exeC:\Users\joe\AppData\Local\Temp\SP47470.exeC:\Users\joe\AppData\Local\Temp\SP48159.exeC:\Users\joe\AppData\Local\Temp\SP48488.exeC:\Users\joe\AppData\Local\Temp\SP48830.exeC:\Users\joe\AppData\Local\Temp\SP49392.exeC:\Users\joe\AppData\Local\Temp\sp50843.exe.exeC:\Users\joe\AppData\Local\Temp\sp54620.exeC:\Users\joe\AppData\Local\Temp\sp58915.exeC:\Users\joe\AppData\Local\Temp\SpotifyUpgrader.exeC:\Users\joe\AppData\Local\Temp\SRAssetsHelper.dllC:\Users\joe\AppData\Local\Temp\tbElf_.dllC:\Users\joe\AppData\Local\Temp\ToolbarInstaller.exeC:\Users\joe\AppData\Local\Temp\uninst1.exeC:\Users\joe\AppData\Local\Temp\UNINSTALL.exeC:\Users\joe\AppData\Local\Temp\UninstallHPSA.exeC:\Users\joe\AppData\Local\Temp\UninstallHPTCA.exeC:\Users\joe\AppData\Local\Temp\Update.exeC:\Users\joe\AppData\Local\Temp\utt4F8D.tmp.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-29 13:33 ==================== End Of Log ============================ RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Safe mode with network supportUser : joe [Admin rights]Mode : Scan -- Date : 04/12/2014 14:31:56| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 20 ¤¤¤[RUN][sUSP PATH] HKCU\[...]\Run : SearchProtection ("C:\Users\joe\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart [x]) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-1363017302-3044177764-3311269960-1000\[...]\Run : SearchProtection ("C:\Users\joe\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart [x]) -> FOUND[iFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\bpsvc.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\browsersafeguard.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\dprotectsvc.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\protectedsearch.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\searchprotection.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\searchprotector.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\searchsettings.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\searchsettings64.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\snapdo.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\stinst32.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\stinst64.exe : Debugger (tasklist.exe [7]) -> FOUND[iFEO] HKLM\[...]\utiljumpflip.exe : Debugger (tasklist.exe [7]) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤[V1][sUSP PATH] MySearchDial.job : C:\Users\joe\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤[Address] EAT @explorer.exe (WlanAllocateMemory) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B8AC8)[Address] EAT @explorer.exe (WlanCloseHandle) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B38A0)[Address] EAT @explorer.exe (WlanConnect) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B5558)[Address] EAT @explorer.exe (WlanDeleteProfile) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B6D10)[Address] EAT @explorer.exe (WlanDisconnect) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B57E8)[Address] EAT @explorer.exe (WlanEnumInterfaces) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B3A80)[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B8394)[Address] EAT @explorer.exe (WlanFreeMemory) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26BA5A0)[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B4F88)[Address] EAT @explorer.exe (WlanGetFilterList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B7F9C)[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B4188)[Address] EAT @explorer.exe (WlanGetNetworkBssList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B5268)[Address] EAT @explorer.exe (WlanGetProfile) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B6A20)[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B7B1C)[Address] EAT @explorer.exe (WlanGetProfileList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B7404)[Address] EAT @explorer.exe (WlanGetSecuritySettings) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B8D88)[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B935C)[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B9418)[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B99D8)[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B94D4)[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26BA020)[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B9B50)[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B9A94)[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B9744)[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B9D78)[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B91EC)[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B92A4)[Address] EAT @explorer.exe (WlanIhvControl) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B4A00)[Address] EAT @explorer.exe (WlanOpenHandle) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B1960)[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B3EE8)[Address] EAT @explorer.exe (WlanQueryInterface) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B4668)[Address] EAT @explorer.exe (WlanReasonCodeToString) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B8A54)[Address] EAT @explorer.exe (WlanRegisterNotification) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B5A08)[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26BA358)[Address] EAT @explorer.exe (WlanRenameProfile) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B6F4C)[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B87D0)[Address] EAT @explorer.exe (WlanScan) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B4D40)[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B3D10)[Address] EAT @explorer.exe (WlanSetFilterList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B7DCC)[Address] EAT @explorer.exe (WlanSetInterface) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B4470)[Address] EAT @explorer.exe (WlanSetProfile) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B6760)[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B78A4)[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B5CC4)[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B5F9C)[Address] EAT @explorer.exe (WlanSetProfileList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B71A8)[Address] EAT @explorer.exe (WlanSetProfilePosition) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B7644)[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B81B0)[Address] EAT @explorer.exe (WlanSetSecuritySettings) : rasadhlp.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF26B8B58) ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS725032A9A364 ATA Device +++++--- User ---[MBR] d636b1b6bffc84fc6efef37ef5fb1866[bSP] 00cd1d38cab97eb7f15bc4240e0cd6b0 : Windows Vista/7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 291170 MB2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 596725760 | Size: 13770 MB3 - [XXXXXX] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 624928500 | Size: 101 MBUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_04122014_143156.txt >> Addition.txt
  2. Hi, Every time Malwarebytes is running a scan, my computer shuts itself down a few minutes in. I'm running the software in safe mode with networking. Can anybody help? Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.