Infected comp i think?

[hahaidontseeu]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014

Ran by Crystal & Vincent at 2014-04-14 22:26:22

Running from C:\Users\Crystal & Vincent\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)

5o0Coupoons (HKLM-x32\...\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}) (Version:  - 50Coupones) <==== ATTENTION

Á÷Á¿±¦Á÷Á¿°æ 2.2.406.1 (HKLM-x32\...\{EB828FBE-0EFE-4D60-8D82-4427F2740E84}_is1) (Version: 2.2.406.1 - liuliangbao.cn)

Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)

Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)

Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)

Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)

Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)

Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)

Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )

ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.2.4 - ASUSTek COMPUTER INC.)

ASUS GPU Tweak (x32 Version: 2.4.2.4 - ASUSTek COMPUTER INC.) Hidden

ASUS Product Register Program (HKLM-x32\...\{9D29D67C-315D-46A1-A3A9-3CAF24871578}) (Version: 1.0.022 - ASUSTek Computer Inc.)

Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version:  - )

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)

BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )

BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )

Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)

DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)

Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)

DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.12.4 - Uniblue Systems Ltd)

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Free Mouse Auto Clicker 3.2 (HKLM-x32\...\{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)

Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)

Freemake Video Converter version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)

Fun2SAve (HKLM-x32\...\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}) (Version:  - FuN2Save) <==== ATTENTION

GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)

HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)

Intel® Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)

Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden

iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden

LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.6 - www.leaguereplays.com)

ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)

MapleStory (HKLM-x32\...\MapleStory) (Version:  - )

MapleStory (HKLM-x32\...\Steam App 216150) (Version:  - Nexon)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

Network Acceleration (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{2384af53}) (Version:  - Jingo Ltd) <==== ATTENTION

NetworkGenie (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - MSI)

Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )

NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)

NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 1.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)

NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden

NVIDIA Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 10.10.5 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.12 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION

Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)

OutfoxTV (HKLM-x32\...\OutfoxTV) (Version:  - OutfoxTV)

Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)

PCHealthBoost 3.0.5 (HKLM-x32\...\PCHealthBoost) (Version: 3.0.5 - Boost Software Inc.)

Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)

RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)

Renegade X (HKLM-x32\...\UDK-4fc3a6b6-3d0e-4dce-b127-8e60191e2b1e) (Version: Open Beta 1 - Totem Arts)

RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)

SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden

Skype Launcher (HKLM-x32\...\{82799854-39DF-4EC3-8778-918CE0C81A3F}_is1) (Version: 1.6.5 - binaerkombinat)

Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

VzDownloadManager (HKCU\...\VzDownloadManager) (Version: 2.0.0.2 - Verizon)

Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )

Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )

WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

Wise Care 365 2.96 (HKLM-x32\...\Wise Care 365_is1) (Version: 2.96 - WiseCleaner.com, Inc.)

 

==================== Restore Points  =========================

 

14-04-2014 05:42:29 Removed Adobe Download Assistant

14-04-2014 05:58:48 DriverScanner - 4/14/2014 1:58:48 AM

14-04-2014 17:45:59 Removed Microsoft Silverlight

14-04-2014 20:32:20 Installed QuickTime 7

14-04-2014 20:35:32 Removed Microsoft Office Word Viewer 2003

14-04-2014 20:42:41 Removed Compatibility Pack for the 2007 Office system

14-04-2014 20:43:48 Installed Microsoft Office Professional Plus 2013

14-04-2014 20:44:18 PROPLUS

14-04-2014 20:46:59 Installed Microsoft Office Professional Plus 2013

14-04-2014 20:47:20 PROPLUS

14-04-2014 20:51:01 Installed Microsoft Fix it 50450

14-04-2014 20:52:20 Installed Microsoft Fix it 50154

14-04-2014 21:55:35 Installed QuickTime 7

15-04-2014 02:03:49 Restore Operation

 

==================== Hosts content: ==========================

 

2009-07-13 22:34 - 2014-01-10 06:10 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0A9B18D5-C46E-4037-BCB8-1FA876301E46} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1344894409-2498636022-456537335-1000Core => C:\Users\Crystal & Vincent\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: {0B162FA8-5153-40DC-B913-E2627633D2C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {158EE501-76C0-4743-9D38-34720A8344AF} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

Task: {21780713-47E8-4E95-807D-0D39746E6C68} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe

Task: {462CF32A-8DA4-4ADC-9368-6B1CD83D7329} - System32\Tasks\bench-Updater removing

Task: {4AC92754-13D5-453E-8CA0-618238F08A5B} - System32\Tasks\{506EC95F-1104-4F73-8651-D12789F4E937} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)

Task: {4C942FBB-C6BB-408E-8D9C-3A0ABDC9AC3C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1344894409-2498636022-456537335-1000UA => C:\Users\Crystal & Vincent\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: {6404BFBE-D3DE-4B54-92DD-4B3A2C2801A0} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Task: {6B199DD3-727C-463E-9008-D1BF314A2193} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe [2014-01-04] ()

Task: {714F91DA-8622-455E-8F58-EF941821F958} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe

Task: {81885F79-FF9F-4762-A7F2-BCEF315C85D6} - System32\Tasks\ASC7_SkipUac_Crystal & Vincent => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

Task: {98ACC8B6-8036-4BDF-854E-C3C948E74733} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

Task: {A107F1AE-413D-4F84-AF8A-C9D8EE5413FF} - System32\Tasks\Shut Down

Task: {A642E2FD-2753-4580-A82D-1D269F2634F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)

Task: {B2C3D19A-7BEE-476B-BAD9-B6C3E7FB32A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)

Task: {BBF79098-D894-462F-A13D-549A9DB94691} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)

Task: {D31117BE-B054-4810-998A-6757CA90698B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-06-21] (ASUSTek Computer Inc.)

Task: {DBAF94BF-0685-4E0B-BF83-4E1840967BC5} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

Task: {EA0FD540-75C4-4EA9-AA41-55BC1CE1623D} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2013-12-20] () <==== ATTENTION

Task: {F594D4AA-195B-4FAF-A9DF-333BFCC23845} - System32\Tasks\RtlNetworkGenieVistaStart => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2012-11-29] (Realtek Semiconductor)

Task: {FC238F1A-B6A1-461F-8F91-BA46423E532C} - System32\Tasks\{347F144E-3F19-463F-B496-3E8E0E9F29F9} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION

Task: C:\Windows\Tasks\bench-Updater removing.job => ?

Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe

Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1344894409-2498636022-456537335-1000Core.job => C:\Users\Crystal & Vincent\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1344894409-2498636022-456537335-1000UA.job => C:\Users\Crystal & Vincent\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\PCHB_Crystal & Vincent_PCHealthBoost_RS_DailyTask.job => C:\Program Files (x86)\PC HealthBoost\PCHealthBoost.exe

Task: C:\Windows\Tasks\RtlNetworkGenieVistaStart.job => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe

Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe

Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-12-28 19:30 - 2013-12-28 19:30 - 04206080 _____ () C:\ProgramData\Network Acceleration\NetworkAcceleration_x64.dll

2014-04-12 17:08 - 2014-04-12 17:08 - 02681648 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll

2013-12-03 06:29 - 2013-12-19 14:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe

2013-02-13 11:35 - 2013-02-13 11:35 - 00180200 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe

2013-02-13 11:35 - 2013-02-13 11:35 - 00060392 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll

2013-12-17 21:14 - 2013-12-17 21:14 - 00033824 _____ () C:\Program Files\pcreg\pcreg.exe

2013-12-05 15:24 - 2014-03-04 00:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-04-14 22:16 - 2014-04-14 22:16 - 00075888 _____ () C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{108F2D58-D072-4CC9-A139-2DB72A5F9F7C}\offreg.dll

2014-02-28 23:51 - 2014-01-25 10:24 - 04021760 _____ () C:\{$1284-9213-2940-1289$}\comhost.exe

2013-05-07 11:26 - 2013-05-07 11:26 - 01302080 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

2013-12-03 09:46 - 2014-03-29 22:08 - 05329400 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe

2013-12-03 12:26 - 2013-12-03 12:26 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe

2013-12-03 12:50 - 2014-04-03 15:40 - 16510456 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\League of Legends.exe

2013-12-28 19:30 - 2013-12-28 19:30 - 04268032 _____ () C:\ProgramData\Network Acceleration\NetworkAcceleration.dll

2014-04-12 17:08 - 2014-04-12 17:08 - 02961368 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll

2013-12-28 19:30 - 2013-12-28 19:30 - 00178512 _____ () C:\ProgramData\Network Acceleration\NetworkAccelerationSvc.dll

2014-04-12 17:08 - 2014-04-12 17:08 - 00186496 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll

2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-12-03 06:14 - 2013-05-16 19:06 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2013-12-03 09:46 - 2014-03-29 22:08 - 00264696 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\RiotLauncher.dll

2013-12-06 12:54 - 2013-12-03 22:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll

2013-12-06 12:54 - 2013-12-03 22:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll

2013-12-06 12:54 - 2013-12-03 22:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll

2013-12-06 12:54 - 2013-12-03 22:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

2013-12-06 12:54 - 2013-12-03 22:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

2013-12-03 12:50 - 2014-04-03 15:41 - 01494520 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.17\deploy\RiotLauncher.dll

2013-12-03 12:50 - 2014-03-29 22:08 - 00380408 _____ () C:\Riot Games\League of Legends\RADS\RiotRadsIO.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}

AlternateDataStreams: C:\ProgramData\TEMP:0A8E2C33

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

AlternateDataStreams: C:\Users\Crystal & Vincent\MediaFire:mf_x

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

 

==================== Disabled items from MSCONFIG ==============

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Crystal & Vincent^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall\raidcall.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Universal Serial Bus (USB) Controller

Description: Universal Serial Bus (USB) Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (04/14/2014 10:25:03 PM) (Source: Windows Search Service) (User: )

Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

 

Error: (04/14/2014 10:25:03 PM) (Source: Windows Search Service) (User: )

Description: The Windows Search Service cannot open the Jet property store.

 

 

Details:

0x%08x (0x8004117f - The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT : 0x8004117f))

 

Error: (04/14/2014 10:25:03 PM) (Source: ESENT) (User: )

Description: Windows (2540) Windows: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

 

Error: (04/14/2014 10:25:03 PM) (Source: ESENT) (User: )

Description: Windows (2540) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" failed with system error 5 (0x00000005): "Access is denied. ".  The move file operation will fail with error -1032 (0xfffffbf8).

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service) (User: )

Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0xc0041800, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service) (User: )

Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

 

 

Details:

The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service) (User: )

Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

 

 

Details:

The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service) (User: )

Description: The Windows Search Service cannot open the Jet property store.

 

 

Details:

0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

 

Error: (04/14/2014 10:24:38 PM) (Source: ESENT) (User: )

Description: Windows (5384) Windows: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1811.

 

Error: (04/14/2014 10:24:38 PM) (Source: ESENT) (User: )

Description: Windows (5384) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" failed with system error 2 (0x00000002): "The system cannot find the file specified. ".  The move file operation will fail with error -1811 (0xfffff8ed).

 

 

System errors:

=============

Error: (04/14/2014 10:25:03 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated unexpectedly.  It has done this 14 time(s).

 

Error: (04/14/2014 10:25:03 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated with service-specific error %%-2147217025.

 

Error: (04/14/2014 10:24:39 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated unexpectedly.  It has done this 13 time(s).

 

Error: (04/14/2014 10:24:39 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated with service-specific error %%-1073473536.

 

Error: (04/14/2014 10:23:51 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated unexpectedly.  It has done this 12 time(s).

 

Error: (04/14/2014 10:23:51 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated with service-specific error %%-2147217025.

 

Error: (04/14/2014 10:23:30 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated unexpectedly.  It has done this 11 time(s).

 

Error: (04/14/2014 10:23:30 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated with service-specific error %%-1073473536.

 

Error: (04/14/2014 10:22:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.169.2328.0).

 

Error: (04/14/2014 10:21:47 PM) (Source: Service Control Manager) (User: )

Description: The Windows Search service terminated unexpectedly.  It has done this 10 time(s).

 

 

Microsoft Office Sessions:

=========================

Error: (04/14/2014 10:25:03 PM) (Source: Windows Search Service)(User: )

Description: 40x8004117fFailed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

 

Error: (04/14/2014 10:25:03 PM) (Source: Windows Search Service)(User: )

Description: 

Details:

0x%08x (0x8004117f - The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT : 0x8004117f))

 

Error: (04/14/2014 10:25:03 PM) (Source: ESENT)(User: )

Description: Windows2540Windows: -1032

 

Error: (04/14/2014 10:25:03 PM) (Source: ESENT)(User: )

Description: Windows2540Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.logC:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service)(User: )

Description: 40xc0041800Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service)(User: )

Description: 

Details:

The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

The catalog is corrupt

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service)(User: )

Description: 

Details:

The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

4700

 

Error: (04/14/2014 10:24:38 PM) (Source: Windows Search Service)(User: )

Description: 

Details:

0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

 

Error: (04/14/2014 10:24:38 PM) (Source: ESENT)(User: )

Description: Windows5384Windows: -1811

 

Error: (04/14/2014 10:24:38 PM) (Source: ESENT)(User: )

Description: Windows5384Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.logC:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log-1811 (0xfffff8ed)2 (0x00000002)The system cannot find the file specified.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 52%

Total physical RAM: 8136.05 MB

Available physical RAM: 3891.94 MB

Total Pagefile: 16270.29 MB

Available Pagefile: 11077.68 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:931.41 GB) (Free:669.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9D70507E)

Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[Psychotic]

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

• First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
• Perform everything in the correct order. Sometimes one step requires the previous one.
• If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
• Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
• Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
• Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
• My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
Please post up the FRST.txt as well.
Also, do the following:
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

• Execute TDSSKiller.exe by doubleclicking on it.
• Press Start Scan
  
• If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  
• Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt
  

Please attach this file to your next reply.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!