Jump to content

freakstyle

Honorary Members
  • Posts

    58
  • Joined

  • Last visited

Reputation

0 Neutral
  1. You can close it as of the moment. I'll PM you back when im ready. I'm having issues.
  2. ok. please dont close this topic. as of the moment im having a hard time of finding my flashdrive.
  3. yes I ran fixdamage and yes I rebooted MiniToolBox by Farbar Version: 06-07-2014Ran by asus (administrator) on 19-07-2014 at 12:37:05Running from "C:\Users\asus\Downloads"Microsoft Windows 7 Ultimate Service Pack 1 (X64)Boot Mode: Normal*************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled.No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset.========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Connected)VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected) # ----------------------------------# IPv4 Configuration# ----------------------------------pushd interface ipv4 resetset global icmpredirects=enabledadd address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0 popd# End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : asus-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : domain.name Ethernet adapter Local Area Connection* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter #2 Physical Address. . . . . . . . . : 00-FF-71-33-12-CC DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter Physical Address. . . . . . . . . : 00-FF-E3-F8-EC-DC DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) Physical Address. . . . . . . . . : 74-2F-68-A0-54-21 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : domain.name Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter Physical Address. . . . . . . . . : 74-2F-68-9F-B9-C9 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::bc17:7caf:a59e:2c1a%12(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Saturday, July 19, 2014 12:32:30 PM Lease Expires . . . . . . . . . . : Sunday, July 20, 2014 12:32:30 PM Default Gateway . . . . . . . . . : fe80::9261:cff:fe19:823d%12 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 309604200 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-08-B5-42-50-46-5D-E7-0F-90 DNS Servers . . . . . . . . . . . : 8.8.8.8 8.8.4.4 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller Physical Address. . . . . . . . . : 50-46-5D-E7-0F-90 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter VirtualBox Host-Only Network: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter Physical Address. . . . . . . . . : 08-00-27-00-80-D5 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::6854:9ccb:178a:7a54%18(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 638058535 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-08-B5-42-50-46-5D-E7-0F-90 DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.{2DE387AB-5002-4B7B-9E5F-E6379D2A5211}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.domain.name: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : domain.name Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{E3F8ECDC-7CB3-443B-822C-F521EC1CCEF6}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Teredo Tunneling Pseudo-Interface: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{7D5E7FC1-3AC5-4FF8-B022-9445B871EA1F}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{713312CC-7852-4F17-9C7F-4B1400CDC434}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{FDC214AC-C951-4BC8-BC41-140DF442D7C1}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : YesServer: google-public-dns-a.google.comAddress: 8.8.8.8 Name: google.comAddresses: 2404:6800:4004:800::1006 173.194.126.163 173.194.126.168 173.194.126.165 173.194.126.167 173.194.126.169 173.194.126.160 173.194.126.174 173.194.126.161 173.194.126.162 173.194.126.166 173.194.126.164 Pinging google.com [173.194.38.78] with 32 bytes of data:Request timed out.Request timed out. Ping statistics for 173.194.38.78: Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),DNS request timed out. timeout was 2 seconds.Server: UnKnownAddress: 8.8.8.8 Name: yahoo.comAddresses: 98.139.183.24 98.138.253.109 206.190.36.45 Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=432ms TTL=50Reply from 98.139.183.24: bytes=32 time=1306ms TTL=50 Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 432ms, Maximum = 1306ms, Average = 869ms Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List 17...00 ff 71 33 12 cc ......Anchorfree HSS VPN Adapter #2 16...00 ff e3 f8 ec dc ......Anchorfree HSS VPN Adapter 13...74 2f 68 a0 54 21 ......Bluetooth Device (Personal Area Network) 12...74 2f 68 9f b9 c9 ......Atheros AR9002WB-1NG Wireless Network Adapter 11...50 46 5d e7 0f 90 ......Realtek PCIe GBE Family Controller 18...08 00 27 00 80 d5 ......VirtualBox Host-Only Ethernet Adapter 1...........................Software Loopback Interface 1 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6=========================================================================== IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.8 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 169.254.0.0 255.255.0.0 On-link 192.168.56.1 30 169.254.255.255 255.255.255.255 On-link 192.168.56.1 276 192.168.1.0 255.255.255.0 On-link 192.168.1.8 281 192.168.1.8 255.255.255.255 On-link 192.168.1.8 281 192.168.1.255 255.255.255.255 On-link 192.168.1.8 281 192.168.56.0 255.255.255.0 On-link 192.168.56.1 276 192.168.56.1 255.255.255.255 On-link 192.168.56.1 276 192.168.56.255 255.255.255.255 On-link 192.168.56.1 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.56.1 276 224.0.0.0 240.0.0.0 On-link 192.168.1.8 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.56.1 276 255.255.255.255 255.255.255.255 On-link 192.168.1.8 281===========================================================================Persistent Routes: None IPv6 Route Table===========================================================================Active Routes: If Metric Network Destination Gateway 12 281 ::/0 fe80::9261:cff:fe19:823d 1 306 ::1/128 On-link 18 276 fe80::/64 On-link 12 281 fe80::/64 On-link 18 276 fe80::6854:9ccb:178a:7a54/128 On-link 12 281 fe80::bc17:7caf:a59e:2c1a/128 On-link 1 306 ff00::/8 On-link 18 276 ff00::/8 On-link 12 281 ff00::/8 On-link===========================================================================Persistent Routes: None========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors:==================Error: (07/19/2014 00:34:05 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/19/2014 00:32:47 PM) (Source: Winlogon) (User: )Description: Windows license activation failed. Error 0x80070005. Error: (07/18/2014 09:06:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/18/2014 08:41:39 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/18/2014 08:40:19 PM) (Source: Winlogon) (User: )Description: Windows license activation failed. Error 0x80070005. Error: (07/18/2014 08:25:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: This network connection does not exist. . Error: (07/18/2014 08:25:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/18/2014 05:43:23 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/18/2014 05:41:56 PM) (Source: Winlogon) (User: )Description: Windows license activation failed. Error 0x80070005. Error: (07/18/2014 04:00:55 PM) (Source: Microsoft-Windows-CAPI2) (User: )Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). System errors:=============Error: (07/18/2014 09:00:31 PM) (Source: Service Control Manager) (User: )Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (07/18/2014 09:00:31 PM) (Source: Service Control Manager) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (07/18/2014 05:53:21 PM) (Source: DCOM) (User: )Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (07/18/2014 05:41:43 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 5:39:22 PM on ‎7/‎18/‎2014 was unexpected. Error: (07/18/2014 03:58:35 PM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)Description: The event logging service encountered an error (res=32) while initializing logging resources for channel Microsoft-Windows-LanguagePackSetup/Operational. Error: (07/17/2014 08:27:08 PM) (Source: DCOM) (User: asus-PC)Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}asus-PCGuestS-1-5-21-1210325367-195732664-3179361299-501LocalHost (Using LRPC) Error: (07/17/2014 00:54:24 PM) (Source: DCOM) (User: )Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service failed to start due to the following error: %%1069 Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (User: )Description: The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (User: )Description: The Human Interface Device Access service failed to start due to the following error: %%1115 Microsoft Office Sessions:=========================Error: (07/19/2014 00:34:05 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/19/2014 00:32:47 PM) (Source: Winlogon)(User: )Description: 0x800700050x00000000 Error: (07/18/2014 09:06:35 PM) (Source: Microsoft-Windows-CAPI2)(User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/18/2014 08:41:39 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/18/2014 08:40:19 PM) (Source: Winlogon)(User: )Description: 0x800700050x00000000 Error: (07/18/2014 08:25:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crtThis network connection does not exist. Error: (07/18/2014 08:25:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/18/2014 05:43:23 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/18/2014 05:41:56 PM) (Source: Winlogon)(User: )Description: 0x800700050x00000000 Error: (07/18/2014 04:00:55 PM) (Source: Microsoft-Windows-CAPI2)(User: )Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) CodeIntegrity Errors:=================================== Date: 2014-07-10 19:20:57.012 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-10 19:20:56.996 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. =========================== Installed Programs ============================µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.)Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) HiddenAdobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) HiddenAdobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) HiddenAdobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) HiddenAdobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) HiddenAdobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) HiddenAdobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) HiddenAdobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) HiddenAdobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) HiddenAdobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) HiddenAdobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) HiddenAdobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenAdvertising Center (x32 Version: 0.0.0.1 - Nero AG) HiddenAsmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.)CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Common (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - EN (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 - WT (x32 Version: 15.1 - Corel Corporation) HiddenCorelDRAW Graphics Suite X5 (x32 Version: 15.2 - Corel Corporation) HiddenCorelDRAW® Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.661 - Corel Corporation)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)CyberLink YouCam 5 (x32 Version: 5.0.0909 - CyberLink Corp.) HiddenDolbyFiles (x32 Version: 0.1 - Nero AG) HiddenDota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) HiddenGreenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)ImagXpress (x32 Version: 7.0.74.0 - Nero AG) HiddenIntel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)K-Lite Mega Codec Pack 10.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - )Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) HiddenMicrosoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) HiddenMicrosoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) HiddenMozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) HiddenNero 9 Essentials (HKLM-x32\...\{1d54a3c6-3b28-4cbc-bec7-cd67fe438563}) (Version: - Nero AG)Nero BurnRights (x32 Version: 3.4.11.100 - Nero AG) HiddenNero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) HiddenNero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) HiddenNero CoverDesigner (x32 Version: 4.4.9.100 - Nero AG) HiddenNero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) HiddenNero DiscSpeed (x32 Version: 5.4.11.100 - Nero AG) HiddenNero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) HiddenNero DriveSpeed (x32 Version: 4.4.11.100 - Nero AG) HiddenNero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) HiddenNero Express Help (x32 Version: 9.6.2.101 - Nero AG) HiddenNero InfoTool (x32 Version: 6.4.11.100 - Nero AG) HiddenNero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) HiddenNero Installer (x32 Version: 4.4.9.0 - Nero AG) HiddenNero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) HiddenNero ShowTime (x32 Version: 5.4.0.100 - Nero AG) HiddenNero ShowTime (x32 Version: 5.4.13.100 - Nero AG) HiddenNero StartSmart (x32 Version: 9.4.12.100 - Nero AG) HiddenNero StartSmart Help (x32 Version: 9.4.12.100 - Nero AG) HiddenNero Vision (x32 Version: 6.4.12.100 - Nero AG) HiddenNero Vision Help (x32 Version: 6.4.8.100 - Nero AG) HiddenNeroExpress (x32 Version: 9.4.17.100 - Nero AG) Hiddenneroxml (x32 Version: 1.0.0 - Nero AG) HiddenNotepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) HiddenNVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) HiddenNVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) HiddenNVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) HiddenOracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) HiddenproDAD Mercalli 3.0 (64bit) (HKLM\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd)RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.)Samsung Kies (x32 Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.) HiddenSAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.5.0 - SAMSUNG Electronics Co., Ltd.)Skype™ 6.7 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.)Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.1 - Synaptics Incorporated)System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)TP-LINK Wireless Client Utility (HKLM-x32\...\{C1EB6825-9339-4B18-99B0-C455B2288FF9}) (Version: 1.00.4323 - TP-LINK TECHNOLOGIES CO., LTD.)USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab)Vegas Pro 10.0 (64-bit) (HKLM\...\{C616FD4F-11F5-11E0-A38F-0013D3D69929}) (Version: 10.0.470 - Sony)VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)Visual Basic for Applications ® Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) HiddenVisual Basic for Applications ® Core (x32 Version: 6.4.99.69 - Microsoft Corporation) HiddenVLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)WinRAR 5.10 beta 3 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH)Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)YTD Video Downloader 4.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.4 - GreenTree Applications SRL) ========================= Devices: ================================ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ========================= Memory info: =================================== Percentage of memory in use: 48%Total physical RAM: 6054.63 MBAvailable physical RAM: 3118.67 MBTotal Pagefile: 12107.46 MBAvailable Pagefile: 8760.46 MBTotal Virtual: 4095.88 MBAvailable Virtual: 3976.32 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:195.21 GB) (Free:48.43 GB) NTFS2 Drive d: () (Fixed) (Total:270.45 GB) (Free:182.01 GB) NTFS ========================= Users: ======================================== User accounts for \\ASUS-PC Administrator asus Guest UpdatusUser ========================= Minidump Files ================================== No minidump file found **** End of log ****
  4. no rootkits detected: Malwarebytes Anti-Rootkit BETA 1.07.0.1012www.malwarebytes.org Database version: v2014.07.18.04 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514asus :: ASUS-PC [administrator] 7/18/2014 8:19:21 PMmbar-log-2014-07-18 (20-19-21).txt Scan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled: Objects scanned: 371589Time elapsed: 12 minute(s), 13 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) Physical Sectors Detected: 0(No malicious items detected) (end) ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1012 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 8.0.7601.17514 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXEDCPU speed: 2.195000 GHzMemory total: 6348742656, free: 3530526720 Downloaded database version: v2014.07.18.04Downloaded database version: v2014.07.17.01=======================================Initializing...Done!Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...Done!Drive 0This is a System driveScanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: F5BE972F Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 409395200 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 409602048 Numsec = 567169024 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...Done!Scan finished======================================= Removal queue found; removal startedRemoving C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...Removal finished
  5. but I always use the most updated java. I wont install java just yet. aaand. Taskmanager and Regedit is still disabled. it still only works every scan of combofix. but comes back to being disabled after every reboot.
  6. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01 Ran by asus at 2014-07-17 12:46:22 Running from C:\Users\asus\Documents Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.) Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated) Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.) CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW® Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.661 - Corel Corporation) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.) CyberLink YouCam 5 (x32 Version: 5.0.0909 - CyberLink Corp.) Hidden DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation) K-Lite Mega Codec Pack 10.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - ) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden Nero 9 Essentials (HKLM-x32\...\{1d54a3c6-3b28-4cbc-bec7-cd67fe438563}) (Version: - Nero AG) Nero BurnRights (x32 Version: 3.4.11.100 - Nero AG) Hidden Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden Nero CoverDesigner (x32 Version: 4.4.9.100 - Nero AG) Hidden Nero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) Hidden Nero DiscSpeed (x32 Version: 5.4.11.100 - Nero AG) Hidden Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden Nero DriveSpeed (x32 Version: 4.4.11.100 - Nero AG) Hidden Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden Nero Express Help (x32 Version: 9.6.2.101 - Nero AG) Hidden Nero InfoTool (x32 Version: 6.4.11.100 - Nero AG) Hidden Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden Nero ShowTime (x32 Version: 5.4.0.100 - Nero AG) Hidden Nero ShowTime (x32 Version: 5.4.13.100 - Nero AG) Hidden Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden Nero StartSmart Help (x32 Version: 9.4.12.100 - Nero AG) Hidden Nero Vision (x32 Version: 6.4.12.100 - Nero AG) Hidden Nero Vision Help (x32 Version: 6.4.8.100 - Nero AG) Hidden NeroExpress (x32 Version: 9.4.17.100 - Nero AG) Hidden neroxml (x32 Version: 1.0.0 - Nero AG) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team) NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation) NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden proDAD Mercalli 3.0 (64bit) (HKLM\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.) Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd) RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.5.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 6.7 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.) Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.1 - Synaptics Incorporated) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer) TP-LINK Wireless Client Utility (HKLM-x32\...\{C1EB6825-9339-4B18-99B0-C455B2288FF9}) (Version: 1.00.4323 - TP-LINK TECHNOLOGIES CO., LTD.) USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab) Vegas Pro 10.0 (64-bit) (HKLM\...\{C616FD4F-11F5-11E0-A38F-0013D3D69929}) (Version: 10.0.470 - Sony) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Visual Basic for Applications ® Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden Visual Basic for Applications ® Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 5.10 beta 3 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) YTD Video Downloader 4.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.4 - GreenTree Applications SRL) ==================== Restore Points ========================= 06-07-2014 04:57:32 Installed DirectX 09-07-2014 23:57:38 Windows Update 13-07-2014 03:27:35 Removed BlueStacks Notification Center 13-07-2014 03:27:54 Removed BlueStacks Notification Center 13-07-2014 09:06:20 Windows Update 15-07-2014 09:26:26 Removed BlueStacks Notification Center 15-07-2014 09:45:51 Installed BlueStacks App Player 15-07-2014 10:17:23 Removed BlueStacks App Player 16-07-2014 08:13:25 Removed Java 7 Update 55 ==================== Hosts content: ========================== 2009-07-14 10:34 - 2014-07-10 19:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {DE58F856-F4A7-4F4A-9625-A9BBB0CC21D0} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {EEB2D0C5-1880-469D-B779-A670B1146D6C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-18] (Piriform Ltd) ==================== Loaded Modules (whitelisted) ============= 2014-05-17 15:40 - 2013-11-11 23:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-05-12 17:49 - 2014-05-12 17:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2014-05-17 14:16 - 2011-03-04 17:40 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll 2014-05-17 14:13 - 2011-10-22 00:49 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-05-20 18:22 - 2014-06-27 22:47 - 00598072 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyHelper.exe 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-05-20 18:22 - 2014-06-27 22:47 - 36966968 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\libcef.dll 2014-06-03 18:39 - 2011-02-04 08:47 - 00522752 _____ () C:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\sqlite3.dll 2014-05-17 15:46 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 00716616 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 00126280 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 04217672 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 00414536 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-13 11:22 - 2014-06-05 21:58 - 01732424 _____ () C:\Users\asus\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00212992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\dot1x_dll.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00045056 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWLAN.dll 2014-05-20 18:22 - 2014-06-27 22:47 - 00886840 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\libglesv2.dll 2014-05-20 18:22 - 2014-06-27 22:46 - 00108600 _____ () C:\Users\asus\AppData\Roaming\Spotify\Data\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/17/2014 00:46:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/17/2014 00:46:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/17/2014 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/17/2014 00:42:15 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/17/2014 00:38:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/17/2014 00:25:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt> with error: 12029 (0x2efd). Error: (07/17/2014 11:24:52 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/17/2014 11:23:22 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/16/2014 09:06:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/16/2014 09:05:58 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. System errors: ============= Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Network List Service service failed to start due to the following error: %%1069 Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Human Interface Device Access service failed to start due to the following error: %%1115 Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Portable Device Enumerator Service service failed to start due to the following error: %%1115 Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Diagnostic Service Host service failed to start due to the following error: %%1069 Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (07/17/2014 00:41:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Server service terminated with the following error: %%13 Error: (07/17/2014 00:41:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Network List Service service failed to start due to the following error: %%1069 Error: (07/17/2014 00:41:04 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: %%1352 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (07/17/2014 00:41:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: %%1069 Microsoft Office Sessions: ========================= Error: (07/17/2014 00:46:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/17/2014 00:46:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/17/2014 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/17/2014 00:42:15 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/17/2014 00:38:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/17/2014 00:25:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8F43288AD272F3103B6FB1428485EA3014C0BCFE.crt12029 (0x2efd) Error: (07/17/2014 11:24:52 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/17/2014 11:23:22 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/16/2014 09:06:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/16/2014 09:05:58 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 CodeIntegrity Errors: =================================== Date: 2014-07-10 19:20:57.012 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-10 19:20:56.996 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 49% Total physical RAM: 6054.63 MB Available physical RAM: 3041.48 MB Total Pagefile: 12107.46 MB Available Pagefile: 8721.52 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:195.21 GB) (Free:48.69 GB) NTFS Drive d: () (Fixed) (Total:270.45 GB) (Free:182.01 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F5BE972F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=270 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  7. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01 Ran by asus (administrator) on ASUS-PC on 17-07-2014 12:45:02 Running from C:\Users\asus\Documents Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (Spotify Ltd) C:\Users\asus\AppData\Roaming\Spotify\spotify.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Spotify Ltd) C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (PhrozenSoft) C:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (TP-LINK TECHNOLOGIES CO., LTD.) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe () C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Google Inc.) C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-04] (Synaptics Incorporated) HKLM\...\Run: [synAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-03-04] (Synaptics Incorporated) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [uSB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [687336 2013-06-20] (Zbshareware Lab) HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [247016 2011-09-09] (CyberLink Corp.) HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [ZDWlan.EXE] => C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE [491520 2009-01-14] (TP-LINK TECHNOLOGIES CO., LTD.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-11] (Elaborate Bytes AG) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [spotify] => C:\Users\asus\AppData\Roaming\Spotify\Spotify.exe [6189624 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [spotify Web Helper] => C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [Phrozen Mon_KP] => C:\Users\asus\AppData\Roaming\PhrozenSoft\PKLL\pkllagent.exe [3282952 2013-09-14] (PhrozenSoft) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [GoogleChromeAutoLaunch_3C776F0E4C9D4C175BD7848BC811E09D] => C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [spotify] => C:\Users\asus\AppData\Roaming\Spotify\Spotify.exe [6189624 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [spotify Web Helper] => C:\Users\asus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [Phrozen Keylogger Lite] => [X] AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.linkzb.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.linkzb.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{286E8104-AF52-4A20-B140-126F536CB219}: [NameServer]8.8.8.8,8.8.4.4 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\asus\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\asus\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR HomePage: hxxp://google.com/ CHR StartupUrls: "hxxp://www.linkzb.com" CHR Extension: (Google Docs) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-17] CHR Extension: (Google Drive) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-17] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23] CHR Extension: (YouTube) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-17] CHR Extension: (Google Search) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-17] CHR Extension: (Rescroller) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod [2014-05-20] CHR Extension: (MightyText - SMS Text Messaging from Computer) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-05-20] CHR Extension: (AdBlock) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-20] CHR Extension: (Google Keep - notes and lists) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-05-20] CHR Extension: (Web Navigation) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja [2014-05-19] CHR Extension: (Twitch Now) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2014-05-20] CHR Extension: (Google Wallet) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19] CHR Extension: (Gmail) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-17] CHR HKLM-x32\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx [2014-05-17] ==================== Services (Whitelisted) ================= R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed] R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-06-11] (Macrovision Europe Ltd.) [File not signed] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-05-17] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-06] (Atheros Communications, Inc.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [43104 2013-10-10] (IVT Corporation.) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-07] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-07] (Anchorfree Inc.) S3 ZD1211BU(TP-LINK); C:\Windows\System32\DRIVERS\zd1211Bu.sys [602880 2009-01-05] (Atheros Technology Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-17 12:42 - 2014-07-17 12:42 - 00000000 ___RD () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-17 12:42 - 2014-07-17 12:42 - 00000000 ____H () C:\ProgramData\cm-lock 2014-07-16 17:42 - 2014-07-16 17:42 - 00448512 _____ (OldTimer Tools) C:\Users\asus\Downloads\TFC.exe 2014-07-16 17:41 - 2014-07-16 17:41 - 00004454 _____ () C:\JavaRa.log 2014-07-16 17:40 - 2014-07-16 17:40 - 00000000 ____D () C:\Users\asus\Desktop\RemoveJava 2014-07-16 17:39 - 2014-07-16 17:39 - 00165483 _____ () C:\Users\asus\Downloads\JavaRa-1.16-28-5-13.zip 2014-07-16 12:50 - 2014-07-16 12:50 - 00115209 _____ () C:\Users\asus\Desktop\AutoRuns.zip 2014-07-16 12:49 - 2014-07-16 12:49 - 02820792 _____ () C:\Users\asus\Desktop\AutoRuns.arn 2014-07-16 12:42 - 2014-07-16 12:42 - 00591040 _____ (Sysinternals - www.sysinternals.com) C:\Users\asus\Desktop\autoruns.exe 2014-07-16 12:41 - 2014-07-16 12:42 - 00030936 _____ () C:\Users\asus\Documents\Addition.txt 2014-07-16 12:38 - 2014-07-17 12:45 - 00016377 _____ () C:\Users\asus\Documents\FRST.txt 2014-07-15 21:51 - 2014-07-15 21:51 - 00019744 _____ () C:\ComboFix.txt 2014-07-15 21:34 - 2014-07-15 21:34 - 00020271 _____ () C:\Users\asus\Desktop\combofixhahaha.txt 2014-07-15 17:33 - 2014-07-15 17:33 - 00013701 _____ () C:\Users\asus\Downloads\[kickass.to]bluestacks.app.player.0.8.7.3066.android.4.0.4.mod.torrent 2014-07-15 13:01 - 2014-07-15 13:01 - 00064657 _____ () C:\Users\asus\Downloads\[kickass.to]the.woman.2011.bluray.720p.800mb.ganool.torrent 2014-07-15 12:58 - 2014-07-15 12:58 - 00014807 _____ () C:\Users\asus\Downloads\[kickass.to]the.silent.house.2010.dvd.rip.xvid.stb.torrent 2014-07-15 12:41 - 2014-07-15 12:41 - 00153206 _____ () C:\Users\asus\Downloads\[kickass.to]the.innkeepers.2011.ita.eng.bluray.720p.x264.trl.torrent 2014-07-15 12:31 - 2014-07-15 12:31 - 00057106 _____ () C:\Users\asus\Downloads\[kickass.to]the.orphanage.el.orfanato.2007.dvdrip.eng.hard.subs.axxo.torrent 2014-07-15 12:08 - 2014-07-15 12:08 - 00097618 _____ () C:\Users\asus\Downloads\[kickass.to]harry.potter.series.1.7.1080p.bluray.qebs.aac.ps3.mp4.fasm.torrent 2014-07-15 12:07 - 2014-07-15 12:07 - 00000812 _____ () C:\Users\asus\Desktop\µTorrent.lnk 2014-07-15 12:07 - 2014-07-15 12:07 - 00000792 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-07-14 22:12 - 2014-07-14 22:12 - 00086819 _____ () C:\Users\asus\Downloads\[kickass.to]brett.manning.s.singing.success.torrent 2014-07-13 22:20 - 2014-07-13 22:20 - 00002242 _____ () C:\Users\asus\Desktop\aswMBR.txt 2014-07-13 22:20 - 2014-07-13 22:20 - 00000512 _____ () C:\Users\asus\Desktop\MBR.dat 2014-07-13 21:26 - 2014-07-13 21:27 - 05185536 _____ (AVAST Software) C:\Users\asus\Downloads\aswmbr.exe 2014-07-11 13:01 - 2014-07-11 13:02 - 00275608 _____ () C:\Users\asus\Downloads\photo (2).htm 2014-07-11 13:01 - 2014-07-11 13:01 - 00275742 _____ () C:\Users\asus\Downloads\photo (1).htm 2014-07-10 19:13 - 2014-07-15 21:51 - 00000000 ____D () C:\Qoobox 2014-07-10 19:13 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-10 19:13 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-10 19:13 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-10 19:13 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-10 19:13 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-10 19:13 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-10 19:13 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-10 19:13 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-10 19:12 - 2014-07-10 19:23 - 00000000 ____D () C:\Windows\erdnt 2014-07-10 18:08 - 2014-07-15 20:11 - 05220800 ____R (Swearware) C:\Users\asus\Desktop\ComboFix.exe 2014-07-09 19:45 - 2014-07-16 12:37 - 00000000 ____D () C:\Users\asus\Downloads\FRST-OlderVersion 2014-07-09 13:19 - 2014-07-09 13:19 - 02347384 _____ (ESET) C:\Users\asus\Downloads\esetsmartinstaller_enu.exe 2014-07-09 13:19 - 2014-07-09 13:19 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-09 12:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-09 12:37 - 2014-07-09 12:52 - 00000000 ____D () C:\AdwCleaner 2014-07-09 12:36 - 2014-07-09 12:36 - 01348263 _____ () C:\Users\asus\Downloads\AdwCleaner.exe 2014-07-09 12:35 - 2014-07-15 20:40 - 00000000 ____D () C:\Users\asus\Desktop\scans 2014-07-09 12:35 - 2014-07-09 12:35 - 00001756 _____ () C:\Users\asus\Desktop\JRT.txt 2014-07-09 12:23 - 2014-07-09 12:23 - 00000000 ____D () C:\Windows\ERUNT 2014-07-09 12:20 - 2014-07-09 12:21 - 01016261 _____ (Thisisu) C:\Users\asus\Downloads\JRT.exe 2014-07-07 06:18 - 2014-07-07 06:18 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-05 21:29 - 2014-07-05 21:29 - 00000000 ____D () C:\Users\Guest\Documents\My Games 2014-07-05 20:47 - 2014-07-05 20:47 - 00000284 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts.sfl 2014-07-05 20:33 - 2014-07-05 20:47 - 375570432 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts 2014-07-05 20:01 - 2014-07-05 20:01 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\NVIDIA 2014-07-05 19:57 - 2014-07-05 19:57 - 00000028 _____ () C:\Users\Guest\Desktop\SDE.avi.sfl 2014-07-05 19:41 - 2014-07-05 19:41 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\MPC-HC 2014-07-05 19:39 - 2014-07-05 19:39 - 00000036 _____ () C:\Users\Guest\Desktop\Martha SDE.avi.sfl 2014-07-05 17:31 - 2014-07-05 17:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\proDAD_GmbH 2014-07-05 10:16 - 2014-07-05 10:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrashDumps 2014-07-05 09:57 - 2014-07-06 01:05 - 00000158 _____ () C:\Users\Guest\AppData\Roaming\default.rss 2014-07-05 09:56 - 2014-07-05 19:59 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Nero 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Local\Nero 2014-07-05 09:55 - 2014-07-05 20:53 - 00000000 ____D () C:\Users\Guest\Desktop\Martha 2014-07-04 22:28 - 2014-07-04 22:28 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Publish Providers 2014-07-04 22:27 - 2014-07-04 22:27 - 00001062 _____ () C:\Users\Guest\Desktop\Vegas Pro 10.0 (64-bit).lnk 2014-07-04 22:27 - 2014-07-04 22:27 - 00000000 ____D () C:\Users\Guest\AppData\Local\Sony 2014-07-04 21:59 - 2014-07-04 21:59 - 00000000 ____D () C:\Users\asus\Documents\fkl-setup 2014-07-04 21:58 - 2014-07-04 21:58 - 00275888 _____ () C:\Users\asus\Documents\fkl-setup.zip 2014-07-04 12:53 - 2014-07-04 12:53 - 00006730 _____ () C:\Users\asus\Desktop\RKreport_SCN_07042014_125245.log 2014-07-04 12:46 - 2014-07-04 12:46 - 05283416 _____ () C:\Users\asus\Downloads\RogueKillerX64.exe 2014-07-04 12:41 - 2014-07-04 12:41 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-04 12:40 - 2014-07-04 12:41 - 04721240 _____ () C:\Users\asus\Downloads\RogueKiller.exe 2014-07-04 12:16 - 2014-07-04 12:17 - 00031049 _____ () C:\Users\asus\Downloads\Addition.txt 2014-07-04 12:15 - 2014-07-09 20:05 - 00060112 _____ () C:\Users\asus\Downloads\FRST.txt 2014-07-04 12:12 - 2014-07-17 12:45 - 00000000 ____D () C:\FRST 2014-07-04 12:09 - 2014-07-16 12:37 - 02086912 _____ (Farbar) C:\Users\asus\Documents\FRST64.exe 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla 2014-07-03 22:44 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Publish Providers 2014-07-03 22:41 - 2014-07-03 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\ProgramData\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-07-03 22:29 - 2014-07-03 22:40 - 00000000 ____D () C:\Program Files\Sony 2014-07-03 22:20 - 2014-07-03 22:44 - 00002696 _____ () C:\Users\asus\Documents\Register Vegas Pro.htm 2014-07-03 22:15 - 2014-07-03 22:15 - 00000000 ____D () C:\Users\asus\AppData\Local\Sony 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\Users\asus\AppData\Local\proDAD_GmbH 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\ProgramData\proDAD 2014-07-03 22:11 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Sony 2014-07-03 22:10 - 2014-07-03 22:10 - 00001110 _____ () C:\Users\Public\Desktop\Mercalli 3.0.lnk 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Users\asus\AppData\Roaming\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Program Files\proDAD 2014-07-03 22:09 - 2014-07-03 22:22 - 00000000 ____D () C:\Users\asus\Documents\New folder (2) 2014-07-03 22:08 - 2014-07-04 22:28 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Sony 2014-07-03 22:08 - 2014-07-04 11:16 - 00000000 ____D () C:\Users\Guest\Desktop\x64 2014-07-03 22:08 - 2011-01-27 02:57 - 00002844 _____ () C:\Users\Guest\Desktop\INSTRUCTIONS.txt 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\Desktop\proDAD Mercalli 3.0.215.1 Standalone (Win32-64) Serial [ChingLiu] 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR 2014-07-03 22:07 - 2011-01-27 03:01 - 00000000 ____D () C:\Users\Guest\Desktop\x32 2014-07-03 20:39 - 2014-07-05 23:06 - 00000000 ____D () C:\Users\Guest\Documents\Youcam 2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\CyberLink 2014-07-03 20:38 - 2014-07-04 22:27 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Folder 2014-07-03 20:38 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00117592 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-03 20:38 - 2014-07-03 20:38 - 00001443 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00001409 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Zbshareware Lab 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\BMExplorer 2014-07-03 20:37 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest 2014-07-03 20:37 - 2014-07-03 20:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini 2014-07-03 20:37 - 2009-07-14 12:54 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-03 20:37 - 2009-07-14 12:49 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-07-02 11:25 - 2014-07-02 11:25 - 00016500 _____ () C:\Users\asus\Downloads\[kickass.to]super.8.2011.720p.brrip.x264.mp4.multisubs.aac.cc.torrent 2014-06-30 11:43 - 2014-06-30 11:43 - 00013780 _____ () C:\Users\asus\Desktop\com.supercell.clashofclans.cfg - Shortcut.lnk 2014-06-30 07:57 - 2014-06-30 07:57 - 00000000 ____D () C:\Users\asus\AppData\Roaming\NVIDIA 2014-06-29 21:51 - 2014-06-29 21:55 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native_b.exe 2014-06-28 13:00 - 2014-06-28 13:00 - 00056797 _____ () C:\Users\asus\Downloads\[kickass.to]the.haunting.in.connecticut.2.ghosts.of.georgia.2013.french.dvdrip.xvid.tmb.torrent 2014-06-27 20:47 - 2014-06-27 20:47 - 00003467 _____ () C:\Windows\SysWOW64\collectionCache.bnk 2014-06-27 13:21 - 2014-07-10 20:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-06-27 13:21 - 2014-07-10 19:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-06-27 13:21 - 2014-06-27 13:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-06-27 13:00 - 2014-06-27 13:03 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\asus\Downloads\spybot-2.3.exe 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\system32\NV 2014-06-27 07:50 - 2014-06-27 07:50 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-27 07:43 - 2014-06-27 07:46 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\asus\Downloads\TeamSpeak3-Client-win64-3.0.15.exe 2014-06-26 20:43 - 2014-06-26 20:44 - 00002046 _____ () C:\Users\asus\Desktop\OSRS.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002076 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002046 _____ () C:\Users\asus\Desktop\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2014-06-26 20:39 - 2014-06-29 20:11 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-06-26 20:39 - 2014-06-26 20:40 - 23805952 _____ () C:\Users\asus\Downloads\RuneScape (1).msi 2014-06-26 20:28 - 2014-07-13 11:33 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-06-26 20:24 - 2014-06-26 20:28 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native.exe 2014-06-26 19:15 - 2014-06-26 19:16 - 01653168 _____ () C:\Users\asus\Desktop\Orion.exe 2014-06-26 19:13 - 2014-06-30 21:06 - 00000000 ____D () C:\Users\asus\jagexcache 2014-06-26 19:06 - 2014-06-26 19:11 - 00000000 ____D () C:\Users\asus\Orion 2014-06-23 19:35 - 2014-06-23 19:35 - 00002984 _____ () C:\Windows\System32\Tasks\ATKOSD2 2014-06-23 19:35 - 2014-06-23 19:35 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-06-23 19:30 - 2014-06-23 19:30 - 00001250 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-06-23 19:28 - 2014-06-23 19:29 - 01640984 _____ () C:\Users\asus\Downloads\SetupVirtualCloneDrive5470.exe 2014-06-23 15:08 - 2014-06-23 15:08 - 00000290 _____ () C:\Users\asus\Documents\vpn kali.txt 2014-06-23 13:30 - 2014-06-23 13:30 - 10432166 _____ () C:\Users\asus\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.3.10-93012.vbox-extpack 2014-06-23 13:25 - 2014-06-23 13:25 - 00000000 ____D () C:\Users\asus\VirtualBox VMs 2014-06-22 11:05 - 2014-06-22 11:05 - 00025017 _____ () C:\Users\asus\Downloads\[kickass.to]farcry.3.black.box.silvertorrent.torrent 2014-06-21 04:46 - 2014-06-21 04:46 - 00020122 _____ () C:\Users\asus\Downloads\[kickass.to]game.of.thrones.the.complete.season.4.hdtv.torrent 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\Documents\Square Enix 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\AppData\Local\SKIDROW 2014-06-20 11:11 - 2014-06-20 11:11 - 00002088 _____ () C:\Users\Public\Desktop\TP-LINK Wireless Client Utility.lnk 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\Program Files (x86)\TP-LINK 2014-06-20 11:11 - 2009-01-05 14:54 - 00602880 _____ (Atheros Technology Corporation) C:\Windows\system32\Drivers\ZD1211BU.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00499712 _____ (Atheros Technology Corporation) C:\Windows\SysWOW64\ZD11BUME.SYS 2014-06-20 11:11 - 2009-01-05 14:54 - 00499712 _____ (Atheros Technology Corporation) C:\Windows\SysWOW64\ZD11BU98.SYS 2014-06-20 11:11 - 2009-01-05 14:54 - 00081920 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\ZDPN50.DLL 2014-06-20 11:11 - 2009-01-05 14:54 - 00031744 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00031744 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\ZDPSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00029184 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\BRGSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00029184 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\BRGSp50a64.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00028672 _____ () C:\Windows\SysWOW64\InsDrvZD.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00024576 _____ () C:\Windows\SysWOW64\ZyDelReg.exe 2014-06-20 11:11 - 2009-01-05 14:54 - 00020608 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\BRGSp50.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00019524 _____ () C:\Windows\SysWOW64\BRGSp31.VXD 2014-06-20 11:11 - 2009-01-05 14:54 - 00017664 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\Drivers\ZDPSp50.sys 2014-06-20 11:11 - 2009-01-05 14:54 - 00017151 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\ZDPNDIS5.SYS 2014-06-20 11:11 - 2009-01-05 14:54 - 00015941 _____ () C:\Windows\SysWOW64\ZDPNDIS3.VXD 2014-06-20 11:11 - 2009-01-05 14:54 - 00015872 _____ () C:\Windows\SysWOW64\InsDrvZD64.DLL 2014-06-20 11:11 - 2009-01-05 14:54 - 00015872 _____ () C:\Windows\system32\InsDrvZD64.dll 2014-06-20 11:11 - 2009-01-05 14:54 - 00015428 _____ () C:\Windows\SysWOW64\ZDPSp31.VXD 2014-06-20 11:11 - 2007-06-25 20:29 - 00499712 _____ (Atheros Technology Corporation) C:\Windows\SysWOW64\ZD11BU.SYS 2014-06-20 11:10 - 2009-03-18 15:34 - 00000000 ____D () C:\Users\asus\Documents\Win98_ME_2K_XP_X64 2014-06-20 11:10 - 2009-03-18 15:34 - 00000000 ____D () C:\Users\asus\Documents\Vista 2014-06-20 11:09 - 2014-06-20 11:10 - 06876733 _____ () C:\Users\asus\Documents\2009319153528.zip 2014-06-20 11:00 - 2014-06-20 11:00 - 00225888 _____ (NirSoft) C:\Users\asus\Desktop\c.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00090720 _____ (NirSoft) C:\Users\asus\Desktop\f.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00051200 _____ (NirSoft) C:\Users\asus\Desktop\i.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00000136 _____ () C:\Users\asus\Desktop\launch.bat 2014-06-19 14:05 - 2014-06-19 14:11 - 00000000 ____D () C:\Users\asus\Documents\USB files 2014-06-19 13:52 - 2014-06-20 12:11 - 00000000 ____D () C:\Users\asus\Desktop\POW ==================== One Month Modified Files and Folders ======= 2014-07-17 12:45 - 2014-07-16 12:38 - 00016377 _____ () C:\Users\asus\Documents\FRST.txt 2014-07-17 12:45 - 2014-07-04 12:12 - 00000000 ____D () C:\FRST 2014-07-17 12:45 - 2014-05-18 04:37 - 01773819 _____ () C:\Windows\WindowsUpdate.log 2014-07-17 12:43 - 2014-06-01 16:32 - 00000000 ____D () C:\Users\asus\Documents\Youcam 2014-07-17 12:43 - 2014-05-20 18:16 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Spotify 2014-07-17 12:42 - 2014-07-17 12:42 - 00000000 ___RD () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-17 12:42 - 2014-07-17 12:42 - 00000000 ____H () C:\ProgramData\cm-lock 2014-07-17 12:42 - 2014-05-20 09:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-17 12:41 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-17 12:41 - 2009-07-14 12:51 - 00064487 _____ () C:\Windows\setupact.log 2014-07-17 11:47 - 2014-06-03 17:43 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-16 17:51 - 2014-05-17 13:42 - 00000000 ____D () C:\Users\asus 2014-07-16 17:48 - 2014-05-19 18:45 - 00000000 ____D () C:\Users\asus\AppData\Roaming\uTorrent 2014-07-16 17:46 - 2010-11-21 11:47 - 00052016 _____ () C:\Windows\PFRO.log 2014-07-16 17:42 - 2014-07-16 17:42 - 00448512 _____ (OldTimer Tools) C:\Users\asus\Downloads\TFC.exe 2014-07-16 17:41 - 2014-07-16 17:41 - 00004454 _____ () C:\JavaRa.log 2014-07-16 17:40 - 2014-07-16 17:40 - 00000000 ____D () C:\Users\asus\Desktop\RemoveJava 2014-07-16 17:39 - 2014-07-16 17:39 - 00165483 _____ () C:\Users\asus\Downloads\JavaRa-1.16-28-5-13.zip 2014-07-16 12:50 - 2014-07-16 12:50 - 00115209 _____ () C:\Users\asus\Desktop\AutoRuns.zip 2014-07-16 12:49 - 2014-07-16 12:49 - 02820792 _____ () C:\Users\asus\Desktop\AutoRuns.arn 2014-07-16 12:42 - 2014-07-16 12:42 - 00591040 _____ (Sysinternals - www.sysinternals.com) C:\Users\asus\Desktop\autoruns.exe 2014-07-16 12:42 - 2014-07-16 12:41 - 00030936 _____ () C:\Users\asus\Documents\Addition.txt 2014-07-16 12:37 - 2014-07-09 19:45 - 00000000 ____D () C:\Users\asus\Downloads\FRST-OlderVersion 2014-07-16 12:37 - 2014-07-04 12:09 - 02086912 _____ (Farbar) C:\Users\asus\Documents\FRST64.exe 2014-07-15 22:15 - 2014-05-21 22:35 - 00000023 _____ () C:\Users\asus\jagexappletviewer.preferences 2014-07-15 21:51 - 2014-07-15 21:51 - 00019744 _____ () C:\ComboFix.txt 2014-07-15 21:51 - 2014-07-10 19:13 - 00000000 ____D () C:\Qoobox 2014-07-15 21:50 - 2009-07-14 10:34 - 00000250 _____ () C:\Windows\system.ini 2014-07-15 21:34 - 2014-07-15 21:34 - 00020271 _____ () C:\Users\asus\Desktop\combofixhahaha.txt 2014-07-15 21:19 - 2014-05-17 15:13 - 00000000 ____D () C:\Users\asus\AppData\Local\CrashDumps 2014-07-15 20:40 - 2014-07-09 12:35 - 00000000 ____D () C:\Users\asus\Desktop\scans 2014-07-15 20:22 - 2009-07-14 12:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-15 20:22 - 2009-07-14 12:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-15 20:11 - 2014-07-10 18:08 - 05220800 ____R (Swearware) C:\Users\asus\Desktop\ComboFix.exe 2014-07-15 18:18 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-07-15 17:33 - 2014-07-15 17:33 - 00013701 _____ () C:\Users\asus\Downloads\[kickass.to]bluestacks.app.player.0.8.7.3066.android.4.0.4.mod.torrent 2014-07-15 13:01 - 2014-07-15 13:01 - 00064657 _____ () C:\Users\asus\Downloads\[kickass.to]the.woman.2011.bluray.720p.800mb.ganool.torrent 2014-07-15 12:58 - 2014-07-15 12:58 - 00014807 _____ () C:\Users\asus\Downloads\[kickass.to]the.silent.house.2010.dvd.rip.xvid.stb.torrent 2014-07-15 12:41 - 2014-07-15 12:41 - 00153206 _____ () C:\Users\asus\Downloads\[kickass.to]the.innkeepers.2011.ita.eng.bluray.720p.x264.trl.torrent 2014-07-15 12:31 - 2014-07-15 12:31 - 00057106 _____ () C:\Users\asus\Downloads\[kickass.to]the.orphanage.el.orfanato.2007.dvdrip.eng.hard.subs.axxo.torrent 2014-07-15 12:08 - 2014-07-15 12:08 - 00097618 _____ () C:\Users\asus\Downloads\[kickass.to]harry.potter.series.1.7.1080p.bluray.qebs.aac.ps3.mp4.fasm.torrent 2014-07-15 12:07 - 2014-07-15 12:07 - 00000812 _____ () C:\Users\asus\Desktop\µTorrent.lnk 2014-07-15 12:07 - 2014-07-15 12:07 - 00000792 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-07-15 10:13 - 2014-05-20 18:23 - 00000000 ____D () C:\Users\asus\AppData\Local\Spotify 2014-07-15 10:10 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\Vss 2014-07-14 22:12 - 2014-07-14 22:12 - 00086819 _____ () C:\Users\asus\Downloads\[kickass.to]brett.manning.s.singing.success.torrent 2014-07-13 22:20 - 2014-07-13 22:20 - 00002242 _____ () C:\Users\asus\Desktop\aswMBR.txt 2014-07-13 22:20 - 2014-07-13 22:20 - 00000512 _____ () C:\Users\asus\Desktop\MBR.dat 2014-07-13 21:27 - 2014-07-13 21:26 - 05185536 _____ (AVAST Software) C:\Users\asus\Downloads\aswmbr.exe 2014-07-13 11:33 - 2014-06-26 20:28 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-07-11 13:02 - 2014-07-11 13:01 - 00275608 _____ () C:\Users\asus\Downloads\photo (2).htm 2014-07-11 13:01 - 2014-07-11 13:01 - 00275742 _____ () C:\Users\asus\Downloads\photo (1).htm 2014-07-10 20:02 - 2014-06-27 13:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-07-10 19:24 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Default 2014-07-10 19:23 - 2014-07-10 19:12 - 00000000 ____D () C:\Windows\erdnt 2014-07-10 19:14 - 2014-06-27 13:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-07-09 20:05 - 2014-07-04 12:15 - 00060112 _____ () C:\Users\asus\Downloads\FRST.txt 2014-07-09 15:48 - 2014-06-06 19:30 - 00000000 ____D () C:\Users\asus\Documents\Greenshot 2014-07-09 13:19 - 2014-07-09 13:19 - 02347384 _____ (ESET) C:\Users\asus\Downloads\esetsmartinstaller_enu.exe 2014-07-09 13:19 - 2014-07-09 13:19 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-09 12:52 - 2014-07-09 12:37 - 00000000 ____D () C:\AdwCleaner 2014-07-09 12:36 - 2014-07-09 12:36 - 01348263 _____ () C:\Users\asus\Downloads\AdwCleaner.exe 2014-07-09 12:35 - 2014-07-09 12:35 - 00001756 _____ () C:\Users\asus\Desktop\JRT.txt 2014-07-09 12:23 - 2014-07-09 12:23 - 00000000 ____D () C:\Windows\ERUNT 2014-07-09 12:21 - 2014-07-09 12:20 - 01016261 _____ (Thisisu) C:\Users\asus\Downloads\JRT.exe 2014-07-07 06:46 - 2014-05-24 15:54 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-07-07 06:46 - 2014-05-24 15:54 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-07-07 06:18 - 2014-07-07 06:18 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-06 20:06 - 2014-05-20 03:43 - 00000000 ____D () C:\Users\asus\AppData\Roaming\vlc 2014-07-06 12:59 - 2014-05-17 15:58 - 00052843 _____ () C:\Windows\DirectX.log 2014-07-06 11:48 - 2014-05-17 15:08 - 00000000 ____D () C:\Users\asus\Documents\Bluetooth Folder 2014-07-06 01:05 - 2014-07-05 09:57 - 00000158 _____ () C:\Users\Guest\AppData\Roaming\default.rss 2014-07-05 23:16 - 2009-07-14 13:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-05 23:06 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\Documents\Youcam 2014-07-05 21:29 - 2014-07-05 21:29 - 00000000 ____D () C:\Users\Guest\Documents\My Games 2014-07-05 20:53 - 2014-07-05 09:55 - 00000000 ____D () C:\Users\Guest\Desktop\Martha 2014-07-05 20:47 - 2014-07-05 20:47 - 00000284 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts.sfl 2014-07-05 20:47 - 2014-07-05 20:33 - 375570432 _____ () C:\Users\Guest\Desktop\SDE Final.m2ts 2014-07-05 20:01 - 2014-07-05 20:01 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\NVIDIA 2014-07-05 19:59 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc 2014-07-05 19:57 - 2014-07-05 19:57 - 00000028 _____ () C:\Users\Guest\Desktop\SDE.avi.sfl 2014-07-05 19:41 - 2014-07-05 19:41 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\MPC-HC 2014-07-05 19:39 - 2014-07-05 19:39 - 00000036 _____ () C:\Users\Guest\Desktop\Martha SDE.avi.sfl 2014-07-05 17:31 - 2014-07-05 17:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\proDAD_GmbH 2014-07-05 10:16 - 2014-07-05 10:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\CrashDumps 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Nero 2014-07-05 09:56 - 2014-07-05 09:56 - 00000000 ____D () C:\Users\Guest\AppData\Local\Nero 2014-07-04 22:28 - 2014-07-04 22:28 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Publish Providers 2014-07-04 22:28 - 2014-07-03 22:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Sony 2014-07-04 22:27 - 2014-07-04 22:27 - 00001062 _____ () C:\Users\Guest\Desktop\Vegas Pro 10.0 (64-bit).lnk 2014-07-04 22:27 - 2014-07-04 22:27 - 00000000 ____D () C:\Users\Guest\AppData\Local\Sony 2014-07-04 22:27 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Folder 2014-07-04 21:59 - 2014-07-04 21:59 - 00000000 ____D () C:\Users\asus\Documents\fkl-setup 2014-07-04 21:58 - 2014-07-04 21:58 - 00275888 _____ () C:\Users\asus\Documents\fkl-setup.zip 2014-07-04 12:53 - 2014-07-04 12:53 - 00006730 _____ () C:\Users\asus\Desktop\RKreport_SCN_07042014_125245.log 2014-07-04 12:46 - 2014-07-04 12:46 - 05283416 _____ () C:\Users\asus\Downloads\RogueKillerX64.exe 2014-07-04 12:41 - 2014-07-04 12:41 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-04 12:41 - 2014-07-04 12:40 - 04721240 _____ () C:\Users\asus\Downloads\RogueKiller.exe 2014-07-04 12:17 - 2014-07-04 12:16 - 00031049 _____ () C:\Users\asus\Downloads\Addition.txt 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla 2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla 2014-07-04 11:24 - 2014-06-03 18:39 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phrozen Keylogger Lite 2014-07-04 11:16 - 2014-07-03 22:08 - 00000000 ____D () C:\Users\Guest\Desktop\x64 2014-07-03 22:44 - 2014-07-03 22:44 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Publish Providers 2014-07-03 22:44 - 2014-07-03 22:20 - 00002696 _____ () C:\Users\asus\Documents\Register Vegas Pro.htm 2014-07-03 22:44 - 2014-07-03 22:11 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Sony 2014-07-03 22:41 - 2014-07-03 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\ProgramData\Sony 2014-07-03 22:40 - 2014-07-03 22:40 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-07-03 22:40 - 2014-07-03 22:29 - 00000000 ____D () C:\Program Files\Sony 2014-07-03 22:22 - 2014-07-03 22:09 - 00000000 ____D () C:\Users\asus\Documents\New folder (2) 2014-07-03 22:15 - 2014-07-03 22:15 - 00000000 ____D () C:\Users\asus\AppData\Local\Sony 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\Users\asus\AppData\Local\proDAD_GmbH 2014-07-03 22:13 - 2014-07-03 22:13 - 00000000 ____D () C:\ProgramData\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00001110 _____ () C:\Users\Public\Desktop\Mercalli 3.0.lnk 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Users\asus\AppData\Roaming\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD 2014-07-03 22:10 - 2014-07-03 22:10 - 00000000 ____D () C:\Program Files\proDAD 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\Desktop\proDAD Mercalli 3.0.215.1 Standalone (Win32-64) Serial [ChingLiu] 2014-07-03 22:07 - 2014-07-03 22:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR 2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\CyberLink 2014-07-03 20:39 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00117592 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-03 20:38 - 2014-07-03 20:38 - 00001443 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00001409 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Zbshareware Lab 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\Greenshot 2014-07-03 20:38 - 2014-07-03 20:38 - 00000000 ____D () C:\Users\Guest\AppData\Local\BMExplorer 2014-07-03 20:38 - 2014-07-03 20:37 - 00000000 ____D () C:\Users\Guest 2014-07-03 20:38 - 2014-05-17 15:11 - 00000000 ____D () C:\ProgramData\Atheros 2014-07-03 20:37 - 2014-07-03 20:37 - 00000020 ___SH () C:\Users\Guest\ntuser.ini 2014-07-02 11:25 - 2014-07-02 11:25 - 00016500 _____ () C:\Users\asus\Downloads\[kickass.to]super.8.2011.720p.brrip.x264.mp4.multisubs.aac.cc.torrent 2014-06-30 21:06 - 2014-06-26 19:13 - 00000000 ____D () C:\Users\asus\jagexcache 2014-06-30 18:37 - 2014-05-22 09:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-06-30 11:43 - 2014-06-30 11:43 - 00013780 _____ () C:\Users\asus\Desktop\com.supercell.clashofclans.cfg - Shortcut.lnk 2014-06-30 07:57 - 2014-06-30 07:57 - 00000000 ____D () C:\Users\asus\AppData\Roaming\NVIDIA 2014-06-30 04:35 - 2014-06-06 19:28 - 00000000 ____D () C:\Users\asus\AppData\Local\Greenshot 2014-06-29 21:55 - 2014-06-29 21:51 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native_b.exe 2014-06-29 20:11 - 2014-06-26 20:39 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-06-28 13:00 - 2014-06-28 13:00 - 00056797 _____ () C:\Users\asus\Downloads\[kickass.to]the.haunting.in.connecticut.2.ghosts.of.georgia.2013.french.dvdrip.xvid.tmb.torrent 2014-06-27 20:47 - 2014-06-27 20:47 - 00003467 _____ () C:\Windows\SysWOW64\collectionCache.bnk 2014-06-27 13:21 - 2014-06-27 13:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-06-27 13:03 - 2014-06-27 13:00 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\asus\Downloads\spybot-2.3.exe 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-06-27 12:45 - 2014-06-27 12:45 - 00000000 ____D () C:\Windows\system32\NV 2014-06-27 12:45 - 2014-05-17 15:41 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-27 12:45 - 2014-05-17 15:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-27 12:45 - 2014-05-17 15:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-27 07:50 - 2014-06-27 07:50 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-27 07:50 - 2014-06-27 07:50 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-27 07:46 - 2014-06-27 07:43 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\asus\Downloads\TeamSpeak3-Client-win64-3.0.15.exe 2014-06-26 20:44 - 2014-06-26 20:43 - 00002046 _____ () C:\Users\asus\Desktop\OSRS.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002076 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00002046 _____ () C:\Users\asus\Desktop\RuneScape.lnk 2014-06-26 20:41 - 2014-06-26 20:41 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2014-06-26 20:40 - 2014-06-26 20:39 - 23805952 _____ () C:\Users\asus\Downloads\RuneScape (1).msi 2014-06-26 20:37 - 2014-05-20 03:42 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Nero 2014-06-26 20:28 - 2014-06-26 20:24 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\asus\Downloads\BlueStacks-SplitInstaller_native.exe 2014-06-26 20:00 - 2009-07-14 13:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-26 19:16 - 2014-06-26 19:15 - 01653168 _____ () C:\Users\asus\Desktop\Orion.exe 2014-06-26 19:11 - 2014-06-26 19:06 - 00000000 ____D () C:\Users\asus\Orion 2014-06-23 19:35 - 2014-06-23 19:35 - 00002984 _____ () C:\Windows\System32\Tasks\ATKOSD2 2014-06-23 19:35 - 2014-06-23 19:35 - 00000000 ____D () C:\Program Files (x86)\ASUS 2014-06-23 19:30 - 2014-06-23 19:30 - 00001250 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2014-06-23 19:29 - 2014-06-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-06-23 19:29 - 2014-06-23 19:28 - 01640984 _____ () C:\Users\asus\Downloads\SetupVirtualCloneDrive5470.exe 2014-06-23 16:54 - 2014-06-01 18:57 - 00000000 ____D () C:\Users\asus\.VirtualBox 2014-06-23 15:08 - 2014-06-23 15:08 - 00000290 _____ () C:\Users\asus\Documents\vpn kali.txt 2014-06-23 13:30 - 2014-06-23 13:30 - 10432166 _____ () C:\Users\asus\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.3.10-93012.vbox-extpack 2014-06-23 13:25 - 2014-06-23 13:25 - 00000000 ____D () C:\Users\asus\VirtualBox VMs 2014-06-22 11:05 - 2014-06-22 11:05 - 00025017 _____ () C:\Users\asus\Downloads\[kickass.to]farcry.3.black.box.silvertorrent.torrent 2014-06-21 04:46 - 2014-06-21 04:46 - 00020122 _____ () C:\Users\asus\Downloads\[kickass.to]game.of.thrones.the.complete.season.4.hdtv.torrent 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\Documents\Square Enix 2014-06-20 20:00 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\asus\AppData\Local\SKIDROW 2014-06-20 12:11 - 2014-06-19 13:52 - 00000000 ____D () C:\Users\asus\Desktop\POW 2014-06-20 11:11 - 2014-06-20 11:11 - 00002088 _____ () C:\Users\Public\Desktop\TP-LINK Wireless Client Utility.lnk 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2014-06-20 11:11 - 2014-06-20 11:11 - 00000000 ____D () C:\Program Files (x86)\TP-LINK 2014-06-20 11:11 - 2014-05-17 15:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-20 11:10 - 2014-06-20 11:09 - 06876733 _____ () C:\Users\asus\Documents\2009319153528.zip 2014-06-20 11:00 - 2014-06-20 11:00 - 00225888 _____ (NirSoft) C:\Users\asus\Desktop\c.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00090720 _____ (NirSoft) C:\Users\asus\Desktop\f.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00051200 _____ (NirSoft) C:\Users\asus\Desktop\i.exe 2014-06-20 11:00 - 2014-06-20 11:00 - 00000136 _____ () C:\Users\asus\Desktop\launch.bat 2014-06-19 14:11 - 2014-06-19 14:05 - 00000000 ____D () C:\Users\asus\Documents\USB files ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-15 20:39 ==================== End Of Log ============================
  8. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-07-2014 01 Ran by asus at 2014-07-16 17:51:11 Run:1 Running from C:\Users\asus\Documents Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [GoogleChromeAutoLaunch_3C776F0E4C9D4C175BD7848BC811E09D] => C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [uTorrent] => C:\Users\asus\AppData\Roaming\uTorrent\uTorrent.exe [1270864 2014-07-15] (BitTorrent Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [uTorrent] => C:\Users\asus\Downloads\uTorrent.exe [1270864 2014-05-19] (BitTorrent Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [Google Update] => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-19] (Google Inc.) BootExecute: autocheck autochk * sdnclean64.exe HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) C:\Users\asus\jagex_cl_oldschool_LIVE.dat C:\Users\asus\jagex_cl_runescape_LIVE.dat C:\Users\asus\jagex_cl_runescape_LIVE1.dat C:\Users\asus\random.dat Task: {5530E6E8-723E-48C9-97B5-3C84C8011104} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.) Task: {CFC23C2A-C73C-4FF3-BA9E-A8DE7CDE4BF8} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION Task: {D7FBD7B3-77C7-44AC-AF65-D6F96A2D3F16} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION Task: {EA7A300C-6A66-4E70-9F43-DE27BAAE66FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core.job => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA.job => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_3C776F0E4C9D4C175BD7848BC811E09D => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableRegistryTools => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}'=> Key not found. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}'=> Key not found. 'HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2'=> Key not found. C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll not found. 'HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2'=> Key not found. C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found. C:\Users\asus\jagex_cl_oldschool_LIVE.dat => Moved successfully. C:\Users\asus\jagex_cl_runescape_LIVE.dat => Moved successfully. C:\Users\asus\jagex_cl_runescape_LIVE1.dat => Moved successfully. C:\Users\asus\random.dat => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5530E6E8-723E-48C9-97B5-3C84C8011104}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5530E6E8-723E-48C9-97B5-3C84C8011104}' => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CFC23C2A-C73C-4FF3-BA9E-A8DE7CDE4BF8}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC23C2A-C73C-4FF3-BA9E-A8DE7CDE4BF8}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7FBD7B3-77C7-44AC-AF65-D6F96A2D3F16}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7FBD7B3-77C7-44AC-AF65-D6F96A2D3F16}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA7A300C-6A66-4E70-9F43-DE27BAAE66FA}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA7A300C-6A66-4E70-9F43-DE27BAAE66FA}' => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core' => Key deleted successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA.job => Moved successfully. ==== End of Fixlog ====
  9. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-07-2014 01 Ran by asus at 2014-07-16 17:51:11 Run:1 Running from C:\Users\asus\Documents Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [GoogleChromeAutoLaunch_3C776F0E4C9D4C175BD7848BC811E09D] => C:\Users\asus\AppData\Local\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Run: [uTorrent] => C:\Users\asus\AppData\Roaming\uTorrent\uTorrent.exe [1270864 2014-07-15] (BitTorrent Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1000\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [uTorrent] => C:\Users\asus\Downloads\uTorrent.exe [1270864 2014-05-19] (BitTorrent Inc.) HKU\S-1-5-21-1210325367-195732664-3179361299-1002\...\Run: [Google Update] => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-19] (Google Inc.) BootExecute: autocheck autochk * sdnclean64.exe HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) C:\Users\asus\jagex_cl_oldschool_LIVE.dat C:\Users\asus\jagex_cl_runescape_LIVE.dat C:\Users\asus\jagex_cl_runescape_LIVE1.dat C:\Users\asus\random.dat Task: {5530E6E8-723E-48C9-97B5-3C84C8011104} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.) Task: {CFC23C2A-C73C-4FF3-BA9E-A8DE7CDE4BF8} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION Task: {D7FBD7B3-77C7-44AC-AF65-D6F96A2D3F16} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION Task: {EA7A300C-6A66-4E70-9F43-DE27BAAE66FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core.job => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA.job => C:\Users\asus\AppData\Local\Google\Update\GoogleUpdate.exe ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_3C776F0E4C9D4C175BD7848BC811E09D => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableRegistryTools => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully. HKU\S-1-5-21-1210325367-195732664-3179361299-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}'=> Key not found. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}'=> Key not found. 'HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2'=> Key not found. C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll not found. 'HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2'=> Key not found. C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found. C:\Users\asus\jagex_cl_oldschool_LIVE.dat => Moved successfully. C:\Users\asus\jagex_cl_runescape_LIVE.dat => Moved successfully. C:\Users\asus\jagex_cl_runescape_LIVE1.dat => Moved successfully. C:\Users\asus\random.dat => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5530E6E8-723E-48C9-97B5-3C84C8011104}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5530E6E8-723E-48C9-97B5-3C84C8011104}' => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CFC23C2A-C73C-4FF3-BA9E-A8DE7CDE4BF8}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC23C2A-C73C-4FF3-BA9E-A8DE7CDE4BF8}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7FBD7B3-77C7-44AC-AF65-D6F96A2D3F16}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7FBD7B3-77C7-44AC-AF65-D6F96A2D3F16}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA7A300C-6A66-4E70-9F43-DE27BAAE66FA}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA7A300C-6A66-4E70-9F43-DE27BAAE66FA}' => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core' => Key deleted successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000Core.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1210325367-195732664-3179361299-1000UA.job => Moved successfully. ==== End of Fixlog ====
  10. JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Wed Jul 16 17:41:39 2014 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Found and removed: SOFTWARE\JavaSoft Found and removed: SOFTWARE\JreMetrics Found and removed: SOFTWARE\MozillaPlugins ------------------------------------ Finished reporting.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.