Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem in https links


  • This topic is locked This topic is locked
50 replies to this topic

#1 Mamd0uh

Mamd0uh

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 22 January 2014 - 03:03 AM

Hi There,

     

 Seems like my computer is infected with Virus. Whenever I try to visit any https site (for example:- https://www.google.com), I get this message
 

404. That’s an error.

The requested URL / was not found on this server. That’s all we know.

 

 

Any help will be appreciated.


Thank you,

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:34 AM

Posted 27 January 2014 - 03:05 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/521668 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 27 January 2014 - 03:11 AM

1. Whenever I try to visit any https site (for example:- https://www.google.com), I get this message
 

404. That’s an error.

The requested URL / was not found on this server. That’s all we know.

 

2. I'm unable to create a log and my installed Windows Operating System is windows 8.1 and it is a 64bit system.

 

I get this message

 

JNH5IZm.jpg

 

3. The original Windows CD/DVD is unavailable.


Edited by Mamd0uh, 27 January 2014 - 03:13 AM.


#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:01:34 AM

Posted 27 January 2014 - 05:37 PM

Mamd0uh,
 
:welcome: to Bleeping Computer.
 
My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.
 
Some things to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code or quote boxes (unless explicitly asked to)
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.

In the upper right hand corner of the topic you will see the Follow This Topic button. Click on this then choose Receive Notification Immediately and then click Follow This Topic and you will be sent an email once I have posted a response and make the cleaning process faster.
 
Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.
 
 
FRST
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator"
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#5 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 29 January 2014 - 01:53 AM

Hello Jason,

Thank you very much for assisting me.

 

here is the FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014
Ran by Mamdouh (administrator) on MAMDOUH on 29-01-2014 01:47:39
Running from C:\Users\Mamdouh\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Windows\System32\valWBFPolicyService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dropbox, Inc.) C:\Users\Mamdouh\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(www.IslamicFinder.org) C:\Program Files (x86)\Athan\Athan.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_54.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_54.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-06-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-14] (IDT, Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Athan] - C:\Program Files (x86)\Athan\Athan.exe [1208320 2013-02-03] (www.IslamicFinder.org)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-05] (RealNetworks, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Runonce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
HKCU\...\Run: [Power2GoExpress8] - C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)
HKCU\...\Run: [Google Update] - C:\Users\Mamdouh\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-09] (Google Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [HP ENVY 4500 series (NET)] - C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3421216 2013-08-13] (Hewlett-Packard Co.)
HKCU\...\Run: [uTorrent] - C:\Users\Mamdouh\AppData\Roaming\uTorrent\uTorrent.exe [904272 2014-01-13] (BitTorrent Inc.)
HKU\Administrator\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Mamdouh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mamdouh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {AB168F81-556A-4BD3-B437-3BD0581DA7DE} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mamdouh\AppData\Roaming\Mozilla\Firefox\Profiles\tfmb9z47.default-1387407828909
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_80.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_80.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Mamdouh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Mamdouh\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Mamdouh\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Mamdouh\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Mamdouh\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Users\Mamdouh\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mamdouh\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Mamdouh\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Flash Video Downloader - C:\Users\Mamdouh\AppData\Roaming\Mozilla\Firefox\Profiles\tfmb9z47.default-1387407828909\Extensions\artur.dubovoy@gmail.com [2014-01-22]
FF Extension: anonymoX - C:\Users\Mamdouh\AppData\Roaming\Mozilla\Firefox\Profiles\tfmb9z47.default-1387407828909\Extensions\client@anonymox.net.xpi [2013-12-29]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Mamdouh\AppData\Roaming\Mozilla\Firefox\Profiles\tfmb9z47.default-1387407828909\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-12-24]
FF Extension: Adblock Plus - C:\Users\Mamdouh\AppData\Roaming\Mozilla\Firefox\Profiles\tfmb9z47.default-1387407828909\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-05]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.0.0.12

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-01-23] (Advanced Micro Devices, Inc.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-06-07] (HP)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
S3 HideMyIpSRV; C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe [3039536 2010-07-06] (HideMyIP)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-08] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
R2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-27] (AVG Secure Search)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-17] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-10] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2013-06-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [46368 2013-10-27] (AVG Technologies)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 kvnet; C:\Windows\system32\DRIVERS\kvnet.sys [30208 2013-03-23] (Kerio Technologies Inc.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [29424 2013-06-14] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-10] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-29 01:47 - 2014-01-29 01:48 - 00022763 _____ C:\Users\Mamdouh\Desktop\FRST.txt
2014-01-29 01:47 - 2014-01-29 01:47 - 00000000 ____D C:\FRST
2014-01-29 01:45 - 2014-01-29 01:45 - 02079744 _____ (Farbar) C:\Users\Mamdouh\Desktop\FRST64.exe
2014-01-27 16:09 - 2014-01-27 16:09 - 07814569 _____ C:\Users\Mamdouh\Downloads\Sherine'14.rar
2014-01-27 03:08 - 2014-01-27 03:08 - 00688992 _____ (Swearware) C:\Users\Mamdouh\Downloads\dds.com
2014-01-26 23:19 - 2014-01-27 02:05 - 00000000 ____D C:\Users\Mamdouh\Desktop\New folder (2)
2014-01-26 20:37 - 2014-01-26 20:37 - 03503083 _____ C:\Users\Mamdouh\Downloads\final.jfif
2014-01-25 16:08 - 2014-01-25 16:08 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-25 00:54 - 2014-01-25 00:55 - 160676006 ____R C:\Users\Mamdouh\Downloads\Freeman Biological Science 5th c2014 txtbk.7z
2014-01-24 18:08 - 2014-01-24 18:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-24 00:49 - 2014-01-24 00:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 00:49 - 2014-01-24 00:50 - 00000000 ____D C:\Program Files\iTunes
2014-01-24 00:49 - 2014-01-24 00:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-24 00:49 - 2014-01-24 00:49 - 00000000 ____D C:\Program Files\iPod
2014-01-23 04:48 - 2014-01-23 04:48 - 00000000 ____D C:\Users\Mamdouh\Desktop\star_ Files
2014-01-23 04:44 - 2014-01-23 04:47 - 02078962 _____ C:\Users\Mamdouh\Downloads\star_ Files.zip
2014-01-18 21:53 - 2014-01-18 21:53 - 03381982 _____ C:\Users\Mamdouh\Downloads\شرفة.jfif
2014-01-18 18:52 - 2014-01-18 18:52 - 00001442 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-18 18:51 - 2014-01-18 18:51 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2014-01-18 17:57 - 2014-01-18 17:57 - 00010184 _____ C:\WINDOWS\PFRO.log
2014-01-16 20:02 - 2014-01-29 01:11 - 01558631 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-16 14:55 - 2014-01-23 23:46 - 00000000 ___RD C:\Users\Mamdouh\Dropbox
2014-01-16 14:54 - 2014-01-16 14:55 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\DropboxMaster
2014-01-16 14:53 - 2014-01-16 14:53 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 14:51 - 2014-01-26 22:50 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\Dropbox
2014-01-16 12:44 - 2014-01-16 12:44 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-15 16:37 - 2013-12-08 19:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 16:37 - 2013-11-27 10:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 16:37 - 2013-11-27 06:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 16:37 - 2013-11-27 05:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 16:37 - 2013-11-27 04:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 16:37 - 2013-11-27 03:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 16:37 - 2013-11-27 03:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 16:37 - 2013-11-27 03:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 16:37 - 2013-11-27 03:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 16:37 - 2013-11-27 03:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 16:37 - 2013-11-27 03:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-14 15:27 - 2014-01-24 00:38 - 00003290 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1308612826-2611245119-4017301193-1002
2014-01-13 14:18 - 2014-01-13 14:19 - 00000000 ____D C:\Users\Mamdouh\Downloads\Leonardo.DiCaprio.Movie.Pack.DVDRip.XviD-TL
2014-01-13 02:12 - 2014-01-13 02:12 - 00262517 _____ C:\Users\Mamdouh\Downloads\Leonardo.DiCaprio.Movie.Pack.DVDRip.XviD-TL.torrent
2014-01-09 22:13 - 2014-01-09 22:13 - 00000000 ____D C:\ProgramData\Visan
2014-01-09 22:13 - 2014-01-09 22:13 - 00000000 ____D C:\ProgramData\HP Photo Creations
2014-01-09 22:13 - 2014-01-09 22:13 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2014-01-09 22:12 - 2014-01-09 22:12 - 00003614 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP ENVY 4500 series
2014-01-09 22:12 - 2014-01-09 22:12 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\HpUpdate
2014-01-09 22:12 - 2013-08-13 13:42 - 00762400 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC511.dll
2014-01-09 22:11 - 2014-01-09 22:11 - 00000000 ____D C:\ProgramData\HP
2014-01-09 22:11 - 2014-01-09 22:11 - 00000000 ____D C:\Program Files\HP
2014-01-09 22:10 - 2014-01-09 22:10 - 00000057 _____ C:\ProgramData\Ament.ini
2014-01-04 20:08 - 2014-01-23 23:49 - 00000474 _____ C:\Users\Mamdouh\Desktop\Beyonce.txt
2014-01-03 06:05 - 2014-01-03 06:05 - 13660222 _____ C:\Users\Mamdouh\Downloads\Nancy Ajram High resolution images.zip
2013-12-31 08:22 - 2013-12-31 08:22 - 00000000 __HDC C:\ProgramData\{C8DF6520-3E59-4590-A678-CB275CEADF10}
2013-12-31 08:22 - 2013-12-31 08:22 - 00000000 __HDC C:\ProgramData\{63B3AF69-722B-4FA9-965F-94DEB1E78796}
2013-12-31 08:22 - 2013-12-31 08:22 - 00000000 __HDC C:\ProgramData\{13BDCF71-8D1E-4F03-AB17-50DB253031A4}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{BB60AA31-EF33-4542-8C8D-78DC85BFEDC1}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{682FE305-7958-4875-9B95-34673E7151AD}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{4D790C15-A3FF-476F-9F6C-FA6FF12EFFC3}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{13795121-80CF-4D45-9175-8FD79D18EF7E}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E6AF2639-F710-4F5B-8830-95A396FB523F}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E3A665DD-A92C-4869-9411-856C6F971538}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E3119013-3906-4E62-8407-060230D405CD}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E25B3CC7-9347-4C9D-9339-1E15F9DA7A07}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{D9E0EE67-1483-4783-8326-7E411B3B012D}
2013-12-31 08:19 - 2013-12-31 08:22 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs
2013-12-31 08:19 - 2013-12-31 08:19 - 00000000 __HDC C:\ProgramData\{9DE75BC9-6CF5-4972-8A4E-86BAAD477DC6}
2013-12-31 08:19 - 2013-12-31 08:19 - 00000000 __HDC C:\ProgramData\{8265C354-3D13-4FE5-95C7-65F277FF3041}
2013-12-31 08:19 - 2013-12-31 08:19 - 00000000 __HDC C:\ProgramData\{5E083C87-F3C2-42C0-B4DC-F0A0AA28F2DD}
2013-12-31 08:00 - 2013-12-31 08:00 - 00000000 ____D C:\Users\Mamdouh\AppData\Local\PackageAware
2013-12-31 07:59 - 2013-12-31 08:00 - 182210042 _____ C:\Users\Mamdouh\Desktop\Topaz Photoshop Plugins Bundle 32bit & 64bit.rar

==================== One Month Modified Files and Folders =======

2014-01-29 01:48 - 2014-01-29 01:47 - 00022763 _____ C:\Users\Mamdouh\Desktop\FRST.txt
2014-01-29 01:47 - 2014-01-29 01:47 - 00000000 ____D C:\FRST
2014-01-29 01:45 - 2014-01-29 01:45 - 02079744 _____ (Farbar) C:\Users\Mamdouh\Desktop\FRST64.exe
2014-01-29 01:33 - 2013-06-13 03:39 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6AC34B31-4687-4106-BF40-097B556D9E35}
2014-01-29 01:32 - 2013-06-16 02:42 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-01-29 01:32 - 2013-06-16 02:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-29 01:11 - 2014-01-16 20:02 - 01558631 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-29 01:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-28 16:50 - 2013-06-13 03:46 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1308612826-2611245119-4017301193-1002
2014-01-27 22:17 - 2013-06-15 07:26 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\uTorrent
2014-01-27 16:09 - 2014-01-27 16:09 - 07814569 _____ C:\Users\Mamdouh\Downloads\Sherine'14.rar
2014-01-27 03:23 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-27 03:08 - 2014-01-27 03:08 - 00688992 _____ (Swearware) C:\Users\Mamdouh\Downloads\dds.com
2014-01-27 02:05 - 2014-01-26 23:19 - 00000000 ____D C:\Users\Mamdouh\Desktop\New folder (2)
2014-01-26 22:50 - 2014-01-16 14:51 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\Dropbox
2014-01-26 20:37 - 2014-01-26 20:37 - 03503083 _____ C:\Users\Mamdouh\Downloads\final.jfif
2014-01-25 16:11 - 2013-06-15 04:55 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMamdouh.job
2014-01-25 16:10 - 2012-08-27 17:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-25 16:09 - 2012-08-27 17:06 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-25 16:08 - 2014-01-25 16:08 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-25 16:06 - 2012-08-27 17:23 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-25 16:05 - 2012-08-03 19:02 - 00000000 ____D C:\SWSetup
2014-01-25 02:22 - 2013-10-04 00:55 - 00000000 ____D C:\Users\Mamdouh\Downloads\Haircuts
2014-01-25 02:22 - 2013-06-25 23:34 - 00000000 ____D C:\Users\Mamdouh\Downloads\PERSONAL
2014-01-25 02:18 - 2013-07-31 00:07 - 00000000 ____D C:\Users\Mamdouh\Desktop\My FILES
2014-01-25 02:17 - 2013-09-26 02:49 - 00000000 ____D C:\Users\Mamdouh\Desktop\College
2014-01-25 00:55 - 2014-01-25 00:54 - 160676006 ____R C:\Users\Mamdouh\Downloads\Freeman Biological Science 5th c2014 txtbk.7z
2014-01-24 21:52 - 2013-06-24 23:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-24 19:52 - 2013-06-13 03:36 - 00000000 ____D C:\Users\Mamdouh\AppData\Local\Packages
2014-01-24 18:08 - 2014-01-24 18:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-24 16:58 - 2013-06-14 07:53 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2014-01-24 16:57 - 2013-06-14 07:53 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-24 02:36 - 2013-06-25 23:34 - 00000000 ____D C:\Users\Mamdouh\Downloads\RANDOM
2014-01-24 00:50 - 2014-01-24 00:49 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 00:50 - 2014-01-24 00:49 - 00000000 ____D C:\Program Files\iTunes
2014-01-24 00:50 - 2014-01-24 00:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-24 00:49 - 2014-01-24 00:49 - 00000000 ____D C:\Program Files\iPod
2014-01-24 00:46 - 2013-01-07 16:41 - 00000000 ____D C:\ProgramData\Apple
2014-01-24 00:38 - 2014-01-14 15:27 - 00003290 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1308612826-2611245119-4017301193-1002
2014-01-23 23:49 - 2014-01-04 20:08 - 00000474 _____ C:\Users\Mamdouh\Desktop\Beyonce.txt
2014-01-23 23:46 - 2014-01-16 14:55 - 00000000 ___RD C:\Users\Mamdouh\Dropbox
2014-01-23 23:46 - 2013-10-17 22:38 - 00000000 __RDO C:\Users\Mamdouh\SkyDrive
2014-01-23 23:44 - 2013-10-17 10:13 - 00000000 ____D C:\Users\Mamdouh
2014-01-23 23:44 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-23 04:48 - 2014-01-23 04:48 - 00000000 ____D C:\Users\Mamdouh\Desktop\star_ Files
2014-01-23 04:47 - 2014-01-23 04:44 - 02078962 _____ C:\Users\Mamdouh\Downloads\star_ Files.zip
2014-01-21 22:35 - 2013-06-25 23:34 - 00000000 ____D C:\Users\Mamdouh\Downloads\COMICS
2014-01-19 02:38 - 2013-06-19 03:30 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-18 21:53 - 2014-01-18 21:53 - 03381982 _____ C:\Users\Mamdouh\Downloads\شرفة.jfif
2014-01-18 18:52 - 2014-01-18 18:52 - 00001442 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-18 18:51 - 2014-01-18 18:51 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2014-01-18 18:51 - 2013-10-17 10:13 - 00000000 ____D C:\Users\Administrator
2014-01-18 17:57 - 2014-01-18 17:57 - 00010184 _____ C:\WINDOWS\PFRO.log
2014-01-18 17:57 - 2013-12-19 00:26 - 00000000 ____D C:\ProgramData\MFAData
2014-01-17 13:10 - 2013-10-13 05:47 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\Media Player Classic
2014-01-16 18:45 - 2012-07-26 03:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2014-01-16 18:10 - 2013-08-22 08:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2014-01-16 18:09 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-16 17:28 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2014-01-16 14:55 - 2014-01-16 14:54 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\DropboxMaster
2014-01-16 14:54 - 2013-06-13 03:39 - 00000000 ___RD C:\Users\Mamdouh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 14:53 - 2014-01-16 14:53 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 12:52 - 2013-06-15 05:30 - 00000000 ____D C:\Users\Mamdouh\AppData\Local\Google
2014-01-16 12:44 - 2014-01-16 12:44 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-16 11:46 - 2013-08-15 00:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 11:42 - 2013-06-14 09:21 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-16 00:04 - 2013-09-29 23:04 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-15 16:28 - 2013-09-21 11:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-14 15:05 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2014-01-13 14:19 - 2014-01-13 14:18 - 00000000 ____D C:\Users\Mamdouh\Downloads\Leonardo.DiCaprio.Movie.Pack.DVDRip.XviD-TL
2014-01-13 02:12 - 2014-01-13 02:12 - 00262517 _____ C:\Users\Mamdouh\Downloads\Leonardo.DiCaprio.Movie.Pack.DVDRip.XviD-TL.torrent
2014-01-11 14:48 - 2013-06-15 04:47 - 00003200 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMAMDOUH$
2014-01-11 14:48 - 2013-06-15 04:47 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMAMDOUH$.job
2014-01-10 16:05 - 2013-06-27 02:01 - 00009728 _____ C:\Users\Mamdouh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-10 15:07 - 2012-08-27 17:10 - 00000000 ____D C:\Program Files (x86)\CyberLink
2014-01-09 22:13 - 2014-01-09 22:13 - 00000000 ____D C:\ProgramData\Visan
2014-01-09 22:13 - 2014-01-09 22:13 - 00000000 ____D C:\ProgramData\HP Photo Creations
2014-01-09 22:13 - 2014-01-09 22:13 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2014-01-09 22:12 - 2014-01-09 22:12 - 00003614 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP ENVY 4500 series
2014-01-09 22:12 - 2014-01-09 22:12 - 00000000 ____D C:\Users\Mamdouh\AppData\Roaming\HpUpdate
2014-01-09 22:12 - 2013-09-07 02:51 - 00000000 ____D C:\Program Files (x86)\HP
2014-01-09 22:11 - 2014-01-09 22:11 - 00000000 ____D C:\ProgramData\HP
2014-01-09 22:11 - 2014-01-09 22:11 - 00000000 ____D C:\Program Files\HP
2014-01-09 22:10 - 2014-01-09 22:10 - 00000057 _____ C:\ProgramData\Ament.ini
2014-01-09 22:10 - 2013-06-14 06:01 - 00000000 ____D C:\Users\Mamdouh\AppData\Local\HP
2014-01-06 17:31 - 2013-12-12 18:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 17:31 - 2013-12-12 18:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 06:05 - 2014-01-03 06:05 - 13660222 _____ C:\Users\Mamdouh\Downloads\Nancy Ajram High resolution images.zip
2013-12-31 08:22 - 2013-12-31 08:22 - 00000000 __HDC C:\ProgramData\{C8DF6520-3E59-4590-A678-CB275CEADF10}
2013-12-31 08:22 - 2013-12-31 08:22 - 00000000 __HDC C:\ProgramData\{63B3AF69-722B-4FA9-965F-94DEB1E78796}
2013-12-31 08:22 - 2013-12-31 08:22 - 00000000 __HDC C:\ProgramData\{13BDCF71-8D1E-4F03-AB17-50DB253031A4}
2013-12-31 08:22 - 2013-12-31 08:19 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{BB60AA31-EF33-4542-8C8D-78DC85BFEDC1}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{682FE305-7958-4875-9B95-34673E7151AD}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{4D790C15-A3FF-476F-9F6C-FA6FF12EFFC3}
2013-12-31 08:21 - 2013-12-31 08:21 - 00000000 __HDC C:\ProgramData\{13795121-80CF-4D45-9175-8FD79D18EF7E}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E6AF2639-F710-4F5B-8830-95A396FB523F}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E3A665DD-A92C-4869-9411-856C6F971538}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E3119013-3906-4E62-8407-060230D405CD}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{E25B3CC7-9347-4C9D-9339-1E15F9DA7A07}
2013-12-31 08:20 - 2013-12-31 08:20 - 00000000 __HDC C:\ProgramData\{D9E0EE67-1483-4783-8326-7E411B3B012D}
2013-12-31 08:19 - 2013-12-31 08:19 - 00000000 __HDC C:\ProgramData\{9DE75BC9-6CF5-4972-8A4E-86BAAD477DC6}
2013-12-31 08:19 - 2013-12-31 08:19 - 00000000 __HDC C:\ProgramData\{8265C354-3D13-4FE5-95C7-65F277FF3041}
2013-12-31 08:19 - 2013-12-31 08:19 - 00000000 __HDC C:\ProgramData\{5E083C87-F3C2-42C0-B4DC-F0A0AA28F2DD}
2013-12-31 08:00 - 2013-12-31 08:00 - 00000000 ____D C:\Users\Mamdouh\AppData\Local\PackageAware
2013-12-31 08:00 - 2013-12-31 07:59 - 182210042 _____ C:\Users\Mamdouh\Desktop\Topaz Photoshop Plugins Bundle 32bit & 64bit.rar

Files to move or delete:
====================
C:\ProgramData\C__Program Files (x86)_Company_Mask My IP v2.3.1.8 Premium_MaskMyIP.exe


Some content of TEMP:
====================
C:\Users\Mamdouh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprqkdne.dll
C:\Users\Mamdouh\AppData\Local\Temp\sp64126.exe
C:\Users\Mamdouh\AppData\Local\Temp\UninstallHPSA.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-22 04:08

==================== End Of Log ============================

 

And here's Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014
Ran by Mamdouh at 2014-01-29 01:49:14
Running from C:\Users\Mamdouh\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
ACDSee Photo Manager 12 (x32 Version: 12.0.344 - ACD Systems International Inc.)
Adobe AIR (x32 Version: 3.9.0.720 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.720 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (x32 Version: 13.0.0.80 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.5.100.30123 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
AMD Quick Stream (Version: 3.3.26.0 - AppEx Networks)
AMD VISION Engine Control Center (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed ® III (x32 Version: 1.01 - Ubisoft)
Athan Basic 4.4 (x32 Version:  - )
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0123.0214.3900 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0123.215.3900 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.07 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (x32 Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.5.6902 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.3.2608 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2527 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 3.5.6.6119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.6.6119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver San Francisco (x32 Version: 1.1.0.0 - Ubisoft)
Dropbox (HKCU Version: 2.6.2 - Dropbox, Inc.)
Energy Star (Version: 1.0.8 - Hewlett-Packard)
ESET Online Scanner v3 (x32 Version:  - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileHippo.com Update Checker (x32 Version:  - )
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Freemake Video Converter version 4.0.4 (x32 Version: 4.0.4 - Ellora Assets Corporation)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hide My IP 5.2 (x32 Version:  - )
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (x32 Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (x32 Version: 2.20.11 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP ENVY 4500 series Basic Device Software (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (x32 Version: 30.0.0 - Hewlett Packard)
HP Games (x32 Version: 1.0.3.0 - WildTangent)
HP MyRoom (x32 Version: 9.0.0.0 - Hewlett-Packard Company)
HP Photo Creations (x32 Version: 1.0.0.7702 - HP)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Product Detection (x32 Version: 11.15.0009 - HP)
HP Quick Launch (x32 Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SimplePass (x32 Version: 6.0.100.276 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (x32 Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (x32 Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (x32 Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (x32 Version: 1.0.6433.0 - IDT)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 21 (64-bit) (Version: 7.0.210 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
K-Lite Codec Pack 10.0.5 Full (x32 Version: 10.0.5 - )
Kodak DIGITAL GEM Airbrush Professional Plug-In (x32 Version: 2.1.0 - Eastman Kodak Company)
Kodak DIGITAL GEM Professional Plug-In (x32 Version: 2.1.0 - Kodak's Austin Development Center)
Kodak DIGITAL ROC Professional Plug-In (x32 Version: 2.1.0 - Kodak's Austin Development Center)
Kodak DIGITAL SHO Professional Plug-In (x32 Version: 2.1.0 - Kodak's Austin Development Center)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Maxthon Cloud Browser (x32 Version: 4.1.0.1600 - Maxthon International Limited)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Motorola Device Manager (x32 Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 27.0 (x86 en-US) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Need for Speed Most Wanted (x32 Version:  - )
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Opera Stable 18.0.1284.68 (x32 Version: 18.0.1284.68 - Opera Software ASA)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFill PDF Editor with FREE Writer and FREE Tools (Version: 11.0 - PlotSoft LLC)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Product Improvement Study for HP ENVY 4500 series (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Driver Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.27025 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (Version: 1.47 - Piriform)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Sonic and All Stars Racing Transformed © SEGA version 1 (x32 Version: 1 - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 16.5.3.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TechPowerUp GPU-Z (x32 Version:  - TechPowerUp)
Tintii (x32 Version:  - )
Topaz Adjust 4 (64-bit) (Version: 4.1.0 - Topaz Labs) Hidden
Topaz Adjust 4 (64-bit) (x32 Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (x32 Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (x32 Version: 4.1.0 - Topaz Labs) Hidden
Topaz Clean 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Clean 3 (64-bit) (x32 Version: 3.0.2 - Topaz Labs)
Topaz Clean 3 (x32 Version: 3.0.2 - Topaz Labs)
Topaz Clean 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (64-bit) (Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (64-bit) (x32 Version: 4.0.2 - Topaz Labs)
Topaz DeJpeg 4 (x32 Version: 4.0.2 - Topaz Labs)
Topaz DeJpeg 4 (x32 Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeNoise 5 (64-bit) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (64-bit) (x32 Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (x32 Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (x32 Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (64-bit) (Version: 2.0.5 - Topaz Labs) Hidden
Topaz Detail 2 (64-bit) (x32 Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (x32 Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (x32 Version: 2.0.5 - Topaz Labs) Hidden
Topaz Fusion Express 2 (64-bit) (Version: 2.0.1 - Topaz Labs) Hidden
Topaz Fusion Express 2 (64-bit) (x32 Version: 2.0.1 - Topaz Labs)
Topaz Fusion Express 2 (x32 Version: 2.0.1 - Topaz Labs)
Topaz Fusion Express 2 (x32 Version: 2.0.1 - Topaz Labs) Hidden
Topaz ReMask 2 (64-bit) (Version: 2.0.5 - Topaz Labs) Hidden
Topaz ReMask 2 (64-bit) (x32 Version: 2.0.5 - Topaz Labs)
Topaz ReMask 2 (x32 Version: 2.0.5 - Topaz Labs)
Topaz ReMask 2 (x32 Version: 2.0.5 - Topaz Labs) Hidden
Topaz Simplify 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Simplify 3 (64-bit) (x32 Version: 3.0.2 - Topaz Labs)
Topaz Simplify 3 (x32 Version: 3.0.2 - Topaz Labs)
Topaz Simplify 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
Topaz Vivacity (x32 Version: 1.3.1 - Topaz Labs LLC)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (x32 Version: 2.0 - Ubisoft)
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
Validity WBF DDK (Version: 4.4.234.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN)
WildTangent Games (x32 Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 beta 8 (64-bit) (Version: 5.00.8 - win.rar GmbH)
Zeego Autostrad (x32 Version: 1.0.0 - 5th Dimension Agency)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

15-01-2014 20:37:30 Windows Update
16-01-2014 23:43:54 Removed AVG 2014
16-01-2014 23:47:22 Removed AVG 2014
25-01-2014 21:08:19 Installed HP Support Assistant

==================== Hosts content: ==========================

2012-07-26 00:26 - 2013-12-14 21:50 - 00451034 ____R C:\WINDOWS\system32\Drivers\etc\hosts
58.97.143.21    www.youtube.com youtube.com google.com www.google.com mail-attachment.googleusercontent.com lh3.googleusercontent.com commondatastorage.googleapis.com groups.google.com code.google.com
127.0.0.1    anchorfree.net
127.0.0.1    rss2search.com
127.0.0.1    techbrowsing.com
127.0.0.1    box.anchorfree.net
127.0.0.1    www.mefeedia.com
127.0.0.3    www.anchorfree.net
127.0.0.2    www.mefeedia.com
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BDE5FE4-D446-4267-AEC4-A9EEB5B4FF20} - System32\Tasks\HPCeeScheduleForMAMDOUH$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0CBC8079-7415-45EC-B430-F586C7CEA24A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {11981959-0107-4A26-B63F-1B793C44BB94} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {168C2DCF-8D0F-4EDA-8429-526976688407} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {1A9653B8-A615-4D02-95CE-587BD34CFFED} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-16] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31BFC6B8-21B4-442A-8699-E0A94FD87E29} - System32\Tasks\{6561822D-CB76-4D96-97D8-AA19580C668B} => Chrome.exe http://ui.skype.com/ui/0/6.5.0.158/en/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35CF5125-D4DC-4733-83BE-2C53D58083CD} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {3ACD961A-3BE0-4CD8-B192-828BA0A429D8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1308612826-2611245119-4017301193-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5D45055A-0A35-4981-B793-CB8A1954B594} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E99C349-F2A2-4F32-B41C-E2F36AEAF289} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {6F1B8F95-543E-40FC-ABB8-911D0F5391BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {731D6E6C-9B85-45F1-A48E-1997ADF65A5F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1308612826-2611245119-4017301193-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7588357E-61EB-48B0-AAB6-0A8B6F117B6C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B8289EE-C89F-4072-8C57-6D0B683DF624} - System32\Tasks\DSite => C:\Users\Mamdouh\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {7CB31CA6-4720-4F6E-BEBF-8CFD6B6CE126} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C2C5D15-22BB-4763-A5F3-DE776D4E7A0F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AA007AA6-B3AD-4260-8BB5-0FFF111BABFB} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {AB188CAA-0C12-46E7-8504-4AE6607BB5C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {CC060FB3-1397-44E7-91E2-7747AA10D7B5} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-14] (Synaptics Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E0884522-3472-4066-B4F0-26B28D67E4D4} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {E2CCAC18-539D-4D37-BEDE-6E8DDBF120FD} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E7A3AF62-293D-4AE7-A9F0-53723029E4FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {E92E6371-620F-4A9E-A45E-317AD645643B} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)
Task: {EB77546D-BF56-475F-B0E8-DE07B13C3B4A} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-10-09] (Maxthon International ltd.)
Task: {EC1EF862-A6C2-4728-BE96-DA6BC6B934BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {EE69CF47-A263-4412-A5F7-485AC4A7AF17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-29] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1308612826-2611245119-4017301193-1002Core1cef242e5a513a9.job => C:\Users\Mamdouh\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMAMDOUH$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMamdouh.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-01-23 04:27 - 2013-01-23 04:27 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2013-06-14 08:43 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-01-23 23:46 - 2014-01-23 23:46 - 00041984 _____ () c:\users\mamdouh\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprqkdne.dll
2013-10-18 18:55 - 2013-10-18 18:55 - 25100288 _____ () C:\Users\Mamdouh\AppData\Roaming\Dropbox\bin\libcef.dll
2004-12-25 05:37 - 2004-12-25 05:37 - 00258121 _____ () C:\Program Files (x86)\Athan\vbh.dll
2010-03-08 14:08 - 2010-03-08 14:08 - 00282697 _____ () C:\Program Files (x86)\Athan\vbp.dll
2004-03-20 07:49 - 2004-03-20 07:49 - 00229444 _____ () C:\Program Files (x86)\Athan\vbq.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-06-07 04:16 - 2013-06-07 04:16 - 00019240 _____ () C:\Program Files (x86)\HP SimplePass\DownloadManager.dll
2014-01-24 18:08 - 2014-01-24 18:08 - 03572848 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\Users\Mamdouh\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\06857833.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\49676388.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\06857833.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\49676388.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


==================== Memory info ===========================

Percentage of memory in use: 70%
Total physical RAM: 5596.26 MB
Available physical RAM: 1633.83 MB
Total Pagefile: 6492.26 MB
Available Pagefile: 902.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:673.37 GB) (Free:385.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.15 GB) (Free:2.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 7E0BE801)

Partition: GPT Partition Type
==================== End Of Log ============================



#6 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:01:34 AM

Posted 30 January 2014 - 10:39 AM

Mamd0uh,

I would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

 

In your next post I need the following:

  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#7 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 31 January 2014 - 02:34 AM

Okay, I got it.

 

But when I start the combofix, I get this message

 

stJYJlD.png



#8 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 31 January 2014 - 02:35 AM

Okay, I got it.

 

But when I start the combofix, I get this message

 

stJYJlD.png



#9 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 31 January 2014 - 02:36 AM

Okay, I got it.

 

But when I start the combofix, I get this message

 

stJYJlD.png



#10 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 31 January 2014 - 02:36 AM

Okay, I got it.

 

But when I start the combofix, I get this message

 

stJYJlD.png


Edited by Mamd0uh, 31 January 2014 - 02:36 AM.


#11 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:01:34 AM

Posted 31 January 2014 - 12:37 PM

Mamd0uh,

Right click on Combofix, and click on Properties. On the window that opens, click on the Compatibility tab.
Make sure that the Run this program in compatibility mode is unchecked.
Then try running Combofix again, and let me know if you get any other error messages.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#12 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 31 January 2014 - 07:44 PM

It's unchecked already and I still get the same message. I can't run it so far. My windows is 8.1



#13 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:01:34 AM

Posted 31 January 2014 - 08:51 PM

Ok, change of plans.

:step1: RKill

  • Please download RKill by Grinler from the link below and save it to your desktop:

    Rkill
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log.

Please post the log in your next reply.

:step2: RogueKiller

  • Please download RogueKiller.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt

Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 
:step3: TDSSkiller
Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    JtwHB.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed!!

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.
 

:step4: Malwarebytes

  • Please download the newest version of Malwarebytes' Anti-Malware and install it.
  • Please start the application by double-click on it's icon.
  • Once the program has loaded go to the UPDATE tab and check for updates.
  • When the update is complete, select the Scanner tab
  • Select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.

Please save it to a convenient location and post the results in your next reply.

 

 

In your next reply, please include:

  • RKill log
  • RogueKiller log
  • TDSSkiller log
  • Malwarebytes log
  • How is your computer running now? Please be as descriptive as possible.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#14 Mamd0uh

Mamd0uh
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 31 January 2014 - 10:05 PM

Here you go dear:
 

         http://pastebin.com/bfbxRSXJ

 

Please note that for Roguekiller, I didn't fix the issues.

 

 

          http://pastebin.com/swRJ7aXx

  • How is your computer running now? Please be as descriptive as possible.

nothing changed. I still can't open https files or download attachments from gmail.



#15 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:01:34 AM

Posted 31 January 2014 - 10:10 PM

A couple questions:

 

 

1. From the RKill log:

 

 * HOSTS file entries found:
 
  58.97.143.21  www.youtube.com youtube.com google.com www.google.com mail-attachment.googleusercontent.com lh3.googleusercontent.com commondatastorage.googleapis.com groups.google.com code.google.com

 

Do you recognize this IP address highlighted in red?

 

 

 

2. From the RogueKiller log:
 

¤¤¤ Web browsers : 0 ¤¤¤
[OP][PROXY] operaprefs : Proxy\HTTP server = 190.151.10.227:80 -> FOUND

 

Do you recognize this IP address for a proxy server?


Edited by jntkwx, 31 January 2014 - 10:11 PM.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users