Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win Defender found Trojan.Win32 dynamer!Dtc


  • This topic is locked This topic is locked
17 replies to this topic

#1 Grantyy

Grantyy

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 24 April 2014 - 10:05 PM

Hi, I suspected there may be a virus on my PC, I have a VGA cable to my monitor and a HDMI to my TV which I use 90% of the time but the otherday there was a pop, It may have been my AV receiver clicking but it sounded like a fuse blowing near my PC, I lost my picture on the TV so had to restart the PC but no Joy, however my monitor was working, my Onkyo AV receiver was connected to the net and this had frozen on all outputs though once I powered off at the plug my Cable and console was fine but nothing from my PC via the HDMI.
I then set about playing with Catalyst Control center to try to get the display back but it just would/will not detect my TV anymore, I turned my PC off during this time and when trying to access CCC it said drivers were not installed?, I have reinstalled the latest drivers and all and atm have the PC connected via VGA (I think, standard blue with 2 screws)

I ran Malwarebytes (Found 1 PUP only - removed)  today to see if a virus could have caused these issues and whilst doing so Win Defender popped up for the first time i remember and said Trojan.Win32 dynamer!Dtc had been found, so I searched that and here I am

obviously i'd appreciate a fix but I would also like your opinion on whether this is likely the prob with my display, I mean for the AV receiver to freeze and the pop noise I did wonder if my HDMI slot on m AMD Saphire HD 6770 had failed?

The only other thing to note is that both Java and adobe have asked me to update recently, I often wonder if its possible for those screens to be false and inadvertantly download bad files?

 

I appreciate your time and effort in helping me resolve this issue, Thank you!
 

Here is my DDS log

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16384  BrowserJavaVersion: 10.51.2
Run by Granty at 3:38:17 on 2014-04-25
Microsoft Windows 8 Pro  6.2.9200.0.1252.44.1033.18.6126.3736 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [GoogleChromeAutoLaunch_69D02A3C32A91CD25DF1989EE2007C66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{36D3159D-6DE0-449D-A936-2432C3B7355A} : DHCPNameServer = 194.168.4.100 194.168.8.100
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-21 651832]
R0 RapportHades64;RapportHades64;C:\Windows\System32\Drivers\RapportHades64.sys [2013-2-28 275056]
R0 RapportKE64;RapportKE64;C:\Windows\System32\Drivers\RapportKE64.sys [2013-2-28 317808]
R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-12-13 606672]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-25 284176]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-25 399312]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-17 14904]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-12 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-12 701512]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-4 167424]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-17 365376]
R2 XMouseButton Launcher;XMouseButton Launcher;C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2012-6-23 87040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2013-9-24 215040]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-6-22 110744]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-6-12 25928]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\Drivers\amdkmafd.sys [2012-9-23 21160]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2014-1-22 108800]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\Drivers\htcnprot.sys [2012-12-7 36928]
S3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys [2013-2-28 234832]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 30 ================
.
2014-04-25 02:11:16 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8B6A1A7B-B3D4-42A9-81E8-E172F9E0E289}\offreg.dll
2014-04-24 01:54:02 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-04-24 01:54:01 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-04-24 01:53:00 -------- d-----w- C:\Program Files\AMD
2014-04-24 01:52:21 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-04-24 01:52:15 -------- d-----w- C:\ProgramData\Package Cache
2014-04-24 01:52:06 -------- d-----w- C:\Program Files\ATI Technologies
2014-04-24 01:52:02 -------- d-----w- C:\Program Files\ATI
2014-04-24 01:35:27 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8B6A1A7B-B3D4-42A9-81E8-E172F9E0E289}\mpengine.dll
2014-04-24 00:37:29 -------- d-----w- C:\Users\Granty\AppData\Roaming\library_dir
2014-04-24 00:37:15 -------- d-----w- C:\Users\Granty\AppData\Roaming\Raptr
2014-04-24 00:27:53 -------- d-----w- C:\Program Files (x86)\Raptr
2014-04-23 08:34:17 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-04-15 03:35:46 -------- d-----w- C:\Users\Granty\AppData\Roaming\XBMC
2014-04-15 03:28:29 -------- d-----w- C:\Program Files (x86)\XBMC
2014-04-14 14:32:32 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-11 23:44:46 -------- d-----w- C:\Program Files\DivX
2014-04-11 23:44:35 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2014-04-11 23:41:27 -------- d-----w- C:\Program Files (x86)\DivX
2014-04-11 23:36:44 -------- d-----w- C:\ProgramData\DivX
.
==================== Find3M  ====================
.
2014-02-13 12:46:44 354656 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
.
============= FINISH:  3:39:03.72 ===============
 


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:10 AM

Posted 29 April 2014 - 10:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/532227 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:10 AM

Posted 04 May 2014 - 10:15 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#4 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 09 May 2014 - 10:14 AM


Here is my latest DDS Log as requested since this topic was re-opened, Thank you

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16384  BrowserJavaVersion: 10.51.2
Run by Granty at 16:12:17 on 2014-05-09
Microsoft Windows 8 Pro  6.2.9200.0.1252.44.1033.18.6126.4132 [GMT 1:00]
.
AV: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\dwm.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [uTorrent] "C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe"  /MINIMIZED
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [GoogleChromeAutoLaunch_69D02A3C32A91CD25DF1989EE2007C66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{36D3159D-6DE0-449D-A936-2432C3B7355A} : DHCPNameServer = 194.168.4.100 194.168.8.100
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-21 651832]
R0 RapportHades64;RapportHades64;C:\Windows\System32\Drivers\RapportHades64.sys [2013-2-28 275056]
R0 RapportKE64;RapportKE64;C:\Windows\System32\Drivers\RapportKE64.sys [2013-2-28 317808]
R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-12-13 606672]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-25 284176]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-25 399312]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-17 14904]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-12 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-12 701512]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-4 167424]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-17 365376]
R2 XMouseButton Launcher;XMouseButton Launcher;C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [2012-6-23 87040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2013-9-24 215040]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-6-22 110744]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-6-12 25928]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\Drivers\amdkmafd.sys [2012-9-23 21160]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2014-1-22 108800]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\Drivers\htcnprot.sys [2012-12-7 36928]
S3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys [2013-2-28 234832]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 30 ================
.
2014-05-08 08:23:43 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E63D4D65-2D40-479A-B53C-00AF10E07941}\mpengine.dll
2014-05-06 03:18:57 -------- d-----w- C:\Users\Granty\AppData\Local\DDMSettings
2014-04-24 01:54:02 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-04-24 01:54:01 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-04-24 01:53:00 -------- d-----w- C:\Program Files\AMD
2014-04-24 01:52:21 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-04-24 01:52:15 -------- d-----w- C:\ProgramData\Package Cache
2014-04-24 01:52:06 -------- d-----w- C:\Program Files\ATI Technologies
2014-04-24 01:52:02 -------- d-----w- C:\Program Files\ATI
2014-04-24 00:37:29 -------- d-----w- C:\Users\Granty\AppData\Roaming\library_dir
2014-04-24 00:37:15 -------- d-----w- C:\Users\Granty\AppData\Roaming\Raptr
2014-04-24 00:27:53 -------- d-----w- C:\Program Files (x86)\Raptr
2014-04-23 08:34:17 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-04-15 03:35:46 -------- d-----w- C:\Users\Granty\AppData\Roaming\XBMC
2014-04-15 03:28:29 -------- d-----w- C:\Program Files (x86)\XBMC
2014-04-14 14:32:32 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-11 23:44:46 -------- d-----w- C:\Program Files\DivX
2014-04-11 23:44:35 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2014-04-11 23:41:27 -------- d-----w- C:\Program Files (x86)\DivX
2014-04-11 23:36:44 -------- d-----w- C:\ProgramData\DivX
.
==================== Find3M  ====================
.
2014-02-13 12:46:44 354656 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
.
============= FINISH: 16:12:40.07 ===============


#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:10 AM

Posted 10 May 2014 - 09:03 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#6 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 14 May 2014 - 04:33 PM

Hi, Sorry I will have this done for tomorrow - Thanks



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:10 AM

Posted 20 May 2014 - 10:07 AM

Are you still with me?

#8 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 20 May 2014 - 12:20 PM

I am apologies, I have been so busy, It will be done tonight when I get in



#9 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 20 May 2014 - 06:10 PM

# AdwCleaner v3.210 - Report created 20/05/2014 at 18:28:40
# Updated 19/05/2014 by Xplode
# Operating System : Windows 8 Pro  (64 bits)
# Username : Granty - HOME
# Running from : C:\Users\Granty\Downloads\adwcleaner_3.210.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Granty\AppData\Local\torch
Folder Deleted : C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\torch
Key Deleted : HKLM\Software\torch
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\Savings Bull
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16384
 
 
-\\ Google Chrome v34.0.1847.137
 
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : dgpdioedihjhncjafcpgbbjdpbbkikmi
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
 
*************************
 
AdwCleaner[R0].txt - [2688 octets] - [20/05/2014 18:25:13]
AdwCleaner[S0].txt - [2567 octets] - [20/05/2014 18:28:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2627 octets] ##########


#10 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 20 May 2014 - 06:32 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Granty (administrator) on HOME on 21-05-2014 00:14:50
Running from C:\Users\Granty\Desktop\Farbar
Platform: Windows 8 Pro (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\SABnzbd\SABnzbd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-21] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\Run: [uTorrent] => C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe [1270352 2014-05-07] (BitTorrent Inc.) <===== ATTENTION
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\Run: [GoogleChromeAutoLaunch_69D02A3C32A91CD25DF1989EE2007C66] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-794733395-3515025250-750547952-1001\...\MountPoints2: {d54c9e1e-1a43-11e3-be84-d02788a1fc94} - "J:\setup.exe" 
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-01-02]
CHR Extension: (Mr. Bounce) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfdmocmkakkkbgcoifcenchgkokpecl [2013-01-02]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2013-01-02]
CHR Extension: (Angry Birds) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-01-02]
CHR Extension: (Fabulous) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambjmeohlajelahhhniggkkceagdlcgj [2013-11-12]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2013-01-02]
CHR Extension: (Google Drive) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-02]
CHR Extension: (Web Developer) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2013-01-02]
CHR Extension: (Turn Off the Lights) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-01-02]
CHR Extension: (WOT) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-01-02]
CHR Extension: (Audiotool) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2013-01-02]
CHR Extension: (YouTube) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-02]
CHR Extension: (Flight) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cecapiaiollboefeimjhhdpopcfghejh [2013-01-02]
CHR Extension: (Adblock Plus) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-01-02]
CHR Extension: (TopRacers F1 Manager) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlfeefoddiihpebnembbicdbaelmcbn [2013-01-02]
CHR Extension: (Kingdom Rush) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2013-01-02]
CHR Extension: (Google Search) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-02]
CHR Extension: (PartyCloud DJ) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko [2013-01-02]
CHR Extension: (Speed Dial) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-01-02]
CHR Extension: (Hob - Java Spectrum Emulator) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dohgmhgnoomnbibeebmipackjonoemlf [2013-01-02]
CHR Extension: (Pixlr-o-matic) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2013-01-02]
CHR Extension: (Facebook Disconnect) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2013-01-02]
CHR Extension: (Video Downloader professional) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2013-11-24]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2013-01-02]
CHR Extension: (Silver Bird) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2013-01-02]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-01-02]
CHR Extension: (PanicButton) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2013-01-02]
CHR Extension: (Stylish) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-01-02]
CHR Extension: (Watch TV Online - Clickplayer.tv) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\flmfboagenlcnkidkjodenlgihdbkipj [2014-04-24]
CHR Extension: (Torrent Turbo Search) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio [2013-01-02]
CHR Extension: (Full Screen Flash) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl [2013-11-12]
CHR Extension: (Cut the Rope) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2013-01-02]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-01-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-01-02]
CHR Extension: (Cargo Bridge: Armor Games Edition) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj [2013-01-24]
CHR Extension: (Ultimate Flash Sonic) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgmfbijldhdncjcipeocgkgbjhaecfp [2013-01-02]
CHR Extension: (Isoball 3) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2013-01-02]
CHR Extension: (DarkOrbit) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj [2013-01-02]
CHR Extension: (Glitterboo) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikkpgihagilojnkmkkfcbhlainmnkicp [2013-01-02]
CHR Extension: (Cookies) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2014-04-24]
CHR Extension: (Unreal Speccy Portable) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfkpejkiedieehgdecgcjbmcbpihimmb [2013-01-02]
CHR Extension: (Skyrama) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap [2013-01-02]
CHR Extension: (Speed Dial 2) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2013-01-02]
CHR Extension: (SparkChess 7) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2013-01-02]
CHR Extension: (eBay Extension for Google Chrome™) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2013-01-02]
CHR Extension: (Google Play) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-01-02]
CHR Extension: (Rango: The WORLD) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladlgddeghalkmimaamlhbfaglfcdiep [2013-01-02]
CHR Extension: (Artillery Tower Protector) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldgcejmkikbadghamaadggncnbfekdik [2013-01-02]
CHR Extension: (FVD Downloader) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-01-02]
CHR Extension: (TV for Google Chrome™) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2013-01-02]
CHR Extension: (Wheels On Fire) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn [2014-05-21]
CHR Extension: (Google Maps) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-01-02]
CHR Extension: (Poppit) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-01-02]
CHR Extension: (Ghostery) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-01-02]
CHR Extension: (Plants vs Zombies) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-01-02]
CHR Extension: (Need for Speed World) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2013-01-02]
CHR Extension: (BeGone) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-01-02]
CHR Extension: (Mahjong Solitaire) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc [2013-01-02]
CHR Extension: (Lumosity) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffmfbhcjemfledhndnpllechagamlfp [2013-01-02]
CHR Extension: (Curling) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2013-01-02]
CHR Extension: (Google Wallet) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Hover Zoom) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-01-02]
CHR Extension: (Picky Wallpapers) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj [2013-01-02]
CHR Extension: (My Chrome Theme) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-01-02]
CHR Extension: (Bastion) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2013-01-02]
CHR Extension: (Pacman) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\palgcoflnoaklkflllnmheiollkgkipm [2013-01-02]
CHR Extension: (Gmail) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-02]
 
==================== Services (Whitelisted) =================
 
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1882392 2014-05-03] (Trusteer Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-09-24] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 RapportCerberus_68261; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_68261.sys [631096 2014-05-17] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [299512 2014-05-03] (Trusteer Ltd.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [288344 2014-05-03] (Trusteer Ltd.)
S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [248888 2014-05-17] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [358552 2014-05-03] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [414232 2014-05-03] (Trusteer Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-10] (Duplex Secure Ltd.)
U3 ahbcgn6n; C:\Windows\System32\Drivers\ahbcgn6n.sys [0 ] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-21 00:14 - 2014-05-21 00:14 - 00000000 ____D () C:\FRST
2014-05-21 00:10 - 2014-05-21 00:14 - 00000000 ____D () C:\Users\Granty\Desktop\Farbar
2014-05-20 23:23 - 2014-05-20 23:23 - 00000117 _____ () C:\Windows\system32\netcfg-17472750.txt
2014-05-20 23:23 - 2014-05-20 23:23 - 00000117 _____ () C:\Windows\system32\netcfg-17472656.txt
2014-05-20 18:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-20 18:24 - 2014-05-20 18:30 - 00000000 ____D () C:\AdwCleaner
2014-05-20 18:24 - 2014-05-20 18:24 - 01326389 _____ () C:\Users\Granty\Downloads\adwcleaner_3.210.exe
2014-05-20 14:15 - 2014-05-20 14:15 - 00000117 _____ () C:\Windows\system32\netcfg-249650062.txt
2014-05-20 06:03 - 2014-05-20 06:03 - 00000117 _____ () C:\Windows\system32\netcfg-220103609.txt
2014-05-19 23:00 - 2014-05-19 23:00 - 00000117 _____ () C:\Windows\system32\netcfg-194727125.txt
2014-05-19 22:18 - 2014-05-19 22:18 - 00000117 _____ () C:\Windows\system32\netcfg-192219812.txt
2014-05-19 13:46 - 2014-05-19 13:46 - 00000117 _____ () C:\Windows\system32\netcfg-161475984.txt
2014-05-19 07:11 - 2014-05-19 07:11 - 00000117 _____ () C:\Windows\system32\netcfg-137796015.txt
2014-05-19 06:38 - 2014-05-19 06:38 - 00000117 _____ () C:\Windows\system32\netcfg-135818828.txt
2014-05-19 05:54 - 2014-05-19 05:54 - 00000117 _____ () C:\Windows\system32\netcfg-133169968.txt
2014-05-19 05:24 - 2014-05-19 05:24 - 00000117 _____ () C:\Windows\system32\netcfg-131342812.txt
2014-05-19 05:12 - 2014-05-19 05:12 - 00000117 _____ () C:\Windows\system32\netcfg-130675953.txt
2014-05-19 04:42 - 2014-05-19 04:42 - 00000117 _____ () C:\Windows\system32\netcfg-128848812.txt
2014-05-19 04:41 - 2014-05-19 04:41 - 00000117 _____ () C:\Windows\system32\netcfg-128808750.txt
2014-05-19 04:00 - 2014-05-19 04:00 - 00000117 _____ () C:\Windows\system32\netcfg-126321812.txt
2014-05-19 03:39 - 2014-05-19 03:39 - 00000117 _____ () C:\Windows\system32\netcfg-125066500.txt
2014-05-19 01:16 - 2014-05-19 01:16 - 00000117 _____ () C:\Windows\system32\netcfg-116489812.txt
2014-05-18 15:42 - 2014-05-18 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-82067093.txt
2014-05-18 13:39 - 2014-05-18 13:39 - 00000117 _____ () C:\Windows\system32\netcfg-74698250.txt
2014-05-18 13:39 - 2014-05-18 13:39 - 00000117 _____ () C:\Windows\system32\netcfg-74698171.txt
2014-05-17 14:51 - 2014-05-17 14:51 - 00000117 _____ () C:\Windows\system32\netcfg-2020490062.txt
2014-05-17 10:23 - 2014-05-17 10:23 - 00000117 _____ () C:\Windows\system32\netcfg-2004448984.txt
2014-05-17 09:53 - 2014-05-17 09:53 - 00000117 _____ () C:\Windows\system32\netcfg-2002623000.txt
2014-05-17 06:59 - 2014-05-17 06:59 - 00000117 _____ () C:\Windows\system32\netcfg-1992158062.txt
2014-05-16 19:49 - 2014-05-16 19:49 - 00000117 _____ () C:\Windows\system32\netcfg-1951990062.txt
2014-05-16 16:18 - 2014-05-16 16:18 - 00000117 _____ () C:\Windows\system32\netcfg-1939293781.txt
2014-05-16 15:29 - 2014-05-16 15:29 - 00000117 _____ () C:\Windows\system32\netcfg-1936365359.txt
2014-05-16 10:03 - 2014-05-16 10:03 - 00000117 _____ () C:\Windows\system32\netcfg-1916839437.txt
2014-05-15 23:15 - 2014-05-15 23:15 - 00000117 _____ () C:\Windows\system32\netcfg-1877963093.txt
2014-05-15 17:41 - 2014-05-15 17:41 - 00000117 _____ () C:\Windows\system32\netcfg-1857917281.txt
2014-05-15 10:46 - 2014-05-15 10:46 - 00000117 _____ () C:\Windows\system32\netcfg-1832998625.txt
2014-05-15 10:46 - 2014-05-15 10:46 - 00000117 _____ () C:\Windows\system32\netcfg-1832998140.txt
2014-05-15 05:50 - 2014-05-15 05:50 - 00000117 _____ () C:\Windows\system32\netcfg-1815218125.txt
2014-05-15 01:38 - 2014-05-15 01:38 - 00000117 _____ () C:\Windows\system32\netcfg-1800133343.txt
2014-05-14 14:11 - 2014-05-14 14:11 - 00000117 _____ () C:\Windows\system32\netcfg-1758884093.txt
2014-05-14 14:02 - 2014-05-14 14:02 - 00000117 _____ () C:\Windows\system32\netcfg-1758379359.txt
2014-05-14 11:01 - 2014-05-14 11:01 - 00000117 _____ () C:\Windows\system32\netcfg-1747523218.txt
2014-05-14 09:22 - 2014-05-14 09:22 - 00000117 _____ () C:\Windows\system32\netcfg-1741550312.txt
2014-05-14 07:54 - 2014-05-14 07:54 - 00000117 _____ () C:\Windows\system32\netcfg-1736273203.txt
2014-05-14 02:16 - 2014-05-14 02:16 - 00000117 _____ () C:\Windows\system32\netcfg-1715982406.txt
2014-05-14 00:05 - 2014-05-14 00:05 - 00000117 _____ () C:\Windows\system32\netcfg-1708125140.txt
2014-05-13 19:03 - 2014-05-13 19:03 - 00000117 _____ () C:\Windows\system32\netcfg-1690008562.txt
2014-05-13 10:29 - 2014-05-13 10:29 - 00000117 _____ () C:\Windows\system32\netcfg-1659201078.txt
2014-05-13 08:20 - 2014-05-13 08:20 - 00000117 _____ () C:\Windows\system32\netcfg-1651456281.txt
2014-05-13 07:23 - 2014-05-13 07:23 - 00000117 _____ () C:\Windows\system32\netcfg-1648009078.txt
2014-05-13 05:30 - 2014-05-13 05:30 - 00000117 _____ () C:\Windows\system32\netcfg-1641245281.txt
2014-05-13 05:00 - 2014-05-13 05:00 - 00000117 _____ () C:\Windows\system32\netcfg-1639418109.txt
2014-05-13 04:11 - 2014-05-13 04:11 - 00000117 _____ () C:\Windows\system32\netcfg-1636488156.txt
2014-05-13 03:40 - 2014-05-13 03:40 - 00000117 _____ () C:\Windows\system32\netcfg-1634661171.txt
2014-05-13 03:08 - 2014-05-13 03:08 - 00000117 _____ () C:\Windows\system32\netcfg-1632701656.txt
2014-05-13 02:26 - 2014-05-13 02:26 - 00000117 _____ () C:\Windows\system32\netcfg-1630223500.txt
2014-05-13 02:08 - 2014-05-13 02:08 - 00000117 _____ () C:\Windows\system32\netcfg-1629152968.txt
2014-05-11 10:39 - 2014-05-11 10:39 - 00000117 _____ () C:\Windows\system32\netcfg-1486965328.txt
2014-05-11 10:39 - 2014-05-11 10:39 - 00000117 _____ () C:\Windows\system32\netcfg-1486965234.txt
2014-05-10 10:58 - 2014-05-10 10:58 - 00000117 _____ () C:\Windows\system32\netcfg-1401734125.txt
2014-05-10 10:58 - 2014-05-10 10:58 - 00000117 _____ () C:\Windows\system32\netcfg-1401734000.txt
2014-05-09 22:56 - 2014-05-09 22:56 - 00000117 _____ () C:\Windows\system32\netcfg-1358391140.txt
2014-05-09 19:53 - 2014-05-09 19:53 - 00000117 _____ () C:\Windows\system32\netcfg-1347399093.txt
2014-05-09 19:20 - 2014-05-09 19:20 - 00000117 _____ () C:\Windows\system32\netcfg-1345460031.txt
2014-05-09 17:47 - 2014-05-09 19:20 - 00000117 _____ () C:\Windows\system32\netcfg-1339877421.txt
2014-05-09 13:23 - 2014-05-09 13:23 - 00000117 _____ () C:\Windows\system32\netcfg-1324010140.txt
2014-05-08 21:21 - 2014-05-08 21:21 - 00000117 _____ () C:\Windows\system32\netcfg-1266291234.txt
2014-05-08 19:24 - 2014-05-08 19:25 - 00000117 _____ () C:\Windows\system32\netcfg-1259312953.txt
2014-05-08 19:24 - 2014-05-08 19:24 - 00000117 _____ () C:\Windows\system32\netcfg-1259312187.txt
2014-05-08 16:57 - 2014-05-08 16:57 - 00000117 _____ () C:\Windows\system32\netcfg-1250439109.txt
2014-05-08 14:22 - 2014-05-08 14:22 - 00000117 _____ () C:\Windows\system32\netcfg-1241190546.txt
2014-05-08 13:19 - 2014-05-08 13:19 - 00000117 _____ () C:\Windows\system32\netcfg-1237353187.txt
2014-05-08 12:45 - 2014-05-08 12:45 - 00000117 _____ () C:\Windows\system32\netcfg-1235325312.txt
2014-05-08 12:14 - 2014-05-08 12:14 - 00000117 _____ () C:\Windows\system32\netcfg-1233498187.txt
2014-05-08 09:49 - 2014-05-08 09:49 - 00000117 _____ () C:\Windows\system32\netcfg-1224812250.txt
2014-05-08 09:09 - 2014-05-08 09:09 - 00000117 _____ () C:\Windows\system32\netcfg-1222385078.txt
2014-05-08 02:40 - 2014-05-08 02:40 - 00000117 _____ () C:\Windows\system32\netcfg-1199043906.txt
2014-05-08 02:09 - 2014-05-08 02:09 - 00000117 _____ () C:\Windows\system32\netcfg-1197217093.txt
2014-05-08 01:45 - 2014-05-08 01:45 - 00000117 _____ () C:\Windows\system32\netcfg-1195760031.txt
2014-05-07 21:49 - 2014-05-07 21:49 - 00000117 _____ () C:\Windows\system32\netcfg-1181573109.txt
2014-05-07 13:07 - 2014-05-07 13:07 - 00000117 _____ () C:\Windows\system32\netcfg-1150289687.txt
2014-05-07 11:10 - 2014-05-07 11:10 - 00000848 _____ () C:\Users\Granty\Desktop\µTorrent.lnk
2014-05-07 11:10 - 2014-05-07 11:10 - 00000828 _____ () C:\Users\Granty\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-07 10:41 - 2014-05-07 10:41 - 00000117 _____ () C:\Windows\system32\netcfg-1141533093.txt
2014-05-07 10:29 - 2014-05-07 10:29 - 00000117 _____ () C:\Windows\system32\netcfg-1140812250.txt
2014-05-07 09:27 - 2014-05-07 09:27 - 00000117 _____ () C:\Windows\system32\netcfg-1137095125.txt
2014-05-07 03:03 - 2014-05-07 03:03 - 00000117 _____ () C:\Windows\system32\netcfg-1114016046.txt
2014-05-07 02:15 - 2014-05-07 02:15 - 00000117 _____ () C:\Windows\system32\netcfg-1111139140.txt
2014-05-06 15:47 - 2014-05-06 15:47 - 00000117 _____ () C:\Windows\system32\netcfg-1073493156.txt
2014-05-06 12:07 - 2014-05-06 12:07 - 00000117 _____ () C:\Windows\system32\netcfg-1060296109.txt
2014-05-06 07:58 - 2014-05-06 07:58 - 00000117 _____ () C:\Windows\system32\netcfg-1045309218.txt
2014-05-06 04:18 - 2014-05-06 04:18 - 00000000 ____D () C:\Users\Granty\AppData\Local\DDMSettings
2014-05-04 16:32 - 2014-05-04 16:32 - 00000117 _____ () C:\Windows\system32\netcfg-903352171.txt
2014-05-04 10:37 - 2014-05-04 10:37 - 00000117 _____ () C:\Windows\system32\netcfg-882086375.txt
2014-05-03 23:31 - 2014-05-03 23:31 - 00000117 _____ () C:\Windows\system32\netcfg-842099156.txt
2014-05-03 20:23 - 2014-05-03 20:23 - 00000117 _____ () C:\Windows\system32\netcfg-830849984.txt
2014-05-03 15:39 - 2014-05-03 15:39 - 00000117 _____ () C:\Windows\system32\netcfg-813783171.txt
2014-05-03 06:42 - 2014-05-03 06:42 - 00000117 _____ () C:\Windows\system32\netcfg-781552671.txt
2014-05-03 01:04 - 2014-05-03 01:04 - 00000117 _____ () C:\Windows\system32\netcfg-761275140.txt
2014-05-03 00:51 - 2014-05-03 00:51 - 00000117 _____ () C:\Windows\system32\netcfg-760520312.txt
2014-05-02 22:38 - 2014-05-02 22:38 - 00000117 _____ () C:\Windows\system32\netcfg-752513171.txt
2014-05-02 22:37 - 2014-05-02 22:37 - 00000117 _____ () C:\Windows\system32\netcfg-752491546.txt
2014-05-02 20:51 - 2014-05-02 20:51 - 00000117 _____ () C:\Windows\system32\netcfg-746104187.txt
2014-05-02 11:36 - 2014-05-02 11:36 - 00000117 _____ () C:\Windows\system32\netcfg-712817312.txt
2014-05-02 11:03 - 2014-05-02 11:03 - 00000117 _____ () C:\Windows\system32\netcfg-710810203.txt
2014-05-02 10:49 - 2014-05-02 10:49 - 00000117 _____ () C:\Windows\system32\netcfg-709968859.txt
2014-05-02 10:15 - 2014-05-02 10:15 - 00000117 _____ () C:\Windows\system32\netcfg-707962140.txt
2014-05-02 08:59 - 2014-05-02 08:59 - 00000117 _____ () C:\Windows\system32\netcfg-703395140.txt
2014-05-01 18:52 - 2014-05-01 18:52 - 00000117 _____ () C:\Windows\system32\netcfg-652608031.txt
2014-05-01 09:18 - 2014-05-01 09:18 - 00000117 _____ () C:\Windows\system32\netcfg-618146234.txt
2014-04-30 20:41 - 2014-04-30 20:41 - 00000117 _____ () C:\Windows\system32\netcfg-572737109.txt
2014-04-30 20:41 - 2014-04-30 20:41 - 00000117 _____ () C:\Windows\system32\netcfg-572737000.txt
2014-04-30 18:28 - 2014-04-30 18:28 - 00000117 _____ () C:\Windows\system32\netcfg-564765046.txt
2014-04-30 10:22 - 2014-04-30 10:22 - 00000117 _____ () C:\Windows\system32\netcfg-535601015.txt
2014-04-30 07:06 - 2014-04-30 07:06 - 00000117 _____ () C:\Windows\system32\netcfg-523843968.txt
2014-04-30 06:59 - 2014-04-30 06:59 - 00000117 _____ () C:\Windows\system32\netcfg-523425234.txt
2014-04-30 01:12 - 2014-04-30 01:12 - 00000117 _____ () C:\Windows\system32\netcfg-502578062.txt
2014-04-29 19:28 - 2014-04-29 19:28 - 00000117 _____ () C:\Windows\system32\netcfg-481937156.txt
2014-04-29 18:15 - 2014-04-29 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-477560000.txt
2014-04-29 12:15 - 2014-04-29 12:15 - 00000117 _____ () C:\Windows\system32\netcfg-455956453.txt
2014-04-29 11:44 - 2014-04-29 11:44 - 00000117 _____ () C:\Windows\system32\netcfg-454129968.txt
2014-04-29 09:52 - 2014-04-29 09:52 - 00000117 _____ () C:\Windows\system32\netcfg-447386468.txt
2014-04-28 22:09 - 2014-04-28 22:09 - 00000117 _____ () C:\Windows\system32\netcfg-405239031.txt
2014-04-28 18:00 - 2014-04-28 18:00 - 00000117 _____ () C:\Windows\system32\netcfg-390272421.txt
2014-04-28 16:35 - 2014-04-28 16:35 - 00000117 _____ () C:\Windows\system32\netcfg-385205984.txt
2014-04-28 05:18 - 2014-04-28 05:18 - 00000117 _____ () C:\Windows\system32\netcfg-344542250.txt
2014-04-28 00:33 - 2014-04-28 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-327448000.txt
2014-04-28 00:13 - 2014-04-28 00:13 - 00000117 _____ () C:\Windows\system32\netcfg-326252234.txt
2014-04-27 21:19 - 2014-04-27 21:19 - 00000117 _____ () C:\Windows\system32\netcfg-315850968.txt
2014-04-27 13:26 - 2014-04-27 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-287458093.txt
2014-04-27 12:44 - 2014-04-27 12:44 - 00000117 _____ () C:\Windows\system32\netcfg-284914062.txt
2014-04-27 10:34 - 2014-04-27 10:34 - 00000117 _____ () C:\Windows\system32\netcfg-277143562.txt
2014-04-26 17:18 - 2014-04-26 17:18 - 00000117 _____ () C:\Windows\system32\netcfg-214953687.txt
2014-04-26 17:18 - 2014-04-26 17:18 - 00000117 _____ () C:\Windows\system32\netcfg-214952875.txt
2014-04-25 22:08 - 2014-04-25 22:08 - 00000117 _____ () C:\Windows\system32\netcfg-145969718.txt
2014-04-25 22:04 - 2014-04-25 22:04 - 00000117 _____ () C:\Windows\system32\netcfg-145700718.txt
2014-04-25 21:33 - 2014-04-25 21:33 - 00000117 _____ () C:\Windows\system32\netcfg-143875734.txt
2014-04-25 09:19 - 2014-04-25 09:19 - 00000117 _____ () C:\Windows\system32\netcfg-99822734.txt
2014-04-25 03:39 - 2014-05-09 16:12 - 00011369 _____ () C:\Users\Granty\Desktop\dds.txt
2014-04-25 03:39 - 2014-04-25 03:39 - 00004185 _____ () C:\Users\Granty\Desktop\attach.txt
2014-04-25 03:37 - 2014-04-25 03:37 - 00688992 ____R (Swearware) C:\Users\Granty\Downloads\dds.com
2014-04-24 23:47 - 2014-04-24 23:48 - 00000117 _____ () C:\Windows\system32\netcfg-65533796.txt
2014-04-24 20:38 - 2014-04-24 20:38 - 00000117 _____ () C:\Windows\system32\netcfg-54168046.txt
2014-04-24 19:37 - 2014-04-24 19:37 - 00000117 _____ () C:\Windows\system32\netcfg-50510750.txt
2014-04-24 18:13 - 2014-04-24 18:13 - 00000117 _____ () C:\Windows\system32\netcfg-45487781.txt
2014-04-24 17:26 - 2014-04-24 17:26 - 00000117 _____ () C:\Windows\system32\netcfg-42642765.txt
2014-04-24 09:13 - 2014-04-24 09:13 - 00000117 _____ () C:\Windows\system32\netcfg-13058281.txt
2014-04-24 02:56 - 2014-04-24 02:56 - 00001486 _____ () C:\Users\Granty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCC.lnk
2014-04-24 02:54 - 2014-04-24 02:54 - 00000000 ____D () C:\ProgramData\ATI
2014-04-24 02:54 - 2014-04-24 02:54 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-24 02:53 - 2014-04-24 02:53 - 00061173 _____ () C:\Windows\SysWOW64\CCCInstall_201404240253584475.log
2014-04-24 02:53 - 2014-04-24 02:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-24 02:53 - 2014-04-24 02:53 - 00000000 ____D () C:\Program Files\AMD
2014-04-24 02:52 - 2014-04-24 02:53 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-24 02:52 - 2014-04-24 02:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-24 02:52 - 2014-04-24 02:52 - 00000000 ____D () C:\Program Files\ATI
2014-04-24 02:52 - 2014-04-24 02:52 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-24 02:36 - 2014-04-24 02:36 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-794733395-3515025250-750547952-500
2014-04-24 02:36 - 2014-04-24 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-24 02:31 - 2014-04-24 02:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Highresolution Enterprises
2014-04-24 01:56 - 2014-04-24 01:57 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Granty\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-04-24 01:37 - 2014-05-21 00:01 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\Raptr
2014-04-24 01:37 - 2014-04-24 01:37 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-04-24 01:37 - 2014-04-24 01:37 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\library_dir
2014-04-24 01:27 - 2014-04-24 06:12 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-24 01:27 - 2014-04-24 01:27 - 01007930 _____ () C:\Users\Granty\Downloads\amddriverdownload_installer.exe
2014-04-24 01:25 - 2014-04-24 01:25 - 00000117 _____ () C:\Windows\system32\netcfg-421328.txt
2014-04-24 01:19 - 2014-04-24 01:19 - 00000117 _____ () C:\Windows\system32\netcfg-49875.txt
2014-04-24 00:33 - 2014-04-24 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-14894812.txt
2014-04-24 00:33 - 2014-04-24 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-14894640.txt
2014-04-23 20:25 - 2014-04-23 20:25 - 00984472 _____ () C:\Windows\Minidump\042314-12843-01.dmp
2014-04-23 16:57 - 2014-04-23 16:57 - 00000117 _____ () C:\Windows\system32\netcfg-106999203.txt
2014-04-23 10:00 - 2014-04-23 10:00 - 00000117 _____ () C:\Windows\system32\netcfg-81983375.txt
2014-04-22 15:28 - 2014-04-22 15:28 - 00000117 _____ () C:\Windows\system32\netcfg-15308703.txt
2014-04-22 15:28 - 2014-04-22 15:28 - 00000117 _____ () C:\Windows\system32\netcfg-15308531.txt
2014-04-22 04:40 - 2014-04-22 04:40 - 00067394 _____ () C:\Users\Granty\Downloads\detail.htm
 
==================== One Month Modified Files and Folders =======
 
2014-05-21 00:14 - 2014-05-21 00:14 - 00000000 ____D () C:\FRST
2014-05-21 00:14 - 2014-05-21 00:10 - 00000000 ____D () C:\Users\Granty\Desktop\Farbar
2014-05-21 00:05 - 2012-12-17 18:28 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-794733395-3515025250-750547952-1001
2014-05-21 00:02 - 2013-01-02 15:06 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-21 00:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-21 00:01 - 2014-04-24 01:37 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\Raptr
2014-05-21 00:01 - 2012-12-17 18:08 - 01379885 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 00:00 - 2013-01-02 15:06 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-20 23:47 - 2014-01-19 22:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-20 23:23 - 2014-05-20 23:23 - 00000117 _____ () C:\Windows\system32\netcfg-17472750.txt
2014-05-20 23:23 - 2014-05-20 23:23 - 00000117 _____ () C:\Windows\system32\netcfg-17472656.txt
2014-05-20 18:32 - 2012-12-17 18:03 - 00069422 _____ () C:\Windows\PFRO.log
2014-05-20 18:32 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-20 18:31 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-20 18:30 - 2014-05-20 18:24 - 00000000 ____D () C:\AdwCleaner
2014-05-20 18:24 - 2014-05-20 18:24 - 01326389 _____ () C:\Users\Granty\Downloads\adwcleaner_3.210.exe
2014-05-20 15:07 - 2013-09-30 00:41 - 00003610 _____ () C:\Windows\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-794733395-3515025250-750547952-1001
2014-05-20 14:15 - 2014-05-20 14:15 - 00000117 _____ () C:\Windows\system32\netcfg-249650062.txt
2014-05-20 06:03 - 2014-05-20 06:03 - 00000117 _____ () C:\Windows\system32\netcfg-220103609.txt
2014-05-19 23:00 - 2014-05-19 23:00 - 00000117 _____ () C:\Windows\system32\netcfg-194727125.txt
2014-05-19 22:18 - 2014-05-19 22:18 - 00000117 _____ () C:\Windows\system32\netcfg-192219812.txt
2014-05-19 13:46 - 2014-05-19 13:46 - 00000117 _____ () C:\Windows\system32\netcfg-161475984.txt
2014-05-19 07:11 - 2014-05-19 07:11 - 00000117 _____ () C:\Windows\system32\netcfg-137796015.txt
2014-05-19 06:38 - 2014-05-19 06:38 - 00000117 _____ () C:\Windows\system32\netcfg-135818828.txt
2014-05-19 05:54 - 2014-05-19 05:54 - 00000117 _____ () C:\Windows\system32\netcfg-133169968.txt
2014-05-19 05:24 - 2014-05-19 05:24 - 00000117 _____ () C:\Windows\system32\netcfg-131342812.txt
2014-05-19 05:12 - 2014-05-19 05:12 - 00000117 _____ () C:\Windows\system32\netcfg-130675953.txt
2014-05-19 04:42 - 2014-05-19 04:42 - 00000117 _____ () C:\Windows\system32\netcfg-128848812.txt
2014-05-19 04:41 - 2014-05-19 04:41 - 00000117 _____ () C:\Windows\system32\netcfg-128808750.txt
2014-05-19 04:00 - 2014-05-19 04:00 - 00000117 _____ () C:\Windows\system32\netcfg-126321812.txt
2014-05-19 03:39 - 2014-05-19 03:39 - 00000117 _____ () C:\Windows\system32\netcfg-125066500.txt
2014-05-19 01:16 - 2014-05-19 01:16 - 00000117 _____ () C:\Windows\system32\netcfg-116489812.txt
2014-05-18 15:42 - 2014-05-18 15:42 - 00000117 _____ () C:\Windows\system32\netcfg-82067093.txt
2014-05-18 13:39 - 2014-05-18 13:39 - 00000117 _____ () C:\Windows\system32\netcfg-74698250.txt
2014-05-18 13:39 - 2014-05-18 13:39 - 00000117 _____ () C:\Windows\system32\netcfg-74698171.txt
2014-05-17 20:58 - 2014-04-15 04:35 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\XBMC
2014-05-17 16:58 - 2013-08-19 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-05-17 14:51 - 2014-05-17 14:51 - 00000117 _____ () C:\Windows\system32\netcfg-2020490062.txt
2014-05-17 10:23 - 2014-05-17 10:23 - 00000117 _____ () C:\Windows\system32\netcfg-2004448984.txt
2014-05-17 09:53 - 2014-05-17 09:53 - 00000117 _____ () C:\Windows\system32\netcfg-2002623000.txt
2014-05-17 06:59 - 2014-05-17 06:59 - 00000117 _____ () C:\Windows\system32\netcfg-1992158062.txt
2014-05-16 19:49 - 2014-05-16 19:49 - 00000117 _____ () C:\Windows\system32\netcfg-1951990062.txt
2014-05-16 16:18 - 2014-05-16 16:18 - 00000117 _____ () C:\Windows\system32\netcfg-1939293781.txt
2014-05-16 15:29 - 2014-05-16 15:29 - 00000117 _____ () C:\Windows\system32\netcfg-1936365359.txt
2014-05-16 10:03 - 2014-05-16 10:03 - 00000117 _____ () C:\Windows\system32\netcfg-1916839437.txt
2014-05-15 23:15 - 2014-05-15 23:15 - 00000117 _____ () C:\Windows\system32\netcfg-1877963093.txt
2014-05-15 17:41 - 2014-05-15 17:41 - 00000117 _____ () C:\Windows\system32\netcfg-1857917281.txt
2014-05-15 10:46 - 2014-05-15 10:46 - 00000117 _____ () C:\Windows\system32\netcfg-1832998625.txt
2014-05-15 10:46 - 2014-05-15 10:46 - 00000117 _____ () C:\Windows\system32\netcfg-1832998140.txt
2014-05-15 05:50 - 2014-05-15 05:50 - 00000117 _____ () C:\Windows\system32\netcfg-1815218125.txt
2014-05-15 01:38 - 2014-05-15 01:38 - 00000117 _____ () C:\Windows\system32\netcfg-1800133343.txt
2014-05-14 14:11 - 2014-05-14 14:11 - 00000117 _____ () C:\Windows\system32\netcfg-1758884093.txt
2014-05-14 14:02 - 2014-05-14 14:02 - 00000117 _____ () C:\Windows\system32\netcfg-1758379359.txt
2014-05-14 11:43 - 2012-12-17 19:15 - 00000000 ____D () C:\Users\Granty\Downloads\Data
2014-05-14 11:01 - 2014-05-14 11:01 - 00000117 _____ () C:\Windows\system32\netcfg-1747523218.txt
2014-05-14 09:22 - 2014-05-14 09:22 - 00000117 _____ () C:\Windows\system32\netcfg-1741550312.txt
2014-05-14 07:55 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-14 07:54 - 2014-05-14 07:54 - 00000117 _____ () C:\Windows\system32\netcfg-1736273203.txt
2014-05-14 02:16 - 2014-05-14 02:16 - 00000117 _____ () C:\Windows\system32\netcfg-1715982406.txt
2014-05-14 00:05 - 2014-05-14 00:05 - 00000117 _____ () C:\Windows\system32\netcfg-1708125140.txt
2014-05-13 19:03 - 2014-05-13 19:03 - 00000117 _____ () C:\Windows\system32\netcfg-1690008562.txt
2014-05-13 10:29 - 2014-05-13 10:29 - 00000117 _____ () C:\Windows\system32\netcfg-1659201078.txt
2014-05-13 08:20 - 2014-05-13 08:20 - 00000117 _____ () C:\Windows\system32\netcfg-1651456281.txt
2014-05-13 07:23 - 2014-05-13 07:23 - 00000117 _____ () C:\Windows\system32\netcfg-1648009078.txt
2014-05-13 05:30 - 2014-05-13 05:30 - 00000117 _____ () C:\Windows\system32\netcfg-1641245281.txt
2014-05-13 05:00 - 2014-05-13 05:00 - 00000117 _____ () C:\Windows\system32\netcfg-1639418109.txt
2014-05-13 04:11 - 2014-05-13 04:11 - 00000117 _____ () C:\Windows\system32\netcfg-1636488156.txt
2014-05-13 03:40 - 2014-05-13 03:40 - 00000117 _____ () C:\Windows\system32\netcfg-1634661171.txt
2014-05-13 03:08 - 2014-05-13 03:08 - 00000117 _____ () C:\Windows\system32\netcfg-1632701656.txt
2014-05-13 02:26 - 2014-05-13 02:26 - 00000117 _____ () C:\Windows\system32\netcfg-1630223500.txt
2014-05-13 02:08 - 2014-05-13 02:08 - 00000117 _____ () C:\Windows\system32\netcfg-1629152968.txt
2014-05-11 10:39 - 2014-05-11 10:39 - 00000117 _____ () C:\Windows\system32\netcfg-1486965328.txt
2014-05-11 10:39 - 2014-05-11 10:39 - 00000117 _____ () C:\Windows\system32\netcfg-1486965234.txt
2014-05-10 10:58 - 2014-05-10 10:58 - 00000117 _____ () C:\Windows\system32\netcfg-1401734125.txt
2014-05-10 10:58 - 2014-05-10 10:58 - 00000117 _____ () C:\Windows\system32\netcfg-1401734000.txt
2014-05-09 22:56 - 2014-05-09 22:56 - 00000117 _____ () C:\Windows\system32\netcfg-1358391140.txt
2014-05-09 19:53 - 2014-05-09 19:53 - 00000117 _____ () C:\Windows\system32\netcfg-1347399093.txt
2014-05-09 19:20 - 2014-05-09 19:20 - 00000117 _____ () C:\Windows\system32\netcfg-1345460031.txt
2014-05-09 19:20 - 2014-05-09 17:47 - 00000117 _____ () C:\Windows\system32\netcfg-1339877421.txt
2014-05-09 16:12 - 2014-04-25 03:39 - 00011369 _____ () C:\Users\Granty\Desktop\dds.txt
2014-05-09 13:57 - 2013-01-02 15:06 - 00003880 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 13:57 - 2013-01-02 15:06 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 13:23 - 2014-05-09 13:23 - 00000117 _____ () C:\Windows\system32\netcfg-1324010140.txt
2014-05-08 21:21 - 2014-05-08 21:21 - 00000117 _____ () C:\Windows\system32\netcfg-1266291234.txt
2014-05-08 19:25 - 2014-05-08 19:24 - 00000117 _____ () C:\Windows\system32\netcfg-1259312953.txt
2014-05-08 19:24 - 2014-05-08 19:24 - 00000117 _____ () C:\Windows\system32\netcfg-1259312187.txt
2014-05-08 16:57 - 2014-05-08 16:57 - 00000117 _____ () C:\Windows\system32\netcfg-1250439109.txt
2014-05-08 14:22 - 2014-05-08 14:22 - 00000117 _____ () C:\Windows\system32\netcfg-1241190546.txt
2014-05-08 13:19 - 2014-05-08 13:19 - 00000117 _____ () C:\Windows\system32\netcfg-1237353187.txt
2014-05-08 12:45 - 2014-05-08 12:45 - 00000117 _____ () C:\Windows\system32\netcfg-1235325312.txt
2014-05-08 12:14 - 2014-05-08 12:14 - 00000117 _____ () C:\Windows\system32\netcfg-1233498187.txt
2014-05-08 09:49 - 2014-05-08 09:49 - 00000117 _____ () C:\Windows\system32\netcfg-1224812250.txt
2014-05-08 09:09 - 2014-05-08 09:09 - 00000117 _____ () C:\Windows\system32\netcfg-1222385078.txt
2014-05-08 02:40 - 2014-05-08 02:40 - 00000117 _____ () C:\Windows\system32\netcfg-1199043906.txt
2014-05-08 02:09 - 2014-05-08 02:09 - 00000117 _____ () C:\Windows\system32\netcfg-1197217093.txt
2014-05-08 01:45 - 2014-05-08 01:45 - 00000117 _____ () C:\Windows\system32\netcfg-1195760031.txt
2014-05-07 23:54 - 2013-03-15 02:31 - 00000000 ____D () C:\Users\Granty\AppData\Local\Adobe
2014-05-07 23:54 - 2012-12-17 18:09 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\Adobe
2014-05-07 21:49 - 2014-05-07 21:49 - 00000117 _____ () C:\Windows\system32\netcfg-1181573109.txt
2014-05-07 13:07 - 2014-05-07 13:07 - 00000117 _____ () C:\Windows\system32\netcfg-1150289687.txt
2014-05-07 11:11 - 2012-12-17 18:27 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\uTorrent
2014-05-07 11:10 - 2014-05-07 11:10 - 00000848 _____ () C:\Users\Granty\Desktop\µTorrent.lnk
2014-05-07 11:10 - 2014-05-07 11:10 - 00000828 _____ () C:\Users\Granty\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-07 10:41 - 2014-05-07 10:41 - 00000117 _____ () C:\Windows\system32\netcfg-1141533093.txt
2014-05-07 10:29 - 2014-05-07 10:29 - 00000117 _____ () C:\Windows\system32\netcfg-1140812250.txt
2014-05-07 09:27 - 2014-05-07 09:27 - 00000117 _____ () C:\Windows\system32\netcfg-1137095125.txt
2014-05-07 03:03 - 2014-05-07 03:03 - 00000117 _____ () C:\Windows\system32\netcfg-1114016046.txt
2014-05-07 02:15 - 2014-05-07 02:15 - 00000117 _____ () C:\Windows\system32\netcfg-1111139140.txt
2014-05-06 15:47 - 2014-05-06 15:47 - 00000117 _____ () C:\Windows\system32\netcfg-1073493156.txt
2014-05-06 12:07 - 2014-05-06 12:07 - 00000117 _____ () C:\Windows\system32\netcfg-1060296109.txt
2014-05-06 07:58 - 2014-05-06 07:58 - 00000117 _____ () C:\Windows\system32\netcfg-1045309218.txt
2014-05-06 04:18 - 2014-05-06 04:18 - 00000000 ____D () C:\Users\Granty\AppData\Local\DDMSettings
2014-05-04 23:12 - 2013-01-31 02:31 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\vlc
2014-05-04 21:00 - 2013-03-19 23:02 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\dvdcss
2014-05-04 16:32 - 2014-05-04 16:32 - 00000117 _____ () C:\Windows\system32\netcfg-903352171.txt
2014-05-04 10:37 - 2014-05-04 10:37 - 00000117 _____ () C:\Windows\system32\netcfg-882086375.txt
2014-05-03 23:31 - 2014-05-03 23:31 - 00000117 _____ () C:\Windows\system32\netcfg-842099156.txt
2014-05-03 22:55 - 2013-02-28 17:51 - 00358552 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2014-05-03 22:55 - 2013-02-28 17:51 - 00288344 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportHades64.sys
2014-05-03 20:23 - 2014-05-03 20:23 - 00000117 _____ () C:\Windows\system32\netcfg-830849984.txt
2014-05-03 15:39 - 2014-05-03 15:39 - 00000117 _____ () C:\Windows\system32\netcfg-813783171.txt
2014-05-03 06:42 - 2014-05-03 06:42 - 00000117 _____ () C:\Windows\system32\netcfg-781552671.txt
2014-05-03 01:04 - 2014-05-03 01:04 - 00000117 _____ () C:\Windows\system32\netcfg-761275140.txt
2014-05-03 00:51 - 2014-05-03 00:51 - 00000117 _____ () C:\Windows\system32\netcfg-760520312.txt
2014-05-02 22:38 - 2014-05-02 22:38 - 00000117 _____ () C:\Windows\system32\netcfg-752513171.txt
2014-05-02 22:37 - 2014-05-02 22:37 - 00000117 _____ () C:\Windows\system32\netcfg-752491546.txt
2014-05-02 20:51 - 2014-05-02 20:51 - 00000117 _____ () C:\Windows\system32\netcfg-746104187.txt
2014-05-02 11:36 - 2014-05-02 11:36 - 00000117 _____ () C:\Windows\system32\netcfg-712817312.txt
2014-05-02 11:03 - 2014-05-02 11:03 - 00000117 _____ () C:\Windows\system32\netcfg-710810203.txt
2014-05-02 10:49 - 2014-05-02 10:49 - 00000117 _____ () C:\Windows\system32\netcfg-709968859.txt
2014-05-02 10:15 - 2014-05-02 10:15 - 00000117 _____ () C:\Windows\system32\netcfg-707962140.txt
2014-05-02 08:59 - 2014-05-02 08:59 - 00000117 _____ () C:\Windows\system32\netcfg-703395140.txt
2014-05-01 18:52 - 2014-05-01 18:52 - 00000117 _____ () C:\Windows\system32\netcfg-652608031.txt
2014-05-01 09:18 - 2014-05-01 09:18 - 00000117 _____ () C:\Windows\system32\netcfg-618146234.txt
2014-04-30 20:41 - 2014-04-30 20:41 - 00000117 _____ () C:\Windows\system32\netcfg-572737109.txt
2014-04-30 20:41 - 2014-04-30 20:41 - 00000117 _____ () C:\Windows\system32\netcfg-572737000.txt
2014-04-30 18:28 - 2014-04-30 18:28 - 00000117 _____ () C:\Windows\system32\netcfg-564765046.txt
2014-04-30 10:22 - 2014-04-30 10:22 - 00000117 _____ () C:\Windows\system32\netcfg-535601015.txt
2014-04-30 07:06 - 2014-04-30 07:06 - 00000117 _____ () C:\Windows\system32\netcfg-523843968.txt
2014-04-30 06:59 - 2014-04-30 06:59 - 00000117 _____ () C:\Windows\system32\netcfg-523425234.txt
2014-04-30 01:12 - 2014-04-30 01:12 - 00000117 _____ () C:\Windows\system32\netcfg-502578062.txt
2014-04-29 19:28 - 2014-04-29 19:28 - 00000117 _____ () C:\Windows\system32\netcfg-481937156.txt
2014-04-29 18:15 - 2014-04-29 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-477560000.txt
2014-04-29 12:15 - 2014-04-29 12:15 - 00000117 _____ () C:\Windows\system32\netcfg-455956453.txt
2014-04-29 11:44 - 2014-04-29 11:44 - 00000117 _____ () C:\Windows\system32\netcfg-454129968.txt
2014-04-29 09:52 - 2014-04-29 09:52 - 00000117 _____ () C:\Windows\system32\netcfg-447386468.txt
2014-04-28 22:09 - 2014-04-28 22:09 - 00000117 _____ () C:\Windows\system32\netcfg-405239031.txt
2014-04-28 18:00 - 2014-04-28 18:00 - 00000117 _____ () C:\Windows\system32\netcfg-390272421.txt
2014-04-28 16:35 - 2014-04-28 16:35 - 00000117 _____ () C:\Windows\system32\netcfg-385205984.txt
2014-04-28 05:18 - 2014-04-28 05:18 - 00000117 _____ () C:\Windows\system32\netcfg-344542250.txt
2014-04-28 00:33 - 2014-04-28 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-327448000.txt
2014-04-28 00:13 - 2014-04-28 00:13 - 00000117 _____ () C:\Windows\system32\netcfg-326252234.txt
2014-04-27 21:19 - 2014-04-27 21:19 - 00000117 _____ () C:\Windows\system32\netcfg-315850968.txt
2014-04-27 13:26 - 2014-04-27 13:26 - 00000117 _____ () C:\Windows\system32\netcfg-287458093.txt
2014-04-27 12:44 - 2014-04-27 12:44 - 00000117 _____ () C:\Windows\system32\netcfg-284914062.txt
2014-04-27 10:34 - 2014-04-27 10:34 - 00000117 _____ () C:\Windows\system32\netcfg-277143562.txt
2014-04-26 17:18 - 2014-04-26 17:18 - 00000117 _____ () C:\Windows\system32\netcfg-214953687.txt
2014-04-26 17:18 - 2014-04-26 17:18 - 00000117 _____ () C:\Windows\system32\netcfg-214952875.txt
2014-04-25 22:08 - 2014-04-25 22:08 - 00000117 _____ () C:\Windows\system32\netcfg-145969718.txt
2014-04-25 22:04 - 2014-04-25 22:04 - 00000117 _____ () C:\Windows\system32\netcfg-145700718.txt
2014-04-25 21:33 - 2014-04-25 21:33 - 00000117 _____ () C:\Windows\system32\netcfg-143875734.txt
2014-04-25 09:19 - 2014-04-25 09:19 - 00000117 _____ () C:\Windows\system32\netcfg-99822734.txt
2014-04-25 03:39 - 2014-04-25 03:39 - 00004185 _____ () C:\Users\Granty\Desktop\attach.txt
2014-04-25 03:37 - 2014-04-25 03:37 - 00688992 ____R (Swearware) C:\Users\Granty\Downloads\dds.com
2014-04-24 23:48 - 2014-04-24 23:47 - 00000117 _____ () C:\Windows\system32\netcfg-65533796.txt
2014-04-24 20:38 - 2014-04-24 20:38 - 00000117 _____ () C:\Windows\system32\netcfg-54168046.txt
2014-04-24 19:37 - 2014-04-24 19:37 - 00000117 _____ () C:\Windows\system32\netcfg-50510750.txt
2014-04-24 18:13 - 2014-04-24 18:13 - 00000117 _____ () C:\Windows\system32\netcfg-45487781.txt
2014-04-24 17:26 - 2014-04-24 17:26 - 00000117 _____ () C:\Windows\system32\netcfg-42642765.txt
2014-04-24 09:13 - 2014-04-24 09:13 - 00000117 _____ () C:\Windows\system32\netcfg-13058281.txt
2014-04-24 06:12 - 2014-04-24 01:27 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-24 02:56 - 2014-04-24 02:56 - 00001486 _____ () C:\Users\Granty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCC.lnk
2014-04-24 02:54 - 2014-04-24 02:54 - 00000000 ____D () C:\ProgramData\ATI
2014-04-24 02:54 - 2014-04-24 02:54 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-04-24 02:54 - 2013-03-15 02:51 - 00000000 ____D () C:\ProgramData\AMD
2014-04-24 02:53 - 2014-04-24 02:53 - 00061173 _____ () C:\Windows\SysWOW64\CCCInstall_201404240253584475.log
2014-04-24 02:53 - 2014-04-24 02:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-24 02:53 - 2014-04-24 02:53 - 00000000 ____D () C:\Program Files\AMD
2014-04-24 02:53 - 2014-04-24 02:52 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-24 02:53 - 2013-06-21 13:18 - 00000000 ____D () C:\Windows\LastGood
2014-04-24 02:53 - 2012-07-26 08:21 - 00048039 _____ () C:\Windows\setupact.log
2014-04-24 02:52 - 2014-04-24 02:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-24 02:52 - 2014-04-24 02:52 - 00000000 ____D () C:\Program Files\ATI
2014-04-24 02:52 - 2014-04-24 02:52 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-24 02:36 - 2014-04-24 02:36 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-794733395-3515025250-750547952-500
2014-04-24 02:36 - 2014-04-24 02:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-24 02:36 - 2014-01-24 04:22 - 00002251 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk
2014-04-24 02:35 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-24 02:31 - 2014-04-24 02:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Highresolution Enterprises
2014-04-24 01:57 - 2014-04-24 01:56 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Granty\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-04-24 01:38 - 2014-04-12 00:45 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\DivX
2014-04-24 01:37 - 2014-04-24 01:37 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-04-24 01:37 - 2014-04-24 01:37 - 00000000 ____D () C:\Users\Granty\AppData\Roaming\library_dir
2014-04-24 01:27 - 2014-04-24 01:27 - 01007930 _____ () C:\Users\Granty\Downloads\amddriverdownload_installer.exe
2014-04-24 01:25 - 2014-04-24 01:25 - 00000117 _____ () C:\Windows\system32\netcfg-421328.txt
2014-04-24 01:19 - 2014-04-24 01:19 - 00000117 _____ () C:\Windows\system32\netcfg-49875.txt
2014-04-24 00:33 - 2014-04-24 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-14894812.txt
2014-04-24 00:33 - 2014-04-24 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-14894640.txt
2014-04-23 20:25 - 2014-04-23 20:25 - 00984472 _____ () C:\Windows\Minidump\042314-12843-01.dmp
2014-04-23 20:25 - 2013-10-17 03:46 - 439907355 _____ () C:\Windows\MEMORY.DMP
2014-04-23 20:25 - 2013-10-17 03:46 - 00000000 ____D () C:\Windows\Minidump
2014-04-23 16:57 - 2014-04-23 16:57 - 00000117 _____ () C:\Windows\system32\netcfg-106999203.txt
2014-04-23 10:00 - 2014-04-23 10:00 - 00000117 _____ () C:\Windows\system32\netcfg-81983375.txt
2014-04-22 15:28 - 2014-04-22 15:28 - 00000117 _____ () C:\Windows\system32\netcfg-15308703.txt
2014-04-22 15:28 - 2014-04-22 15:28 - 00000117 _____ () C:\Windows\system32\netcfg-15308531.txt
2014-04-22 11:18 - 2012-07-26 08:28 - 00850046 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 11:14 - 2012-07-26 08:19 - 00293552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-22 04:40 - 2014-04-22 04:40 - 00067394 _____ () C:\Users\Granty\Downloads\detail.htm
 
Files to move or delete:
====================
C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe
 
 
Some content of TEMP:
====================
C:\Users\Granty\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Granty\AppData\Local\Temp\Quarantine.exe
C:\Users\Granty\AppData\Local\Temp\raptrpatch.exe
C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-18 04:43
 
==================== End Of Log ============================


#11 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 20 May 2014 - 06:36 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Granty at 2014-05-21 00:15:39
Running from C:\Users\Granty\Desktop\Farbar
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Betfred Poker (HKCU\...\Betfred Poker) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.2 - DivX,Inc.)
FLAC To MP3 V4.0.4 (HKLM-x32\...\FLAC To MP3_is1) (Version:  - FLAC To MP3, Inc.)
Football Manager 2013 version 13.3.3 (HKLM-x32\...\{04BDADD5-B981-49DB-90F0-DE11F19C50B4}_is1) (Version: 13.3.3 - SEGA)
FormatFactory 3.3.2.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.2.0 - Format Factory)
GoldWave v5.69 (HKLM-x32\...\GoldWave v5.69) (Version: 5.69 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.2.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JPEXS Free Flash Decompiler version 1.7.4 (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 1.7.4 - JPEXS)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NirSoft VideoCacheView (HKLM-x32\...\NirSoft VideoCacheView) (Version:  - )
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Rapport (x32 Version: 3.5.1307.76 - Trusteer) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
SABnzbd 0.7.16 (HKLM-x32\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Total Video2Dvd 3.30 (HKLM-x32\...\Total Video2Dvd 3.30_is1) (Version:  - EffectMatrix, Inc.)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1307.76 - Trusteer)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 Runtime (x64) (x32 Version: 1.0.1 - Highresolution Enterprises) Hidden
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
X-Mouse Button Control 2.5 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.5 - Highresolution Enterprises)
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
 
==================== Restore Points  =========================
 
02-05-2014 04:31:47 Scheduled Checkpoint
11-05-2014 03:37:02 Scheduled Checkpoint
17-05-2014 15:57:10 Installed Rapport
 
==================== Hosts content: ==========================
 
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2BCD4961-D59A-4B7A-80C9-CC67FE95D73A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19] (Adobe Systems Incorporated)
Task: {36E630A6-D9B7-47C5-BFF1-F68C8862F081} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {63877634-EDCD-4A53-AD30-20A4E08AF498} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-794733395-3515025250-750547952-1001
Task: {8646912D-B119-4798-833B-74EDFCD6DF06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AAE62DEA-2825-426E-99F2-D4B901CF6750} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\system32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-04 18:32 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-03-02 23:07 - 2014-03-09 18:59 - 00103424 _____ () C:\Program Files (x86)\SABnzbd\SABnzbd.exe
2013-02-28 17:51 - 2014-05-17 17:00 - 01404120 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2012-12-17 18:52 - 2012-12-17 18:52 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\a743b55296379d27a4e1f260d1efab91\PSIClient.ni.dll
2012-12-17 18:53 - 2012-07-25 16:13 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-14 01:04 - 2014-05-08 00:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll
2014-05-14 01:04 - 2014-05-08 00:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll
2014-05-14 01:04 - 2014-05-08 00:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll
2014-05-14 01:04 - 2014-05-08 00:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
2014-05-14 01:04 - 2014-05-08 00:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
2014-05-14 01:04 - 2014-05-08 00:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll
2014-05-14 01:04 - 2014-05-08 00:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll
2013-03-02 23:07 - 2014-03-09 18:59 - 00053248 _____ () C:\Program Files (x86)\SABnzbd\lib\_socket.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00671744 _____ () C:\Program Files (x86)\SABnzbd\lib\_ssl.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00294912 _____ () C:\Program Files (x86)\SABnzbd\lib\_hashlib.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00102400 _____ () C:\Program Files (x86)\SABnzbd\lib\win32api.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00118784 _____ () C:\Program Files (x86)\SABnzbd\lib\pywintypes25.dll
2013-03-02 23:07 - 2014-03-09 18:59 - 00013824 _____ () C:\Program Files (x86)\SABnzbd\lib\win32event.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00036864 _____ () C:\Program Files (x86)\SABnzbd\lib\win32service.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00057344 _____ () C:\Program Files (x86)\SABnzbd\lib\OpenSSL.crypto.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00007168 _____ () C:\Program Files (x86)\SABnzbd\lib\OpenSSL.rand.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00037888 _____ () C:\Program Files (x86)\SABnzbd\lib\OpenSSL.SSL.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00086016 _____ () C:\Program Files (x86)\SABnzbd\lib\_ctypes.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00049152 _____ () C:\Program Files (x86)\SABnzbd\lib\_sqlite3.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00546205 _____ () C:\Program Files (x86)\SABnzbd\lib\sqlite3.dll
2013-03-02 23:07 - 2014-03-09 18:59 - 00008192 _____ () C:\Program Files (x86)\SABnzbd\lib\select.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00009728 _____ () C:\Program Files (x86)\SABnzbd\lib\_yenc.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00012288 _____ () C:\Program Files (x86)\SABnzbd\lib\Cheetah._namemapper.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00135168 _____ () C:\Program Files (x86)\SABnzbd\lib\pyexpat.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00040960 _____ () C:\Program Files (x86)\SABnzbd\lib\win32process.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00110592 _____ () C:\Program Files (x86)\SABnzbd\lib\win32file.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00014848 _____ () C:\Program Files (x86)\SABnzbd\lib\win32evtlog.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00024576 _____ () C:\Program Files (x86)\SABnzbd\lib\servicemanager.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00019968 _____ () C:\Program Files (x86)\SABnzbd\lib\win32pipe.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00155648 _____ () C:\Program Files (x86)\SABnzbd\lib\win32gui.pyd
2013-03-02 23:07 - 2014-03-09 18:59 - 00176128 _____ () C:\Program Files (x86)\SABnzbd\lib\winxpgui.pyd
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/07/2014 10:03:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 11.0.2.0, time stamp: 0x511eacd6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00dfda53
Faulting process id: 0x608
Faulting application start time: 0xAcroRd32.exe0
Faulting application path: AcroRd32.exe1
Faulting module path: AcroRd32.exe2
Report Id: AcroRd32.exe3
Faulting package full name: AcroRd32.exe4
Faulting package-relative application ID: AcroRd32.exe5
 
Error: (05/04/2014 09:19:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 11.0.2.0, time stamp: 0x511eacd6
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1a84
Faulting application start time: 0xAcroRd32.exe0
Faulting application path: AcroRd32.exe1
Faulting module path: AcroRd32.exe2
Report Id: AcroRd32.exe3
Faulting package full name: AcroRd32.exe4
Faulting package-relative application ID: AcroRd32.exe5
 
Error: (05/04/2014 09:19:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 11.0.2.0, time stamp: 0x511eacd6
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1a4c
Faulting application start time: 0xAcroRd32.exe0
Faulting application path: AcroRd32.exe1
Faulting module path: AcroRd32.exe2
Report Id: AcroRd32.exe3
Faulting package full name: AcroRd32.exe4
Faulting package-relative application ID: AcroRd32.exe5
 
Error: (04/28/2014 00:40:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 34.0.1847.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1564
 
Start Time: 01cf625bf2ea3a7d
 
Termination Time: 42
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 4d199c6a-ce65-11e3-beb5-d02788a1fc94
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (04/27/2014 10:08:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Home)
Description: App Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic did not launch within its allotted time.
 
Error: (04/26/2014 10:52:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Home)
Description: App Microsoft.BingSports_8wekyb3d8bbwe!AppexSports did not launch within its allotted time.
 
Error: (04/26/2014 10:52:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Home)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (04/26/2014 10:52:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Home)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (04/26/2014 10:52:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.2.9200.16384, time stamp: 0x50107c6e
Faulting module name: ntdll.dll, version: 6.2.9200.16384, time stamp: 0x5010acd2
Exception code: 0x060c201e
Fault offset: 0x00000000000b79d0
Faulting process id: 0xfd4
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5
 
Error: (04/25/2014 07:41:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 34.0.1847.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1580
 
Start Time: 01cf602b265883fa
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: acf46ea4-cc44-11e3-beb5-d02788a1fc94
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (04/26/2014 10:52:47 AM) (Source: DCOM) (EventID: 10010) (User: Home)
Description: AppexSports.wwa
 
Error: (04/24/2014 02:31:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 02:27:52 on ‎24/‎04/‎2014 was unexpected.
 
Error: (04/24/2014 01:19:13 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:03:04 on ‎24/‎04/‎2014 was unexpected.
 
Error: (04/24/2014 01:18:44 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212265134575926877700432
 
Error: (04/23/2014 08:25:25 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa800a827010, 0xfffff88004a966ec, 0xffffffffc0000001, 0x0000000000000003)C:\Windows\MEMORY.DMP042314-12843-01
 
Error: (04/23/2014 08:25:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:15:02 on ‎23/‎04/‎2014 was unexpected.
 
Error: (04/23/2014 08:15:12 PM) (Source: XMouseButton Launcher) (EventID: 6) (User: )
Description: Process token open Error: 6 (The handle is invalid. )
 
Error: (04/23/2014 06:22:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:55:34 on ‎23/‎04/‎2014 was unexpected.
 
Error: (04/22/2014 11:14:22 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:01:36 on ‎22/‎04/‎2014 was unexpected.
 
Error: (04/21/2014 10:34:26 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
 
 
Microsoft Office Sessions:
=========================
Error: (05/07/2014 10:03:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcroRd32.exe11.0.2.0511eacd6unknown0.0.0.000000000c000000500dfda5360801cf6a368a3801f5C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exeunknown0b171886-d62b-11e3-beb5-d02788a1fc94
 
Error: (05/04/2014 09:19:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcroRd32.exe11.0.2.0511eacd6MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1a8401cf677189d88626C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exeC:\Windows\SYSTEM32\MSVCR100.dllc8c14f76-d364-11e3-beb5-d02788a1fc94
 
Error: (05/04/2014 09:19:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcroRd32.exe11.0.2.0511eacd6MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1a4c01cf6771809bae5bC:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exeC:\Windows\SYSTEM32\MSVCR100.dllc1b59e08-d364-11e3-beb5-d02788a1fc94
 
Error: (04/28/2014 00:40:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe34.0.1847.116156401cf625bf2ea3a7d42C:\Program Files (x86)\Google\Chrome\Application\chrome.exe4d199c6a-ce65-11e3-beb5-d02788a1fc94
 
Error: (04/27/2014 10:08:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Home)
Description: Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic
 
Error: (04/26/2014 10:52:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Home)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports
 
Error: (04/26/2014 10:52:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Home)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2147009284
 
Error: (04/26/2014 10:52:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Home)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927141
 
Error: (04/26/2014 10:52:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.2.9200.1638450107c6entdll.dll6.2.9200.163845010acd2060c201e00000000000b79d0fd401cf6135451c89bcC:\Windows\system32\wwahost.exeC:\Windows\SYSTEM32\ntdll.dll842292b2-cd28-11e3-beb5-d02788a1fc94Microsoft.BingSports_2.0.0.273_x64__8wekyb3d8bbweAppexSports
 
Error: (04/25/2014 07:41:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe34.0.1847.116158001cf602b265883fa4294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exeacf46ea4-cc44-11e3-beb5-d02788a1fc94
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-04-26 10:52:45.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.BingSports_2.0.0.273_x64__8wekyb3d8bbwe\AppEx.Common.RichBrowse.winmd with signing level Authenticode while the system requires signing level 6 or better to load.
 
  Date: 2013-12-28 14:38:00.925
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\WWAHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\Microsoft.winmd with signing level Authenticode while the system requires signing level 6 or better to load.
 
  Date: 2013-12-25 16:57:21.562
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.BingNews_2.0.0.273_x64__8wekyb3d8bbwe\Platform.winmd with signing level Authenticode while the system requires signing level 6 or better to load.
 
  Date: 2013-12-25 15:16:11.722
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.BingFinance_2.0.0.275_x64__8wekyb3d8bbwe\Platform.winmd with signing level Authenticode while the system requires signing level 6 or better to load.
 
  Date: 2013-12-25 14:31:20.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.274_x64__8wekyb3d8bbwe\Platform.winmd with signing level Authenticode while the system requires signing level 6 or better to load.
 
  Date: 2013-12-25 14:21:19.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe with signing level Authenticode while the system requires signing level 6 or better to load.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 33%
Total physical RAM: 6125.91 MB
Available physical RAM: 4091.03 MB
Total Pagefile: 12269.91 MB
Available Pagefile: 9508.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1396.92 GB) (Free:1002.49 GB) NTFS
Drive j: (FM2013) (CDROM) (Total:5.91 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 3C75F567)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-699090862080) - (Type=07 NTFS)
 
==================== End Of Log ============================


#12 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 20 May 2014 - 06:39 PM

I have posted the 3 logs as requested, sorry again for the delay, let me know what you need me to do next,

thanks



#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:10 AM

Posted 21 May 2014 - 07:26 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3319738&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP84ACEE92-9E3C-468A-BC54-04DD85700D17&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Speed Dial) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-01-02]
CHR Extension: (Video Downloader professional) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2013-11-24]
CHR Extension: (Poppit) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-01-02]
CHR Extension: (Ghostery) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-01-02]
CHR Extension: (Hover Zoom) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-01-02]
U3 ahbcgn6n; C:\Windows\System32\Drivers\ahbcgn6n.sys [0 ] (Intel Corporation)
C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe
C:\Users\Granty\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Granty\AppData\Local\Temp\raptrpatch.exe
C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

#14 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 22 May 2014 - 06:25 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by Granty at 2014-05-23 00:23:04 Run:1
Running from C:\Users\Granty\Desktop\Farbar
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Speed Dial) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-01-02]
CHR Extension: (Video Downloader professional) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2013-11-24]
CHR Extension: (Poppit) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-01-02]
CHR Extension: (Ghostery) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-01-02]
CHR Extension: (Hover Zoom) - C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-01-02]
U3 ahbcgn6n; C:\Windows\System32\Drivers\ahbcgn6n.sys [0 ] (Intel Corporation)
C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe
C:\Users\Granty\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Granty\AppData\Local\Temp\raptrpatch.exe
C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe
 
End
*****************
 
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => Value deleted successfully.
C:\Users\Granty\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll not found.
C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll not found.
C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi => Moved successfully.
C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil => Moved successfully.
C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi => Moved successfully.
C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij => Moved successfully.
C:\Users\Granty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl => Moved successfully.
ahbcgn6n => Service deleted successfully.
C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe => Moved successfully.
C:\Users\Granty\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\Granty\AppData\Local\Temp\raptrpatch.exe => Moved successfully.
"C:\Users\Granty\AppData\Local\Temp\utt368B.tmp.exe" => File/Directory not found.
 
==== End of Fixlog ====


#15 Grantyy

Grantyy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 22 May 2014 - 06:42 PM

 Results of screen317's Security Check version 0.99.83  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 51  
 Java version out of Date! 
  Adobe Flash Player 11.9.900.170 Flash Player out of Date!  
 Adobe Reader XI  
 Google Chrome 34.0.1847.137  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Windows Defender MsMpEng.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users