Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Proxy Problem "No Data Received" (Google Chrome and any other web browser)


  • This topic is locked This topic is locked
21 replies to this topic

#1 Jestaio

Jestaio

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 10 August 2014 - 04:18 AM

So recently I've noticed that whenever I go on certain pages, asos.com as an example. Google Chrome always says no data received, if I refresh it a couple of times then usually it works. I ended finding out the problem was the proxy server. Whenever I disable the use of the proxy server, every website loads absolutely fine, for about 2 minutes until the proxy just resets itself. Whenever I disable it, it just re enables itself after a really short period of time. I've seen in places that this is some sort of virus but I have no clue. I use a windows 8.1 computer, so what I'm really asking is, how can I keep the proxy server disabled opposed to it just re enabling itself every 2 minutes? Thanks.


Edited by Jestaio, 10 August 2014 - 04:19 AM.


BC AdBot (Login to Remove)

 


m

#2 ElfBane

ElfBane

  • Members
  • 775 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:09 PM

Posted 10 August 2014 - 12:36 PM

You can try this tool ... http://www.bleepingcomputer.com/download/windows-repair-all-in-one/ .

It will repair the networking system, and should allow you to surf normally.

 

If the proxy server re-enables again, then you most likely have a virus. Run your AV scans. Let us know.



#3 Jestaio

Jestaio
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 10 August 2014 - 02:38 PM

After running the Farbar Recovery Scan tool as recommended my someone else, I got this. I was suggested to paste the contents of the log in this topic, and to put an attachment of the additional file, in which I will.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Ibz (administrator) on VAIO on 10-08-2014 20:16:42
Running from C:\Users\Ibz\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Scarlet.Crush Productions) C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
() C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\viuploader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2010-08-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Safer-Surf] => C:\Program Files (x86)\ver3Safer-Surf\Safer-Surf.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1752576 2013-10-26] (Evaer Technology)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [MP3 Skype Recorder] => C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-18] (Alexander Nikiforov)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-07-30] (Electronic Arts)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Ibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
BootExecute: autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:37037
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKCU - {15FB5D97-4117-4CB7-9140-0DA6904FDA2D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {3963964B-580A-99D4-7A2A-68D6E80DF8FC} ->  No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Connect DLC 5 Toolbar -> {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -> C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\user.js
FF SearchPlugin: C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\searchplugins\Astromenda.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-08-09]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{A6092A60-7F9D-344A-84E7-CAD2DEF7C565}] - C:\Program Files (x86)\ver3Safer-Surf\175.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
CHR Extension: (Google Docs) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-03]
CHR Extension: (Google Drive) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-03]
CHR Extension: (YouTube) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-03]
CHR Extension: (Google Search) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-03]
CHR Extension: (Google Wallet) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-03]
CHR Extension: (Gmail) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-03]
CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Ibz\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-10]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Ibz\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-10]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Ibz\AppData\Local\Slick Savings\coupons.crx [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\Exts\Chrome.crx [2014-08-08]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2014-02-15] (Scarlet.Crush Productions)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-06-18] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
S2 Update Deal Keeper; "C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\ENG64.SYS [126040 2014-07-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\EX64.SYS [2099288 2014-07-31] (Symantec Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2014-02-15] (Scarlet.Crush Productions)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-04-17] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1505000.013\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 VBTUSB; C:\Windows\System32\Drivers\VBTUSB.sys [14848 2011-09-19] (Sony Corporation) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-10 20:16 - 2014-08-10 20:16 - 00032077 _____ () C:\Users\Ibz\Downloads\FRST.txt
2014-08-10 16:07 - 2014-08-10 20:16 - 00000000 ____D () C:\FRST
2014-08-10 16:05 - 2014-08-10 16:05 - 02099712 _____ (Farbar) C:\Users\Ibz\Downloads\FRST64.exe
2014-08-10 16:05 - 2014-08-10 16:05 - 01108040 _____ (Zugara Investments Limited ) C:\Users\Ibz\Downloads\file.exe
2014-08-09 23:29 - 2014-08-09 23:29 - 01366203 _____ () C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
2014-08-08 23:30 - 2014-08-08 23:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-08-08 21:55 - 2014-08-08 21:55 - 00000000 ____D () C:\Users\Ibz\AppData\Local\IsolatedStorage
2014-08-08 21:52 - 2014-08-08 21:56 - 00000000 ____D () C:\Users\Ibz\AppData\Local\fastcleanpro
2014-08-08 21:52 - 2014-08-08 21:52 - 29141928 _____ (Oracle Corporation) C:\Users\Ibz\Downloads\38900-674427-java-runtime-environment-jre.exe
2014-08-08 18:49 - 2014-08-08 18:49 - 14121539 _____ () C:\Users\Ibz\Desktop\JML 1.wma
2014-08-08 18:14 - 2014-08-08 18:14 - 28161769 _____ () C:\Users\Ibz\Desktop\JML.wma
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-07 22:18 - 2014-08-07 22:19 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0 (1).exe
2014-08-07 21:50 - 2014-08-07 21:50 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0 (1).exe
2014-08-07 13:06 - 2014-08-07 22:49 - 00000024 _____ () C:\Users\Ibz\random.dat
2014-08-07 13:06 - 2014-08-07 21:51 - 00000042 _____ () C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
2014-08-07 13:06 - 2014-08-07 13:06 - 00000000 ____D () C:\Users\Ibz\jagexcache
2014-08-06 00:07 - 2014-08-06 00:08 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0.exe
2014-08-05 23:56 - 2014-08-05 23:56 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0.exe
2014-08-05 23:15 - 2014-08-08 11:30 - 00003358 _____ () C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2014-08-03 19:50 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-03 19:50 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-03 19:50 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-03 19:50 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-03 19:49 - 2014-08-03 19:50 - 00004564 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-03 19:01 - 2014-08-03 19:01 - 00000000 ____D () C:\Users\Ibz\Downloads\AnimatedGifLibrary
2014-08-03 18:45 - 2014-08-03 19:01 - 00013285 _____ () C:\Users\Ibz\Downloads\AnimatedGifLibrary.zip
2014-08-02 23:39 - 2014-08-02 23:40 - 00321976 _____ () C:\WINDOWS\Minidump\080214-69656-01.dmp
2014-08-02 13:45 - 2014-08-02 13:47 - 00007552 _____ () C:\Users\Ibz\Documents\New track 7.mp4.sfk
2014-08-02 13:45 - 2014-08-02 13:45 - 06383727 _____ () C:\Users\Ibz\Documents\New track 7.mp4
2014-08-02 00:45 - 2014-08-10 16:51 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 00:45 - 2014-08-09 23:04 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 00:45 - 2014-08-02 00:45 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:45 - 2014-08-02 00:45 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:45 - 2014-08-02 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-02 00:32 - 2014-08-02 00:44 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Deployment
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-07-30 13:29 - 2014-07-30 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft GIF Animator
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\ClipboardDebuggerMethod
2014-07-30 11:41 - 2014-07-22 15:16 - 02708736 _____ ( ) C:\Program Files (x86)\distribution-installer.exe
2014-07-30 11:41 - 2014-07-22 15:16 - 01692923 _____ ( ) C:\Program Files (x86)\UpdInstaller.exe
2014-07-30 11:40 - 2014-07-30 17:45 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-30 11:40 - 2014-07-30 11:40 - 00000000 ____D () C:\Users\Ibz\AppData\Local\globalUpdate
2014-07-30 11:39 - 2014-07-30 11:40 - 00001294 _____ () C:\Users\Ibz\AppData\Roaming\Bubble Dock.boostrap.log
2014-07-30 11:39 - 2014-07-30 11:39 - 00000097 _____ () C:\Users\Ibz\AppData\Roaming\WindApp.boostrap.log
2014-07-29 12:32 - 2014-07-29 12:32 - 02743879 _____ () C:\Users\Ibz\Desktop\1 yr.wma
2014-07-29 12:14 - 2014-07-29 12:14 - 02083849 _____ () C:\Users\Ibz\Desktop\Next Gen.wma
2014-07-29 12:05 - 2014-07-29 12:05 - 02847149 _____ () C:\Users\Ibz\Desktop\Random.wma
2014-07-24 21:39 - 2014-07-24 21:46 - 37740600 _____ () C:\Users\Ibz\Desktop\chamberr.mp2
2014-07-24 21:07 - 2014-07-24 21:07 - 04246992 _____ () C:\Users\Ibz\Desktop\Chamber1.mp2
2014-07-24 21:02 - 2014-07-24 21:02 - 03562128 _____ () C:\Users\Ibz\Desktop\Chamber.mp2
2014-07-24 20:58 - 2014-07-24 20:59 - 07988166 _____ () C:\Users\Ibz\Desktop\Sharp.mp2
2014-07-22 15:14 - 2014-07-22 15:14 - 00137376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcomp120.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-10 20:16 - 2014-08-10 20:16 - 00032077 _____ () C:\Users\Ibz\Downloads\FRST.txt
2014-08-10 20:16 - 2014-08-10 16:07 - 00000000 ____D () C:\FRST
2014-08-10 20:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-10 17:27 - 2013-11-07 21:45 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F5E8C2B9-BFBE-444F-B41B-A85B275B9110}
2014-08-10 16:51 - 2014-08-02 00:45 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 16:05 - 2014-08-10 16:05 - 02099712 _____ (Farbar) C:\Users\Ibz\Downloads\FRST64.exe
2014-08-10 16:05 - 2014-08-10 16:05 - 01108040 _____ (Zugara Investments Limited ) C:\Users\Ibz\Downloads\file.exe
2014-08-09 23:57 - 2013-07-29 16:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2619934520-938613260-3980237627-1001
2014-08-09 23:29 - 2014-08-09 23:29 - 01366203 _____ () C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
2014-08-09 23:07 - 2013-10-25 23:03 - 01493815 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-09 23:05 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-09 23:04 - 2014-08-02 00:45 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-09 23:04 - 2013-10-25 23:11 - 00000000 __RDO () C:\Users\Ibz\SkyDrive
2014-08-09 22:58 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-09 02:57 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-09 02:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-09 02:18 - 2013-09-30 04:55 - 00265816 _____ () C:\WINDOWS\PFRO.log
2014-08-09 02:16 - 2013-10-06 15:42 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Skype
2014-08-08 23:30 - 2014-08-08 23:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-08-08 23:29 - 2013-09-30 05:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-08 23:23 - 2013-07-29 17:25 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-08-08 23:23 - 2013-07-29 17:24 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-08-08 23:22 - 2013-11-16 10:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-08 23:22 - 2013-11-14 19:30 - 00002339 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-08-08 22:02 - 2013-07-30 17:58 - 00000000 ____D () C:\Users\Ibz\AppData\Local\CrashDumps
2014-08-08 21:56 - 2014-08-08 21:52 - 00000000 ____D () C:\Users\Ibz\AppData\Local\fastcleanpro
2014-08-08 21:55 - 2014-08-08 21:55 - 00000000 ____D () C:\Users\Ibz\AppData\Local\IsolatedStorage
2014-08-08 21:52 - 2014-08-08 21:52 - 29141928 _____ (Oracle Corporation) C:\Users\Ibz\Downloads\38900-674427-java-runtime-environment-jre.exe
2014-08-08 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-08 19:02 - 2013-07-30 11:43 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Audacity
2014-08-08 18:49 - 2014-08-08 18:49 - 14121539 _____ () C:\Users\Ibz\Desktop\JML 1.wma
2014-08-08 18:15 - 2013-10-26 09:58 - 06484992 ___SH () C:\Users\Ibz\Desktop\Thumbs.db
2014-08-08 18:14 - 2014-08-08 18:14 - 28161769 _____ () C:\Users\Ibz\Desktop\JML.wma
2014-08-08 11:43 - 2013-12-03 19:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-08 11:41 - 2013-08-12 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-08 11:30 - 2014-08-05 23:15 - 00003358 _____ () C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2014-08-07 22:49 - 2014-08-07 13:06 - 00000024 _____ () C:\Users\Ibz\random.dat
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Mozilla
2014-08-07 22:21 - 2013-11-16 16:13 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-07 22:20 - 2013-09-25 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-07 22:19 - 2014-08-07 22:18 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0 (1).exe
2014-08-07 21:51 - 2014-08-07 13:06 - 00000042 _____ () C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
2014-08-07 21:50 - 2014-08-07 21:50 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0 (1).exe
2014-08-07 13:06 - 2014-08-07 13:06 - 00000000 ____D () C:\Users\Ibz\jagexcache
2014-08-07 13:06 - 2013-10-25 22:43 - 00000000 ____D () C:\Users\Ibz
2014-08-06 00:08 - 2014-08-06 00:07 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0.exe
2014-08-05 23:56 - 2014-08-05 23:56 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0.exe
2014-08-03 19:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-03 19:51 - 2014-05-22 20:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-03 19:50 - 2014-08-03 19:49 - 00004564 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-03 19:50 - 2014-05-22 20:02 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-03 19:42 - 2012-08-03 03:11 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-03 19:08 - 2013-07-29 20:04 - 00000000 ____D () C:\Program Files\Paint.NET
2014-08-03 19:01 - 2014-08-03 19:01 - 00000000 ____D () C:\Users\Ibz\Downloads\AnimatedGifLibrary
2014-08-03 19:01 - 2014-08-03 18:45 - 00013285 _____ () C:\Users\Ibz\Downloads\AnimatedGifLibrary.zip
2014-08-02 23:40 - 2014-08-02 23:39 - 00321976 _____ () C:\WINDOWS\Minidump\080214-69656-01.dmp
2014-08-02 23:39 - 2013-12-09 08:50 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-02 23:39 - 2013-08-23 22:43 - 696645880 _____ () C:\WINDOWS\MEMORY.DMP
2014-08-02 13:47 - 2014-08-02 13:45 - 00007552 _____ () C:\Users\Ibz\Documents\New track 7.mp4.sfk
2014-08-02 13:45 - 2014-08-02 13:45 - 06383727 _____ () C:\Users\Ibz\Documents\New track 7.mp4
2014-08-02 00:46 - 2013-07-29 19:28 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Google
2014-08-02 00:45 - 2014-08-02 00:45 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:45 - 2014-08-02 00:45 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:45 - 2014-08-02 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-02 00:45 - 2013-07-29 19:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-02 00:44 - 2014-08-02 00:32 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Deployment
2014-07-31 01:31 - 2014-02-14 20:58 - 00000000 ____D () C:\ProgramData\Origin
2014-07-31 00:52 - 2012-08-03 03:01 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-31 00:52 - 2012-07-25 20:18 - 00000000 ____D () C:\Program Files\Sony
2014-07-31 00:51 - 2013-10-01 21:16 - 00000000 ____D () C:\ProgramData\Sony
2014-07-30 17:45 - 2014-07-30 11:40 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-30 16:27 - 2014-05-28 13:26 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-30 16:21 - 2014-04-22 19:51 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-07-30 16:21 - 2013-10-28 19:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-30 16:16 - 2014-02-14 21:04 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-30 16:15 - 2014-02-14 20:58 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-07-30 13:29 - 2014-07-30 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft GIF Animator
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\ClipboardDebuggerMethod
2014-07-30 11:40 - 2014-07-30 11:40 - 00000000 ____D () C:\Users\Ibz\AppData\Local\globalUpdate
2014-07-30 11:40 - 2014-07-30 11:39 - 00001294 _____ () C:\Users\Ibz\AppData\Roaming\Bubble Dock.boostrap.log
2014-07-30 11:39 - 2014-07-30 11:39 - 00000097 _____ () C:\Users\Ibz\AppData\Roaming\WindApp.boostrap.log
2014-07-29 12:32 - 2014-07-29 12:32 - 02743879 _____ () C:\Users\Ibz\Desktop\1 yr.wma
2014-07-29 12:14 - 2014-07-29 12:14 - 02083849 _____ () C:\Users\Ibz\Desktop\Next Gen.wma
2014-07-29 12:05 - 2014-07-29 12:05 - 02847149 _____ () C:\Users\Ibz\Desktop\Random.wma
2014-07-29 09:54 - 2013-08-25 17:05 - 00001404 _____ () C:\SSUUpdater.log
2014-07-28 11:48 - 2014-04-02 18:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-28 11:48 - 2014-04-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 10:11 - 2013-10-28 21:27 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\.minecraft
2014-07-25 22:40 - 2014-07-10 00:21 - 00001188 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-07-25 22:40 - 2013-07-29 20:04 - 00001200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-07-25 08:25 - 2014-04-02 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 00:46 - 2013-10-06 15:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-24 21:46 - 2014-07-24 21:39 - 37740600 _____ () C:\Users\Ibz\Desktop\chamberr.mp2
2014-07-24 21:07 - 2014-07-24 21:07 - 04246992 _____ () C:\Users\Ibz\Desktop\Chamber1.mp2
2014-07-24 21:02 - 2014-07-24 21:02 - 03562128 _____ () C:\Users\Ibz\Desktop\Chamber.mp2
2014-07-24 20:59 - 2014-07-24 20:58 - 07988166 _____ () C:\Users\Ibz\Desktop\Sharp.mp2
2014-07-22 15:16 - 2014-07-30 11:41 - 02708736 _____ ( ) C:\Program Files (x86)\distribution-installer.exe
2014-07-22 15:16 - 2014-07-30 11:41 - 01692923 _____ ( ) C:\Program Files (x86)\UpdInstaller.exe
2014-07-22 15:14 - 2014-07-22 15:14 - 00137376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcomp120.dll
2014-07-11 16:02 - 2013-08-22 15:44 - 00503048 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-11 03:02 - 2014-08-03 19:50 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-08-03 19:50 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-08-03 19:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-08-03 19:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
 
Files to move or delete:
====================
C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
C:\Users\Ibz\random.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-09 23:57
 
==================== End Of Log ============================

After running the Farbar Recovery Scan tool as recommended my someone else, I got this. I was suggested to paste the contents of the log in this topic, and to put an attachment of the additional file, in which I will.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Ibz (administrator) on VAIO on 10-08-2014 20:16:42
Running from C:\Users\Ibz\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Scarlet.Crush Productions) C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
() C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\viuploader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2010-08-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Safer-Surf] => C:\Program Files (x86)\ver3Safer-Surf\Safer-Surf.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1752576 2013-10-26] (Evaer Technology)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [MP3 Skype Recorder] => C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-18] (Alexander Nikiforov)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-07-30] (Electronic Arts)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\Ibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
BootExecute: autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:37037
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKCU - {15FB5D97-4117-4CB7-9140-0DA6904FDA2D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {3963964B-580A-99D4-7A2A-68D6E80DF8FC} ->  No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Connect DLC 5 Toolbar -> {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -> C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\user.js
FF SearchPlugin: C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\searchplugins\Astromenda.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-08-09]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{A6092A60-7F9D-344A-84E7-CAD2DEF7C565}] - C:\Program Files (x86)\ver3Safer-Surf\175.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
CHR Extension: (Google Docs) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-03]
CHR Extension: (Google Drive) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-03]
CHR Extension: (YouTube) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-03]
CHR Extension: (Google Search) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-03]
CHR Extension: (Google Wallet) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-03]
CHR Extension: (Gmail) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-03]
CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Ibz\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-10]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Ibz\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-10]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Ibz\AppData\Local\Slick Savings\coupons.crx [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\Exts\Chrome.crx [2014-08-08]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2014-02-15] (Scarlet.Crush Productions)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-06-18] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
S2 Update Deal Keeper; "C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\ENG64.SYS [126040 2014-07-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\EX64.SYS [2099288 2014-07-31] (Symantec Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2014-02-15] (Scarlet.Crush Productions)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-04-17] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1505000.013\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 VBTUSB; C:\Windows\System32\Drivers\VBTUSB.sys [14848 2011-09-19] (Sony Corporation) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-10 20:16 - 2014-08-10 20:16 - 00032077 _____ () C:\Users\Ibz\Downloads\FRST.txt
2014-08-10 16:07 - 2014-08-10 20:16 - 00000000 ____D () C:\FRST
2014-08-10 16:05 - 2014-08-10 16:05 - 02099712 _____ (Farbar) C:\Users\Ibz\Downloads\FRST64.exe
2014-08-10 16:05 - 2014-08-10 16:05 - 01108040 _____ (Zugara Investments Limited ) C:\Users\Ibz\Downloads\file.exe
2014-08-09 23:29 - 2014-08-09 23:29 - 01366203 _____ () C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
2014-08-08 23:30 - 2014-08-08 23:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-08-08 21:55 - 2014-08-08 21:55 - 00000000 ____D () C:\Users\Ibz\AppData\Local\IsolatedStorage
2014-08-08 21:52 - 2014-08-08 21:56 - 00000000 ____D () C:\Users\Ibz\AppData\Local\fastcleanpro
2014-08-08 21:52 - 2014-08-08 21:52 - 29141928 _____ (Oracle Corporation) C:\Users\Ibz\Downloads\38900-674427-java-runtime-environment-jre.exe
2014-08-08 18:49 - 2014-08-08 18:49 - 14121539 _____ () C:\Users\Ibz\Desktop\JML 1.wma
2014-08-08 18:14 - 2014-08-08 18:14 - 28161769 _____ () C:\Users\Ibz\Desktop\JML.wma
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-07 22:18 - 2014-08-07 22:19 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0 (1).exe
2014-08-07 21:50 - 2014-08-07 21:50 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0 (1).exe
2014-08-07 13:06 - 2014-08-07 22:49 - 00000024 _____ () C:\Users\Ibz\random.dat
2014-08-07 13:06 - 2014-08-07 21:51 - 00000042 _____ () C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
2014-08-07 13:06 - 2014-08-07 13:06 - 00000000 ____D () C:\Users\Ibz\jagexcache
2014-08-06 00:07 - 2014-08-06 00:08 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0.exe
2014-08-05 23:56 - 2014-08-05 23:56 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0.exe
2014-08-05 23:15 - 2014-08-08 11:30 - 00003358 _____ () C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2014-08-03 19:50 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-03 19:50 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-03 19:50 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-03 19:50 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-03 19:49 - 2014-08-03 19:50 - 00004564 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-03 19:01 - 2014-08-03 19:01 - 00000000 ____D () C:\Users\Ibz\Downloads\AnimatedGifLibrary
2014-08-03 18:45 - 2014-08-03 19:01 - 00013285 _____ () C:\Users\Ibz\Downloads\AnimatedGifLibrary.zip
2014-08-02 23:39 - 2014-08-02 23:40 - 00321976 _____ () C:\WINDOWS\Minidump\080214-69656-01.dmp
2014-08-02 13:45 - 2014-08-02 13:47 - 00007552 _____ () C:\Users\Ibz\Documents\New track 7.mp4.sfk
2014-08-02 13:45 - 2014-08-02 13:45 - 06383727 _____ () C:\Users\Ibz\Documents\New track 7.mp4
2014-08-02 00:45 - 2014-08-10 16:51 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 00:45 - 2014-08-09 23:04 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 00:45 - 2014-08-02 00:45 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:45 - 2014-08-02 00:45 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:45 - 2014-08-02 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-02 00:32 - 2014-08-02 00:44 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Deployment
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-07-30 13:29 - 2014-07-30 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft GIF Animator
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\ClipboardDebuggerMethod
2014-07-30 11:41 - 2014-07-22 15:16 - 02708736 _____ ( ) C:\Program Files (x86)\distribution-installer.exe
2014-07-30 11:41 - 2014-07-22 15:16 - 01692923 _____ ( ) C:\Program Files (x86)\UpdInstaller.exe
2014-07-30 11:40 - 2014-07-30 17:45 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-30 11:40 - 2014-07-30 11:40 - 00000000 ____D () C:\Users\Ibz\AppData\Local\globalUpdate
2014-07-30 11:39 - 2014-07-30 11:40 - 00001294 _____ () C:\Users\Ibz\AppData\Roaming\Bubble Dock.boostrap.log
2014-07-30 11:39 - 2014-07-30 11:39 - 00000097 _____ () C:\Users\Ibz\AppData\Roaming\WindApp.boostrap.log
2014-07-29 12:32 - 2014-07-29 12:32 - 02743879 _____ () C:\Users\Ibz\Desktop\1 yr.wma
2014-07-29 12:14 - 2014-07-29 12:14 - 02083849 _____ () C:\Users\Ibz\Desktop\Next Gen.wma
2014-07-29 12:05 - 2014-07-29 12:05 - 02847149 _____ () C:\Users\Ibz\Desktop\Random.wma
2014-07-24 21:39 - 2014-07-24 21:46 - 37740600 _____ () C:\Users\Ibz\Desktop\chamberr.mp2
2014-07-24 21:07 - 2014-07-24 21:07 - 04246992 _____ () C:\Users\Ibz\Desktop\Chamber1.mp2
2014-07-24 21:02 - 2014-07-24 21:02 - 03562128 _____ () C:\Users\Ibz\Desktop\Chamber.mp2
2014-07-24 20:58 - 2014-07-24 20:59 - 07988166 _____ () C:\Users\Ibz\Desktop\Sharp.mp2
2014-07-22 15:14 - 2014-07-22 15:14 - 00137376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcomp120.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-10 20:16 - 2014-08-10 20:16 - 00032077 _____ () C:\Users\Ibz\Downloads\FRST.txt
2014-08-10 20:16 - 2014-08-10 16:07 - 00000000 ____D () C:\FRST
2014-08-10 20:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-10 17:27 - 2013-11-07 21:45 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F5E8C2B9-BFBE-444F-B41B-A85B275B9110}
2014-08-10 16:51 - 2014-08-02 00:45 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 16:05 - 2014-08-10 16:05 - 02099712 _____ (Farbar) C:\Users\Ibz\Downloads\FRST64.exe
2014-08-10 16:05 - 2014-08-10 16:05 - 01108040 _____ (Zugara Investments Limited ) C:\Users\Ibz\Downloads\file.exe
2014-08-09 23:57 - 2013-07-29 16:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2619934520-938613260-3980237627-1001
2014-08-09 23:29 - 2014-08-09 23:29 - 01366203 _____ () C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
2014-08-09 23:07 - 2013-10-25 23:03 - 01493815 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-09 23:05 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-09 23:04 - 2014-08-02 00:45 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-09 23:04 - 2013-10-25 23:11 - 00000000 __RDO () C:\Users\Ibz\SkyDrive
2014-08-09 22:58 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-09 02:57 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-09 02:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-09 02:18 - 2013-09-30 04:55 - 00265816 _____ () C:\WINDOWS\PFRO.log
2014-08-09 02:16 - 2013-10-06 15:42 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Skype
2014-08-08 23:30 - 2014-08-08 23:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-08-08 23:29 - 2013-09-30 05:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-08 23:23 - 2013-07-29 17:25 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-08-08 23:23 - 2013-07-29 17:24 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-08-08 23:22 - 2013-11-16 10:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-08 23:22 - 2013-11-14 19:30 - 00002339 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-08-08 22:02 - 2013-07-30 17:58 - 00000000 ____D () C:\Users\Ibz\AppData\Local\CrashDumps
2014-08-08 21:56 - 2014-08-08 21:52 - 00000000 ____D () C:\Users\Ibz\AppData\Local\fastcleanpro
2014-08-08 21:55 - 2014-08-08 21:55 - 00000000 ____D () C:\Users\Ibz\AppData\Local\IsolatedStorage
2014-08-08 21:52 - 2014-08-08 21:52 - 29141928 _____ (Oracle Corporation) C:\Users\Ibz\Downloads\38900-674427-java-runtime-environment-jre.exe
2014-08-08 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-08 19:02 - 2013-07-30 11:43 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Audacity
2014-08-08 18:49 - 2014-08-08 18:49 - 14121539 _____ () C:\Users\Ibz\Desktop\JML 1.wma
2014-08-08 18:15 - 2013-10-26 09:58 - 06484992 ___SH () C:\Users\Ibz\Desktop\Thumbs.db
2014-08-08 18:14 - 2014-08-08 18:14 - 28161769 _____ () C:\Users\Ibz\Desktop\JML.wma
2014-08-08 11:43 - 2013-12-03 19:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-08 11:41 - 2013-08-12 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-08 11:30 - 2014-08-05 23:15 - 00003358 _____ () C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task
2014-08-07 22:49 - 2014-08-07 13:06 - 00000024 _____ () C:\Users\Ibz\random.dat
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Mozilla
2014-08-07 22:21 - 2013-11-16 16:13 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-07 22:20 - 2013-09-25 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-07 22:19 - 2014-08-07 22:18 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0 (1).exe
2014-08-07 21:51 - 2014-08-07 13:06 - 00000042 _____ () C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
2014-08-07 21:50 - 2014-08-07 21:50 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0 (1).exe
2014-08-07 13:06 - 2014-08-07 13:06 - 00000000 ____D () C:\Users\Ibz\jagexcache
2014-08-07 13:06 - 2013-10-25 22:43 - 00000000 ____D () C:\Users\Ibz
2014-08-06 00:08 - 2014-08-06 00:07 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0.exe
2014-08-05 23:56 - 2014-08-05 23:56 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0.exe
2014-08-03 19:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-03 19:51 - 2014-05-22 20:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-03 19:50 - 2014-08-03 19:49 - 00004564 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-03 19:50 - 2014-05-22 20:02 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-03 19:42 - 2012-08-03 03:11 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-03 19:08 - 2013-07-29 20:04 - 00000000 ____D () C:\Program Files\Paint.NET
2014-08-03 19:01 - 2014-08-03 19:01 - 00000000 ____D () C:\Users\Ibz\Downloads\AnimatedGifLibrary
2014-08-03 19:01 - 2014-08-03 18:45 - 00013285 _____ () C:\Users\Ibz\Downloads\AnimatedGifLibrary.zip
2014-08-02 23:40 - 2014-08-02 23:39 - 00321976 _____ () C:\WINDOWS\Minidump\080214-69656-01.dmp
2014-08-02 23:39 - 2013-12-09 08:50 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-02 23:39 - 2013-08-23 22:43 - 696645880 _____ () C:\WINDOWS\MEMORY.DMP
2014-08-02 13:47 - 2014-08-02 13:45 - 00007552 _____ () C:\Users\Ibz\Documents\New track 7.mp4.sfk
2014-08-02 13:45 - 2014-08-02 13:45 - 06383727 _____ () C:\Users\Ibz\Documents\New track 7.mp4
2014-08-02 00:46 - 2013-07-29 19:28 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Google
2014-08-02 00:45 - 2014-08-02 00:45 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:45 - 2014-08-02 00:45 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:45 - 2014-08-02 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-02 00:45 - 2013-07-29 19:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-02 00:44 - 2014-08-02 00:32 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Deployment
2014-07-31 01:31 - 2014-02-14 20:58 - 00000000 ____D () C:\ProgramData\Origin
2014-07-31 00:52 - 2012-08-03 03:01 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-31 00:52 - 2012-07-25 20:18 - 00000000 ____D () C:\Program Files\Sony
2014-07-31 00:51 - 2013-10-01 21:16 - 00000000 ____D () C:\ProgramData\Sony
2014-07-30 17:45 - 2014-07-30 11:40 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-30 16:27 - 2014-05-28 13:26 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-30 16:21 - 2014-04-22 19:51 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-07-30 16:21 - 2013-10-28 19:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-30 16:16 - 2014-02-14 21:04 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-30 16:15 - 2014-02-14 20:58 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-07-30 13:29 - 2014-07-30 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft GIF Animator
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\ClipboardDebuggerMethod
2014-07-30 11:40 - 2014-07-30 11:40 - 00000000 ____D () C:\Users\Ibz\AppData\Local\globalUpdate
2014-07-30 11:40 - 2014-07-30 11:39 - 00001294 _____ () C:\Users\Ibz\AppData\Roaming\Bubble Dock.boostrap.log
2014-07-30 11:39 - 2014-07-30 11:39 - 00000097 _____ () C:\Users\Ibz\AppData\Roaming\WindApp.boostrap.log
2014-07-29 12:32 - 2014-07-29 12:32 - 02743879 _____ () C:\Users\Ibz\Desktop\1 yr.wma
2014-07-29 12:14 - 2014-07-29 12:14 - 02083849 _____ () C:\Users\Ibz\Desktop\Next Gen.wma
2014-07-29 12:05 - 2014-07-29 12:05 - 02847149 _____ () C:\Users\Ibz\Desktop\Random.wma
2014-07-29 09:54 - 2013-08-25 17:05 - 00001404 _____ () C:\SSUUpdater.log
2014-07-28 11:48 - 2014-04-02 18:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-28 11:48 - 2014-04-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 10:11 - 2013-10-28 21:27 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\.minecraft
2014-07-25 22:40 - 2014-07-10 00:21 - 00001188 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-07-25 22:40 - 2013-07-29 20:04 - 00001200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-07-25 08:25 - 2014-04-02 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 00:46 - 2013-10-06 15:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-24 21:46 - 2014-07-24 21:39 - 37740600 _____ () C:\Users\Ibz\Desktop\chamberr.mp2
2014-07-24 21:07 - 2014-07-24 21:07 - 04246992 _____ () C:\Users\Ibz\Desktop\Chamber1.mp2
2014-07-24 21:02 - 2014-07-24 21:02 - 03562128 _____ () C:\Users\Ibz\Desktop\Chamber.mp2
2014-07-24 20:59 - 2014-07-24 20:58 - 07988166 _____ () C:\Users\Ibz\Desktop\Sharp.mp2
2014-07-22 15:16 - 2014-07-30 11:41 - 02708736 _____ ( ) C:\Program Files (x86)\distribution-installer.exe
2014-07-22 15:16 - 2014-07-30 11:41 - 01692923 _____ ( ) C:\Program Files (x86)\UpdInstaller.exe
2014-07-22 15:14 - 2014-07-22 15:14 - 00137376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcomp120.dll
2014-07-11 16:02 - 2013-08-22 15:44 - 00503048 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-11 03:02 - 2014-08-03 19:50 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-08-03 19:50 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-08-03 19:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-08-03 19:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
 
Files to move or delete:
====================
C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
C:\Users\Ibz\random.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-09 23:57
 
==================== End Of Log ============================

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 PM

Posted 11 August 2014 - 10:09 AM



Note to ElfBane Only members of the Malware Response Team or Moderators are allowed to help people with logs.
If Jestaio had not send me a personal message his topic may have never been answered in reasonable period.
Everytime you answer a topic that topic is removed from the unanswered log.
Thank you for your understanding.
===

Jestaio please proceed with this fix.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

In Windows 7 and 8.
Press the [Windows Icon + R] and enter "notepad" in the box to open Notepad

start

HKLM-x32\...\Run: [Safer-Surf] => C:\Program Files (x86)\ver3Safer-Surf\Safer-Surf.exe
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2xzuyetn2y1l1qzu0bzzybycta0f0ftc0d0etb0dzyzyzy0etn0d0tzu0szyydtctn1l2xzutatftdtftctdtftbtn1l1czutcyetbzytdyd1v1ttn1l1g1b1v1n2y1l1qzu2sybtbyeyctd0eyczztgtayetatctgydzyybyctg0a0f0d0etgyb0ctcyczyta0d0eydybydyb2qtn1m1f1b2z1v1n2y1l1qzu2stdtdyd0etb0a0bydtgzzta0bydtgyetatdzztgzztb0ezztgyc0e0a0dydzyyctd0e0azz0b2q&cr=1896066790&ir=
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKCU - DefaultScope {417BE3B6-C8E9-4026-8E6B-C4AF60A79B7B} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6A0BB8763FF1DE2E&affID=119842&tt=240913_91215&tsp=5016
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN14909668032838867&UM=2
SearchScopes: HKCU - {417BE3B6-C8E9-4026-8E6B-C4AF60A79B7B} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=GB&ver=20&locale=en_GB&gct=kwd&qsrc=2869
BHO-x32: No Name -> {3963964B-580A-99D4-7A2A-68D6E80DF8FC} ->  No File
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
FF SearchPlugin: C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\searchplugins\Astromenda.xml
FF HKCU\...\Firefox\Extensions: [{A6092A60-7F9D-344A-84E7-CAD2DEF7C565}] - C:\Program Files (x86)\ver3Safer-Surf\175.xpi
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Ibz\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-10]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Ibz\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-10]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Ibz\AppData\Local\Slick Savings\coupons.crx [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
S2 Update Deal Keeper; "C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe" [X]
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
C:\Program Files (x86)\Splashtop
C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\searchplugins\
C:\Users\Ibz\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx
C:\Program Files (x86)\Common Files\Spigot
C:\Users\Ibz\AppData\Local\Slick Savings

end

Save the files as fixlist.txt in to the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===


If you did not set this proxy and your Internet provider does not suggest it fix it.
ProxyServer: http=127.0.0.1:37037

In Internet Explorer go to Tools - Internet Options - Connections Tab - Lan Settings and remove the reference to 127.0.0.1:5577 if found, then uncheck "Use a proxy server" and check "Automatically detect settings".
===

If you use Firefox in Tools Menu > Options... > Advanced Tab > Network Tab > Connection > Settings. Select the Auto-detect proxy settings for this network option. Or no proxy if you do not need it.
===

Restart the computer normally to reset the registry.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer running now?

#5 Jestaio

Jestaio
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 11 August 2014 - 02:09 PM

It's still resetting and re enabling the proxy settings :huh:  

 

Results of screen317's Security Check version 0.99.86  

   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
Norton 360         
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 65  
 Adobe Reader XI  
 Mozilla Firefox (31.0) 
 Google Chrome 36.0.1985.125  
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 PM

Posted 12 August 2014 - 06:27 AM

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Run the Farbar tool again and post a fresh log.
===

#7 Jestaio

Jestaio
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 12 August 2014 - 08:46 AM

Here is the RogueKiller log:

 

RogueKiller V9.2.6.0 (x64) [Jul 11 2014] by Adlice Software
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Ibz [Admin rights]
Mode : Remove -- Date : 08/12/2014  14:42:52
 
¤¤¤ Bad processes : 2 ¤¤¤
 
¤¤¤ Registry Entries : 14 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RgFltX64 -> NOT SELECTED
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RgFltX64 -> NOT SELECTED
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2619934520-938613260-3980237627-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2619934520-938613260-3980237627-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1  -> NOT SELECTED
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2619934520-938613260-3980237627-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:38059  -> NOT SELECTED
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2619934520-938613260-3980237627-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:38059  -> NOT SELECTED
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NOT SELECTED
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> NOT SELECTED
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[Suspicious.Path] \\BackgroundContainer Startup Task -- "C:\WINDOWS\SysWOW64\Rundll32.exe" ("C:\Users\Ibz\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun) -> DELETED
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS541010A9E680 +++++
--- User ---
[MBR] f84d93bbcb8c592af81d2378dedf1994
[BSP] e5d8626a2ff67d168b7756daa2449576 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: SD Card +++++
--- User ---
[MBR] b4c8a66783e07529e17ca7d8fef90161
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 249 | Size: 1937 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
 
 
============================================
RKreport_SCN_08122014_144242.log

Here is the Farbar log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Ibz (administrator) on VAIO on 12-08-2014 14:43:50
Running from C:\Users\Ibz\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Scarlet.Crush Productions) C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Users\Ibz\Downloads\RogueKillerX64.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2010-08-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1752576 2013-10-26] (Evaer Technology)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [MP3 Skype Recorder] => C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-18] (Alexander Nikiforov)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-07-30] (Electronic Arts)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-2619934520-938613260-3980237627-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
Startup: C:\Users\Ibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
BootExecute: autocheck autochk * 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:38059
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {15FB5D97-4117-4CB7-9140-0DA6904FDA2D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Connect DLC 5 Toolbar -> {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -> C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
CHR Extension: (Google Docs) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-03]
CHR Extension: (Google Drive) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-03]
CHR Extension: (YouTube) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-03]
CHR Extension: (Google Search) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-03]
CHR Extension: (Google Wallet) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-03]
CHR Extension: (Gmail) - C:\Users\Ibz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\Exts\Chrome.crx [2014-08-08]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2014-02-15] (Scarlet.Crush Productions)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-06-18] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
S2 SplashtopRemoteService; "C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe" [X]
S2 SSUService; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140810.021\ENG64.SYS [126040 2014-07-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140810.021\EX64.SYS [2099288 2014-07-31] (Symantec Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2014-02-15] (Scarlet.Crush Productions)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-04-17] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1505000.013\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30312 2014-08-12] ()
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 VBTUSB; C:\Windows\System32\Drivers\VBTUSB.sys [14848 2011-09-19] (Sony Corporation) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-12 14:28 - 2014-08-12 14:28 - 00030312 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-12 14:28 - 2014-08-12 14:28 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-12 14:27 - 2014-08-12 14:27 - 02099712 _____ (Farbar) C:\Users\Ibz\Downloads\FRST64.exe
2014-08-12 14:24 - 2014-08-12 14:25 - 05392984 _____ () C:\Users\Ibz\Downloads\RogueKillerX64.exe
2014-08-11 19:58 - 2014-08-11 19:58 - 00854410 _____ () C:\Users\Ibz\Downloads\SecurityCheck.exe
2014-08-10 20:18 - 2014-08-10 20:20 - 00057418 _____ () C:\Users\Ibz\Downloads\Addition.txt
2014-08-10 20:16 - 2014-08-12 14:43 - 00027064 _____ () C:\Users\Ibz\Downloads\FRST.txt
2014-08-10 16:07 - 2014-08-12 14:43 - 00000000 ____D () C:\FRST
2014-08-10 16:05 - 2014-08-10 16:05 - 01108040 _____ (Zugara Investments Limited ) C:\Users\Ibz\Downloads\file.exe
2014-08-09 23:29 - 2014-08-09 23:29 - 01366203 _____ () C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
2014-08-08 23:30 - 2014-08-08 23:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-08-08 21:55 - 2014-08-08 21:55 - 00000000 ____D () C:\Users\Ibz\AppData\Local\IsolatedStorage
2014-08-08 21:52 - 2014-08-08 21:56 - 00000000 ____D () C:\Users\Ibz\AppData\Local\fastcleanpro
2014-08-08 21:52 - 2014-08-08 21:52 - 29141928 _____ (Oracle Corporation) C:\Users\Ibz\Downloads\38900-674427-java-runtime-environment-jre.exe
2014-08-08 18:49 - 2014-08-08 18:49 - 14121539 _____ () C:\Users\Ibz\Desktop\JML 1.wma
2014-08-08 18:14 - 2014-08-08 18:14 - 28161769 _____ () C:\Users\Ibz\Desktop\JML.wma
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-07 22:18 - 2014-08-07 22:19 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0 (1).exe
2014-08-07 21:50 - 2014-08-07 21:50 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0 (1).exe
2014-08-07 13:06 - 2014-08-07 22:49 - 00000024 _____ () C:\Users\Ibz\random.dat
2014-08-07 13:06 - 2014-08-07 21:51 - 00000042 _____ () C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
2014-08-07 13:06 - 2014-08-07 13:06 - 00000000 ____D () C:\Users\Ibz\jagexcache
2014-08-06 00:07 - 2014-08-06 00:08 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0.exe
2014-08-05 23:56 - 2014-08-05 23:56 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0.exe
2014-08-03 19:50 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-03 19:50 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-03 19:50 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-03 19:50 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-03 19:49 - 2014-08-03 19:50 - 00004564 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-03 19:01 - 2014-08-03 19:01 - 00000000 ____D () C:\Users\Ibz\Downloads\AnimatedGifLibrary
2014-08-03 18:45 - 2014-08-03 19:01 - 00013285 _____ () C:\Users\Ibz\Downloads\AnimatedGifLibrary.zip
2014-08-02 23:39 - 2014-08-02 23:40 - 00321976 _____ () C:\WINDOWS\Minidump\080214-69656-01.dmp
2014-08-02 13:45 - 2014-08-02 13:47 - 00007552 _____ () C:\Users\Ibz\Documents\New track 7.mp4.sfk
2014-08-02 13:45 - 2014-08-02 13:45 - 06383727 _____ () C:\Users\Ibz\Documents\New track 7.mp4
2014-08-02 00:45 - 2014-08-12 13:50 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 00:45 - 2014-08-12 11:23 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 00:45 - 2014-08-02 00:45 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:45 - 2014-08-02 00:45 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:45 - 2014-08-02 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-02 00:32 - 2014-08-02 00:44 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Deployment
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-07-30 13:29 - 2014-07-30 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft GIF Animator
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\ClipboardDebuggerMethod
2014-07-30 11:41 - 2014-07-22 15:16 - 02708736 _____ ( ) C:\Program Files (x86)\distribution-installer.exe
2014-07-30 11:41 - 2014-07-22 15:16 - 01692923 _____ ( ) C:\Program Files (x86)\UpdInstaller.exe
2014-07-30 11:40 - 2014-07-30 17:45 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-30 11:40 - 2014-07-30 11:40 - 00000000 ____D () C:\Users\Ibz\AppData\Local\globalUpdate
2014-07-30 11:39 - 2014-07-30 11:40 - 00001294 _____ () C:\Users\Ibz\AppData\Roaming\Bubble Dock.boostrap.log
2014-07-30 11:39 - 2014-07-30 11:39 - 00000097 _____ () C:\Users\Ibz\AppData\Roaming\WindApp.boostrap.log
2014-07-29 12:32 - 2014-07-29 12:32 - 02743879 _____ () C:\Users\Ibz\Desktop\1 yr.wma
2014-07-29 12:14 - 2014-07-29 12:14 - 02083849 _____ () C:\Users\Ibz\Desktop\Next Gen.wma
2014-07-29 12:05 - 2014-07-29 12:05 - 02847149 _____ () C:\Users\Ibz\Desktop\Random.wma
2014-07-24 21:39 - 2014-07-24 21:46 - 37740600 _____ () C:\Users\Ibz\Desktop\chamberr.mp2
2014-07-24 21:07 - 2014-07-24 21:07 - 04246992 _____ () C:\Users\Ibz\Desktop\Chamber1.mp2
2014-07-24 21:02 - 2014-07-24 21:02 - 03562128 _____ () C:\Users\Ibz\Desktop\Chamber.mp2
2014-07-24 20:58 - 2014-07-24 20:59 - 07988166 _____ () C:\Users\Ibz\Desktop\Sharp.mp2
2014-07-22 15:14 - 2014-07-22 15:14 - 00137376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcomp120.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-12 14:44 - 2014-08-10 20:16 - 00027064 _____ () C:\Users\Ibz\Downloads\FRST.txt
2014-08-12 14:43 - 2014-08-10 16:07 - 00000000 ____D () C:\FRST
2014-08-12 14:37 - 2013-07-29 16:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2619934520-938613260-3980237627-1001
2014-08-12 14:31 - 2013-11-07 21:45 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F5E8C2B9-BFBE-444F-B41B-A85B275B9110}
2014-08-12 14:28 - 2014-08-12 14:28 - 00030312 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-12 14:28 - 2014-08-12 14:28 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-12 14:27 - 2014-08-12 14:27 - 02099712 _____ (Farbar) C:\Users\Ibz\Downloads\FRST64.exe
2014-08-12 14:26 - 2013-10-06 15:42 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Skype
2014-08-12 14:25 - 2014-08-12 14:24 - 05392984 _____ () C:\Users\Ibz\Downloads\RogueKillerX64.exe
2014-08-12 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-12 13:50 - 2014-08-02 00:45 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-12 11:28 - 2013-10-25 23:03 - 01592327 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-12 11:26 - 2013-10-25 23:11 - 00000000 __RDO () C:\Users\Ibz\SkyDrive
2014-08-12 11:23 - 2014-08-02 00:45 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-12 11:22 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-12 01:38 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-11 19:58 - 2014-08-11 19:58 - 00854410 _____ () C:\Users\Ibz\Downloads\SecurityCheck.exe
2014-08-11 19:34 - 2013-09-30 04:55 - 00269484 _____ () C:\WINDOWS\PFRO.log
2014-08-11 19:34 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-11 19:31 - 2013-11-11 21:10 - 00000000 ____D () C:\Users\Ibz\AppData\Local\CRE
2014-08-10 21:13 - 2013-10-06 15:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-10 21:13 - 2013-10-06 15:42 - 00000000 ____D () C:\ProgramData\Skype
2014-08-10 20:20 - 2014-08-10 20:18 - 00057418 _____ () C:\Users\Ibz\Downloads\Addition.txt
2014-08-10 16:05 - 2014-08-10 16:05 - 01108040 _____ (Zugara Investments Limited ) C:\Users\Ibz\Downloads\file.exe
2014-08-09 23:29 - 2014-08-09 23:29 - 01366203 _____ () C:\Users\Ibz\Downloads\adwcleaner_3.304.exe
2014-08-09 02:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-08 23:30 - 2014-08-08 23:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-08-08 23:29 - 2013-09-30 05:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-08 23:23 - 2013-07-29 17:25 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-08-08 23:23 - 2013-07-29 17:24 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-08-08 23:22 - 2013-11-16 10:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-08 23:22 - 2013-11-14 19:30 - 00002339 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-08-08 22:02 - 2013-07-30 17:58 - 00000000 ____D () C:\Users\Ibz\AppData\Local\CrashDumps
2014-08-08 21:56 - 2014-08-08 21:52 - 00000000 ____D () C:\Users\Ibz\AppData\Local\fastcleanpro
2014-08-08 21:55 - 2014-08-08 21:55 - 00000000 ____D () C:\Users\Ibz\AppData\Local\IsolatedStorage
2014-08-08 21:52 - 2014-08-08 21:52 - 29141928 _____ (Oracle Corporation) C:\Users\Ibz\Downloads\38900-674427-java-runtime-environment-jre.exe
2014-08-08 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-08 19:02 - 2013-07-30 11:43 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Audacity
2014-08-08 18:49 - 2014-08-08 18:49 - 14121539 _____ () C:\Users\Ibz\Desktop\JML 1.wma
2014-08-08 18:15 - 2013-10-26 09:58 - 06484992 ___SH () C:\Users\Ibz\Desktop\Thumbs.db
2014-08-08 18:14 - 2014-08-08 18:14 - 28161769 _____ () C:\Users\Ibz\Desktop\JML.wma
2014-08-08 11:43 - 2013-12-03 19:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-08 11:41 - 2013-08-12 16:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-07 22:49 - 2014-08-07 13:06 - 00000024 _____ () C:\Users\Ibz\random.dat
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Mozilla
2014-08-07 22:21 - 2013-11-16 16:13 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-07 22:20 - 2014-08-07 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-07 22:20 - 2013-09-25 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-07 22:19 - 2014-08-07 22:18 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0 (1).exe
2014-08-07 21:51 - 2014-08-07 13:06 - 00000042 _____ () C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
2014-08-07 21:50 - 2014-08-07 21:50 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0 (1).exe
2014-08-07 13:06 - 2014-08-07 13:06 - 00000000 ____D () C:\Users\Ibz\jagexcache
2014-08-07 13:06 - 2013-10-25 22:43 - 00000000 ____D () C:\Users\Ibz
2014-08-06 00:08 - 2014-08-06 00:07 - 32029224 _____ () C:\Users\Ibz\Downloads\Firefox Setup 31.0.exe
2014-08-05 23:56 - 2014-08-05 23:56 - 00244136 _____ () C:\Users\Ibz\Downloads\Firefox Setup Stub 31.0.exe
2014-08-03 19:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-03 19:51 - 2014-05-22 20:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-03 19:50 - 2014-08-03 19:49 - 00004564 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-03 19:50 - 2014-05-22 20:02 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-03 19:42 - 2012-08-03 03:11 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-03 19:08 - 2013-07-29 20:04 - 00000000 ____D () C:\Program Files\Paint.NET
2014-08-03 19:01 - 2014-08-03 19:01 - 00000000 ____D () C:\Users\Ibz\Downloads\AnimatedGifLibrary
2014-08-03 19:01 - 2014-08-03 18:45 - 00013285 _____ () C:\Users\Ibz\Downloads\AnimatedGifLibrary.zip
2014-08-02 23:40 - 2014-08-02 23:39 - 00321976 _____ () C:\WINDOWS\Minidump\080214-69656-01.dmp
2014-08-02 23:39 - 2013-12-09 08:50 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-02 23:39 - 2013-08-23 22:43 - 696645880 _____ () C:\WINDOWS\MEMORY.DMP
2014-08-02 13:47 - 2014-08-02 13:45 - 00007552 _____ () C:\Users\Ibz\Documents\New track 7.mp4.sfk
2014-08-02 13:45 - 2014-08-02 13:45 - 06383727 _____ () C:\Users\Ibz\Documents\New track 7.mp4
2014-08-02 00:46 - 2013-07-29 19:28 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Google
2014-08-02 00:45 - 2014-08-02 00:45 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:45 - 2014-08-02 00:45 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:45 - 2014-08-02 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-02 00:45 - 2013-07-29 19:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-02 00:44 - 2014-08-02 00:32 - 00000000 ____D () C:\Users\Ibz\AppData\Local\Deployment
2014-07-31 01:31 - 2014-02-14 20:58 - 00000000 ____D () C:\ProgramData\Origin
2014-07-31 00:52 - 2012-08-03 03:01 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-31 00:52 - 2012-07-25 20:18 - 00000000 ____D () C:\Program Files\Sony
2014-07-31 00:51 - 2013-10-01 21:16 - 00000000 ____D () C:\ProgramData\Sony
2014-07-30 17:45 - 2014-07-30 11:40 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-30 16:27 - 2014-05-28 13:26 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-30 16:21 - 2014-04-22 19:51 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-07-30 16:21 - 2013-10-28 19:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-30 16:16 - 2014-02-14 21:04 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-30 16:15 - 2014-02-14 20:58 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-07-30 13:44 - 2014-07-30 13:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-07-30 13:29 - 2014-07-30 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft GIF Animator
2014-07-30 11:42 - 2014-07-30 11:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\ClipboardDebuggerMethod
2014-07-30 11:40 - 2014-07-30 11:40 - 00000000 ____D () C:\Users\Ibz\AppData\Local\globalUpdate
2014-07-30 11:40 - 2014-07-30 11:39 - 00001294 _____ () C:\Users\Ibz\AppData\Roaming\Bubble Dock.boostrap.log
2014-07-30 11:39 - 2014-07-30 11:39 - 00000097 _____ () C:\Users\Ibz\AppData\Roaming\WindApp.boostrap.log
2014-07-29 12:32 - 2014-07-29 12:32 - 02743879 _____ () C:\Users\Ibz\Desktop\1 yr.wma
2014-07-29 12:14 - 2014-07-29 12:14 - 02083849 _____ () C:\Users\Ibz\Desktop\Next Gen.wma
2014-07-29 12:05 - 2014-07-29 12:05 - 02847149 _____ () C:\Users\Ibz\Desktop\Random.wma
2014-07-29 09:54 - 2013-08-25 17:05 - 00001404 _____ () C:\SSUUpdater.log
2014-07-28 11:48 - 2014-04-02 18:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-28 11:48 - 2014-04-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 10:11 - 2013-10-28 21:27 - 00000000 ____D () C:\Users\Ibz\AppData\Roaming\.minecraft
2014-07-25 22:40 - 2014-07-10 00:21 - 00001188 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-07-25 22:40 - 2013-07-29 20:04 - 00001200 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-07-25 08:25 - 2014-04-02 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 21:46 - 2014-07-24 21:39 - 37740600 _____ () C:\Users\Ibz\Desktop\chamberr.mp2
2014-07-24 21:07 - 2014-07-24 21:07 - 04246992 _____ () C:\Users\Ibz\Desktop\Chamber1.mp2
2014-07-24 21:02 - 2014-07-24 21:02 - 03562128 _____ () C:\Users\Ibz\Desktop\Chamber.mp2
2014-07-24 20:59 - 2014-07-24 20:58 - 07988166 _____ () C:\Users\Ibz\Desktop\Sharp.mp2
2014-07-22 15:16 - 2014-07-30 11:41 - 02708736 _____ ( ) C:\Program Files (x86)\distribution-installer.exe
2014-07-22 15:16 - 2014-07-30 11:41 - 01692923 _____ ( ) C:\Program Files (x86)\UpdInstaller.exe
2014-07-22 15:14 - 2014-07-22 15:14 - 00137376 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcomp120.dll
 
Files to move or delete:
====================
C:\Users\Ibz\jagex_cl_runescape_LIVE.dat
C:\Users\Ibz\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Ibz\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-11 20:38
 
==================== End Of Log ============================


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 PM

Posted 12 August 2014 - 09:33 AM

Run the RogueKiller tool and delete everthing that will be found.
If bad it will be removed or Replaced with the correct settins.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
S2 SplashtopRemoteService; "C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe" [X]
S2 SSUService; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#9 Jestaio

Jestaio
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 12 August 2014 - 10:44 AM

It's still doing it :/

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-08-2014 01
Ran by Ibz at 2014-08-12 16:43:33 Run:3
Running from C:\Users\Ibz\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir=
S2 SplashtopRemoteService; "C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe" [X]
S2 SSUService; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [X]
 
End
*****************
 
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir= ==> The Chrome "Settings" can be used to fix the entry.
SplashtopRemoteService => Service not found.
SSUService => Service not found.
 
==== End of Fixlog ====


#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 PM

Posted 12 August 2014 - 12:25 PM

CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_vit_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0FtC0D0EtB0Dzyzyzy0EtN0D0Tzu0SzyyDtCtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtByEyCtD0EyCzztGtAyEtAtCtGyDzyyByCtG0A0F0D0EtGyB0CtCyCzytA0D0EyDyByDyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtDyD0EtB0A0ByDtGzztA0ByDtGyEtAtDzztGzztB0EzztGyC0E0A0DyDzyyCtD0E0Azz0B2Q&cr=1896066790&ir= ==> The Chrome "Settings" can be used to fix the entry.


Reset Chrome...
Click on "Customize and control Google Chrome":
 p22003758.gif

Select

Settings


Under On StartUP
Click the Set page link.
Remove any references to astromenda.com Click OK.

Close the browser and restart Chrome normally.
===

I missed this one line.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

FF user.js: detected! => C:\Users\Ibz\AppData\Roaming\Mozilla\Firefox\Profiles\v0kthtr9.default\user.js

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Let me know what problem persists.

#11 Jestaio

Jestaio
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 12 August 2014 - 01:08 PM

There wasn't actually any startup pages there!

Attached Files



#12 Jestaio

Jestaio
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 12 August 2014 - 01:21 PM

Problem still occurs :/

Attached Files



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 PM

Posted 13 August 2014 - 06:39 AM

Try these fixes.

If using a router reset it.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html
===

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/
<<<>>>

If that fails to remove the Redirects try this.
...

Reset all you Browsers.

Reset Chrome...
Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Internet Explorer:
Menu > Tools > Internet Options > General Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

===

How is it now?

#14 Jestaio

Jestaio
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 13 August 2014 - 01:45 PM

Aaaaaahhhhh, it still does it, but this time it took a lot longer for the proxy to re enable itself :/



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 PM

Posted 14 August 2014 - 07:27 AM

Which browser to you normally use.
Chrome, Firefox or IE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users