Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browswer hijacked - not sure what to remove in Hijackthis


  • This topic is locked This topic is locked
4 replies to this topic

#1 bhuether

bhuether

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 09 September 2014 - 07:42 AM

In my browser, when I pen a new tab or click a link on a site, another tab opens asking me to do surveys, taking me to various ads, etc, etc. I really want to remove whatever is causing this, but am not sure what to remove. Below is hijackthis log. Ideas?

 

thanks!

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:42:01 PM, on 9/9/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
F2 - REG:system.ini: UserInit=Userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: IBM Forms Viewer Helper - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Forms Viewer\4.0\PEhelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1945361147-739703407-3495691399-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.ementoronline.org
O15 - Trusted Zone: http://*.pecinc.com
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://goive.state.gov/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: x-owacid - {0215258F-F0A8-49DE-BF1B-0FF02EDA8807} - C:\Program Files (x86)\Microsoft\Outlook Web Access SMIME Client\mimectl.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel® Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
O23 - Service: Intel® Dynamic Platform & Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: pakWNvcC - Acute Angle Solutions - C:\ProgramData\daZwxe\pakWNvcC.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
 
--
End of file - 22753 bytes
 


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:04 AM

Posted 09 September 2014 - 07:55 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 bhuether

bhuether
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 09 September 2014 - 12:27 PM

Hi,

 

Thanks for your willingness to help! I ran FRST and here are the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
() C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Acute Angle Solutions) C:\ProgramData\daZwxe\pakWNvcC.exe
() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\SysWOW64\DptfPolicyLpmServiceHelper.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s  RtHDVCpl    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s  kernel32.dll 
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-08] (ASUS)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4170528 2014-03-24] (Connectify)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2012-08-17] (ASUS)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [304568 2010-10-13] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1945361147-739703407-3495691399-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1945361147-739703407-3495691399-1000\...\MountPoints2: {4567c305-d5e2-11e3-a3dc-c485082b7a09} - E:\AutoRun.exe
HKU\S-1-5-21-1945361147-739703407-3495691399-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1945361147-739703407-3495691399-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4567c305-d5e2-11e3-a3dc-c485082b7a09} - E:\AutoRun.exe
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {336C0BD1-5075-4A3C-BC87-7240CE3AF2F5} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {4420FF99-E21B-4B91-8491-DD6B0ECC17BF} URL = http://www.mysearchresults.com/search?&c=2652&t=03&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: IBM Forms Viewer Helper -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files (x86)\IBM\Forms Viewer\4.0\PEhelper.dll (IBM Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://goive.state.gov/dana-cached/sc/JuniperSetupClient.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} -  No File
Handler: x-owacid - {0215258f-f0a8-49de-bf1b-0ff02eda8807} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - C:\Windows\Downloaded Program Files\mimectl.dll (Microsoft Corporation)
Handler-x32: x-owacid - {0215258f-f0a8-49de-bf1b-0ff02eda8807} - C:\Program Files (x86)\Microsoft\Outlook Web Access SMIME Client\mimectl.dll (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-02-18]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-02-18]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\bhuether\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\bhuether\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (SiteAdvisor) - C:\Users\bhuether\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-12-29]
CHR Extension: (Google Wallet) - C:\Users\bhuether\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-03-24] (Connectify) [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\SysWOW64\DptfParticipantProcessorService.exe [18944 2012-02-20] ()
R2 DptfPolicyConfigTDPService; C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe [19968 2012-02-20] ()
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-10-19] (Macrovision Europe Ltd.) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-05-10] ()
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165144 2012-05-11] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [225216 2011-01-29] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
R2 pakWNvcC; C:\ProgramData\daZwxe\pakWNvcC.exe [2319744 2014-09-07] (Acute Angle Solutions)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-08] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [145024 2008-01-02] (AnyDATA Corporation)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R0 assd; C:\Windows\System32\Drivers\assd.sys [27056 2011-10-29] (ASUS Corporation) [File not signed]
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-07] (Windows ® Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-07] (ASUS)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-07] (ASUS Corporation)
S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [110592 2012-04-05] (ASIX Electronics Corp.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [35352 2014-05-12] (Connectify)
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107288 2012-02-20] (Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42776 2012-02-20] (Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64792 2012-02-20] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96024 2012-02-20] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [220952 2012-02-20] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [357656 2012-02-20] (Intel Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-04-10] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-09] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-09 19:42 - 2014-09-09 19:47 - 00046322 _____ () C:\Users\bhuether\Downloads\Addition.txt
2014-09-09 19:38 - 2014-09-09 20:40 - 00033559 _____ () C:\Users\bhuether\Downloads\FRST.txt
2014-09-09 19:38 - 2014-09-09 20:39 - 00000000 ____D () C:\FRST
2014-09-09 19:37 - 2014-09-09 19:37 - 02105344 _____ (Farbar) C:\Users\bhuether\Downloads\FRST64.exe
2014-09-09 16:34 - 2014-09-09 16:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 16:32 - 2014-09-09 16:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 16:32 - 2014-09-09 16:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-09 16:32 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-09 16:32 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-09 16:32 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-09 16:29 - 2014-09-09 16:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\bhuether\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-09 15:53 - 2014-09-09 15:53 - 00002991 _____ () C:\Users\bhuether\Desktop\HiJackThis.lnk
2014-09-09 15:53 - 2014-09-09 15:53 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-09-09 15:53 - 2014-09-09 15:53 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-09-09 15:52 - 2014-09-09 15:52 - 01402880 _____ () C:\Users\bhuether\Downloads\HiJackThis.msi
2014-09-09 14:29 - 2014-09-09 14:29 - 00000000 ____D () C:\ProgramData\Browser
2014-09-09 13:31 - 2014-09-09 13:31 - 00117791 _____ () C:\Users\bhuether\Downloads\HUETHER, BRIAN-June.xlsx
2014-09-09 02:36 - 2014-09-09 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-08 15:33 - 2014-09-08 15:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-08 15:32 - 2014-09-09 02:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-08 15:32 - 2014-09-08 15:32 - 00001353 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-08 15:32 - 2014-09-08 15:32 - 00001341 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-08 15:32 - 2014-09-08 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-08 15:32 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-09-08 15:31 - 2014-09-08 15:36 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-08 15:22 - 2014-09-08 15:22 - 01255600 _____ () C:\Users\bhuether\Downloads\New_Player.exe
2014-09-07 23:53 - 2014-09-07 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCKEY200 Driver
2014-09-07 23:53 - 2014-09-07 23:53 - 00000000 ____D () C:\Program Files (x86)\USB CCID
2014-09-07 22:19 - 2014-09-07 22:19 - 00015360 _____ () C:\f.db3
2014-09-07 22:18 - 2014-09-07 22:20 - 00000000 ____D () C:\Program Files (x86)\Z3X
2014-09-07 22:18 - 2014-09-07 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
2014-09-07 22:16 - 2014-09-07 22:17 - 18700319 _____ (z3x-team ) C:\Users\bhuether\Downloads\latest_shell.exe
2014-09-07 18:30 - 2014-09-07 18:36 - 200218013 _____ () C:\Users\bhuether\Downloads\cm10.2_golden.nova.20140802 (1).zip
2014-09-07 17:26 - 2014-09-07 17:43 - 00000000 ____D () C:\cygwin64
2014-09-07 16:52 - 2014-09-07 16:52 - 00930200 _____ (Install Manager ) C:\Users\bhuether\Downloads\HD_Player.exe
2014-09-07 16:49 - 2014-09-07 16:49 - 24489269 _____ () C:\Users\bhuether\Downloads\setup_free.exe
2014-09-07 16:28 - 2014-09-09 14:13 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Free Download Manager
2014-09-07 16:28 - 2014-09-07 17:27 - 00000000 ____D () C:\Program Files (x86)\Free Download Manager
2014-09-07 16:28 - 2014-09-07 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2014-09-07 16:26 - 2014-09-07 16:26 - 08048664 _____ (FreeDownloadManager.ORG ) C:\Users\bhuether\Downloads\fdminst (1).exe
2014-09-07 16:22 - 2014-09-07 16:22 - 00003116 _____ () C:\Windows\System32\Tasks\{915A9F9A-4BB1-4B75-AD74-478252300058}
2014-09-07 16:21 - 2014-09-09 19:37 - 00000000 ____D () C:\Users\bhuether\AppData\Local\Blasteroids
2014-09-07 16:21 - 2014-09-07 16:21 - 08048664 _____ (FreeDownloadManager.ORG ) C:\Users\bhuether\Downloads\fdminst.exe
2014-09-07 16:21 - 2014-09-07 16:21 - 00000770 _____ () C:\Users\bhuether\Desktop\Install Free Download Manager.lnk
2014-09-07 16:20 - 2014-09-07 16:23 - 00000000 ____D () C:\ProgramData\Blasteroids
2014-09-07 16:20 - 2014-09-07 16:21 - 00000000 ____D () C:\ProgramData\daZwxe
2014-09-07 16:17 - 2014-09-07 16:17 - 00755792 _____ () C:\Users\bhuether\Downloads\Setup.exe
2014-09-07 16:16 - 2014-09-07 16:16 - 08273980 _____ () C:\Users\bhuether\Downloads\----TWRP-2.7.1.3_GT-I8190----.tar.md5
2014-09-07 15:36 - 2014-09-07 15:41 - 177422733 _____ () C:\Users\bhuether\Downloads\omni-4.4.2-20140522-golden-HOMEMADE.zip
2014-09-07 15:36 - 2014-09-07 15:36 - 00000136 _____ () C:\Users\bhuether\Downloads\omni-4.4.2-20140522-golden-HOMEMADE.zip.md5sum
2014-09-07 14:32 - 2014-09-07 14:32 - 00000000 ____D () C:\Users\bhuether\Documents\SelfMV
2014-09-07 14:23 - 2014-09-07 15:48 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-09-07 14:23 - 2014-09-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1
2014-09-07 14:23 - 2013-09-30 16:26 - 03050808 _____ () C:\Windows\system32\pwNative.exe
2014-09-07 14:23 - 2013-09-30 16:26 - 00019152 ____N () C:\Windows\system32\pwdrvio.sys
2014-09-07 14:23 - 2013-09-30 16:26 - 00012504 ____N () C:\Windows\system32\pwdspio.sys
2014-09-07 14:22 - 2014-09-07 14:22 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\bhuether\Downloads\pwhe8.exe
2014-09-07 13:53 - 2014-06-16 10:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-09-07 13:53 - 2014-06-16 10:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-09-07 13:52 - 2014-09-07 13:53 - 39279648 _____ (Samsung Electronics Co., Ltd.) C:\Users\bhuether\Downloads\Kies3Setup.exe
2014-09-07 13:50 - 2014-09-07 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-07 13:20 - 2014-09-07 13:21 - 19531504 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\bhuether\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2014-09-07 05:06 - 2014-09-07 05:06 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-09-07 05:05 - 2014-09-07 16:15 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Samsung
2014-09-07 05:05 - 2014-09-07 05:05 - 00000000 ____D () C:\Users\bhuether\Documents\samsung
2014-09-07 05:05 - 2014-09-07 05:05 - 00000000 ____D () C:\Users\bhuether\AppData\Local\Samsung
2014-09-07 05:04 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-09-07 04:53 - 2014-09-07 04:57 - 75709216 _____ (Samsung Electronics Co., Ltd.) C:\Users\bhuether\Downloads\KiesSetup.exe
2014-09-07 04:48 - 2014-09-07 04:48 - 00755703 _____ () C:\Users\bhuether\Downloads\i8190-CWM-stock-cm-param.zip
2014-09-07 04:11 - 2014-09-07 04:11 - 00000000 ____D () C:\Users\bhuether\Downloads\goldenxx_PIT_file
2014-09-07 04:10 - 2014-09-07 04:10 - 00000966 _____ () C:\Users\bhuether\Downloads\goldenxx_PIT_file.7z
2014-09-07 03:37 - 2014-09-07 03:37 - 00000000 ____D () C:\Users\bhuether\Downloads\KERNEL-I8190XXAMG4
2014-09-07 03:36 - 2014-09-07 03:37 - 07116800 _____ () C:\Users\bhuether\Downloads\KERNEL-I8190XXAMG4.tar
2014-09-07 02:49 - 2014-09-07 02:49 - 00000000 ____D () C:\adb
2014-09-07 02:48 - 2014-09-07 02:48 - 09560052 _____ () C:\Users\bhuether\Downloads\adb-setup-1.3.exe
2014-09-07 02:27 - 2014-09-07 02:29 - 07913472 _____ () C:\Users\bhuether\Downloads\cwm_mod2.img
2014-09-07 02:26 - 2014-09-08 00:29 - 00000000 ____D () C:\adb_windows
2014-09-07 02:25 - 2014-09-07 02:25 - 00179809 _____ () C:\Users\bhuether\Downloads\adb_windows.zip
2014-09-07 02:25 - 2014-09-07 02:25 - 00000000 ____D () C:\Users\bhuether\Downloads\adb_windows
2014-09-07 02:13 - 2014-09-07 02:14 - 07915567 _____ () C:\Users\bhuether\Downloads\recovery.tar.md5
2014-09-07 02:09 - 2014-09-07 02:09 - 00000000 ____D () C:\Users\bhuether\Downloads\GT-I8190_TWRP_2.7.0.0.tar.md5
2014-09-07 02:06 - 2014-09-07 02:07 - 08133447 _____ () C:\Users\bhuether\Downloads\GT-I8190_TWRP_2.7.0.0.tar.md5.zip
2014-09-07 00:30 - 2014-09-07 01:21 - 200218013 _____ () C:\Users\bhuether\Downloads\cm10.2_golden.nova.20140802.zip
2014-09-05 01:51 - 2014-09-05 01:53 - 56510938 _____ () C:\Users\bhuether\Downloads\pa_gapps-modular-nano-4.4.4-20140904a-signed.zip
2014-09-05 01:36 - 2014-09-04 12:46 - 447313996 _____ () C:\Users\bhuether\Downloads\cm11.0_golden.nova.20140904.ODIN_TWRP.tar.md5
2014-09-05 01:23 - 2014-09-05 01:23 - 00000000 ____D () C:\Users\bhuether\Downloads\recovery-clockwork-touch-6.0.2.7-golden
2014-09-05 01:22 - 2014-09-05 01:22 - 06538505 _____ () C:\Users\bhuether\Downloads\recovery-clockwork-touch-6.0.2.7-golden.tar.zip
2014-09-05 01:15 - 2014-09-05 01:15 - 00464072 _____ () C:\Users\bhuether\Downloads\Odin307.zip
2014-09-05 01:15 - 2014-09-05 01:15 - 00000000 ____D () C:\Users\bhuether\Downloads\Odin307
2014-09-05 01:03 - 2014-09-05 01:03 - 00000000 ____D () C:\Users\bhuether\Downloads\UPDATE-SuperSU-v1.65
2014-09-05 01:02 - 2014-09-05 01:03 - 01031912 _____ () C:\Users\bhuether\Downloads\UPDATE-SuperSU-v1.65.zip
2014-09-05 00:36 - 2014-09-05 00:36 - 00144760 _____ (Premium Installer ) C:\Users\bhuether\Downloads\Odin_Setup.exe
2014-08-30 13:51 - 2014-08-30 13:52 - 00000082 _____ () C:\Users\bhuether\Desktop\return.txt
2014-08-27 12:45 - 2014-08-27 14:21 - 00094572 _____ () C:\Users\bhuether\Desktop\HUETHER, BRIAN.xlsx
2014-08-27 12:31 - 2014-08-27 12:31 - 00099667 _____ () C:\Users\bhuether\Downloads\HUETHER, BRIAN.xlsx
2014-08-15 14:36 - 2014-08-16 01:56 - 00000282 _____ () C:\Users\bhuether\Desktop\turkey.txt
2014-08-12 22:03 - 2014-08-12 22:10 - 2535208217 _____ () C:\Users\bhuether\Downloads\Godzilla.2014.Telecine.720p-LQ.mkv
2014-08-12 22:02 - 2014-08-12 22:02 - 00012918 _____ () C:\Users\bhuether\Downloads\kinoplace.org_Godzilla.2014.Telecine.720p.2.36GB.mkv.torrent
2014-08-12 13:50 - 2014-08-12 13:50 - 00015386 _____ () C:\Users\bhuether\Downloads\Il portiere di notte - The Night Porter (1974) DVDRip r5707.torrent
2014-08-12 13:49 - 2014-08-12 13:49 - 00015360 _____ () C:\Users\bhuether\Downloads\[rutor.org]No4noj.Portje.1974.BDRip.by.SilverCinema.avi.torrent
2014-08-12 13:45 - 2014-08-12 13:45 - 00015506 _____ () C:\Users\bhuether\Downloads\[rutor.org]Nochnoj.porte.1974.P.HDRip.XviD.mp3.747mb.torrent
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-09 20:40 - 2014-09-09 19:38 - 00033559 _____ () C:\Users\bhuether\Downloads\FRST.txt
2014-09-09 20:39 - 2014-09-09 19:38 - 00000000 ____D () C:\FRST
2014-09-09 20:37 - 2012-12-29 19:50 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Skype
2014-09-09 20:07 - 2014-06-17 19:02 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8a3d2b669cb1.job
2014-09-09 19:47 - 2014-09-09 19:42 - 00046322 _____ () C:\Users\bhuether\Downloads\Addition.txt
2014-09-09 19:37 - 2014-09-09 19:37 - 02105344 _____ (Farbar) C:\Users\bhuether\Downloads\FRST64.exe
2014-09-09 19:37 - 2014-09-07 16:21 - 00000000 ____D () C:\Users\bhuether\AppData\Local\Blasteroids
2014-09-09 19:25 - 2012-08-17 06:28 - 01120494 _____ () C:\Windows\WindowsUpdate.log
2014-09-09 19:22 - 2012-12-29 18:01 - 00000380 _____ () C:\Users\bhuether\AppData\Roaming\sp_data.sys
2014-09-09 19:21 - 2012-02-18 11:37 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-09 18:58 - 2009-07-14 09:13 - 00813462 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-09 16:56 - 2012-08-17 06:31 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-09-09 16:35 - 2014-09-09 16:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 16:33 - 2014-09-09 16:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 16:32 - 2014-09-09 16:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-09 16:32 - 2014-09-09 16:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\bhuether\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-09 15:53 - 2014-09-09 15:53 - 00002991 _____ () C:\Users\bhuether\Desktop\HiJackThis.lnk
2014-09-09 15:53 - 2014-09-09 15:53 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-09-09 15:53 - 2014-09-09 15:53 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-09-09 15:52 - 2014-09-09 15:52 - 01402880 _____ () C:\Users\bhuether\Downloads\HiJackThis.msi
2014-09-09 14:29 - 2014-09-09 14:29 - 00000000 ____D () C:\ProgramData\Browser
2014-09-09 14:13 - 2014-09-07 16:28 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Free Download Manager
2014-09-09 13:31 - 2014-09-09 13:31 - 00117791 _____ () C:\Users\bhuether\Downloads\HUETHER, BRIAN-June.xlsx
2014-09-09 13:30 - 2013-07-29 18:49 - 00000000 ____D () C:\misc
2014-09-09 03:20 - 2009-07-14 07:20 - 00000000 ____D () C:\Windows\rescache
2014-09-09 02:52 - 2009-07-14 08:51 - 00147176 _____ () C:\Windows\setupact.log
2014-09-09 02:37 - 2014-09-08 15:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-09 02:36 - 2014-09-09 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-09 02:01 - 2013-01-08 01:17 - 00000000 ____D () C:\Users\bhuether\AppData\Local\Adobe
2014-09-08 22:35 - 2009-07-14 08:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 22:35 - 2009-07-14 08:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 22:21 - 2013-11-03 22:02 - 00000000 ____D () C:\Users\bhuether\AppData\Local\HTC MediaHub
2014-09-08 22:21 - 2012-08-17 06:31 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-09-08 22:21 - 2012-02-18 11:15 - 00070054 _____ () C:\Windows\PFRO.log
2014-09-08 22:21 - 2009-07-14 09:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 15:36 - 2014-09-08 15:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-08 15:33 - 2014-09-08 15:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-08 15:32 - 2014-09-08 15:32 - 00001353 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-08 15:32 - 2014-09-08 15:32 - 00001341 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-08 15:32 - 2014-09-08 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-08 15:22 - 2014-09-08 15:22 - 01255600 _____ () C:\Users\bhuether\Downloads\New_Player.exe
2014-09-08 00:29 - 2014-09-07 02:26 - 00000000 ____D () C:\adb_windows
2014-09-07 23:54 - 2009-07-14 07:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-07 23:53 - 2014-09-07 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCKEY200 Driver
2014-09-07 23:53 - 2014-09-07 23:53 - 00000000 ____D () C:\Program Files (x86)\USB CCID
2014-09-07 23:53 - 2012-08-17 06:33 - 00572900 _____ () C:\Windows\DPINST.LOG
2014-09-07 23:53 - 2012-08-17 06:33 - 00000000 ____D () C:\Program Files\DIFX
2014-09-07 22:20 - 2014-09-07 22:18 - 00000000 ____D () C:\Program Files (x86)\Z3X
2014-09-07 22:19 - 2014-09-07 22:19 - 00015360 _____ () C:\f.db3
2014-09-07 22:18 - 2014-09-07 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
2014-09-07 22:17 - 2014-09-07 22:16 - 18700319 _____ (z3x-team ) C:\Users\bhuether\Downloads\latest_shell.exe
2014-09-07 21:51 - 2013-10-29 19:23 - 00000000 ____D () C:\Program Files (x86)\MarkAny
2014-09-07 18:36 - 2014-09-07 18:30 - 200218013 _____ () C:\Users\bhuether\Downloads\cm10.2_golden.nova.20140802 (1).zip
2014-09-07 17:43 - 2014-09-07 17:26 - 00000000 ____D () C:\cygwin64
2014-09-07 17:27 - 2014-09-07 16:28 - 00000000 ____D () C:\Program Files (x86)\Free Download Manager
2014-09-07 16:52 - 2014-09-07 16:52 - 00930200 _____ (Install Manager ) C:\Users\bhuether\Downloads\HD_Player.exe
2014-09-07 16:49 - 2014-09-07 16:49 - 24489269 _____ () C:\Users\bhuether\Downloads\setup_free.exe
2014-09-07 16:28 - 2014-09-07 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2014-09-07 16:26 - 2014-09-07 16:26 - 08048664 _____ (FreeDownloadManager.ORG ) C:\Users\bhuether\Downloads\fdminst (1).exe
2014-09-07 16:23 - 2014-09-07 16:20 - 00000000 ____D () C:\ProgramData\Blasteroids
2014-09-07 16:22 - 2014-09-07 16:22 - 00003116 _____ () C:\Windows\System32\Tasks\{915A9F9A-4BB1-4B75-AD74-478252300058}
2014-09-07 16:21 - 2014-09-07 16:21 - 08048664 _____ (FreeDownloadManager.ORG ) C:\Users\bhuether\Downloads\fdminst.exe
2014-09-07 16:21 - 2014-09-07 16:21 - 00000770 _____ () C:\Users\bhuether\Desktop\Install Free Download Manager.lnk
2014-09-07 16:21 - 2014-09-07 16:20 - 00000000 ____D () C:\ProgramData\daZwxe
2014-09-07 16:17 - 2014-09-07 16:17 - 00755792 _____ () C:\Users\bhuether\Downloads\Setup.exe
2014-09-07 16:17 - 2009-07-14 07:20 - 00000000 ____D () C:\Windows\Resources
2014-09-07 16:16 - 2014-09-07 16:16 - 08273980 _____ () C:\Users\bhuether\Downloads\----TWRP-2.7.1.3_GT-I8190----.tar.md5
2014-09-07 16:16 - 2014-09-07 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-07 16:16 - 2013-10-29 19:23 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-07 16:15 - 2014-09-07 05:05 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Samsung
2014-09-07 16:15 - 2013-01-20 16:02 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-07 15:48 - 2014-09-07 14:23 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-09-07 15:41 - 2014-09-07 15:36 - 177422733 _____ () C:\Users\bhuether\Downloads\omni-4.4.2-20140522-golden-HOMEMADE.zip
2014-09-07 15:36 - 2014-09-07 15:36 - 00000136 _____ () C:\Users\bhuether\Downloads\omni-4.4.2-20140522-golden-HOMEMADE.zip.md5sum
2014-09-07 14:32 - 2014-09-07 14:32 - 00000000 ____D () C:\Users\bhuether\Documents\SelfMV
2014-09-07 14:32 - 2013-10-29 19:19 - 00000000 ____D () C:\Users\bhuether\AppData\Local\Downloaded Installations
2014-09-07 14:32 - 2012-08-17 06:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-07 14:23 - 2014-09-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1
2014-09-07 14:22 - 2014-09-07 14:22 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\bhuether\Downloads\pwhe8.exe
2014-09-07 13:53 - 2014-09-07 13:52 - 39279648 _____ (Samsung Electronics Co., Ltd.) C:\Users\bhuether\Downloads\Kies3Setup.exe
2014-09-07 13:21 - 2014-09-07 13:20 - 19531504 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\bhuether\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2014-09-07 11:25 - 2009-07-14 07:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-07 11:24 - 2014-05-27 19:18 - 00000000 ___RD () C:\Users\bhuether\Dropbox
2014-09-07 05:06 - 2014-09-07 05:06 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-09-07 05:05 - 2014-09-07 05:05 - 00000000 ____D () C:\Users\bhuether\Documents\samsung
2014-09-07 05:05 - 2014-09-07 05:05 - 00000000 ____D () C:\Users\bhuether\AppData\Local\Samsung
2014-09-07 04:57 - 2014-09-07 04:53 - 75709216 _____ (Samsung Electronics Co., Ltd.) C:\Users\bhuether\Downloads\KiesSetup.exe
2014-09-07 04:48 - 2014-09-07 04:48 - 00755703 _____ () C:\Users\bhuether\Downloads\i8190-CWM-stock-cm-param.zip
2014-09-07 04:11 - 2014-09-07 04:11 - 00000000 ____D () C:\Users\bhuether\Downloads\goldenxx_PIT_file
2014-09-07 04:10 - 2014-09-07 04:10 - 00000966 _____ () C:\Users\bhuether\Downloads\goldenxx_PIT_file.7z
2014-09-07 03:37 - 2014-09-07 03:37 - 00000000 ____D () C:\Users\bhuether\Downloads\KERNEL-I8190XXAMG4
2014-09-07 03:37 - 2014-09-07 03:36 - 07116800 _____ () C:\Users\bhuether\Downloads\KERNEL-I8190XXAMG4.tar
2014-09-07 02:49 - 2014-09-07 02:49 - 00000000 ____D () C:\adb
2014-09-07 02:48 - 2014-09-07 02:48 - 09560052 _____ () C:\Users\bhuether\Downloads\adb-setup-1.3.exe
2014-09-07 02:29 - 2014-09-07 02:27 - 07913472 _____ () C:\Users\bhuether\Downloads\cwm_mod2.img
2014-09-07 02:25 - 2014-09-07 02:25 - 00179809 _____ () C:\Users\bhuether\Downloads\adb_windows.zip
2014-09-07 02:25 - 2014-09-07 02:25 - 00000000 ____D () C:\Users\bhuether\Downloads\adb_windows
2014-09-07 02:14 - 2014-09-07 02:13 - 07915567 _____ () C:\Users\bhuether\Downloads\recovery.tar.md5
2014-09-07 02:09 - 2014-09-07 02:09 - 00000000 ____D () C:\Users\bhuether\Downloads\GT-I8190_TWRP_2.7.0.0.tar.md5
2014-09-07 02:07 - 2014-09-07 02:06 - 08133447 _____ () C:\Users\bhuether\Downloads\GT-I8190_TWRP_2.7.0.0.tar.md5.zip
2014-09-07 01:21 - 2014-09-07 00:30 - 200218013 _____ () C:\Users\bhuether\Downloads\cm10.2_golden.nova.20140802.zip
2014-09-06 16:23 - 2014-05-27 19:18 - 00001033 _____ () C:\Users\bhuether\Desktop\Dropbox.lnk
2014-09-06 16:23 - 2014-05-27 19:18 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-06 16:23 - 2014-05-27 19:16 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\Dropbox
2014-09-05 01:53 - 2014-09-05 01:51 - 56510938 _____ () C:\Users\bhuether\Downloads\pa_gapps-modular-nano-4.4.4-20140904a-signed.zip
2014-09-05 01:23 - 2014-09-05 01:23 - 00000000 ____D () C:\Users\bhuether\Downloads\recovery-clockwork-touch-6.0.2.7-golden
2014-09-05 01:22 - 2014-09-05 01:22 - 06538505 _____ () C:\Users\bhuether\Downloads\recovery-clockwork-touch-6.0.2.7-golden.tar.zip
2014-09-05 01:15 - 2014-09-05 01:15 - 00464072 _____ () C:\Users\bhuether\Downloads\Odin307.zip
2014-09-05 01:15 - 2014-09-05 01:15 - 00000000 ____D () C:\Users\bhuether\Downloads\Odin307
2014-09-05 01:03 - 2014-09-05 01:03 - 00000000 ____D () C:\Users\bhuether\Downloads\UPDATE-SuperSU-v1.65
2014-09-05 01:03 - 2014-09-05 01:02 - 01031912 _____ () C:\Users\bhuether\Downloads\UPDATE-SuperSU-v1.65.zip
2014-09-05 00:36 - 2014-09-05 00:36 - 00144760 _____ (Premium Installer ) C:\Users\bhuether\Downloads\Odin_Setup.exe
2014-09-04 12:46 - 2014-09-05 01:36 - 447313996 _____ () C:\Users\bhuether\Downloads\cm11.0_golden.nova.20140904.ODIN_TWRP.tar.md5
2014-08-30 13:52 - 2014-08-30 13:51 - 00000082 _____ () C:\Users\bhuether\Desktop\return.txt
2014-08-27 14:21 - 2014-08-27 12:45 - 00094572 _____ () C:\Users\bhuether\Desktop\HUETHER, BRIAN.xlsx
2014-08-27 12:31 - 2014-08-27 12:31 - 00099667 _____ () C:\Users\bhuether\Downloads\HUETHER, BRIAN.xlsx
2014-08-21 12:19 - 2014-05-09 12:52 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-16 23:47 - 2013-03-03 15:39 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\vlc
2014-08-16 01:56 - 2014-08-15 14:36 - 00000282 _____ () C:\Users\bhuether\Desktop\turkey.txt
2014-08-15 11:42 - 2013-02-25 11:32 - 00000000 ____D () C:\Users\bhuether\AppData\Roaming\uTorrent
2014-08-12 22:10 - 2014-08-12 22:03 - 2535208217 _____ () C:\Users\bhuether\Downloads\Godzilla.2014.Telecine.720p-LQ.mkv
2014-08-12 22:02 - 2014-08-12 22:02 - 00012918 _____ () C:\Users\bhuether\Downloads\kinoplace.org_Godzilla.2014.Telecine.720p.2.36GB.mkv.torrent
2014-08-12 13:50 - 2014-08-12 13:50 - 00015386 _____ () C:\Users\bhuether\Downloads\Il portiere di notte - The Night Porter (1974) DVDRip r5707.torrent
2014-08-12 13:49 - 2014-08-12 13:49 - 00015360 _____ () C:\Users\bhuether\Downloads\[rutor.org]No4noj.Portje.1974.BDRip.by.SilverCinema.avi.torrent
2014-08-12 13:45 - 2014-08-12 13:45 - 00015506 _____ () C:\Users\bhuether\Downloads\[rutor.org]Nochnoj.porte.1974.P.HDRip.XviD.mp3.747mb.torrent
2014-08-10 16:02 - 2012-12-29 19:49 - 00000000 ____D () C:\ProgramData\Skype
2014-08-10 15:59 - 2012-02-18 11:46 - 00000000 ____D () C:\Program Files (x86)\McAfee
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-06 00:39
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19600 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19600 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.27 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS PWR Option (HKLM-x32\...\{B7B60C4F-0DB8-42EF-8EDC-5F21D4C2D73F}) (Version: 1.2.1 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0009 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.22 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS_Scr_ZenbookPrime (HKLM-x32\...\ASUS_Scr_ZenbookPrime) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
AX88772B Windows 7 Drivers (HKLM-x32\...\InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}) (Version: 1.0.2.0 - ASIX Electronics Corporation)
AX88772B Windows 7 Drivers (x32 Version: 1.0.2.0 - ASIX Electronics Corporation) Hidden
Blasteroids (HKLM-x32\...\Blasteroids) (Version: 2.7.31 - Acute Angle Solutions)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Connectify (HKLM\...\Connectify) (Version: 8.0.0.30686 - Connectify)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
FreeVoipDeal (HKLM-x32\...\FreeVoipDeal_is1) (Version: 4.13 build 735 - Finarea S.A. Switzerland)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.8.0.002 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.3.32.0 - HTC)
IBM Forms Viewer 4.0.0 (HKLM-x32\...\{48462CC7-7DF3-4107-9459-12D3A11C6D80}) (Version: 4.0.0.3 - IBM)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.3 - ASUS)
Intel® Dynamic Platform & Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.1.1067 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2761 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.8.0.0548 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{B9EE2364-A67C-40DD-8413-495E2C7FBCD0}) (Version: 2.1.2.0206 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software Driver (Version: 15.08.0000.0320 - Intel Corporation) Hidden
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1024 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® AT Service signup (HKLM-x32\...\{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}) (Version: 2.0.0.3 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ae509f68-6982-4506-befc-f2218d72cd5e}) (Version: 15.8.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.08.0000.0196 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Juniper Citrix Services Client (HKCU\...\Juniper_Citrix_Services) (Version: 7.4.0.30599 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.4.9.43209 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.7.2.0 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Outlook Web Access S/MIME (2007) (HKLM-x32\...\{CF1A6387-88F6-4BD9-B0BE-EA1AF7024C7C}) (Version: 8.3.105.0 - Microsoft Corporation)
Microsoft Outlook Web Access S/MIME (HKLM-x32\...\{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}) (Version: 6.5.7651.60 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6668 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Remo Recover for Android (HKLM\...\{3BF6B4CF-E6A1-45B3-9BC5-67213D146CB6}_is1) (Version: 2.0.0.8 - Remo Software)
Rhapsody (HKLM-x32\...\Rhapsody) (Version:  - )
Russian Phonetic YaWert - WinRus.com (HKLM\...\{3A414249-4B92-422C-904C-5FA6FF525AB1}) (Version: 1.0.3.40 - personal)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sippoint 3.1.1.132 (HKLM-x32\...\Sippoint_is1) (Version:  - Sippoint)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
The Core Media Player 4.0 (HKLM-x32\...\The Core Media Player) (Version:  - )
USB CCID Smartcard Reader - Version 1.2.1.2 (HKLM\...\{939913F9-F134-4E9E-B879-BE6755B69952}) (Version: 3.0.0.1 - USB CCID)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - AnyDATA Corporation (adusbser) Modem  (12/31/2007 2.0.4.0) (HKLM\...\D46E6E09C9DFBE4319FE07FC4F249DA42CC26BF9) (Version: 12/31/2007 2.0.4.0 - AnyDATA Corporation)
Windows Driver Package - AnyDATA Corporation (adusbser) Ports  (12/31/2007 2.0.4.0) (HKLM\...\769F36EB73566E376559B9A2BD74718E72BD4735) (Version: 12/31/2007 2.0.4.0 - AnyDATA Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (07/04/2012 1.0.0.90) (HKLM\...\1E69FD7AD5518E7CDB2F55D730CACCD8ED89F5D5) (Version: 07/04/2012 1.0.0.90 - ASUS)
Windows Driver Package - Axesstel (Axtmvmdm) Modem  (03/22/2007 1.0.1.123) (HKLM\...\9064803E0E54025576C9E14BEBF5082D307FE9D3) (Version: 03/22/2007 1.0.1.123 - Axesstel)
Windows Driver Package - Axesstel (Axtmvprt) Ports  (03/22/2007 1.0.1.123) (HKLM\...\E3E6D025997CEEBE54FFAA538A9639F3443A676F) (Version: 03/22/2007 1.0.1.123 - Axesstel)
Windows Driver Package - Cmotech Modem  (06/08/2007 2.0.3.9) (HKLM\...\7404D4336C2B621F88A2B25CE6577572A8BBD25A) (Version: 06/08/2007 2.0.3.9 - Cmotech)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24) (HKLM\...\4C8545EEB6143B6AD3858B5D1E0AEE76040B1435) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24) (HKLM\...\6849F67BACD4DA5A5B9D46803E6850D0BE8B3826) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Windows Driver Package - Vertex Wireless Co., Ltd.  (vwmfdiag) Ports  (11/11/2009 5.02.0.0) (HKLM\...\3B97934A3D89D0251427789060966CBEA42D6E79) (Version: 11/11/2009 5.02.0.0 - Vertex Wireless Co., Ltd. )
Windows Driver Package - Vertex Wireless Co., Ltd.  (vwmfmdm) Modem  (11/11/2009 5.02.0.0) (HKLM\...\BE11CE2E6D85C409064C069EEB407034E1EBAE85) (Version: 11/11/2009 5.02.0.0 - Vertex Wireless Co., Ltd. )
Windows Driver Package - Vertex Wireless Co., Ltd.  (vwmfserd) Ports  (11/11/2009 5.02.0.0) (HKLM\...\7A762EB187B4D18D896C9047B5566089C6955A03) (Version: 11/11/2009 5.02.0.0 - Vertex Wireless Co., Ltd. )
Windows Driver Package - ZTEMT Corporation (usbser) Modem  (07/15/2008 5.1.2600.2910) (HKLM\...\4154AA0FDB7E8490D66F42A13CFF02441078E9AC) (Version: 07/15/2008 5.1.2600.2910 - ZTEMT Corporation)
Windows Driver Package - ZTEMT Corporation (ztemtusbser) Modem  (07/15/2008 2.0.5.6) (HKLM\...\6CCE3E7B0CBB647DABE9F93C5E12AF3BDAFC37A5) (Version: 07/15/2008 2.0.5.6 - ZTEMT Corporation)
Windows Driver Package - ZTEMT Corporation (ztemtusbser) Ports  (07/15/2008 2.0.5.6) (HKLM\...\E4084B0E0195522BD9D4CBCD2B35C629AC65395D) (Version: 07/15/2008 2.0.5.6 - ZTEMT Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media DRM Reset (HKLM-x32\...\ResetDRM) (Version:  - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.10 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.32 - ASUS)
X-Lite 4 (HKLM-x32\...\{666D5692-42CD-4F0F-A1A3-547C8EBC6FA0}) (Version: 45.7.0866 - CounterPath Corporation)
z3x shell 4.6.2 (HKLM-x32\...\z3x shell_is1) (Version:  - z3x-team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1945361147-739703407-3495691399-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bhuether\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
08-09-2014 22:38:58 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
09-09-2014 11:53:14 Installed HiJackThis
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 06:34 - 2009-06-11 01:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {038FEE8A-4A57-4003-B660-6EE0DC2E9003} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {11D9458C-FB82-462F-93D6-3DA2242A616B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {275432D8-9C3F-4042-B3AC-B2B574CA6E5C} - System32\Tasks\AdobeAAMUpdater-1.0-bhuether-PC-bhuether => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {3C0C5918-54CF-4873-9A4E-EC19CF0450B6} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8a3d2b669cb1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {69EAC257-E15A-4216-BB29-11982E1BB0D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-21] (Microsoft Corporation)
Task: {920570E2-8938-4EE1-B399-D14F9DAFDF2C} - System32\Tasks\ASUS Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-07-11] (ASUSTeK Computer Inc.)
Task: {9A978EB9-E5C1-4615-98C6-50B57BF154C4} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)
Task: {A0EB59EF-5ACB-4628-BDE5-A2CCD95B212E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {A24A9865-2B3C-4690-B249-6A0065AE6685} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {C368ACCF-6F5D-4AAD-A287-1C26ECE7817B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {C3CF6508-6BD2-48DA-B384-199E6AF3E7C7} - System32\Tasks\Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2011-11-28] ()
Task: {E933BA45-E728-43BA-95D5-C3FC548C4AFA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {EE71DC30-C23E-4B80-8128-8026B3BC73B0} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-26] (ASUSTek Computer Inc.)
Task: {FD5F9E5A-3C23-41E2-A986-D044B6722E6C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-21] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8a3d2b669cb1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-01-08 01:15 - 2011-03-01 02:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2014-08-21 12:16 - 2014-08-21 12:16 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2010-07-15 03:11 - 2010-07-15 03:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-11-28 20:58 - 2011-11-28 20:58 - 00556976 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2014-05-09 12:52 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-11 07:10 - 2012-02-20 07:31 - 00018944 _____ () C:\Windows\SysWOW64\DptfParticipantProcessorService.exe
2012-07-11 07:10 - 2012-02-20 07:31 - 00019968 _____ () C:\Windows\SysWOW64\DptfPolicyConfigTDPService.exe
2014-05-17 02:34 - 2014-05-17 02:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-05-08 01:10 - 2013-01-28 06:49 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2013-11-03 22:01 - 2012-12-08 02:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-07-11 07:09 - 2012-06-13 15:34 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2013-10-18 02:09 - 2013-10-18 02:09 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-04-17 01:45 - 2012-04-17 01:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
2012-08-17 06:31 - 2012-05-10 23:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2012-01-31 20:25 - 2012-01-31 20:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-05-17 04:11 - 2014-05-17 04:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 04:37 - 2014-05-17 04:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2011-08-16 07:12 - 2011-08-16 07:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
2011-08-16 07:15 - 2011-08-16 07:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
2011-08-18 03:41 - 2011-08-18 03:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
2011-08-18 03:48 - 2011-08-18 03:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
2012-04-16 22:42 - 2012-04-16 22:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
2011-08-16 07:12 - 2011-08-16 07:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-18 03:48 - 2011-08-18 03:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
2011-08-16 06:23 - 2011-08-16 06:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
2012-04-16 22:41 - 2012-04-16 22:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 22:56 - 2012-04-16 22:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-04-16 22:38 - 2012-04-16 22:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll
2013-10-18 02:08 - 2013-10-18 02:08 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-10-18 02:08 - 2013-10-18 02:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-10-18 02:09 - 2013-10-18 02:09 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-10-18 02:09 - 2013-10-18 02:09 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-10-18 02:09 - 2013-10-18 02:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-10-18 02:10 - 2013-10-18 02:10 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-10-18 02:10 - 2013-10-18 02:10 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2012-06-08 01:12 - 2012-06-08 01:12 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-05-12 00:05 - 2014-03-24 21:27 - 00376608 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2014-08-21 12:16 - 2014-08-21 12:16 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-08 15:32 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-08 15:32 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-08 15:32 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-08 15:32 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-08 15:32 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-05-12 00:05 - 2014-03-24 21:27 - 03177760 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2014-05-12 00:05 - 2014-03-24 21:27 - 00714016 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2014-05-12 00:05 - 2014-03-24 21:27 - 00354080 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2011-07-20 03:05 - 2011-07-20 03:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-20 03:04 - 2011-07-20 03:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll
2011-08-16 07:17 - 2011-08-16 07:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll
2012-08-17 06:31 - 2012-05-11 02:03 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-09-08 22:21 - 2014-09-08 22:21 - 01184128 _____ () C:\ProgramData\daZwxe\dat\IlpvdHVI.dll
2014-09-07 16:28 - 2014-04-22 21:52 - 00106496 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2014-09-05 01:14 - 2014-08-30 06:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-05 01:14 - 2014-08-30 06:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-05 01:14 - 2014-08-30 06:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-05 01:14 - 2014-08-30 06:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-05 01:14 - 2014-08-30 06:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-05 01:14 - 2014-08-30 06:49 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
2007-03-22 04:53 - 2007-03-22 04:53 - 00049152 _____ () C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\QuickTimeGlue.dll
2007-03-22 04:52 - 2007-03-22 04:52 - 00393216 _____ () C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\AdobeXMP.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:C76EDAC3
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^bhuether^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^bhuether^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
MSCONFIG\startupreg: ASUS Quick Gesture (x86) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
MSCONFIG\startupreg: ASUS TP Center (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: Connectify => C:\Program Files (x86)\Connectify\Connectify.exe
MSCONFIG\startupreg: Connectify Dispatch => C:\Program Files (x86)\Connectify\DispatchUI.exe autorun
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Sippoint => C:\Program Files (x86)\Sippoint\Sippoint.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/09/2014 03:15:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/07/2014 09:49:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 37.0.2062.103, time stamp: 0x54011f26
Faulting module name: chrome.dll, version: 37.0.2062.103, time stamp: 0x54011c47
Exception code: 0x80000003
Fault offset: 0x004fbf54
Faulting process id: 0xdc0
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (09/07/2014 08:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Odin3 v3.07.exe, version: 3.0.0.0, time stamp: 0x4fc5bb56
Faulting module name: Odin3 v3.07.exe, version: 3.0.0.0, time stamp: 0x4fc5bb56
Exception code: 0xc0000094
Fault offset: 0x0001a688
Faulting process id: 0x1064
Faulting application start time: 0xOdin3 v3.07.exe0
Faulting application path: Odin3 v3.07.exe1
Faulting module path: Odin3 v3.07.exe2
Report Id: Odin3 v3.07.exe3
 
Error: (09/07/2014 07:29:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Odin3 v3.07.exe, version: 3.0.0.0, time stamp: 0x4fc5bb56
Faulting module name: Odin3 v3.07.exe, version: 3.0.0.0, time stamp: 0x4fc5bb56
Exception code: 0xc0000094
Fault offset: 0x0001a688
Faulting process id: 0x2838
Faulting application start time: 0xOdin3 v3.07.exe0
Faulting application path: Odin3 v3.07.exe1
Faulting module path: Odin3 v3.07.exe2
Report Id: Odin3 v3.07.exe3
 
Error: (09/07/2014 07:25:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Odin3 v3.07.exe, version: 3.0.0.0, time stamp: 0x4fc5bb56
Faulting module name: Odin3 v3.07.exe, version: 3.0.0.0, time stamp: 0x4fc5bb56
Exception code: 0xc0000094
Fault offset: 0x0001a688
Faulting process id: 0x2e68
Faulting application start time: 0xOdin3 v3.07.exe0
Faulting application path: Odin3 v3.07.exe1
Faulting module path: Odin3 v3.07.exe2
Report Id: Odin3 v3.07.exe3
 
Error: (09/07/2014 01:53:36 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
 
Error: (09/07/2014 01:53:36 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
 
Error: (09/07/2014 05:05:52 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
 
Error: (09/07/2014 05:05:52 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
 
Error: (09/06/2014 11:01:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 11618. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
 
System errors:
=============
Error: (09/09/2014 06:54:52 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.118.1192.168.173.0255.255.255.0
 
Error: (09/09/2014 06:54:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (09/09/2014 02:30:05 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer KORTH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BF36B826-5669-4EA0-AC01-68C07D2F1DEE}.
The master browser is stopping or an election is being forced.
 
Error: (09/09/2014 02:22:05 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer KORTH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BF36B826-5669-4EA0-AC01-68C07D2F1DEE}.
The master browser is stopping or an election is being forced.
 
Error: (09/08/2014 10:21:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (09/08/2014 02:20:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (09/07/2014 09:52:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (09/07/2014 09:41:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (09/07/2014 08:49:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer DAVEBENNETTLPTP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BF36B826-5669-4EA0-AC01-68C07D2F1DEE}.
The master browser is stopping or an election is being forced.
 
Error: (09/07/2014 06:21:54 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialization failed because the transport refused to open initial addresses.
 
 
Microsoft Office Sessions:
=========================
Error: (09/09/2014 03:15:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\Z3X\box drivers\box driver v3\dpinst_ia64.exe
 
Error: (09/07/2014 09:49:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.10354011f26chrome.dll37.0.2062.10354011c4780000003004fbf54dc001cfca96a1c8217fC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\chrome.dll4b181709-36b7-11e4-9313-c485082b7a09
 
Error: (09/07/2014 08:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Odin3 v3.07.exe3.0.0.04fc5bb56Odin3 v3.07.exe3.0.0.04fc5bb56c00000940001a688106401cfcab89e15d65cC:\Users\bhuether\Downloads\Odin307\Odin307\Odin3 v3.07.exeC:\Users\bhuether\Downloads\Odin307\Odin307\Odin3 v3.07.exe43236cd8-36ac-11e4-9313-c485082b7a09
 
Error: (09/07/2014 07:29:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Odin3 v3.07.exe3.0.0.04fc5bb56Odin3 v3.07.exe3.0.0.04fc5bb56c00000940001a688283801cfcab06a8c889dC:\Users\bhuether\Downloads\Odin307\Odin307\Odin3 v3.07.exeC:\Users\bhuether\Downloads\Odin307\Odin307\Odin3 v3.07.exec19a1748-36a3-11e4-9313-c485082b7a09
 
Error: (09/07/2014 07:25:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Odin3 v3.07.exe3.0.0.04fc5bb56Odin3 v3.07.exe3.0.0.04fc5bb56c00000940001a6882e6801cfcaafdd9ee0caC:\Users\bhuether\Downloads\Odin307\Odin307\Odin3 v3.07.exeC:\Users\bhuether\Downloads\Odin307\Odin307\Odin3 v3.07.exe3d16a44f-36a3-11e4-9313-c485082b7a09
 
Error: (09/07/2014 01:53:36 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Samsung\Kies\Kies.exe
 
Error: (09/07/2014 01:53:36 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Samsung\Kies\Kies.exe
 
Error: (09/07/2014 05:05:52 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Samsung\Kies\Kies.exe
 
Error: (09/07/2014 05:05:52 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Samsung\Kies\Kies.exe
 
Error: (09/06/2014 11:01:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: 1161816622D0000602D0000612D0000B8010000
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 95%
Total physical RAM: 3981.98 MB
Available physical RAM: 185.3 MB
Total Pagefile: 8633.17 MB
Available Pagefile: 710.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:100.92 GB) (Free:8.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:119.45 GB) (Free:114.08 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 234.7 GB) (Disk ID: E3F44038)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

 

I started the 2nd program but during the scan I got a blue screen. The computer rebooted, made a funny noise, then blue screened again, rebooted, and now seems ok. But I don't want to run the 2nd scan again.

 

Thanks!!



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:04 AM

Posted 10 September 2014 - 07:05 AM

Reboot into safe mode with networking and try again to run aswMBR.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:04 AM

Posted 13 October 2014 - 08:04 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users