Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes keeps blocking 185.21.216.133


  • This topic is locked This topic is locked
8 replies to this topic

#1 rcullens

rcullens

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:21 AM

Posted 25 February 2015 - 01:13 AM

Malwarebytes keeps blocking 185.21.216.133 am I infected? I am sure that I am but how do i fix it?



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:21 PM

Posted 26 February 2015 - 03:25 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 rcullens

rcullens
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:21 AM

Posted 27 February 2015 - 11:49 AM

FRST.TXT

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01

Ran by roger (administrator) on bleepS on 27-02-2015 10:44:03
Running from C:\Users\roger\Desktop
Loaded Profiles: roger (Available profiles: roger)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
() C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBWMgr.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\roger\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2012-07-25] (Intel® Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows  10.0\apmwinsrv.exe [66768 2013-01-16] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [602624 2009-03-12] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [HFS Activator] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfsactivator.exe [245456 2013-01-16] ()
Winlogon\Notify\DfLogon: LogonDll.dll [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\Run: [uTorrent] => C:\Users\roger\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-18] (BitTorrent Inc.)
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.exe [330040 2015-01-19] ( New Softwares.net)
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [8473600 2015-01-22] (Visicom Media Inc.)
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\MountPoints2: {18e55068-a4ac-11e4-825b-88ae1df30f93} - "E:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\MountPoints2: {4da6b26d-9edb-11e4-8253-88ae1df30f93} - "E:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\MountPoints2: {4e8a8a19-a13d-11e4-8255-88ae1df30f93} - "E:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\MountPoints2: {5c1c001c-a79d-11e4-8262-00266cbab4f5} - "H:\Windows\AutoRun.exe" 
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\MountPoints2: {6cbb3b24-ae30-11e4-8269-00266cbab4f5} - "D:\Windows\AutoRun.exe" 
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\MountPoints2: {d060dc15-abe4-11e4-8269-00266cbab4f5} - "D:\VZW_Software_upgrade_assistant.exe" 
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
BootExecute: autocheck autochk /k:C /k:F /k:G * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
AutoConfigURL: [S-1-5-21-1597422563-1397354114-4269593155-1001] => http://127.0.0.1:895/proxy.js
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 127.0.0.1 activation.guitar-pro.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
 
FireFox:
========
FF ProfilePath: C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: www.google.com
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1597422563-1397354114-4269593155-1001: @hola.org/vlc,version=1.6.732 -> C:\Users\roger\AppData\Local\Hola\firefox\app\vlc ()
FF Extension: FoxyProxy Standard - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\foxyproxy@eric.h.jung [2015-02-05]
FF Extension: Hola Better Internet - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-24]
FF Extension: EPUBReader - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-02-13]
FF Extension: DownThemAll! AntiContainer - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\anticontainer@downthemall.net.xpi [2015-02-20]
FF Extension: Hide My Ass Proxy Extension - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\extension@hidemyass.com.xpi [2015-01-19]
FF Extension: MEGA - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\firefox@mega.co.nz.xpi [2015-02-25]
FF Extension: Hover Translate - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\hovertranslate@muhammadsafwat.com.xpi [2015-01-20]
FF Extension: Translate This! - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-01-20]
FF Extension: Open In Chrome - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\openinchrome@griffeltavla.wordpress.com.xpi [2015-01-19]
FF Extension: Restart Button - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\restartbutton@strk.jp.xpi [2015-01-24]
FF Extension: QuickJS - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi [2015-01-25]
FF Extension: DownThemAll! - C:\Users\roger\AppData\Roaming\Mozilla\Firefox\Profiles\297mf59t.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-02-20]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-02-26]
 
Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (CIRC) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebigdkelppomhhjaaianniiifjbgocn [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Cast) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-01-16]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-01-29]
CHR Extension: (Google Search) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Webcam) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpjcegkjhdnnempidlgmeoaiilpidep [2015-01-16]
CHR Extension: (Proxy SwitchySharp) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2015-01-16]
CHR Extension: (WebCam) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\elgbjhndflmfchhddabmooebfebooncd [2015-01-19]
CHR Extension: (Hola Better Internet Engine) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-02-03]
CHR Extension: (Netflix My List Fixer) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbaichaenoaeceiodndeeffnnalhknme [2015-02-13]
CHR Extension: (Google Sheets) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (MegaFlix) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifnpoldenccjbdaoapeghgkkleomfgg [2015-02-13]
CHR Extension: (Bookmarks Anywhere) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\flfpmcoefdjfobjdjckmjphmkdfnlmba [2015-02-19]
CHR Extension: (Plex) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-02-18]
CHR Extension: (VideoCast (VLC/Chromecast)) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclhodkofgoighinmongpkpncdpalejb [2015-02-03]
CHR Extension: (Video Player) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdebnehfojpoccpaocfbelbclfnpbmij [2015-02-13]
CHR Extension: (Hola Better Internet) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-02-03]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2015-01-16]
CHR Extension: (Translator (All Languages)) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdkohkdahffmjhcehilamblbpnjpmlo [2015-02-04]
CHR Extension: (User-Agent Switcher) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf [2015-02-13]
CHR Extension: (LocalChromecast Player) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp [2015-01-29]
CHR Extension: (Google Wallet) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR Profile: C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-19]
CHR Extension: (Google Docs) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-19]
CHR Extension: (Google Drive) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-19]
CHR Extension: (YouTube) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-19]
CHR Extension: (Google Search) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-19]
CHR Extension: (Google Sheets) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-19]
CHR Extension: (Bookmarks Anywhere) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flfpmcoefdjfobjdjckmjphmkdfnlmba [2015-02-19]
CHR Extension: (Google Wallet) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-19]
CHR Extension: (Gmail) - C:\Users\roger\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-19]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 DFServ; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [1075200 2011-02-25] (Faronics Corporation) [File not signed]
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [File not signed]
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2012-07-18] (Red Bend Ltd.) [File not signed]
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2015-01-19] (New Softwares.net)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1076520 2015-02-24] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2015-02-23] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [573736 2015-02-24] ()
S2 i2p; C:\Program Files (x86)\i2p\I2Psvc.exe [389632 2015-01-17] (Tanuki Software, Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-10-29] (The OpenVPN Project)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [146944 2015-01-17] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2012-07-18] (Intel® Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-01-16] (Paragon Software Group)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [235800 2011-02-25] (Faronics Corporation)
S3 DroidCam; C:\Windows\system32\drivers\droidcam.sys [25216 2015-01-25] (Dev47Apps)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [60624 2013-01-16] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [202960 2013-01-16] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-01-16] (Paragon Software Group)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-05-16] (AnchorFree Inc.)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2013-01-16] (Paragon Software Group)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2015-01-19] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2015-01-19] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2015-01-19] (NewSoftwares.net, Inc.)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 clwvd6; \SystemRoot\system32\DRIVERS\clwvd6.sys [X]
S3 VMSMP; \SystemRoot\system32\DRIVERS\vmswitch.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-27 10:44 - 2015-02-27 10:44 - 00027726 _____ () C:\Users\roger\Desktop\FRST.txt
2015-02-27 10:43 - 2015-02-27 10:44 - 00000000 ____D () C:\FRST
2015-02-27 10:42 - 2015-02-27 10:43 - 02087936 _____ (Farbar) C:\Users\roger\Desktop\FRST64 (1).exe
2015-02-27 08:00 - 2015-02-27 08:00 - 00910347 _____ () C:\Users\roger\Downloads\820UL_20D.zip
2015-02-27 08:00 - 2015-02-27 08:00 - 00000000 ____D () C:\Users\roger\Downloads\820UL_20D
2015-02-27 02:40 - 2015-02-27 02:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-02-27 01:24 - 2015-02-27 01:24 - 00000000 ____D () C:\Users\roger\Downloads\data-card-unlock-tool-zte-pc
2015-02-27 01:24 - 2015-02-27 01:18 - 00204557 _____ () C:\Users\roger\Downloads\data-card-unlock-tool-zte-pc.zip
2015-02-26 17:14 - 2015-02-26 17:14 - 00000000 ____D () C:\Users\roger\Downloads\Extra
2015-02-26 17:01 - 2015-02-26 17:02 - 00285838 _____ () C:\Users\roger\Downloads\Extra.zip
2015-02-26 15:49 - 2015-02-26 15:49 - 00000000 ____D () C:\Users\roger\Downloads\HFS_10_eng
2015-02-26 15:42 - 2015-02-26 17:35 - 00000000 ____D () C:\Users\roger\Downloads\Chameleon_BS
2015-02-26 15:41 - 2015-02-26 15:41 - 00123703 _____ () C:\Users\roger\Downloads\Chameleon_BS.zip
2015-02-26 13:37 - 2015-02-26 13:37 - 01257776 _____ () C:\Users\roger\Downloads\Kext Helper b7.zip
2015-02-26 11:17 - 2015-02-26 11:17 - 00000000 ____D () C:\Users\roger\Downloads\iATKOS_S3_v2
2015-02-26 08:48 - 2015-02-26 10:32 - 3646320109 _____ () C:\Users\roger\Downloads\iATKOS_S3_v2.zip
2015-02-26 08:44 - 2015-02-26 08:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-26 08:30 - 2015-02-26 08:30 - 00000000 ____D () C:\Users\roger\Downloads\dd-0.6beta3
2015-02-26 08:29 - 2015-02-26 08:29 - 00196080 _____ () C:\Users\roger\Downloads\dd-0.6beta3.zip
2015-02-26 08:00 - 2015-02-26 17:25 - 1678093955 _____ () C:\Users\roger\Downloads\Rhodium.zip
2015-02-26 03:35 - 2015-02-26 03:38 - 108425342 _____ () C:\Users\roger\Downloads\3G_QUALCOMM_1 1.0.14_XPx86_A.zip
2015-02-26 03:32 - 2015-02-26 03:32 - 18159687 _____ () C:\Users\roger\Downloads\VGA_Intel_6.14.10.4926_XPx86_A(1).zip
2015-02-26 03:31 - 2015-02-26 03:35 - 77372804 _____ () C:\Users\roger\Downloads\3G_QUALCOMM_1.0.19_XPx86_A.zip
2015-02-26 03:31 - 2015-02-26 03:33 - 24101381 _____ () C:\Users\roger\Downloads\3G_QUALCOMM_1.1.4_XPx86_A.zip
2015-02-26 03:31 - 2015-02-26 03:32 - 04795742 _____ () C:\Users\roger\Downloads\Lan_Atheros_1.0.0.17_XPx86_A.zip
2015-02-26 03:05 - 2015-02-26 03:09 - 17190361 _____ () C:\Users\roger\Downloads\Wireless LAN_Realtek_1085.16.0930.2009_XPx86_A.zip
2015-02-26 03:05 - 2015-02-26 03:07 - 18159687 _____ () C:\Users\roger\Downloads\VGA_Intel_6.14.10.4926_XPx86_A.zip
2015-02-26 03:04 - 2015-02-26 03:06 - 21646355 _____ () C:\Users\roger\Downloads\TouchPad_Synaptics_12.2.2.0_XPx86_A.zip
2015-02-26 03:04 - 2015-02-26 03:04 - 09130445 _____ () C:\Users\roger\Downloads\TouchPad_ALPS_7.5.2002.1112_XPx86_A.zip
2015-02-26 03:03 - 2015-02-26 03:11 - 80487383 _____ () C:\Users\roger\Downloads\Audio_Realtek_5.10.0.6010_XPx86_A.zip
2015-02-26 03:03 - 2015-02-26 03:11 - 107486025 _____ () C:\Users\roger\Downloads\Bluetooth_Broadcom_5.5.0.7400_XPx86_A.zip
2015-02-26 03:03 - 2015-02-26 03:06 - 12700553 _____ () C:\Users\roger\Downloads\Camera_Chicony_2.0.0.6_XPx86_A.zip
2015-02-26 03:03 - 2015-02-26 03:05 - 07286330 _____ () C:\Users\roger\Downloads\CardReader_Realtek_6.0.6000.81_XPx86_A.zip
2015-02-26 03:03 - 2015-02-26 03:04 - 14683605 _____ () C:\Users\roger\Downloads\Camera_Suyin_1.9.1.0_XPx86_A.zip
2015-02-26 03:03 - 2015-02-26 03:04 - 02100233 _____ () C:\Users\roger\Downloads\Chipset_Intel_8.3.0.1018_XPx86_A.zip
2015-02-26 03:03 - 2015-02-26 03:03 - 06392721 _____ () C:\Users\roger\Downloads\AHCI_Intel_8.0.0.1039_XPx86_A.zip
2015-02-26 03:02 - 2014-10-23 03:17 - 02249472 _____ (Acer Inc.) C:\Users\roger\Downloads\HWVendorDetection.exe
2015-02-26 03:02 - 2014-09-25 01:30 - 00007685 _____ () C:\Users\roger\Downloads\support.htm
2015-02-26 03:01 - 2015-02-26 03:02 - 20141811 _____ () C:\Users\roger\Downloads\Wireless LAN_Broadcom_5.10.79.14_XPx86_A.zip
2015-02-25 23:46 - 2015-02-26 00:22 - 1423966208 _____ () C:\Users\roger\Downloads\linuxmint-17.1-xfce-32bit.iso
2015-02-25 21:12 - 2015-02-25 21:12 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Developer Tools
2015-02-25 21:12 - 2015-02-25 21:12 - 00000000 ____D () C:\Program Files (x86)\Novicorp WinToFlash
2015-02-25 21:09 - 2015-02-25 21:09 - 00000000 ____D () C:\Users\roger\Downloads\Windows XP SP3 2011 v11.12 Netbook Edition [MXG].part3
2015-02-25 21:09 - 2015-02-25 21:09 - 00000000 ____D () C:\Users\roger\Downloads\Windows XP SP3 2011 v11.12 Netbook Edition [MXG].part2
2015-02-25 20:53 - 2015-02-25 21:07 - 204097719 _____ () C:\Users\roger\Downloads\Windows XP SP3 2011 v11.12 Netbook Edition [MXG].part3.rar
2015-02-25 20:52 - 2015-02-25 21:07 - 209715200 _____ () C:\Users\roger\Downloads\Windows XP SP3 2011 v11.12 Netbook Edition [MXG].part1.rar
2015-02-25 20:52 - 2015-02-25 21:02 - 209715200 _____ () C:\Users\roger\Downloads\Windows XP SP3 2011 v11.12 Netbook Edition [MXG].part2.rar
2015-02-25 19:58 - 2015-02-26 08:26 - 00000000 ____D () C:\Users\roger\Downloads\Microsoft.Windows.7.OSX.Ultimate.Netbook.Edition.x86-CHR
2015-02-25 18:51 - 2015-02-25 21:08 - 00000000 ____D () C:\Users\roger\Downloads\Windows XP SP3 2011 v11.12 Netbook Edition [MXG]
2015-02-25 14:53 - 2015-02-25 14:53 - 00184411 ____T () C:\Users\roger\Downloads\waterbillreceipt.oxps
2015-02-25 12:18 - 2012-10-31 15:18 - 00000000 ____D () C:\Users\roger\Downloads\Mac OS X 10.6.3 Install USB
2015-02-25 12:00 - 2015-02-25 12:00 - 00003584 _____ () C:\Windows\SECOH-QAD.dll
2015-02-25 11:42 - 2015-02-25 11:42 - 00001060 _____ () C:\Users\roger\Desktop\RMPrepUSB.lnk
2015-02-25 11:42 - 2015-02-25 11:42 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RMPrepUSB
2015-02-25 11:41 - 2015-02-25 11:42 - 00000000 ____D () C:\Program Files (x86)\RMPrepUSB
2015-02-25 11:39 - 2015-02-25 11:39 - 00000000 ____D () C:\Users\roger\Downloads\Install_RMPrepUSB_Full_v2.1.725
2015-02-25 11:36 - 2015-02-25 11:36 - 08351416 _____ () C:\Users\roger\Downloads\Install_RMPrepUSB_Full_v2.1.725.zip
2015-02-25 11:19 - 2015-02-25 11:19 - 00000000 ____D () C:\Users\roger\Downloads\imageusb
2015-02-25 11:18 - 2015-02-25 11:18 - 00436759 _____ () C:\Users\roger\Downloads\imageusb.zip
2015-02-25 09:36 - 2015-02-25 09:36 - 00031232 _____ (Novell) C:\Users\roger\Downloads\ImageWriter.exe
2015-02-25 09:10 - 2015-02-25 09:10 - 00000000 ____D () C:\Users\roger\Downloads\imagewriter-master
2015-02-25 09:01 - 2015-02-25 09:01 - 00138406 _____ () C:\Users\roger\Downloads\imagewriter-master.zip
2015-02-25 09:00 - 2015-02-25 12:18 - 1508868858 _____ () C:\Users\roger\Downloads\Mac OS X 10.6.3 Install USB.rar
2015-02-25 08:59 - 2015-02-25 09:00 - 01690233 _____ () C:\Users\roger\Downloads\Chameleon-2.1-r2109.tgz
2015-02-25 07:53 - 2015-02-25 07:53 - 00001032 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2015-02-25 07:53 - 2015-02-25 07:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-02-25 07:53 - 2015-02-25 07:53 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2015-02-25 07:53 - 2011-06-15 02:30 - 00093240 _____ (PowerISO Computing, Inc.) C:\Windows\system32\Drivers\scdemu.sys
2015-02-25 07:52 - 2015-02-25 07:52 - 00000000 ____D () C:\Users\roger\Downloads\Power ISO 4.8 + Serial Keys - {RedDragon}
2015-02-25 07:40 - 2015-02-25 07:40 - 00001824 _____ () C:\Users\roger\Desktop\MagicISO.lnk
2015-02-25 07:40 - 2015-02-25 07:40 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-02-25 07:40 - 2015-02-25 07:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-02-25 07:39 - 2015-02-25 07:40 - 00000000 ____D () C:\Program Files (x86)\MagicISO
2015-02-25 07:39 - 2015-02-25 07:39 - 03067400 _____ () C:\Users\roger\Downloads\Setup_MagicISO.exe
2015-02-25 04:30 - 2015-02-25 04:31 - 13750562 _____ () C:\Users\roger\Downloads\BDU_v2_192b.zip
2015-02-25 03:40 - 2015-02-25 03:40 - 00062834 _____ () C:\Users\roger\Downloads\downloads.php.html
2015-02-25 03:24 - 2015-02-25 03:24 - 15946248 _____ () C:\Users\roger\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.3.22-98236.vbox-extpack
2015-02-25 02:51 - 2015-02-25 03:06 - 728760320 _____ () C:\Users\roger\Downloads\antiX-14-a4-RV_386-full.iso
2015-02-25 00:56 - 2015-02-25 00:56 - 00000000 ____D () C:\Users\roger\Downloads\NetbookInstaller 0.8.5pre.app
2015-02-25 00:50 - 2015-02-25 00:50 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac
2015-02-25 00:50 - 2015-02-25 00:50 - 00000000 ____D () C:\Users\roger\AppData\Local\TransMac
2015-02-25 00:49 - 2015-02-25 00:50 - 00000000 ____D () C:\Program Files (x86)\TransMac
2015-02-25 00:46 - 2015-02-25 00:49 - 00000000 ____D () C:\Users\roger\Downloads\Acute Systems TransMac v11
2015-02-25 00:11 - 2015-02-25 00:11 - 02087424 _____ (Farbar) C:\Users\roger\Downloads\FRST64(1).exe
2015-02-25 00:09 - 2015-02-25 00:09 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Intuit
2015-02-25 00:08 - 2015-02-25 00:09 - 00000319 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-02-25 00:08 - 2015-02-25 00:08 - 00002529 _____ () C:\Users\Public\Desktop\TurboTax 2014.lnk
2015-02-25 00:08 - 2015-02-25 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014
2015-02-25 00:06 - 2015-02-25 00:07 - 00000000 ____D () C:\ProgramData\Intuit
2015-02-25 00:06 - 2015-02-25 00:06 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2015-02-25 00:05 - 2015-02-25 00:05 - 02087424 _____ (Farbar) C:\Users\roger\Downloads\FRST64.exe
2015-02-25 00:01 - 2015-02-25 00:06 - 00000000 ____D () C:\Users\roger\Downloads\TT2014Deluxe
2015-02-24 22:54 - 2015-02-26 07:28 - 00001163 _____ () C:\Users\roger\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2015-02-24 22:54 - 2015-02-26 07:28 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-02-24 22:54 - 2015-02-26 07:28 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2015-02-24 22:54 - 2015-02-24 22:54 - 00461946 _____ () C:\Users\roger\Downloads\ASIO4ALL_2_12_English.exe
2015-02-24 21:32 - 2015-02-24 21:32 - 00000306 _____ () C:\Windows\wininit.ini
2015-02-24 20:37 - 2015-02-24 21:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-24 20:37 - 2015-02-24 20:37 - 00001416 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-24 20:37 - 2015-02-24 20:37 - 00001404 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-24 20:37 - 2015-02-24 20:37 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-02-24 20:37 - 2015-02-24 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-24 20:37 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-02-24 20:36 - 2015-02-24 20:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-24 20:34 - 2015-02-24 20:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\roger\Downloads\spybot-2.4.exe
2015-02-24 20:14 - 2015-02-24 20:14 - 00000861 _____ () C:\Users\roger\Documents\hosts3
2015-02-24 20:09 - 2015-02-24 20:15 - 00000000 ____D () C:\AdwCleaner
2015-02-24 20:09 - 2015-02-24 20:09 - 02126848 _____ () C:\Users\roger\Downloads\adwcleaner_4.111.exe
2015-02-24 19:49 - 2015-02-26 06:40 - 00000016 _____ () C:\Users\roger\AppData\Roaming\msregsvv.dll
2015-02-24 19:49 - 2015-02-26 06:40 - 00000016 _____ () C:\ProgramData\autobk.inc
2015-02-24 19:45 - 2015-02-24 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-24 19:44 - 2015-02-24 19:45 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-02-24 19:41 - 2015-02-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2015-02-24 19:41 - 2015-02-24 19:41 - 00001238 _____ () C:\Users\roger\Desktop\Custom Shop.lnk
2015-02-24 19:41 - 2010-12-22 11:33 - 09410736 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_p4m.dll
2015-02-24 19:41 - 2010-12-22 11:33 - 09210032 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_p4.dll
2015-02-24 19:41 - 2010-12-22 11:33 - 09078960 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_p4p.dll
2015-02-24 19:41 - 2010-12-22 11:33 - 09033904 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_p4m3.dll
2015-02-24 19:41 - 2010-12-22 11:33 - 06944944 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_core.dll
2015-02-24 19:41 - 2010-12-22 11:33 - 03868848 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_intel_thread.dll
2015-02-24 19:41 - 2010-12-22 11:33 - 00530608 _____ (Intel Corporation) C:\Windows\SysWOW64\libiomp5md.dll
2015-02-24 19:41 - 2010-12-22 11:33 - 00354480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-02-24 19:41 - 2010-11-04 11:52 - 12708016 _____ (Intel Corporation) C:\Windows\system32\mkl_def.dll
2015-02-24 19:41 - 2010-11-04 11:52 - 12474544 _____ (Intel Corporation) C:\Windows\system32\mkl_core.dll
2015-02-24 19:41 - 2010-11-04 11:52 - 09917616 _____ (Intel Corporation) C:\Windows\system32\mkl_intel_thread.dll
2015-02-24 19:41 - 2010-11-04 11:52 - 00529072 _____ (Intel Corporation) C:\Windows\system32\libiomp5md.dll
2015-02-24 19:41 - 2009-10-14 16:15 - 00499712 _____ (Microsoft Corporation) C:\Windows\msvcp71.dll
2015-02-24 19:41 - 2009-10-14 16:15 - 00348160 _____ (Microsoft Corporation) C:\Windows\msvcr71.dll
2015-02-24 19:37 - 2015-02-24 19:46 - 00000000 ____D () C:\Users\roger\Documents\IK Multimedia
2015-02-24 19:37 - 2015-02-24 19:46 - 00000000 ____D () C:\Program Files (x86)\IK Multimedia
2015-02-24 19:37 - 2015-02-24 19:38 - 00000000 ____D () C:\Program Files\VstPlugIns
2015-02-24 19:37 - 2015-02-24 19:38 - 00000000 ____D () C:\Program Files (x86)\VstPlugIns
2015-02-24 19:25 - 2015-02-24 19:36 - 00000000 ____D () C:\Users\roger\Downloads\IK Multimedia AmpliTube 3 v3.8b x86 x64 UNLOCKED
2015-02-24 19:13 - 2015-02-27 10:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-24 19:13 - 2015-02-24 19:13 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-24 19:13 - 2015-02-24 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-24 19:13 - 2015-02-24 19:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-24 19:13 - 2015-02-24 19:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-24 19:13 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-24 19:13 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-24 19:13 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-24 19:10 - 2015-02-24 19:12 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\roger\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-24 18:53 - 2014-12-13 15:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-24 18:53 - 2014-12-13 15:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-24 18:53 - 2014-10-28 19:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-24 18:53 - 2014-10-28 19:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-24 18:53 - 2014-10-28 19:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-24 18:53 - 2014-10-28 19:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-20 08:24 - 2015-02-20 08:24 - 00000000 __SHD () C:\found.001
2015-02-20 08:24 - 2015-02-20 08:24 - 00000000 __SHD () C:\found.000
2015-02-20 07:49 - 2015-02-20 07:49 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2015-02-20 07:49 - 2015-02-20 07:49 - 00000000 ____D () C:\Program Files (x86)\FFmpeg for Audacity
2015-02-20 07:48 - 2015-02-20 08:10 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Audacity
2015-02-20 07:48 - 2015-02-20 07:48 - 00001044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-02-20 07:48 - 2015-02-20 07:48 - 00001032 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-02-20 07:48 - 2015-02-20 07:48 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-02-20 07:47 - 2015-02-20 07:48 - 09957947 _____ ( ) C:\Users\roger\Downloads\ffmpeg-win-2.2.2.exe
2015-02-20 07:47 - 2015-02-20 07:47 - 00527423 _____ ( ) C:\Users\roger\Downloads\Lame_v3.99.3_for_Windows.exe
2015-02-20 07:46 - 2015-02-20 07:46 - 01512927 _____ (Audacity Team ) C:\Users\roger\Downloads\LADSPA_plugins-win-0.4.15.exe
2015-02-20 07:45 - 2015-02-20 07:46 - 22892794 _____ (Audacity Team ) C:\Users\roger\Downloads\audacity-win-2.0.6.exe
2015-02-20 07:42 - 2015-02-27 09:26 - 00000000 ____D () C:\Program Files (x86)\SciLor's grooveshark™.com Downloader
2015-02-20 07:42 - 2015-02-20 07:42 - 00001333 _____ () C:\Users\Public\Desktop\SciLor's grooveshark™.com Downloader.lnk
2015-02-20 07:42 - 2015-02-20 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SciLor's grooveshark™.com Downloader
2015-02-20 07:37 - 2015-02-20 07:38 - 08926982 _____ (SciLor ) C:\Users\roger\Downloads\InstallSciLorsGrooveshark.comDownloaderV0.4.15.exe
2015-02-20 06:15 - 2015-02-20 06:16 - 04831232 _____ (Geza Kovacs) C:\Users\roger\Downloads\unetbootin-windows-608.exe
2015-02-20 05:44 - 2015-02-20 05:46 - 00000000 ____D () C:\Users\roger\Downloads\UltraISO Premium Edition 9.6.1.3016 + Portable + Serials - Cyclonoid
2015-02-20 05:38 - 2015-02-20 06:14 - 1419771904 _____ () C:\Users\roger\Downloads\WT.BG.v1.9.ISO
2015-02-20 04:30 - 2015-02-20 04:30 - 00000927 _____ () C:\Users\Public\Desktop\WinToUSB.lnk
2015-02-20 04:30 - 2015-02-20 04:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinToUSB
2015-02-20 04:08 - 2015-02-25 11:37 - 00000000 ____D () C:\Users\roger\Downloads\hackintosh
2015-02-20 03:43 - 2015-02-20 03:43 - 06142275 _____ (LinuxLive USB Creator) C:\Users\roger\Downloads\LinuxLive USB Creator 2.9.2.exe
2015-02-20 01:37 - 2015-02-20 01:37 - 01010816 _____ () C:\Users\roger\Downloads\UCBrowser_V9.5.1.494_android_pf139_(en-us)_inumrelease_(Build14120110).apk
2015-02-19 16:05 - 2015-02-19 16:12 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Guitar Pro 6
2015-02-19 16:05 - 2015-02-19 16:05 - 00000000 ____D () C:\ProgramData\Guitar Pro 6
2015-02-19 15:58 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 6
2015-02-19 15:56 - 2015-02-19 15:55 - 00001251 _____ () C:\Windows\system32\Drivers\etc\hosts2
2015-02-19 15:01 - 2015-02-19 15:03 - 00056083 _____ () C:\Users\roger\Downloads\3621357.gp4
2015-02-19 14:58 - 2015-02-19 14:58 - 00000000 ____D () C:\Users\roger\.tuxguitar-1.2
2015-02-19 14:57 - 2015-02-19 14:57 - 07715210 _____ (Herac) C:\Users\roger\Downloads\tuxguitar-1.2-windows-x86-installer.exe
2015-02-19 14:55 - 2015-02-19 15:09 - 00000000 ____D () C:\Users\roger\Downloads\Guitar Pro 6
2015-02-19 14:53 - 2015-02-19 14:54 - 00050643 _____ () C:\Users\roger\Downloads\11925210.gp4
2015-02-19 11:45 - 2015-02-19 11:45 - 00090248 _____ () C:\Users\roger\Downloads\Rain.mcv
2015-02-19 11:45 - 2015-02-19 11:45 - 00064192 _____ () C:\Users\roger\Downloads\Blur.mcv
2015-02-19 07:31 - 2015-02-19 07:31 - 00002388 _____ () C:\Users\roger\Desktop\Roger - Chrome.lnk
2015-02-19 04:44 - 2015-02-19 04:44 - 03837952 _____ () C:\Users\roger\Downloads\CP210x_VCP_Windows.zip
2015-02-19 04:44 - 2015-02-19 04:44 - 00000000 ____D () C:\Users\roger\Downloads\CP210x_VCP_Windows
2015-02-19 04:37 - 2015-02-19 04:37 - 00000000 ____D () C:\Users\roger\AppData\Local\Apps\2.0
2015-02-19 03:23 - 2015-02-19 03:41 - 599313327 _____ () C:\Users\roger\Downloads\d067ecec0378f15f4a1925e3b6ae07c6740ea5e0.ipa
2015-02-19 02:24 - 2015-02-19 02:38 - 00001936 _____ () C:\Users\roger\Documents\repos.list
2015-02-19 02:21 - 2015-02-19 02:21 - 00001935 _____ () C:\Users\roger\Documents\repos.list.txt
2015-02-19 02:04 - 2015-02-19 02:04 - 00001081 _____ () C:\Users\Public\Desktop\iFunbox.lnk
2015-02-19 02:04 - 2015-02-19 02:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2015-02-19 02:01 - 2015-02-19 02:03 - 21067820 _____ ( ) C:\Users\roger\Downloads\ifunbox_setup.exe
2015-02-19 01:35 - 2015-02-19 01:35 - 00001774 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-19 01:35 - 2015-02-19 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-19 01:34 - 2015-02-19 01:35 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-19 01:34 - 2015-02-19 01:35 - 00000000 ____D () C:\Program Files\iTunes
2015-02-19 01:34 - 2015-02-19 01:34 - 00000000 ____D () C:\Program Files\iPod
2015-02-19 01:34 - 2015-02-19 01:34 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-19 01:28 - 2015-02-19 01:33 - 152428336 _____ (Apple Inc.) C:\Users\roger\Downloads\itunes6464setup.exe
2015-02-19 01:06 - 2015-02-19 01:30 - 192146420 _____ () C:\Users\roger\Downloads\454702113.ipa
2015-02-19 01:00 - 2015-02-19 01:00 - 00000000 ____D () C:\Users\roger\AppData\Local\libimobiledevice
2015-02-19 00:58 - 2015-02-19 00:59 - 00000000 ____D () C:\Users\roger\Downloads\absinthe-win-2.0.4
2015-02-19 00:58 - 2015-02-19 00:58 - 05387407 _____ () C:\Users\roger\Downloads\absinthe-win-2.0.4.zip
2015-02-19 00:45 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-02-19 00:30 - 2012-10-03 16:14 - 00125872 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi64.dll
2015-02-19 00:30 - 2012-10-03 16:14 - 00106928 _____ (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2015-02-19 00:29 - 2015-02-19 00:30 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2015-02-19 00:13 - 2015-02-19 01:57 - 00143392 _____ () C:\Users\roger\Documents\iTunes Diagnostics.spx
2015-02-19 00:01 - 2015-02-19 00:01 - 00000000 ____D () C:\Users\roger\Downloads\redsn0w_win_0.9.15b3
2015-02-19 00:00 - 2015-02-19 00:01 - 17279732 _____ () C:\Users\roger\Downloads\redsn0w_win_0.9.15b3.zip
2015-02-18 23:07 - 2015-02-18 23:07 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Airfoil
2015-02-18 23:07 - 2015-02-18 23:07 - 00000000 ____D () C:\Users\roger\AppData\Local\Rogue Amoeba
2015-02-18 23:07 - 2015-02-18 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airfoil
2015-02-18 23:06 - 2015-02-18 23:07 - 00000000 ____D () C:\Program Files (x86)\Airfoil
2015-02-18 22:57 - 2015-02-18 22:58 - 00000000 ____D () C:\Users\roger\Downloads\Airfoil for Windows v3.6.1 with Key
2015-02-18 22:41 - 2015-02-18 23:12 - 761323675 _____ () C:\Users\roger\Downloads\iPad1,1_5.1.1_9B206_Restore.ipsw
2015-02-18 18:30 - 2015-02-18 22:09 - 3900907520 _____ () C:\Users\roger\Downloads\Windows_8.1_Pro_X64_Activated.iso
2015-02-18 18:25 - 2015-02-18 18:48 - 00000000 ____D () C:\Users\roger\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl  Activator  P2P
2015-02-18 18:24 - 2015-02-18 18:55 - 00000000 ____D () C:\Users\roger\Downloads\Adobe Photoshop CS6 v6.0.335.0 [ITA] + Crack
2015-02-18 18:11 - 2015-02-18 18:11 - 00000000 ____D () C:\Users\roger\AppData\Local\Hola
2015-02-18 18:04 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-18 18:04 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-18 17:52 - 2015-02-27 07:50 - 00008023 _____ () C:\Windows\DFError.log
2015-02-18 17:51 - 2015-02-18 17:51 - 00262144 _____ () C:\Windows\Minidump\021815-100687-01.dmp
2015-02-13 08:26 - 2015-01-19 12:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-13 08:26 - 2015-01-15 16:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-13 08:26 - 2015-01-15 16:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-13 08:26 - 2015-01-13 22:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-13 08:26 - 2015-01-13 21:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-13 08:26 - 2015-01-13 16:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 08:26 - 2015-01-13 16:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-13 08:26 - 2015-01-10 03:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 08:26 - 2015-01-10 03:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-13 08:26 - 2015-01-10 02:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-13 08:26 - 2015-01-10 01:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-13 08:26 - 2015-01-10 00:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-13 08:26 - 2014-12-19 02:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 08:26 - 2014-12-19 02:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 08:26 - 2014-12-08 21:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-13 08:26 - 2014-12-08 19:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 08:26 - 2014-12-08 17:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-13 08:26 - 2014-10-28 20:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-13 08:26 - 2014-10-28 20:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-13 08:26 - 2014-10-28 20:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-13 08:26 - 2014-10-28 20:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-13 08:26 - 2014-10-28 20:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-13 08:26 - 2014-10-28 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-13 08:26 - 2014-10-28 19:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-13 08:26 - 2014-10-28 19:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 08:26 - 2014-10-28 19:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-13 08:26 - 2014-10-28 19:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-13 08:26 - 2014-10-28 19:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-13 08:26 - 2014-10-28 19:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-13 08:26 - 2014-10-28 19:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-13 08:25 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 08:25 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 08:25 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 08:25 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 08:25 - 2015-01-11 20:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-13 08:25 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-13 08:25 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 08:25 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-13 08:25 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 08:25 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-13 08:25 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 08:25 - 2015-01-11 19:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-13 08:25 - 2015-01-11 19:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-13 08:25 - 2015-01-11 19:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-13 08:25 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 08:25 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 08:25 - 2015-01-11 19:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 08:25 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 08:25 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-13 08:25 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 08:25 - 2015-01-11 19:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-13 08:25 - 2015-01-11 19:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-13 08:25 - 2015-01-11 19:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-13 08:25 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 08:25 - 2015-01-11 19:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-13 08:25 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-13 08:25 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-13 08:25 - 2015-01-11 19:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-13 08:25 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-13 08:25 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 08:25 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 08:25 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 08:25 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 08:25 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-13 08:20 - 2015-02-03 17:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-13 08:20 - 2015-02-03 17:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-13 08:20 - 2015-02-03 17:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-13 08:20 - 2015-02-02 17:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-13 08:20 - 2015-02-02 17:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-13 08:20 - 2015-02-02 17:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-13 08:20 - 2015-01-10 02:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 06:26 - 2015-02-13 06:26 - 16336548 ____N () C:\Persi0.sys
2015-02-13 06:26 - 2015-02-13 06:26 - 00000000 ____D () C:\Program Files (x86)\Faronics
2015-02-13 06:25 - 2015-02-13 06:25 - 00000000 _____ () C:\dfinstall.log
2015-02-13 06:24 - 2015-02-13 06:24 - 00000000 ____D () C:\Users\roger\Downloads\Deep.Freeze.Standard.v7.21.020.3447
2015-02-13 06:07 - 2015-02-13 06:07 - 60157386 _____ () C:\Users\roger\Downloads\All-In-One Ultra Hacker 156 In 1.rar
2015-02-13 06:07 - 2015-02-13 06:07 - 00000000 ____D () C:\Users\roger\Downloads\All-In-One Ultra Hacker 156 In 1
2015-02-13 04:56 - 2015-02-13 04:57 - 34324222 _____ () C:\Users\roger\Downloads\torbrowser-install-4.0.3_en-US.exe
2015-02-07 03:42 - 2015-02-07 03:42 - 00000000 ____D () C:\Users\roger\Downloads\SuperSU_Pro_2.16.onhax.net
2015-02-07 03:41 - 2015-02-07 03:42 - 01666377 _____ () C:\Users\roger\Downloads\SuperSU_Pro_2.16.onhax.net.rar
2015-02-07 02:36 - 2015-02-07 02:36 - 00000000 ____D () C:\Users\roger\Downloads\giefroot_v3
2015-02-07 02:34 - 2015-02-25 11:19 - 06489178 _____ () C:\Users\roger\Downloads\giefroot_v3.zip
2015-02-07 00:56 - 2015-02-07 00:56 - 00003500 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-roger_cullens@yahoo.com
2015-02-07 00:40 - 2015-02-07 00:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-07 00:39 - 2015-02-07 00:39 - 00001100 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2015-02-07 00:39 - 2015-02-07 00:39 - 00000000 ____D () C:\Program Files\Adobe
2015-02-07 00:38 - 2015-02-07 00:38 - 00001236 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
2015-02-07 00:37 - 2015-02-07 00:39 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-07 00:37 - 2015-02-07 00:37 - 00001198 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
2015-02-07 00:36 - 2015-02-07 00:36 - 00001291 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2015-02-07 00:36 - 2015-02-07 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-02-07 00:36 - 2015-02-07 00:36 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2015-02-07 00:35 - 2015-02-07 00:35 - 00001552 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2015-02-07 00:35 - 2015-02-07 00:35 - 00001382 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2015-02-07 00:34 - 2015-02-07 02:00 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-07 00:34 - 2015-02-07 00:38 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-07 00:34 - 2015-02-07 00:34 - 00001022 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-02-07 00:34 - 2015-02-07 00:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-02-07 00:34 - 2015-02-07 00:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-02-06 23:49 - 2015-02-06 23:49 - 00000000 ____D () C:\Users\roger\Desktop\Adobe CS5
2015-02-06 23:12 - 2015-02-06 23:45 - 00000000 ____D () C:\Users\roger\Downloads\Adobe Photoshop CS5 Extended
2015-02-06 17:55 - 2015-02-06 17:55 - 00000000 ____D () C:\Users\roger\Downloads\version8
2015-02-06 16:11 - 2015-02-06 17:54 - 1429477005 _____ () C:\Users\roger\Downloads\version8.rar
2015-02-05 12:41 - 2015-02-05 12:59 - 00000000 ____D () C:\Users\roger\Downloads\MS Office 2007
2015-02-05 03:24 - 2015-02-05 03:24 - 00000000 ____D () C:\Users\roger\AppData\Local\SplitMediaLabs
2015-02-05 03:23 - 2015-02-18 21:27 - 00000000 ____D () C:\Program Files (x86)\SplitmediaLabs
2015-02-05 03:23 - 2015-02-18 18:20 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2015-02-05 03:22 - 2015-02-18 18:20 - 00000000 ____D () C:\Users\roger\AppData\Roaming\SplitmediaLabs
2015-02-05 03:19 - 2015-02-05 03:22 - 71627904 _____ (SplitmediaLabs) C:\Users\roger\Documents\XSplit_Broadcaster_2.1.1501.0626.exe
2015-02-05 03:19 - 2015-02-05 03:22 - 63358472 _____ (SplitmediaLabs) C:\Users\roger\Documents\XSplit_Gamecaster_2.1.1412.1628.exe
2015-02-05 00:15 - 2015-02-05 00:17 - 50580548 _____ () C:\Users\roger\Downloads\Microsoft Toolkit 2.5.2 Activator 4 Windows and Office.zip
2015-02-05 00:11 - 2015-02-05 00:12 - 00000000 ____D () C:\Users\roger\Downloads\Revo Uninstaller Pro 3.0.8 Final (32-64 Bit) ML - SceneDL  (PimpRG)
2015-02-04 22:56 - 2015-02-04 22:57 - 00000000 ____D () C:\Users\roger\Downloads\Kon-Boot v2.4 (Remedy for lost Password) - [MUMBAI-TPB]
2015-02-04 22:36 - 2015-02-04 22:36 - 01088905 _____ (pendrivelinux.com) C:\Users\roger\Downloads\Universal-USB-Installer-1.9.5.9.exe
2015-02-04 22:23 - 2015-02-04 22:23 - 00392731 _____ () C:\Users\roger\Downloads\tazusb.exe
2015-02-04 22:03 - 2015-02-04 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2015-02-04 22:03 - 2015-02-04 22:03 - 00000000 ____D () C:\Program Files (x86)\ImageWriter
2015-02-04 22:01 - 2015-02-04 22:02 - 12290974 _____ (ImageWriter Developers ) C:\Users\roger\Downloads\Win32DiskImager-0.9.5-install.exe
2015-02-04 21:50 - 2015-02-04 21:50 - 00000000 ____D () C:\Users\roger\Downloads\Ophcrack 3.6.0 LiveCD
2015-02-04 21:20 - 2015-02-04 21:41 - 656855458 _____ () C:\Users\roger\Downloads\Ophcrack 3.6.0 LiveCD.zip
2015-02-04 21:14 - 2015-02-04 21:14 - 00000000 ____D () C:\Users\roger\Downloads\Windows Password Reset & Recovery Disk(Win 8 7 Vista XP)[.ISO]
2015-02-04 06:51 - 2015-02-24 20:49 - 00002115 _____ () C:\Windows\system32\TeamViewer10_Hooks.log
2015-02-03 20:01 - 2015-02-03 20:08 - 4064280576 _____ () C:\Users\roger\Downloads\HadesV1.iso
2015-02-03 18:26 - 2015-02-04 07:55 - 00000000 ____D () C:\Users\roger\Downloads\MAGIX Samplitude Pro X Suite 12.5.2.284 - P2P
2015-02-03 18:21 - 2015-02-04 23:43 - 00000000 ____D () C:\Users\roger\Downloads\The Best Of Me 2014 1080p BluRay x264 AAC - Ozlem
2015-02-03 13:55 - 2012-01-26 16:26 - 00000189 _____ () C:\disabled.fix
2015-02-03 13:54 - 2015-02-19 00:01 - 00000000 ____D () C:\Users\roger\AppData\Roaming\redsn0w
2015-02-03 13:48 - 2015-02-03 13:52 - 54545102 _____ () C:\Users\roger\Downloads\Gecko iPhone Toolkit.exe
2015-02-03 12:53 - 2015-02-03 15:16 - 00000000 ____D () C:\Users\roger\Downloads\DoulCi-server-master
2015-02-03 12:51 - 2015-02-06 23:20 - 00000000 ____D () C:\Users\roger\Downloads\iCL0udin_icloud_bypass_v1.0
2015-02-03 11:11 - 2015-02-03 11:11 - 00000058 _____ () C:\Users\roger\Documents\nmenoiuc.txt
2015-02-03 05:25 - 2015-02-03 05:25 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-02-03 05:25 - 2015-02-03 05:25 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2015-02-03 05:24 - 2015-02-03 05:24 - 06142086 _____ (LinuxLive USB Creator) C:\Users\roger\Downloads\LinuxLive USB Creator 2.9.1.exe
2015-02-03 04:09 - 2015-02-03 04:09 - 00002332 _____ () C:\Users\roger\Desktop\Chrome App Launcher.lnk
2015-02-03 04:09 - 2015-02-03 04:09 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-01 19:14 - 2015-02-03 04:51 - 2013784064 _____ () C:\Users\roger\Downloads\backbox-4.1-amd64.iso
2015-01-29 04:32 - 2015-01-29 04:34 - 00000000 ____D () C:\Program Files (x86)\Kingo ROOT
2015-01-29 04:32 - 2015-01-29 04:32 - 00001056 _____ () C:\Users\Public\Desktop\Kingo ROOT.lnk
2015-01-29 04:32 - 2015-01-29 04:32 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Kingosoft
2015-01-29 04:32 - 2015-01-29 04:32 - 00000000 ____D () C:\Users\roger\AppData\Local\Kingosoft
2015-01-29 04:32 - 2015-01-29 04:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT
2015-01-29 04:27 - 2015-01-29 04:28 - 18456112 _____ (Kingosoft Technology Ltd. ) C:\Users\roger\Downloads\android_root.exe
2015-01-29 04:12 - 2015-01-29 04:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE Handset USB Driver
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-27 10:33 - 2015-01-19 17:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-27 10:29 - 2015-01-16 18:30 - 01855081 _____ () C:\Windows\WindowsUpdate.log
2015-02-27 10:01 - 2015-01-16 23:29 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{67DA0ECF-A93F-41DE-907A-3835F7332A03}
2015-02-27 10:00 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-27 09:47 - 2015-01-16 23:37 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-27 09:35 - 2015-01-22 08:40 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Bitcoin
2015-02-27 08:47 - 2015-01-16 23:32 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1597422563-1397354114-4269593155-1001
2015-02-27 08:08 - 2015-01-17 00:11 - 00022006 _____ () C:\Windows\DPINST.LOG
2015-02-27 07:51 - 2015-01-19 13:45 - 00000000 __RDO () C:\Users\roger\OneDrive
2015-02-27 07:50 - 2015-01-16 23:37 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-27 07:49 - 2015-01-16 23:20 - 00000000 ____D () C:\Users\roger
2015-02-27 07:48 - 2015-01-16 20:21 - 00031132 _____ () C:\Windows\PFRO.log
2015-02-27 07:48 - 2015-01-10 00:14 - 00000022 _____ () C:\Windows\S.dirmngr
2015-02-27 07:48 - 2013-08-22 08:46 - 00119412 _____ () C:\Windows\setupact.log
2015-02-27 07:48 - 2013-08-22 08:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-27 06:29 - 2015-01-24 01:36 - 00001073 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
2015-02-27 06:29 - 2015-01-24 01:35 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2015-02-27 06:26 - 2015-01-17 01:51 - 00156160 ___SH () C:\Users\roger\Desktop\Thumbs.db
2015-02-27 06:24 - 2015-01-19 07:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-27 06:16 - 2015-01-21 22:26 - 00000000 ____D () C:\Users\roger\.VirtualBox
2015-02-27 06:01 - 2015-01-16 18:34 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-27 02:06 - 2015-01-25 09:44 - 00000000 ____D () C:\Program Files (x86)\Everything
2015-02-26 23:28 - 2015-01-17 00:35 - 00000000 ____D () C:\Users\roger\AppData\Roaming\uTorrent
2015-02-25 10:14 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-25 07:57 - 2013-08-22 08:44 - 04912680 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-25 03:15 - 2015-01-21 22:27 - 00000000 ____D () C:\Users\roger\VirtualBox VMs
2015-02-24 20:49 - 2015-01-19 13:07 - 00000992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-24 20:49 - 2015-01-19 13:07 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-24 20:47 - 2013-08-22 09:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-20 06:57 - 2015-01-16 23:38 - 00002212 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-20 04:30 - 2015-01-16 18:17 - 00000000 ____D () C:\Program Files\WinToUSB
2015-02-20 01:07 - 2015-01-17 02:33 - 00000000 ____D () C:\Users\roger\AppData\Local\ManyCam
2015-02-19 21:56 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-19 02:04 - 2015-01-25 22:24 - 00000000 ____D () C:\Users\roger\AppData\Roaming\iFunbox_UserCache
2015-02-19 02:04 - 2015-01-25 22:23 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2015-02-19 01:34 - 2015-01-18 11:07 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-02-19 01:34 - 2015-01-18 11:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-19 01:33 - 2015-01-18 11:04 - 00000000 ____D () C:\ProgramData\Apple
2015-02-18 23:31 - 2015-01-18 11:08 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Apple Computer
2015-02-18 22:06 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\rescache
2015-02-18 18:24 - 2015-01-17 00:36 - 00000904 _____ () C:\Users\roger\Desktop\µTorrent.lnk
2015-02-18 18:24 - 2015-01-17 00:36 - 00000884 _____ () C:\Users\roger\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-02-18 18:13 - 2015-01-17 01:28 - 00000000 ____D () C:\Users\roger\AppData\Local\CyberLink
2015-02-18 18:07 - 2015-01-17 01:27 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2015-02-18 18:06 - 2015-01-17 00:58 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2015-02-18 17:51 - 2015-01-19 14:16 - 895644206 _____ () C:\Windows\MEMORY.DMP
2015-02-18 17:51 - 2015-01-19 14:16 - 00000000 ____D () C:\Windows\Minidump
2015-02-13 08:17 - 2015-01-17 00:15 - 00000000 ___RD () C:\Users\roger\SkyDrive
2015-02-13 08:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\tracing
2015-02-13 04:57 - 2015-01-18 07:10 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 04:51 - 2015-01-23 07:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 04:51 - 2015-01-23 07:26 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 04:51 - 2015-01-18 07:09 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 04:37 - 2013-08-22 08:46 - 00067584 ____S () C:\Windows\bootstet.dat
2015-02-07 01:46 - 2015-01-19 17:24 - 00000000 ____D () C:\Users\roger\AppData\Local\Adobe
2015-02-07 01:08 - 2015-01-16 23:21 - 00000000 ____D () C:\Users\roger\AppData\Roaming\Adobe
2015-02-06 18:03 - 2015-01-16 23:21 - 00000000 ____D () C:\Users\roger\AppData\Local\Packages
2015-02-05 02:42 - 2015-01-16 23:37 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 02:42 - 2015-01-16 23:37 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 13:33 - 2015-01-19 17:26 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-03 20:26 - 2015-01-19 08:03 - 00000000 ____D () C:\Users\roger\AppData\Roaming\vlc
2015-02-03 19:30 - 2015-01-24 01:08 - 00000000 ____D () C:\Users\roger\Downloads\Hotspot Shield 3.41 + Elite Patch [KaranPC]
2015-02-03 13:31 - 2015-01-23 07:39 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 13:31 - 2015-01-23 07:39 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 05:06 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\schemas
2015-02-03 04:34 - 2015-01-20 12:04 - 00000000 ____D () C:\Users\roger\AppData\Roaming\I2P
2015-02-01 13:47 - 2015-01-17 01:24 - 27590656 _____ () C:\Windows\system32\vmguest.iso
2015-01-29 04:13 - 2015-01-21 07:17 - 00000000 ____D () C:\Unified_Android_ToolKit
2015-01-29 04:12 - 2015-01-18 00:46 - 00000000 ____D () C:\Program Files\ZTE_Handset_USB_Driver
2015-01-28 10:54 - 2015-01-19 02:29 - 00000000 ____D () C:\Users\roger\Desktop\Tor Browser
 
==================== Files in the root of some directories =======
 
2015-02-24 19:49 - 2015-02-26 06:40 - 0000016 _____ () C:\Users\roger\AppData\Roaming\msregsvv.dll
2015-02-24 19:49 - 2015-02-26 06:40 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-01-25 11:56 - 2015-01-25 12:03 - 0000032 _____ () C:\ProgramData\droidcam-settings
2015-02-25 00:08 - 2015-02-25 00:09 - 0000319 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-26 13:30
 
==================== End Of Log ============================
 
 
ADDITION.TXT
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by roger at 2015-02-27 10:45:15
Running from C:\Users\roger\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Airfoil (HKLM-x32\...\Airfoil) (Version: 3.6.1 - Rogue Amoeba)
AmpliTube 3 version 3.8.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.8.0 - IK Multimedia)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ePub Converter v2.7.109.352 (HKLM-x32\...\ePub Converter v2.7.109.3522.7.109.352) (Version: 2.7.109.352 - Friends in War)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version:  - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Full Flush Poker 8.2 (HKLM-x32\...\Full Flush Poker 8.2) (Version: 8.2.12.201409111200 - Full Flush Poker)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gpg4win (2.2.3) (HKLM-x32\...\GPG4Win) (Version: 2.2.3 - The Gpg4win Project)
HDSDR 2.70 (HKLM-x32\...\{DB200CBD-9E3E-4C72-B711-B46D6817BC51}_is1) (Version:  - DG0JBJ)
HMA! Pro VPN 2.8.19.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.19.0 - Privax Ltd)
Hotspot Shield 4.14 (HKLM-x32\...\HotspotShield) (Version: 4.14 - AnchorFree Inc.)
I2P Tahoe-LAFS version 1.10.0 (HKLM-x32\...\{6B159350-2C3C-4685-9120-78529F259F07}_is1) (Version: 1.10.0 - Tahoe-LAFS(packaged by KillYourTV))
i2pd version 0.6.0 (HKLM\...\i2pd_is1) (Version: 0.6.0 - )
iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - )
IK Multimedia Authorization Manager version 1.0.5 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.5 - IK Multimedia)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Kingo ROOT version 1.3.1.2217 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.3.1.2217 - Kingosoft Technology Ltd.)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
LiveUSB Creator (remove only) (HKLM-x32\...\LiveUSB Creator) (Version:  - )
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 36.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 en-US)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
Novicorp WinToFlash 0.6.0011 beta (HKLM-x32\...\Novicorp WinToFlash 0.6.0011 beta) (Version:  - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Paragon HFS+ for Windows™ 10.0 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Plex Media Server (HKLM-x32\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1107 - Plex, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Python 2.7 matplotlib-1.3.1 (HKLM-x32\...\matplotlib-py2.7) (Version:  - )
Python 2.7 numpy-1.8.1 (HKLM-x32\...\numpy-py2.7) (Version:  - )
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
RMPrepUSB (HKLM-x32\...\RMPrepUSB) (Version:  - )
RTLSDR Scanner (HKLM-x32\...\RTLSDR Scanner) (Version:  - Ear to Ear Oak)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SciLor's grooveshark™.com Downloader 0.4.15 (HKLM-x32\...\{DDEAE484-D5FB-49CB-BD47-9512E8ACCA65}_is1) (Version: 0.4.15 - SciLor)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TransMac version 11.0 (HKLM-x32\...\TransMac_is1) (Version: 11.0 - Acute Systems)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Unitrunker (HKLM-x32\...\{D44AFECC-C12F-48BC-86B1-662B9ED27C7A}) (Version: 15.01.20 - Unitrunker.com)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinToUSB version 2.0 Beta (HKLM\...\WinToUSB_is1) (Version: 2.0 Beta - The EasyUEFI Development Team.)
Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, http://www.wireshark.org)
Wondershare MobileTrans ( Version 6.0.5 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 6.0.5 - Wondershare)
wxPython 3.0.0.0 for Python 2.7 (HKLM-x32\...\wxPython3.0-py27_is1) (Version: 3.0.0.0 - Total Control Software)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B02 - ZTE Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
01-02-2004 15:52:34 Installed Paragon HFS+ for Windows™ 10.0.
24-02-2015 19:42:56 Installed QuickTime
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-02-19 15:56 - 2015-02-24 20:14 - 00000861 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.guitar-pro.com
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {1F7D6080-0FF3-4991-A5AE-FC2B2BEAB02C} - System32\Tasks\{36DEFDA2-56CE-4A08-956B-C3F78F8F3BA6} => pcalua.exe -a "C:\Users\roger\Downloads\DroidCamX Wireless Webcam Pro v4.1.1 With client @Rein\DroidCam.3.6.2.exe" -d "C:\Users\roger\Downloads\DroidCamX Wireless Webcam Pro v4.1.1 With client @Rein"
Task: {3D37F489-9543-47E9-9F59-0A9DA1D7307F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6E7064DA-FC29-4B14-A71D-103FE77924DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {6EBA6BA2-4469-4782-8824-A1350EBB1D63} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {7A3711BC-C0B1-40F6-8FE8-BFF93DDC5F26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {93A4E050-144F-4265-A280-46108AF5636F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {A68878F3-DF64-42D6-ACF0-E7B00E15F245} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-13] (Microsoft Corporation)
Task: {C6AE949C-8A04-4A9D-9575-53995F99C23D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {CAA322CD-5F6C-4FB6-A743-0559BEB2C1B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {F09D2D78-0093-4DE9-A677-E77FCC24B82E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-roger_cullens@yahoo.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {F8C4ECAD-2362-4680-A71A-E49332320509} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-25 13:25 - 2014-11-25 13:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2015-02-24 14:44 - 2015-02-24 14:44 - 00573736 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-23 13:04 - 2015-02-23 13:04 - 00598312 _____ () C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
2015-01-18 02:06 - 2015-01-18 02:07 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-11-25 13:11 - 2014-11-25 13:11 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-11-25 12:57 - 2014-11-25 12:57 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-11-25 13:10 - 2014-11-25 13:10 - 00070144 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-11-25 13:13 - 2014-11-25 13:13 - 00742912 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-11-25 13:05 - 2014-11-25 13:05 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2015-02-24 14:35 - 2015-02-24 14:35 - 00960808 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2015-02-24 20:37 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-24 20:37 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-24 20:37 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-24 20:37 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-24 20:37 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-02-24 14:52 - 2015-02-24 14:52 - 00595240 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.4.14.dll
2015-02-23 12:54 - 2015-02-23 12:54 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 14:02 - 2009-03-27 14:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 14:02 - 2009-03-27 14:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2015-02-24 14:39 - 2015-02-24 14:39 - 00205608 _____ () C:\Program Files (x86)\Hotspot Shield\bin\cfghlp.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-07 14:38 - 2013-07-07 14:38 - 00163840 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2013-07-07 14:38 - 2013-07-07 14:38 - 00081920 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2015-02-20 06:57 - 2015-02-17 16:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 06:57 - 2015-02-17 16:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 06:57 - 2015-02-17 16:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-20 06:57 - 2015-02-17 16:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\roger\OneDrive:ms-properties
AlternateDataStreams: C:\Users\roger\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DFServ => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "YouCam Service6"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "Everything"
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\StartupApproved\Run: => "FLBackup"
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-1597422563-1397354114-4269593155-1001\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1597422563-1397354114-4269593155-500 - Administrator - Disabled)
Guest (S-1-5-21-1597422563-1397354114-4269593155-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1597422563-1397354114-4269593155-1003 - Limited - Enabled)
roger (S-1-5-21-1597422563-1397354114-4269593155-1001 - Administrator - Enabled) => C:\Users\roger
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/27/2015 09:45:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(b4:18:d1:11:f8:83@fe80::b618:d1ff:fe11:f883._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15
 
 
System errors:
=============
Error: (02/27/2015 07:51:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Hotspot Shield Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (02/27/2015 07:50:28 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}
 
Error: (02/27/2015 07:50:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/27/2015 07:49:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The I2P Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/27/2015 07:48:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:45:11 AM on ‎2/‎27/‎2015 was unexpected.
 
Error: (02/27/2015 06:48:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Hotspot Shield Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (02/27/2015 06:28:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/27/2015 06:28:18 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}
 
Error: (02/27/2015 06:25:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The I2P Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/27/2015 06:24:37 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
 
 
Microsoft Office Sessions:
=========================
Error: (02/27/2015 09:45:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(b4:18:d1:11:f8:83@fe80::b618:d1ff:fe11:f883._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
 
Error: (02/27/2015 09:36:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 35%
Total physical RAM: 7989.86 MB
Available physical RAM: 5127.77 MB
Total Pagefile: 16181.86 MB
Available Pagefile: 12590.67 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (Nobleeps) (Fixed) (Total:230.36 GB) (Free:35.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:465.54 GB) (Free:398.76 GB) FAT32
Drive g: (New Volume) (Fixed) (Total:235.46 GB) (Free:221.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00014E8F)
Partition 1: (Active) - (Size=500 MB) - (Type=83)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=8E)
 
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 00042B79)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=235.5 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=230.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:21 PM

Posted 27 February 2015 - 12:37 PM

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 2

Scan with mbam.pngMalwarebytes Anti-Malware

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

mbameng.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 rcullens

rcullens
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:21 AM

Posted 27 February 2015 - 10:59 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/27/2015
Scan Time: 7:14:53 PM
Logfile: mwblog.txt
Administrator: Yes

Version: 0.00.0.0000
Malware Database: v2015.02.28.01
Rootkit Database: v2015.02.25.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: roger

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346982
Time Elapsed: 32 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

 

 

# AdwCleaner v4.111 - Logfile created 27/02/2015 at 15:58:42
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : roger - bleepS
# Running from : C:\Users\roger\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : hshld

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Users\roger\AppData\Local\Hola

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TransMac_is1

***** [ Web browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v36.0 (x86 en-US)


-\\ Google Chrome v40.0.2214.115


*************************

AdwCleaner[R0].txt - [3029 bytes] - [24/02/2015 20:09:55]
AdwCleaner[R1].txt - [1149 bytes] - [27/02/2015 15:56:05]
AdwCleaner[S0].txt - [3066 bytes] - [24/02/2015 20:15:34]
AdwCleaner[S1].txt - [1043 bytes] - [27/02/2015 15:58:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1102  bytes] ##########
 


Edited by rcullens, 27 February 2015 - 11:00 PM.


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:21 PM

Posted 28 February 2015 - 04:02 AM


Step 1


Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 rcullens

rcullens
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:21 AM

Posted 28 February 2015 - 01:05 PM

C:\i2psuite\apps\PSI-Portable\GnuPT-Portable.exe    Win32/Packed.Autoit.E.Gen potentially unwanted application
C:\i2psuite\apps\PSI-Portable\GPGHash.exe    Win32/Packed.Autoit.E.Gen potentially unwanted application
C:\i2psuite\apps\PSI-Portable\PSI-Portable.exe    Win32/Packed.Autoit.E.Gen potentially unwanted application
C:\Python27\tcl\dde1\MediaPlayerClassicInstaller.exe    a variant of Win32/Verti.J potentially unwanted application
C:\Python27\tcl\dde1\Setup.exe    a variant of Win32/Bundlore.Q potentially unwanted application
C:\Python27\tcl\dde1\Hotspot Shield 3.41 + Elite Patch [KaranPC]\HSS-3.41.exe    Win32/Toolbar.Conduit potentially unwanted application
 



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:21 PM

Posted 28 February 2015 - 01:06 PM

Please post the ESET Log as instructed. :)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:21 PM

Posted 04 March 2015 - 03:32 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users