Inactive-A Iexplore.exe virus

Broni · Sep 19, 2014

Go ahead with my previous reply.

Mark Chen 1234 · Sep 19, 2014

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.7 (09.18.2014:2)
OS: Windows 7 Home Premium x64
Ran by Lance on Fri 19/09/2014 at 14:41:10.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 19/09/2014 at 14:46:45.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mark Chen 1234 · Sep 19, 2014

# AdwCleaner v3.310 - Report created 19/09/2014 at 14:36:33
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lance - LANCE-PC
# Running from : C:\Users\Lance\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [927 octets] - [16/09/2014 19:43:09]
AdwCleaner[R1].txt - [916 octets] - [17/09/2014 15:11:38]
AdwCleaner[R2].txt - [1034 octets] - [19/09/2014 14:35:36]
AdwCleaner[S0].txt - [993 octets] - [16/09/2014 19:43:35]
AdwCleaner[S1].txt - [976 octets] - [17/09/2014 15:14:07]
AdwCleaner[S2].txt - [957 octets] - [19/09/2014 14:36:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1016 octets] ##########

Mark Chen 1234 · Sep 19, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Lance (administrator) on LANCE-PC on 19-09-2014 14:49:09
Running from C:\Users\Lance\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\AlarmClock.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

Chrome:
=======
CHR Profile: C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-22]
CHR Extension: (Google Drive) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (WOT) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (Google Search) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-22]
CHR Extension: (AdBlock) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-15]
CHR Extension: (Google Wallet) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (Gmail) - C:\Users\Lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S4 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-09-05] (BitRaider, LLC)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-06-30] (BioWare)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2014-09-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-09-06] (BitRaider)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-04-01] (NVIDIA Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2013-02-22] (Realtek Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 Thermnaltake MS2 Filter; C:\Windows\System32\Drivers\MS2Filter.sys [57072 2010-09-23] (Thermaltake)
R3 Thermnaltake MS2 Filter; C:\Windows\SysWOW64\Drivers\MS2Filter.sys [31360 2010-09-23] (Thermaltake) [File not signed]
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-09-18] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 14:49 - 2014-09-19 14:49 - 00012734 _____ () C:\Users\Lance\Desktop\FRST.txt
2014-09-19 14:47 - 2014-09-19 14:48 - 02105856 _____ (Farbar) C:\Users\Lance\Downloads\FRST64.exe
2014-09-19 14:46 - 2014-09-19 14:46 - 00000767 _____ () C:\Users\Lance\Desktop\JRT.txt
2014-09-19 14:39 - 2014-09-19 08:47 - 01019328 _____ (Thisisu) C:\Users\Lance\Desktop\JRT_NEW.exe
2014-09-19 14:29 - 2014-09-19 14:31 - 00004574 _____ () C:\Users\Lance\Desktop\Rkill.txt
2014-09-19 14:14 - 2014-09-19 14:12 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lance\Desktop\rkill.exe
2014-09-19 14:11 - 2014-09-19 14:12 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lance\Downloads\rkill.exe
2014-09-19 14:07 - 2014-09-19 14:07 - 00025897 _____ () C:\ComboFix.txt
2014-09-19 13:57 - 2014-09-19 13:57 - 05578824 ____R (Swearware) C:\Users\Lance\Desktop\ComboFix.exe
2014-09-19 13:56 - 2014-09-19 13:57 - 05578824 _____ (Swearware) C:\Users\Lance\Downloads\ComboFix (1).exe
2014-09-19 12:57 - 2014-09-19 12:57 - 04524819 _____ () C:\Users\Lance\Desktop\Seasons of Skyrim ENB v0_236 - Complete-23812-v0-236SE.zip
2014-09-19 12:57 - 2014-09-19 12:57 - 00000000 ____D () C:\Users\Lance\Desktop\Seasons of Skyrim ENB v0_236 - Complete-23812-v0-236SE
2014-09-19 12:56 - 2014-09-19 12:57 - 04524819 _____ () C:\Users\Lance\Downloads\Seasons of Skyrim ENB v0_236 - Complete-23812-v0-236SE.zip
2014-09-18 12:42 - 2014-09-18 12:42 - 00017795 _____ () C:\Users\Lance\Desktop\dds.txt
2014-09-18 12:42 - 2014-09-18 12:42 - 00004945 _____ () C:\Users\Lance\Desktop\attach.txt
2014-09-18 11:24 - 2014-09-18 11:24 - 00003154 _____ () C:\Windows\System32\Tasks\{B29D53FA-B16D-418D-A95E-A4E72DD8BADF}
2014-09-18 11:22 - 2014-09-18 11:23 - 00000000 ____D () C:\Users\Lance\Downloads\pbsetup
2014-09-18 11:22 - 2014-09-18 11:22 - 00711649 _____ () C:\Users\Lance\Downloads\pbsetup.zip
2014-09-17 20:00 - 2014-09-17 20:00 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-09-17 19:59 - 2014-09-17 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-09-17 19:44 - 2014-09-17 19:44 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-17 19:42 - 2014-09-17 19:43 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Lance\Desktop\tdsskiller.exe
2014-09-17 19:17 - 2014-09-17 19:17 - 00058016 _____ () C:\Users\Lance\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-17 19:16 - 2014-09-19 14:37 - 00001954 _____ () C:\Windows\PFRO.log
2014-09-17 19:16 - 2014-09-19 14:37 - 00001344 _____ () C:\Windows\setupact.log
2014-09-17 19:16 - 2014-09-17 19:16 - 00268392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-17 19:16 - 2014-09-17 19:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-17 18:23 - 2014-09-17 18:23 - 02347384 _____ (ESET) C:\Users\Lance\Downloads\esetsmartinstaller_enu (1).exe
2014-09-17 13:03 - 2014-09-17 13:05 - 00000000 ____D () C:\Users\Lance\Desktop\Seasons of Skyrim ENB Data Folder UPDATE 3-23812-
2014-09-17 13:02 - 2014-09-17 13:02 - 03064132 _____ () C:\Users\Lance\Downloads\Seasons of Skyrim ENB Data Folder UPDATE 3-23812-.zip
2014-09-17 12:58 - 2014-09-17 12:58 - 00000993 _____ () C:\Users\Lance\Desktop\WinRAR.lnk
2014-09-17 12:58 - 2014-09-17 12:58 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-17 12:58 - 2014-09-17 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-17 12:57 - 2014-09-17 12:58 - 02295284 _____ () C:\Users\Lance\Downloads\enbseries_skyrim_v0236.zip
2014-09-17 12:07 - 2014-09-17 12:07 - 00000680 _____ () C:\Users\Lance\Downloads\DDS Log.zip
2014-09-16 20:27 - 2014-09-16 20:27 - 02347384 _____ (ESET) C:\Users\Lance\Downloads\esetsmartinstaller_enu.exe
2014-09-16 20:00 - 2014-09-18 21:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-16 19:49 - 2011-06-26 16:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-16 19:49 - 2010-11-08 03:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-16 19:49 - 2009-04-20 14:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-16 19:49 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-16 19:49 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-16 19:49 - 2000-08-31 10:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-16 19:49 - 2000-08-31 10:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-16 19:49 - 2000-08-31 10:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-16 19:46 - 2014-09-19 14:07 - 00000000 ____D () C:\Qoobox
2014-09-16 19:46 - 2014-09-16 19:54 - 00000000 ____D () C:\Windows\erdnt
2014-09-16 19:45 - 2014-09-16 19:45 - 00000000 ____D () C:\Windows\ERUNT
2014-09-16 19:42 - 2014-09-19 14:36 - 00000000 ____D () C:\AdwCleaner
2014-09-16 19:39 - 2014-09-16 19:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lance\Desktop\HijackThis.exe
2014-09-16 19:38 - 2014-09-16 19:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lance\Downloads\HijackThis.exe
2014-09-16 19:37 - 2014-09-18 20:52 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-16 19:37 - 2014-09-16 19:37 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-16 19:14 - 2014-09-16 19:17 - 04859480 _____ () C:\Users\Lance\Desktop\RogueKiller.exe
2014-09-16 19:12 - 2014-09-18 21:06 - 00000000 ____D () C:\Users\Lance\Desktop\mbar
2014-09-16 19:10 - 2014-09-16 19:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lance\Downloads\mbar-1.07.0.1012.exe
2014-09-16 19:08 - 2014-09-16 19:08 - 00602112 _____ (OldTimer Tools) C:\Users\Lance\Downloads\OTL.exe
2014-09-16 19:08 - 2014-09-16 19:08 - 00602112 _____ (OldTimer Tools) C:\Users\Lance\Desktop\OTL.exe
2014-09-16 19:07 - 2014-09-16 19:13 - 05579386 _____ (Swearware) C:\Users\Lance\Downloads\ComboFix.exe
2014-09-16 19:07 - 2014-09-16 19:07 - 01373475 _____ () C:\Users\Lance\Desktop\AdwCleaner.exe
2014-09-16 19:07 - 2014-09-16 19:07 - 01016261 _____ (Thisisu) C:\Users\Lance\Desktop\JRT.exe
2014-09-16 19:06 - 2014-09-16 19:07 - 01373475 _____ () C:\Users\Lance\Downloads\AdwCleaner.exe
2014-09-16 19:06 - 2014-09-16 19:07 - 01016261 _____ (Thisisu) C:\Users\Lance\Downloads\JRT.exe
2014-09-16 19:03 - 2014-09-19 14:49 - 00000000 ____D () C:\FRST
2014-09-16 19:01 - 2014-09-19 14:48 - 02105856 _____ (Farbar) C:\Users\Lance\Desktop\FRST64.exe
2014-09-16 12:44 - 2014-09-16 12:45 - 00688992 ____R (Swearware) C:\Users\Lance\Desktop\dds.scr
2014-09-16 12:32 - 2014-09-16 12:36 - 00688992 _____ (Swearware) C:\Users\Lance\Downloads\Unconfirmed 536718.crdownload
2014-09-15 19:47 - 2014-09-15 19:47 - 00167034 _____ () C:\Users\Lance\Downloads\fileassassin-setup-1.06.exe
2014-09-15 19:47 - 2014-09-15 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2014-09-15 19:47 - 2014-09-15 19:47 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2014-09-15 19:30 - 2014-09-19 14:37 - 00197698 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 18:31 - 2014-09-15 18:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-15 14:39 - 2014-09-15 14:39 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-15 14:38 - 2014-09-16 19:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-15 14:38 - 2014-09-16 19:47 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-15 14:37 - 2014-09-19 14:37 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c0e61698-9f91-470a-8f9f-d1a233e4f817.job
2014-09-15 14:37 - 2014-09-15 14:59 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d3e30a1-f090-4e96-8250-279fd036507e.job
2014-09-15 14:37 - 2014-09-15 14:37 - 00003584 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1d3e30a1-f090-4e96-8250-279fd036507e
2014-09-15 14:37 - 2014-09-15 14:37 - 00003510 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task c0e61698-9f91-470a-8f9f-d1a233e4f817
2014-09-15 14:37 - 2014-09-15 14:37 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\SUPERAntiSpyware.com
2014-09-15 14:36 - 2014-09-17 14:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-15 14:36 - 2014-09-15 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-15 14:36 - 2014-09-15 14:36 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-15 14:35 - 2014-09-15 14:37 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lance\Downloads\spybot-2.4.exe
2014-09-15 14:35 - 2014-09-15 14:36 - 19323784 _____ (SUPERAntiSpyware) C:\Users\Lance\Downloads\SUPERAntiSpyware.exe
2014-09-15 14:21 - 2014-09-15 14:21 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-15 14:20 - 2014-09-15 14:21 - 04901352 _____ (Piriform Ltd) C:\Users\Lance\Downloads\ccsetup417.exe
2014-09-14 21:09 - 2014-09-19 14:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 21:09 - 2014-09-18 20:57 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-14 21:09 - 2014-09-15 18:33 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-14 21:09 - 2014-09-15 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-14 21:09 - 2014-09-15 18:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-14 21:09 - 2014-09-14 21:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 21:09 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-14 21:09 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-14 21:08 - 2014-09-14 21:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 21:05 - 2014-09-14 21:05 - 01138860 _____ (Malwarebytes Corporation ) C:\Users\Lance\Downloads\Unconfirmed 772921.crdownload
2014-09-14 20:16 - 2014-09-14 21:06 - 00000000 ____D () C:\inetpub
2014-09-13 20:09 - 2014-09-13 20:09 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-09-13 20:09 - 2014-09-13 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-09-13 20:00 - 2014-09-13 20:00 - 00010475 _____ () C:\Users\Lance\Documents\Uninstall STAR WARS The Old Republic.log
2014-09-13 17:32 - 2014-09-13 17:32 - 00003044 _____ () C:\Windows\System32\Tasks\{56C92A25-2721-6D00-9B09-537002311D51}
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\JxvgVXPQ
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-12 21:36 - 2014-08-20 04:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 21:36 - 2014-08-20 03:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 21:36 - 2014-08-19 09:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 21:36 - 2014-08-19 08:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 21:36 - 2014-08-19 08:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 21:36 - 2014-08-19 08:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 21:36 - 2014-08-19 08:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 21:36 - 2014-08-19 08:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 21:36 - 2014-08-19 08:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 21:36 - 2014-08-19 08:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 21:36 - 2014-08-19 08:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 21:36 - 2014-08-19 08:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 21:36 - 2014-08-19 08:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 21:36 - 2014-08-19 08:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 21:36 - 2014-08-19 08:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 21:36 - 2014-08-19 08:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 21:36 - 2014-08-19 08:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 21:36 - 2014-08-19 08:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 21:36 - 2014-08-19 08:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 21:36 - 2014-08-19 07:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 21:36 - 2014-08-19 07:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 21:36 - 2014-08-19 07:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 21:36 - 2014-08-19 07:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 21:36 - 2014-08-19 07:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 21:36 - 2014-08-19 07:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 21:36 - 2014-08-19 07:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 21:36 - 2014-08-19 07:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 21:36 - 2014-08-19 07:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 21:36 - 2014-08-19 07:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 21:36 - 2014-08-19 07:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 21:36 - 2014-08-19 07:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 21:36 - 2014-08-19 07:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 21:36 - 2014-08-19 07:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 21:36 - 2014-08-19 07:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 21:36 - 2014-08-19 07:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 21:36 - 2014-08-19 07:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 21:36 - 2014-08-19 07:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 21:36 - 2014-08-19 07:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 21:36 - 2014-08-19 07:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 21:36 - 2014-08-19 07:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 21:36 - 2014-08-19 07:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 21:36 - 2014-08-19 07:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 21:36 - 2014-08-19 07:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 21:36 - 2014-08-19 07:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 21:36 - 2014-08-19 07:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 21:36 - 2014-08-19 07:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 21:36 - 2014-08-19 07:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 21:36 - 2014-08-19 07:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 21:36 - 2014-08-19 07:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 21:36 - 2014-08-19 07:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 21:36 - 2014-08-19 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 21:36 - 2014-08-19 06:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 21:36 - 2014-08-19 06:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 21:36 - 2014-08-19 06:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 21:36 - 2014-08-19 06:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 21:36 - 2014-08-19 06:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 21:32 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 21:32 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 17:11 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 17:11 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 17:05 - 2014-09-12 17:05 - 01402920 _____ () C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-12 17:05 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 17:05 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 17:04 - 2014-07-07 12:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 17:04 - 2014-07-07 12:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 17:04 - 2014-07-07 11:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 17:04 - 2014-07-07 11:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 17:04 - 2014-07-07 11:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 18:01 - 2014-09-11 18:01 - 00000000 ____D () C:\Minecraft is awsome
2014-09-11 17:17 - 2014-09-11 17:17 - 00000000 ____D () C:\Users\Lance\Documents\Video Download Capture
2014-09-11 17:16 - 2014-09-11 17:16 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\Apowersoft
2014-09-11 17:16 - 2014-04-09 21:05 - 00031920 _____ (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2014-09-11 17:10 - 2014-09-11 17:15 - 23796776 _____ (APOWERSOFT LIMITED ) C:\Users\Lance\Downloads\video-download-capture.exe
2014-09-07 12:35 - 2014-09-07 12:35 - 00003042 _____ () C:\Windows\System32\Tasks\{43530098-B0FC-441F-9A17-A768CE0C2E16}
2014-09-07 12:35 - 2014-09-07 12:35 - 00000675 ____R () C:\Windows\SysWOW64\default.bitraid
2014-09-05 19:15 - 2014-09-12 16:44 - 00000000 ____D () C:\ProgramData\BitRaider
2014-09-05 19:15 - 2014-09-05 19:15 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-09-05 19:05 - 2014-09-05 19:05 - 00000000 ____D () C:\Users\Lance\AppData\Local\SWTORPerf
2014-09-05 19:04 - 2014-09-05 19:04 - 00015798 _____ () C:\Users\Lance\Documents\Install STAR WARS The Old Republic.log
2014-09-05 19:04 - 2014-09-05 19:04 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-05 19:02 - 2014-09-05 19:03 - 29720272 _____ () C:\Users\Lance\Downloads\SWTOR_setup.exe
2014-08-31 17:21 - 2014-09-06 20:55 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\.minecraft
2014-08-31 17:20 - 2014-08-31 17:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-31 17:20 - 2014-08-31 17:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-31 17:20 - 2014-08-31 17:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-31 17:20 - 2014-08-31 17:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\ProgramData\Sun
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-31 17:19 - 2014-08-31 17:33 - 336754072 ____R () C:\Users\Lance\Downloads\[HorribleSubs] Sword Art Online II - 09 [720p].mkv
2014-08-31 17:18 - 2014-08-31 17:18 - 00918440 _____ (Oracle Corporation) C:\Users\Lance\Downloads\chromeinstall-7u67.exe
2014-08-31 17:18 - 2014-08-31 17:18 - 00675988 _____ () C:\Users\Lance\Downloads\Minecraft.exe
2014-08-31 17:18 - 2014-08-31 17:18 - 00026259 _____ () C:\Users\Lance\Downloads\[kickass.to]horriblesubs.sword.art.online.ii.09.720p.mkv.torrent
2014-08-29 16:57 - 2014-08-29 16:57 - 01397992 _____ () C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-29 15:59 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 15:59 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 15:59 - 2014-08-23 10:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Mark Chen 1234 · Sep 19, 2014

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 14:49 - 2014-09-19 14:49 - 00012734 _____ () C:\Users\Lance\Desktop\FRST.txt
2014-09-19 14:49 - 2014-09-16 19:03 - 00000000 ____D () C:\FRST
2014-09-19 14:48 - 2014-09-19 14:47 - 02105856 _____ (Farbar) C:\Users\Lance\Downloads\FRST64.exe
2014-09-19 14:48 - 2014-09-16 19:01 - 02105856 _____ (Farbar) C:\Users\Lance\Desktop\FRST64.exe
2014-09-19 14:46 - 2014-09-19 14:46 - 00000767 _____ () C:\Users\Lance\Desktop\JRT.txt
2014-09-19 14:45 - 2009-07-14 14:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 14:45 - 2009-07-14 14:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 14:41 - 2014-09-15 19:30 - 00197698 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 14:38 - 2014-09-14 21:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 14:37 - 2014-09-17 19:16 - 00001954 _____ () C:\Windows\PFRO.log
2014-09-19 14:37 - 2014-09-17 19:16 - 00001344 _____ () C:\Windows\setupact.log
2014-09-19 14:37 - 2014-09-15 14:37 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c0e61698-9f91-470a-8f9f-d1a233e4f817.job
2014-09-19 14:37 - 2014-01-25 16:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-19 14:37 - 2014-01-22 19:38 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 14:37 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 14:36 - 2014-09-16 19:42 - 00000000 ____D () C:\AdwCleaner
2014-09-19 14:35 - 2014-01-22 19:44 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\TS3Client
2014-09-19 14:31 - 2014-09-19 14:29 - 00004574 _____ () C:\Users\Lance\Desktop\Rkill.txt
2014-09-19 14:23 - 2014-01-22 19:38 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 14:12 - 2014-09-19 14:14 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lance\Desktop\rkill.exe
2014-09-19 14:12 - 2014-09-19 14:11 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lance\Downloads\rkill.exe
2014-09-19 14:07 - 2014-09-19 14:07 - 00025897 _____ () C:\ComboFix.txt
2014-09-19 14:07 - 2014-09-16 19:46 - 00000000 ____D () C:\Qoobox
2014-09-19 14:06 - 2009-07-14 12:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-19 13:57 - 2014-09-19 13:57 - 05578824 ____R (Swearware) C:\Users\Lance\Desktop\ComboFix.exe
2014-09-19 13:57 - 2014-09-19 13:56 - 05578824 _____ (Swearware) C:\Users\Lance\Downloads\ComboFix (1).exe
2014-09-19 13:57 - 2014-01-22 19:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-19 13:30 - 2014-04-25 20:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 13:07 - 2014-01-24 17:38 - 00000000 ____D () C:\Users\Lance\AppData\Local\Skyrim
2014-09-19 12:57 - 2014-09-19 12:57 - 04524819 _____ () C:\Users\Lance\Desktop\Seasons of Skyrim ENB v0_236 - Complete-23812-v0-236SE.zip
2014-09-19 12:57 - 2014-09-19 12:57 - 00000000 ____D () C:\Users\Lance\Desktop\Seasons of Skyrim ENB v0_236 - Complete-23812-v0-236SE
2014-09-19 12:57 - 2014-09-19 12:56 - 04524819 _____ () C:\Users\Lance\Downloads\Seasons of Skyrim ENB v0_236 - Complete-23812-v0-236SE.zip
2014-09-19 08:47 - 2014-09-19 14:39 - 01019328 _____ (Thisisu) C:\Users\Lance\Desktop\JRT_NEW.exe
2014-09-18 21:50 - 2014-01-23 16:59 - 00000284 _____ () C:\Windows\Tasks\RtlLanOptimizerVistaStart.job
2014-09-18 21:06 - 2014-09-16 20:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-18 21:06 - 2014-09-16 19:12 - 00000000 ____D () C:\Users\Lance\Desktop\mbar
2014-09-18 20:57 - 2014-09-14 21:09 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-18 20:52 - 2014-09-16 19:37 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-18 18:47 - 2014-02-21 16:34 - 00000000 ____D () C:\ProgramData\Origin
2014-09-18 18:47 - 2014-02-21 16:34 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-18 18:47 - 2014-01-23 08:56 - 00000000 ____D () C:\Users\Lance\Documents\My Games
2014-09-18 18:07 - 2014-04-10 16:42 - 00000000 ____D () C:\Users\Lance\Documents\Nexus Mod Manager
2014-09-18 16:13 - 2009-07-14 15:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-18 12:42 - 2014-09-18 12:42 - 00017795 _____ () C:\Users\Lance\Desktop\dds.txt
2014-09-18 12:42 - 2014-09-18 12:42 - 00004945 _____ () C:\Users\Lance\Desktop\attach.txt
2014-09-18 11:24 - 2014-09-18 11:24 - 00003154 _____ () C:\Windows\System32\Tasks\{B29D53FA-B16D-418D-A95E-A4E72DD8BADF}
2014-09-18 11:23 - 2014-09-18 11:22 - 00000000 ____D () C:\Users\Lance\Downloads\pbsetup
2014-09-18 11:22 - 2014-09-18 11:22 - 00711649 _____ () C:\Users\Lance\Downloads\pbsetup.zip
2014-09-17 20:02 - 2014-07-06 21:32 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\uTorrent
2014-09-17 20:00 - 2014-09-17 20:00 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-09-17 19:59 - 2014-09-17 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-09-17 19:44 - 2014-09-17 19:44 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-17 19:43 - 2014-09-17 19:42 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Lance\Desktop\tdsskiller.exe
2014-09-17 19:17 - 2014-09-17 19:17 - 00058016 _____ () C:\Users\Lance\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-17 19:16 - 2014-09-17 19:16 - 00268392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-17 19:16 - 2014-09-17 19:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-17 19:15 - 2014-01-28 17:33 - 00000000 ____D () C:\Windows\Minidump
2014-09-17 19:15 - 2014-01-24 17:41 - 00000000 ____D () C:\Users\Lance\AppData\Local\CrashDumps
2014-09-17 18:23 - 2014-09-17 18:23 - 02347384 _____ (ESET) C:\Users\Lance\Downloads\esetsmartinstaller_enu (1).exe
2014-09-17 14:37 - 2014-09-15 14:36 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-17 13:05 - 2014-09-17 13:03 - 00000000 ____D () C:\Users\Lance\Desktop\Seasons of Skyrim ENB Data Folder UPDATE 3-23812-
2014-09-17 13:02 - 2014-09-17 13:02 - 03064132 _____ () C:\Users\Lance\Downloads\Seasons of Skyrim ENB Data Folder UPDATE 3-23812-.zip
2014-09-17 12:58 - 2014-09-17 12:58 - 00000993 _____ () C:\Users\Lance\Desktop\WinRAR.lnk
2014-09-17 12:58 - 2014-09-17 12:58 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-17 12:58 - 2014-09-17 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-17 12:58 - 2014-09-17 12:57 - 02295284 _____ () C:\Users\Lance\Downloads\enbseries_skyrim_v0236.zip
2014-09-17 12:58 - 2014-07-01 17:58 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-17 12:07 - 2014-09-17 12:07 - 00000680 _____ () C:\Users\Lance\Downloads\DDS Log.zip
2014-09-16 20:27 - 2014-09-16 20:27 - 02347384 _____ (ESET) C:\Users\Lance\Downloads\esetsmartinstaller_enu.exe
2014-09-16 19:55 - 2009-07-14 13:20 - 00000000 __RHD () C:\Users\Default
2014-09-16 19:54 - 2014-09-16 19:46 - 00000000 ____D () C:\Windows\erdnt
2014-09-16 19:47 - 2014-09-15 14:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-16 19:47 - 2014-09-15 14:38 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-16 19:45 - 2014-09-16 19:45 - 00000000 ____D () C:\Windows\ERUNT
2014-09-16 19:39 - 2014-09-16 19:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lance\Desktop\HijackThis.exe
2014-09-16 19:39 - 2014-09-16 19:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lance\Downloads\HijackThis.exe
2014-09-16 19:37 - 2014-09-16 19:37 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-16 19:28 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-16 19:17 - 2014-09-16 19:14 - 04859480 _____ () C:\Users\Lance\Desktop\RogueKiller.exe
2014-09-16 19:13 - 2014-09-16 19:07 - 05579386 _____ (Swearware) C:\Users\Lance\Downloads\ComboFix.exe
2014-09-16 19:11 - 2014-09-16 19:10 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Lance\Downloads\mbar-1.07.0.1012.exe
2014-09-16 19:08 - 2014-09-16 19:08 - 00602112 _____ (OldTimer Tools) C:\Users\Lance\Downloads\OTL.exe
2014-09-16 19:08 - 2014-09-16 19:08 - 00602112 _____ (OldTimer Tools) C:\Users\Lance\Desktop\OTL.exe
2014-09-16 19:07 - 2014-09-16 19:07 - 01373475 _____ () C:\Users\Lance\Desktop\AdwCleaner.exe
2014-09-16 19:07 - 2014-09-16 19:07 - 01016261 _____ (Thisisu) C:\Users\Lance\Desktop\JRT.exe
2014-09-16 19:07 - 2014-09-16 19:06 - 01373475 _____ () C:\Users\Lance\Downloads\AdwCleaner.exe
2014-09-16 19:07 - 2014-09-16 19:06 - 01016261 _____ (Thisisu) C:\Users\Lance\Downloads\JRT.exe
2014-09-16 12:57 - 2014-02-07 18:19 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-16 12:45 - 2014-09-16 12:44 - 00688992 ____R (Swearware) C:\Users\Lance\Desktop\dds.scr
2014-09-16 12:36 - 2014-09-16 12:32 - 00688992 _____ (Swearware) C:\Users\Lance\Downloads\Unconfirmed 536718.crdownload
2014-09-15 19:47 - 2014-09-15 19:47 - 00167034 _____ () C:\Users\Lance\Downloads\fileassassin-setup-1.06.exe
2014-09-15 19:47 - 2014-09-15 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2014-09-15 19:47 - 2014-09-15 19:47 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2014-09-15 18:33 - 2014-09-14 21:09 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-15 18:33 - 2014-09-14 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 18:33 - 2014-09-14 21:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 18:32 - 2014-09-15 18:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-15 14:59 - 2014-09-15 14:37 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d3e30a1-f090-4e96-8250-279fd036507e.job
2014-09-15 14:39 - 2014-09-15 14:39 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-15 14:37 - 2014-09-15 14:37 - 00003584 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1d3e30a1-f090-4e96-8250-279fd036507e
2014-09-15 14:37 - 2014-09-15 14:37 - 00003510 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task c0e61698-9f91-470a-8f9f-d1a233e4f817
2014-09-15 14:37 - 2014-09-15 14:37 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\SUPERAntiSpyware.com
2014-09-15 14:37 - 2014-09-15 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-15 14:37 - 2014-09-15 14:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lance\Downloads\spybot-2.4.exe
2014-09-15 14:36 - 2014-09-15 14:36 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-15 14:36 - 2014-09-15 14:35 - 19323784 _____ (SUPERAntiSpyware) C:\Users\Lance\Downloads\SUPERAntiSpyware.exe
2014-09-15 14:21 - 2014-09-15 14:21 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-15 14:21 - 2014-09-15 14:20 - 04901352 _____ (Piriform Ltd) C:\Users\Lance\Downloads\ccsetup417.exe
2014-09-15 14:21 - 2014-02-14 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-15 14:21 - 2014-02-14 16:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-15 14:04 - 2014-01-20 14:32 - 00000000 ____D () C:\Users\Lance\AppData\Local\VirtualStore
2014-09-15 11:16 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2014-09-14 21:09 - 2014-09-14 21:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 21:09 - 2014-09-14 21:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 21:06 - 2014-09-14 20:16 - 00000000 ____D () C:\inetpub
2014-09-14 21:06 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-09-14 21:06 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-09-14 21:05 - 2014-09-14 21:05 - 01138860 _____ (Malwarebytes Corporation ) C:\Users\Lance\Downloads\Unconfirmed 772921.crdownload
2014-09-14 10:59 - 2014-01-22 19:43 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-09-14 10:51 - 2014-01-22 20:28 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\vlc
2014-09-13 21:18 - 2014-02-07 18:24 - 00283032 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-13 20:09 - 2014-09-13 20:09 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-09-13 20:09 - 2014-09-13 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-09-13 20:00 - 2014-09-13 20:00 - 00010475 _____ () C:\Users\Lance\Documents\Uninstall STAR WARS The Old Republic.log
2014-09-13 18:22 - 2014-04-25 20:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-13 18:22 - 2014-04-25 20:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-13 18:22 - 2014-04-25 20:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-13 17:32 - 2014-09-13 17:32 - 00003044 _____ () C:\Windows\System32\Tasks\{56C92A25-2721-6D00-9B09-537002311D51}
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\JxvgVXPQ
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-12 21:34 - 2014-01-27 20:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 21:33 - 2014-01-27 20:29 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 17:05 - 2014-09-12 17:05 - 01402920 _____ () C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-12 17:05 - 2014-02-21 17:37 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-12 16:44 - 2014-09-05 19:15 - 00000000 ____D () C:\ProgramData\BitRaider
2014-09-11 18:01 - 2014-09-11 18:01 - 00000000 ____D () C:\Minecraft is awsome
2014-09-11 17:17 - 2014-09-11 17:17 - 00000000 ____D () C:\Users\Lance\Documents\Video Download Capture
2014-09-11 17:16 - 2014-09-11 17:16 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\Apowersoft
2014-09-11 17:15 - 2014-09-11 17:10 - 23796776 _____ (APOWERSOFT LIMITED ) C:\Users\Lance\Downloads\video-download-capture.exe
2014-09-07 12:35 - 2014-09-07 12:35 - 00003042 _____ () C:\Windows\System32\Tasks\{43530098-B0FC-441F-9A17-A768CE0C2E16}
2014-09-07 12:35 - 2014-09-07 12:35 - 00000675 ____R () C:\Windows\SysWOW64\default.bitraid
2014-09-06 20:55 - 2014-08-31 17:21 - 00000000 ____D () C:\Users\Lance\AppData\Roaming\.minecraft
2014-09-05 19:15 - 2014-09-05 19:15 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-09-05 19:05 - 2014-09-05 19:05 - 00000000 ____D () C:\Users\Lance\AppData\Local\SWTORPerf
2014-09-05 19:04 - 2014-09-05 19:04 - 00015798 _____ () C:\Users\Lance\Documents\Install STAR WARS The Old Republic.log
2014-09-05 19:04 - 2014-09-05 19:04 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-05 19:03 - 2014-09-05 19:02 - 29720272 _____ () C:\Users\Lance\Downloads\SWTOR_setup.exe
2014-09-05 19:03 - 2014-04-24 17:51 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-08-31 17:33 - 2014-08-31 17:19 - 336754072 ____R () C:\Users\Lance\Downloads\[HorribleSubs] Sword Art Online II - 09 [720p].mkv
2014-08-31 17:20 - 2014-08-31 17:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-31 17:20 - 2014-08-31 17:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-31 17:20 - 2014-08-31 17:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-31 17:20 - 2014-08-31 17:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\ProgramData\Sun
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-31 17:20 - 2014-08-31 17:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-31 17:18 - 2014-08-31 17:18 - 00918440 _____ (Oracle Corporation) C:\Users\Lance\Downloads\chromeinstall-7u67.exe
2014-08-31 17:18 - 2014-08-31 17:18 - 00675988 _____ () C:\Users\Lance\Downloads\Minecraft.exe
2014-08-31 17:18 - 2014-08-31 17:18 - 00026259 _____ () C:\Users\Lance\Downloads\[kickass.to]horriblesubs.sword.art.online.ii.09.720p.mkv.torrent
2014-08-29 16:57 - 2014-08-29 16:57 - 01397992 _____ () C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-25 06:53 - 2010-11-21 13:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 12:07 - 2014-08-29 15:59 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 11:45 - 2014-08-29 15:59 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 10:59 - 2014-08-29 15:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 04:05 - 2014-09-12 21:36 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-20 03:39 - 2014-09-12 21:36 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\Lance\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-17 17:21

==================== End Of Log ============================

Mark Chen 1234 · Sep 19, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Lance at 2014-09-16 19:41:52
Running from C:\Users\Lance\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.01.0.0 - )
@Bios B13.0703.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@Bios B13.0703.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
App Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.13.0703 - Gigabyte)
App Center (x32 Version: 1.13.0703 - Gigabyte) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version: - Zombie, Inc.)
BUSB B13.0508.1 (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.00.0000 - GIGABYTE)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
EZSetupN B13.0628.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
EZSetupN B13.0628.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
LanOptimizer (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.3 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ON_OFF Charge 2 B13.0506.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0506.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.3 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Smart Recovery 2 B13.0627.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B13.0508.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B13.0508.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.50 - Bioware/EA)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1146 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tt eSPORTS BLACK Element (HKLM-x32\...\{BCE1F657-CD3C-434A-9724-09A43783A8EA}) (Version: 0.0.1 - Thermaltake)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

14-09-2014 09:00:01 Windows Backup
14-09-2014 09:39:06 Windows Backup
14-09-2014 10:15:18 Windows Modules Installer
14-09-2014 11:04:38 Windows Modules Installer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D135FA7-8138-46BF-893D-12AC7AABCC13} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {133568F4-CC3E-45CB-ABFF-FFF4E40C4176} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: {286E0EE3-5D95-4B15-8C2B-FDE77766BD66} - System32\Tasks\{56C92A25-2721-6D00-9B09-537002311D51} => C:\Users\Lance\AppData\Roaming\JxvgVXPQ\MtgKGFlL\nIctsxXQ\TRMQeRFzT.exe [2014-03-04] ()
Task: {40C58110-AE04-4E61-A335-90F1FED69C98} - System32\Tasks\SUPERAntiSpyware Scheduled Task c0e61698-9f91-470a-8f9f-d1a233e4f817 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {67328F61-A2F2-417F-A73A-28C672ED4581} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {68ACEA88-348C-47D6-9FEB-64E2FC5F81E3} - System32\Tasks\RtlLanOptimizerVistaStart => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe [2013-06-05] (Realtek Semiconductor)
Task: {985B3383-75E0-4EF9-A1EF-9D6D1F6A8A85} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {A13A6A3E-C0D2-4647-9C13-D2487ED14CED} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {A3302BB4-61FB-41BE-A9F4-03C251699EF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A9AE711C-31B4-4BC4-9317-F219D6765913} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1d3e30a1-f090-4e96-8250-279fd036507e => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {E335F39A-FF31-4CEC-BED9-0B5268F11E52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-13] (Adobe Systems Incorporated)
Task: {E759084D-58FC-4AFA-A997-5BC0F4187825} - System32\Tasks\{43530098-B0FC-441F-9A17-A768CE0C2E16} => C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
Task: {F09BCC7D-29A3-43D7-9592-D2DCA3851B6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RtlLanOptimizerVistaStart.job => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d3e30a1-f090-4e96-8250-279fd036507e.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c0e61698-9f91-470a-8f9f-d1a233e4f817.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Lance\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\HijackThis.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\OTL.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\335.23-desktop-win8-win7-winvista-64bit-english-whql.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_130.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_131.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_133.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.4.0_141.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.0_148.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.1_149.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\ccsetup410.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\ccsetup417.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\chromeinstall-7u67.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\dds.scr:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\fileassassin-setup-1.06.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Hearthstone-Setup-enUS (1).exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Hearthstone-Setup-enUS.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\HijackThis.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012 (1).exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\mbar-1.07.0.1012.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Minecraft.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Nexus Mod Manager-0.49.3.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\OTL.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\RogueKiller.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\spybot-2.4.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\SUPERAntiSpyware.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\SWTOR_setup.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Unconfirmed 536718.crdownload:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\uTorrent.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\video-download-capture.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Tt eSPORTS BLACK Element Gaming Mouse => "C:\Program Files (x86)\Thermaltake\Tt eSPORTS BLACK Element\BlackElement.exe" /Automation
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Lance\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2014 07:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1900

Start Time: 01cfd18da4b33d30

Termination Time: 10

Application Path: C:\Windows\explorer.exe

Report Id: 2f0b0666-3d85-11e4-8f84-94de80c1c49e

Error: (09/16/2014 07:07:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000024
Fault offset: 0x00000000000cd7e8
Faulting process id: 0x8a0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (09/16/2014 06:51:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (09/16/2014 06:45:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: netsh.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc93d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00494af0
Faulting process id: 0xacc
Faulting application start time: 0xnetsh.exe0
Faulting application path: netsh.exe1
Faulting module path: netsh.exe2
Report Id: netsh.exe3

Error: (09/16/2014 06:45:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2014 06:43:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: netsh.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc93d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1540
Faulting application start time: 0xnetsh.exe0
Faulting application path: netsh.exe1
Faulting module path: netsh.exe2
Report Id: netsh.exe3

Error: (09/16/2014 06:42:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2014 00:48:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (09/16/2014 00:42:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: netsh.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc93d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00295fd5
Faulting process id: 0xeec
Faulting application start time: 0xnetsh.exe0
Faulting application path: netsh.exe1
Faulting module path: netsh.exe2
Report Id: netsh.exe3

Error: (09/16/2014 00:42:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (09/16/2014 07:41:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (09/16/2014 07:41:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (09/16/2014 07:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.17567190001cfd18da4b33d3010C:\Windows\explorer.exe2f0b0666-3d85-11e4-8f84-94de80c1c49e

Error: (09/16/2014 07:07:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000002400000000000cd7e88a001cfd18a803488b7C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlle0b30bd2-3d80-11e4-8f84-94de80c1c49e

Error: (09/16/2014 06:51:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000C1390000C1390000980B0000

Error: (09/16/2014 06:45:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: netsh.exe6.1.7600.163854a5bc93dunknown0.0.0.000000000c000000500494af0acc01cfd18a8255a3d6C:\Windows\SysWOW64\netsh.exeunknownca5928e6-3d7d-11e4-8f84-94de80c1c49e

Error: (09/16/2014 06:45:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2014 06:43:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: netsh.exe6.1.7600.163854a5bc93dunknown0.0.0.000000000c000000500000000154001cfd18a47838c19C:\Windows\SysWOW64\netsh.exeunknown8627a616-3d7d-11e4-b28c-94de80c1c49e

Error: (09/16/2014 06:42:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2014 00:48:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000C1390000C1390000980B0000

Error: (09/16/2014 00:42:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: netsh.exe6.1.7600.163854a5bc93dunknown0.0.0.000000000c000000500295fd5eec01cfd157e24bfee5C:\Windows\SysWOW64\netsh.exeunknown23968110-3d4b-11e4-b45e-94de80c1c49e

Error: (09/16/2014 00:42:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Broni · Sep 19, 2014

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Mark Chen 1234 · Sep 20, 2014

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Lance at 2014-09-20 18:05:46 Run:1
Running from C:\Users\Lance\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Users\Lance\AppData\Local\Temp\Quarantine.exe
AlternateDataStreams: C:\Users\Lance\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\HijackThis.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Lance\Desktop\OTL.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\335.23-desktop-win8-win7-winvista-64bit-english-whql.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_130.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_131.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_133.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.4.0_141.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.0_148.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.1_149.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\ccsetup410.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\ccsetup417.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\chromeinstall-7u67.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\dds.scr:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\fileassassin-setup-1.06.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Hearthstone-Setup-enUS (1).exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Hearthstone-Setup-enUS.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\HijackThis.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012 (1).exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\mbar-1.07.0.1012.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Minecraft.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Nexus Mod Manager-0.49.3.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\OTL.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\RogueKiller.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\spybot-2.4.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\SUPERAntiSpyware.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\SWTOR_setup.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\Unconfirmed 536718.crdownload:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\uTorrent.exe:BDU
AlternateDataStreams: C:\Users\Lance\Downloads\video-download-capture.exe:BDU

*****************

3 catchme; \??\C:\ComboFix\catchme.sys [X] => Error: No automatic fix found for this entry.
C:\Users\Lance\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Lance\Desktop\AdwCleaner.exe => ":BDU" ADS removed successfully.
"C:\Users\Lance\Desktop\ComboFix.exe" => ":BDU" ADS not found.
C:\Users\Lance\Desktop\FRST64.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Desktop\HijackThis.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Desktop\JRT.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Desktop\OTL.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\335.23-desktop-win8-win7-winvista-64bit-english-whql.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\337.88-desktop-win8-win7-winvista-64bit-english-whql.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\AdwCleaner.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_130.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_131.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\battlelog-web-plugins_2.3.2_133.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\battlelog-web-plugins_2.4.0_141.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.0_148.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\battlelog-web-plugins_2.5.1_149.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\ccsetup410.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\ccsetup417.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\chromeinstall-7u67.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\ComboFix.exe => ":BDU" ADS removed successfully.
"C:\Users\Lance\Downloads\dds.scr" => ":BDU" ADS not found.
C:\Users\Lance\Downloads\fileassassin-setup-1.06.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\Hearthstone-Setup-enUS (1).exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\Hearthstone-Setup-enUS.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\HijackThis.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\JRT.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012 (1).exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\mbam-setup-2.0.2.1012.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\mbar-1.07.0.1012.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\Minecraft.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\Nexus Mod Manager-0.49.3.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\OTL.exe => ":BDU" ADS removed successfully.
"C:\Users\Lance\Downloads\RogueKiller.exe" => ":BDU" ADS not found.
C:\Users\Lance\Downloads\spybot-2.4.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\SUPERAntiSpyware.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\SWTOR_setup.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\Unconfirmed 536718.crdownload => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\uTorrent.exe => ":BDU" ADS removed successfully.
C:\Users\Lance\Downloads\video-download-capture.exe => ":BDU" ADS removed successfully.

==== End of Fixlog ====

Broni · Sep 21, 2014

Good

How is computer doing?

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Windows Defender
- Other Services
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Internet Explorer users - Click on this link to open ESET OnlineScan.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on ESET Smart Installer to download the ESET Smart Installer. Save it to your desktop.
- Double click on the http://www.bleepstatic.com/fhost/uploads/0/esetsmartinstaller_enu.png][/url] icon on your desktop.
  [/LIST]
  [*]Check [I]"YES, I accept the Terms of Use."[/I]
  [*]Click the [b]Start[/b] button.
  [*]Accept any security warnings from your browser.[/*]
  [*]Check [I]"Enable detection of potentially unwanted applications"[/I].
  [*]Click [I]Advanced settings[/I] and make sure all 4 boxes are checkmarked (two of them are already checkmarked by default).
  Do NOT checkmark [I]"Use custom proxy settings"[/I]
  [*]Click the [b]Start[/b] button.
  [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  [*]When the scan completes, click [b]List Threats[/b][/*]
  [*]Click [b]Export[/b], and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  [*]Click the [b]Back[/b] button.
  [*]Click the [b]Finish[/b] button.
  [/LIST]

Mark Chen 1234 · Sep 22, 2014

Hey the iexplore.exe has stopped poping up in task manager but I dont know if that means its gone

Mark Chen 1234 · Sep 22, 2014

Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Bitdefender Antivirus Free Edition
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 37.0.2062.103
Google Chrome 37.0.2062.120
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Bitdefender Antivirus Free Edition gzserv.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````

Mark Chen 1234 · Sep 22, 2014

Farbar Service Scanner Version: 21-07-2014
Ran by Lance (administrator) on 22-09-2014 at 21:08:01
Running from "C:\Users\Lance\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

Broni · Sep 22, 2014

It should be gone after running TDSSKiller.

Eset?

Broni · Sep 26, 2014

Still with me?

Broni · Oct 1, 2014

This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.

Inactive-A Iexplore.exe virus

Broni

Posts: 56,041 +516

Mark Chen 1234

Posts: 25 +0

Mark Chen 1234

Posts: 25 +0

Mark Chen 1234

Posts: 25 +0

Mark Chen 1234

Posts: 25 +0

Mark Chen 1234

Posts: 25 +0

Broni

Posts: 56,041 +516

Attachments

Mark Chen 1234

Posts: 25 +0

Broni

Posts: 56,041 +516

Mark Chen 1234

Posts: 25 +0

Mark Chen 1234

Posts: 25 +0

Mark Chen 1234

Posts: 25 +0

Broni

Posts: 56,041 +516

Broni

Posts: 56,041 +516

Broni

Posts: 56,041 +516

Similar threads

Latest posts