Here are the three files.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by Owner (administrator) on OWNER-PC on 08-03-2014 12:19:45
Running from C:\Users\Owner\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Corel) C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\minesweeper\minesweeper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriControl.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-04] (Intel® Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2010-01-11] (CyberLink Corp.)
HKLM-x32\...\Run: [Standby] - C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [105632 2009-12-17] (Corel)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-02] (AVAST Software)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-10-07] (Sendori, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2950786308-227742302-1544317472-1000\...\Run: [AdobeBridge] - [X]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7SMSN
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7SMSN
SearchScopes: HKCU - EFC0243D65A64C06A6B274128A5D59AA URL = http://www.google.co...1I7SMSN_enUS527
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\m0n8rcd9.default-1390617411326
FF NewTab: about:blank
FF Homepage: www.yahoo.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Owner\AppData\Local\Roblox\Versions\version-22d46fdc522044b7\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\m0n8rcd9.default-1390617411326\searchplugins\bingp.xml
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-19]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx []
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
==================== Services (Whitelisted) =================
R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [120096 2013-10-07] (Sendori, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-02] (AVAST Software)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-04] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-10-07] (sendori)
R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-10-07] (Sendori)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-02] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-02] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-02] (AVAST Software)
S3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-05] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2010-01-12] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-08 12:19 - 2014-03-08 12:20 - 00018820 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-03-08 12:18 - 2014-03-08 12:19 - 00000000 ____D () C:\FRST
2014-03-08 12:17 - 2014-03-08 12:17 - 02156544 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-03-07 20:54 - 2014-03-07 21:09 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 20:54 - 2014-03-07 20:54 - 00119000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-07 20:53 - 2014-03-07 21:09 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-03-07 20:53 - 2014-03-07 20:53 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-03-07 20:49 - 2014-03-07 20:49 - 00002226 _____ () C:\Users\Owner\Desktop\avast! Free Antivirus.lnk
2014-03-07 20:47 - 2014-03-07 20:47 - 02218636 _____ () C:\Users\Owner\Downloads\tdsskiller.zip
2014-03-06 20:35 - 2014-03-06 20:35 - 00011947 _____ () C:\Users\Owner\Desktop\hijackthis7.log
2014-03-06 20:17 - 2014-03-06 20:17 - 00047074 _____ () C:\ComboFix.txt
2014-03-06 19:11 - 2014-03-06 19:11 - 00006285 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-03-06 19:03 - 2014-03-06 19:03 - 00001504 _____ () C:\Users\Owner\Desktop\RKreport[2]_D_03062014_02d1903.txt
2014-03-06 19:00 - 2014-03-07 21:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-06 19:00 - 2014-03-06 19:00 - 00001538 _____ () C:\Users\Owner\Desktop\RKreport[1]_S_03062014_02d1900.txt
2014-03-06 18:44 - 2014-03-06 18:44 - 00000000 ____D () C:\windows\pss
2014-03-02 20:37 - 2014-03-02 20:37 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 20:36 - 2014-03-02 20:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 20:36 - 2014-03-02 20:37 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 20:36 - 2014-03-02 20:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 20:36 - 2014-03-02 20:36 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 20:30 - 2014-03-02 20:30 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-02 20:28 - 2014-03-02 21:08 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DiskAid
2014-03-02 20:28 - 2014-03-02 20:28 - 00000000 ____D () C:\Users\Owner\AppData\Local\DigiDNA
2014-03-02 20:27 - 2014-03-02 20:38 - 00000991 _____ () C:\Users\Public\Desktop\DiskAid.lnk
2014-03-02 20:27 - 2014-03-02 20:38 - 00000000 ____D () C:\Program Files (x86)\DiskAid
2014-03-02 20:27 - 2014-03-02 20:27 - 12840328 _____ (DigiDNA ) C:\Users\Owner\Downloads\DiskAid_6_5_6.exe
2014-03-02 11:37 - 2014-03-02 11:37 - 00000000 ____D () C:\Users\Owner\AppData\Local\MediaMonkey
2014-03-02 11:36 - 2014-03-02 20:24 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MediaMonkey
2014-03-02 11:18 - 2014-03-02 11:34 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Syncios
2014-03-02 11:18 - 2014-03-02 11:18 - 00000000 ____D () C:\Users\Owner\Documents\Syncios
2014-03-02 11:17 - 2014-03-02 11:17 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Owner\Downloads\syncios.exe
2014-02-21 11:18 - 2014-03-06 19:07 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-02-21 11:15 - 2014-02-21 11:15 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Owner\Desktop\CouponPrinterCPS.exe
2014-02-19 19:20 - 2014-02-19 19:21 - 34637975 _____ (MIT Media Lab Lifelong Kindergarten Group) C:\Users\Owner\Downloads\ScratchInstaller1.4.exe
2014-02-17 21:00 - 2014-02-17 21:00 - 00001077 _____ () C:\Users\Owner\Desktop\Kaspersky Security Scan.lnk
2014-02-17 21:00 - 2014-02-17 21:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2014-02-17 20:59 - 2014-02-17 20:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-17 20:59 - 2014-02-17 20:59 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-02-17 20:57 - 2014-02-17 20:57 - 00185800 _____ (Лаборатория Касперского) C:\Users\Owner\Downloads\kss12.0.1.117abRU_EN_DE_FR_ES_IT_JA_PT_ZH_5203.exe
2014-02-17 20:42 - 2014-02-16 20:39 - 00000426 _____ () C:\AVScanner.ini
2014-02-15 16:36 - 2014-02-15 16:36 - 00000000 ____D () C:\Users\Owner\Documents\Verizon
2014-02-15 08:21 - 2014-02-20 01:33 - 01037734 _____ (Thisisu) C:\Users\Owner\Desktop\JRT_NEW.exe
2014-02-15 08:14 - 2014-02-15 08:14 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.adobe.amp
2014-02-15 08:10 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-15 08:10 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-15 08:09 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-15 08:09 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-15 08:09 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-15 08:09 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-15 08:09 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-15 08:09 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-15 08:09 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-15 08:09 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-15 08:09 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-15 08:09 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-15 08:09 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-15 08:09 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-15 08:09 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-15 08:09 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-15 08:09 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-15 08:09 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-15 08:09 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-15 08:09 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-15 08:09 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-15 08:09 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-15 08:09 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-15 08:09 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-15 08:09 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-15 08:09 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-15 08:09 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-15 08:09 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-15 08:09 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-15 08:09 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-15 08:09 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-15 08:09 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-15 08:09 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-15 08:09 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-15 08:09 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-15 08:09 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-15 08:09 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-15 08:09 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-15 08:09 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-15 08:09 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-15 08:09 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-13 08:23 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-13 08:23 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-13 08:23 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-13 08:23 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-13 08:23 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-13 08:23 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-02-13 08:23 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-13 08:23 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-12 21:24 - 2014-02-20 21:17 - 00000000 ____D () C:\Users\Owner\AppData\Local\MetaGeek,_LLC
2014-02-12 21:23 - 2014-02-17 21:04 - 00002471 _____ () C:\Users\Public\Desktop\inSSIDer Home.lnk
2014-02-12 21:23 - 2014-02-12 21:23 - 00000000 ____D () C:\Program Files (x86)\inSSIDer Home
2014-02-12 21:22 - 2014-02-12 21:22 - 04767744 _____ () C:\Users\Owner\Downloads\inSSIDer-installer.msi
2014-02-09 17:09 - 2014-02-09 17:09 - 00921000 _____ (Oracle Corporation) C:\Users\Owner\Downloads\77jxpiinstall.exe
==================== One Month Modified Files and Folders =======
2014-03-08 12:20 - 2014-03-08 12:19 - 00018820 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-03-08 12:19 - 2014-03-08 12:18 - 00000000 ____D () C:\FRST
2014-03-08 12:17 - 2014-03-08 12:17 - 02156544 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-03-08 12:17 - 2013-03-22 01:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-03-08 12:16 - 2013-12-02 11:43 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-03-08 12:15 - 2014-01-06 15:49 - 00001344 _____ () C:\windows\Tasks\FreeHDSport TV V6.0-updater.job
2014-03-08 12:15 - 2014-01-06 15:48 - 00002248 _____ () C:\windows\Tasks\FreeHDSport TV V6.0-firefoxinstaller.job
2014-03-08 12:15 - 2013-03-18 21:59 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-08 12:15 - 2010-05-03 00:52 - 01375838 _____ () C:\windows\WindowsUpdate.log
2014-03-07 21:09 - 2014-03-07 20:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 21:09 - 2014-03-07 20:53 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-03-07 21:00 - 2014-03-06 19:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-07 20:54 - 2014-03-07 20:54 - 00119000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-07 20:53 - 2014-03-07 20:53 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-03-07 20:49 - 2014-03-07 20:49 - 00002226 _____ () C:\Users\Owner\Desktop\avast! Free Antivirus.lnk
2014-03-07 20:49 - 2013-11-22 17:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-03-07 20:47 - 2014-03-07 20:47 - 02218636 _____ () C:\Users\Owner\Downloads\tdsskiller.zip
2014-03-06 20:35 - 2014-03-06 20:35 - 00011947 _____ () C:\Users\Owner\Desktop\hijackthis7.log
2014-03-06 20:17 - 2014-03-06 20:17 - 00047074 _____ () C:\ComboFix.txt
2014-03-06 20:17 - 2013-03-24 00:21 - 00000000 ____D () C:\Qoobox
2014-03-06 20:15 - 2009-07-13 21:34 - 00000215 _____ () C:\windows\system.ini
2014-03-06 19:25 - 2009-07-13 23:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 19:25 - 2009-07-13 23:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 19:14 - 2013-12-08 00:27 - 00015532 _____ () C:\windows\setupact.log
2014-03-06 19:14 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-06 19:11 - 2014-03-06 19:11 - 00006285 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-03-06 19:07 - 2014-02-21 11:18 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-03-06 19:03 - 2014-03-06 19:03 - 00001504 _____ () C:\Users\Owner\Desktop\RKreport[2]_D_03062014_02d1903.txt
2014-03-06 19:02 - 2013-06-01 11:19 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-03-06 19:00 - 2014-03-06 19:00 - 00001538 _____ () C:\Users\Owner\Desktop\RKreport[1]_S_03062014_02d1900.txt
2014-03-06 18:44 - 2014-03-06 18:44 - 00000000 ____D () C:\windows\pss
2014-03-06 18:37 - 2009-07-14 00:13 - 00780908 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-06 18:33 - 2010-08-19 01:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2014-03-06 18:30 - 2013-12-08 00:27 - 00139092 _____ () C:\windows\PFRO.log
2014-03-04 11:36 - 2013-11-13 21:09 - 00000000 ____D () C:\Users\Owner\Desktop\Seths stuff
2014-03-02 21:08 - 2014-03-02 20:28 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DiskAid
2014-03-02 21:05 - 2014-01-16 07:41 - 00003340 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2950786308-227742302-1544317472-1000
2014-03-02 21:05 - 2014-01-16 07:41 - 00003206 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2950786308-227742302-1544317472-1000
2014-03-02 20:38 - 2014-03-02 20:27 - 00000991 _____ () C:\Users\Public\Desktop\DiskAid.lnk
2014-03-02 20:38 - 2014-03-02 20:27 - 00000000 ____D () C:\Program Files (x86)\DiskAid
2014-03-02 20:37 - 2014-03-02 20:37 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 20:37 - 2014-03-02 20:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 20:37 - 2014-03-02 20:36 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 20:37 - 2014-03-02 20:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 20:36 - 2014-03-02 20:36 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 20:33 - 2013-03-13 21:33 - 00000000 ____D () C:\ProgramData\Apple
2014-03-02 20:30 - 2014-03-02 20:30 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-02 20:28 - 2014-03-02 20:28 - 00000000 ____D () C:\Users\Owner\AppData\Local\DigiDNA
2014-03-02 20:27 - 2014-03-02 20:27 - 12840328 _____ (DigiDNA ) C:\Users\Owner\Downloads\DiskAid_6_5_6.exe
2014-03-02 20:24 - 2014-03-02 11:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MediaMonkey
2014-03-02 11:37 - 2014-03-02 11:37 - 00000000 ____D () C:\Users\Owner\AppData\Local\MediaMonkey
2014-03-02 11:34 - 2014-03-02 11:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Syncios
2014-03-02 11:18 - 2014-03-02 11:18 - 00000000 ____D () C:\Users\Owner\Documents\Syncios
2014-03-02 11:17 - 2014-03-02 11:17 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Owner\Downloads\syncios.exe
2014-03-02 07:01 - 2013-06-15 08:46 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\iFunbox_UserCache
2014-02-23 09:06 - 2013-03-18 21:59 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-23 09:05 - 2013-12-11 12:57 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-23 09:05 - 2013-03-18 21:59 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 11:15 - 2014-02-21 11:15 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Owner\Desktop\CouponPrinterCPS.exe
2014-02-20 21:17 - 2014-02-12 21:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\MetaGeek,_LLC
2014-02-20 19:35 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2014-02-20 16:55 - 2013-06-15 17:42 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Real
2014-02-20 16:55 - 2013-06-15 17:41 - 00000000 ____D () C:\ProgramData\Real
2014-02-20 08:42 - 2013-10-07 19:31 - 00000000 ____D () C:\Users\Owner\Documents\Scratch Projects
2014-02-20 01:33 - 2014-02-15 08:21 - 01037734 _____ (Thisisu) C:\Users\Owner\Desktop\JRT_NEW.exe
2014-02-19 19:21 - 2014-02-19 19:20 - 34637975 _____ (MIT Media Lab Lifelong Kindergarten Group) C:\Users\Owner\Downloads\ScratchInstaller1.4.exe
2014-02-17 21:09 - 2013-03-24 00:21 - 05183112 ____R (Swearware) C:\Users\Owner\Downloads\ComboFix.exe
2014-02-17 21:04 - 2014-02-12 21:23 - 00002471 _____ () C:\Users\Public\Desktop\inSSIDer Home.lnk
2014-02-17 21:00 - 2014-02-17 21:00 - 00001077 _____ () C:\Users\Owner\Desktop\Kaspersky Security Scan.lnk
2014-02-17 21:00 - 2014-02-17 21:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2014-02-17 20:59 - 2014-02-17 20:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-17 20:59 - 2014-02-17 20:59 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-02-17 20:57 - 2014-02-17 20:57 - 00185800 _____ (Лаборатория Касперского) C:\Users\Owner\Downloads\kss12.0.1.117abRU_EN_DE_FR_ES_IT_JA_PT_ZH_5203.exe
2014-02-16 20:39 - 2014-02-17 20:42 - 00000426 _____ () C:\AVScanner.ini
2014-02-16 19:43 - 2013-04-13 17:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-02-16 16:38 - 2013-07-17 06:42 - 00000000 ____D () C:\windows\system32\MRT
2014-02-16 16:36 - 2013-06-08 19:50 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-15 16:36 - 2014-02-15 16:36 - 00000000 ____D () C:\Users\Owner\Documents\Verizon
2014-02-15 08:24 - 2013-06-08 19:05 - 00775124 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-15 08:14 - 2014-02-15 08:14 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.adobe.amp
2014-02-12 21:23 - 2014-02-12 21:23 - 00000000 ____D () C:\Program Files (x86)\inSSIDer Home
2014-02-12 21:22 - 2014-02-12 21:22 - 04767744 _____ () C:\Users\Owner\Downloads\inSSIDer-installer.msi
2014-02-09 17:09 - 2014-02-09 17:09 - 00921000 _____ (Oracle Corporation) C:\Users\Owner\Downloads\77jxpiinstall.exe
2014-02-09 16:38 - 2013-05-08 21:40 - 00000000 ____D () C:\Users\Owner\AppData\Local\Microsoft Games
2014-02-09 16:30 - 2014-01-26 15:20 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\HpUpdate
2014-02-06 07:16 - 2014-02-15 08:09 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-15 08:09 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-15 08:09 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-15 08:09 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-15 08:09 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-15 08:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-15 08:09 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-15 08:09 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-15 08:09 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-15 08:09 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-15 08:09 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-15 08:09 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-15 08:09 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-15 08:09 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-15 08:09 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-15 08:09 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-15 08:09 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-15 08:09 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-15 08:09 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-15 08:09 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-15 08:09 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-15 08:09 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-15 08:09 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-15 08:09 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-15 08:09 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-15 08:09 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-15 08:09 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-15 08:09 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-15 08:09 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-15 08:09 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-15 08:09 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-15 08:09 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-15 08:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-15 08:09 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-15 08:09 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-15 08:09 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-15 08:09 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-15 08:09 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-15 08:09 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-02 12:08
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2014 01
Ran by Owner at 2014-03-08 12:20:26
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Dreamweaver CS5 (HKLM-x32\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
BatteryLifeExtender (HKLM-x32\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
ChargeableUSB (HKLM-x32\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
ContentHD (x32 Version: 1.00.0002 - Corel Corporation) Hidden
Contents (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.272 - Corel Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated) <==== ATTENTION
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.3226 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2511 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2511 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3604b - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.0.3604b - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3904 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 7.0.3904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3228f - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.3228f - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2429 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
DeviceIO (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
DiskAid 6.5.6.0 (HKLM\...\DiskAid_is1) (Version: 6.5.6.0 - DigiDNA)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ExtractNow (HKLM-x32\...\ExtractNow) (Version: - Nathan Moinvaziri)
FreeHDSport TV V6.0 (HKLM-x32\...\FreeHDSport TV V6.0) (Version: 1.31.153.0 - installdaddy) <==== ATTENTION
GNS3 0.8.5 (HKLM-x32\...\GNS3) (Version: 0.8.5 - )
HP Photosmart 6510 series Basic Device Software (HKLM\...\{1952AED6-2908-418F-B9D8-AC359651F92D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
ICA (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
iFunbox (v2.6.2375.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.6.2375.747 - )
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel PROSet Wireless (Version: - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2102 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel® Wireless Display (HKLM\...\{BF8D7372-5200-4EC7-9FB0-5398D108F81C}) (Version: 1.2.14.0 - Intel Corporation)
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Standard for Students and Teachers (HKLM-x32\...\{913D0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MLE (x32 Version: 1.0.0.18 - Corel Corporation) Hidden
Monkey Quest (HKLM-x32\...\Monkey Quest) (Version: 1.0 - Viacom)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
PureHD (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Retrovirus (HKLM-x32\...\Steam App 227800) (Version: - Cadenza Interactive)
ROBLOX Player for Owner (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio 2013 for Owner (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{749BDD29-D756-4B9B-8022-3E666A24C13F}) (Version: 1.1.3 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
ScorpionSaver (HKLM-x32\...\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
ScorpionSaver Services (HKLM\...\{6E810AB6-F34E-49A3-A93F-9E503660F718}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Sendori (HKLM-x32\...\Sendori) (Version: 2.0.16 - Sendori, Inc.)
Setup (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.272 - Corel Corporation) Hidden
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.5 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.5 - SmartSound Software Inc.) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
TouchCopy 12 (HKLM-x32\...\{669211D2-2F83-456E-83D9-EF959AD3681F}) (Version: 12.24 - Wide Angle Software)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VIO (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
Visual CertExam Suite (HKLM-x32\...\Visual CertExam Suite_is1) (Version: - Avanset)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VSClassic (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.272 - Corel Corporation) Hidden
War Thunder Launcher 1.0.1.278 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.10.1 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.1 - The Wireshark developer community, http://www.wireshark.org)
==================== Restore Points =========================
16-02-2014 21:33:17 Windows Modules Installer
16-02-2014 21:34:54 Windows Modules Installer
26-02-2014 16:23:31 Scheduled Checkpoint
07-03-2014 01:02:55 ComboFix created restore point
==================== Hosts content: ==========================
2009-07-13 21:34 - 2014-03-06 20:14 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0A44B892-D808-47D0-97BD-63F6D7F27A52} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics)
Task: {0C9289E5-A80F-410A-A211-BD7031107F6B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {2890490B-FF5D-4E99-8E4B-DCA1179CF705} - System32\Tasks\FreeHDSport TV V6.0-updater => C:\Program Files (x86)\FreeHDSport TV V6.0\FreeHDSport TV V6.0-updater.exe [2014-01-06] (installdaddy) <==== ATTENTION
Task: {31C24409-BBE2-48B5-8415-9D792B680D11} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2950786308-227742302-1544317472-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3AC22EAD-A446-402B-A672-C013CD6021D4} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-13] (Samsung Electronics Co., Ltd.)
Task: {3D43B542-A827-4118-8FE4-1311EA243B72} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-23] (Adobe Systems Incorporated)
Task: {5892B29E-7961-4DAB-9643-7BFD385C41F8} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-04-06] (SAMSUNG Electronics co., LTD.)
Task: {641190D6-FA60-4553-84EE-D23D6C41E201} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {7C8F5E20-D3A1-4AA1-B518-D175D48ECC24} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2950786308-227742302-1544317472-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {97C7A3C8-6BB0-4468-9972-8139DE4C9E56} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-11-10] (Samsung Electronics Co., Ltd.)
Task: {9CDC11A6-C6A0-403D-A0FA-BD79BFADA05B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE37D3DD-D8C3-4D30-AB23-AF6B39836DC5} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-18] (SEC)
Task: {B363571B-0AFD-49EE-8473-28ECA64D7EE7} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-18] (Samsung Electronics. Co. Ltd.)
Task: {CB62B6F3-44D7-4ABF-AA33-321099AE4A90} - System32\Tasks\FreeHDSport TV V6.0-firefoxinstaller => C:\Program Files (x86)\FreeHDSport TV V6.0\FreeHDSport TV V6.0-firefoxinstaller.exe [2014-01-06] (installdaddy) <==== ATTENTION
Task: {CBCFE404-CF65-4053-B2C7-F40C86EFEF45} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-02] (AVAST Software)
Task: {D40FED0A-48B9-4956-AE91-CAE45CAB1E30} - System32\Tasks\AdobeAAMUpdater-1.0-Owner-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FreeHDSport TV V6.0-firefoxinstaller.job => C:\Program Files (x86)\FreeHDSport TV V6.0\FreeHDSport TV V6.0-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\FreeHDSport TV V6.0-updater.job => C:\Program Files (x86)\FreeHDSport TV V6.0\FreeHDSport TV V6.0-updater.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2010-03-04 19:21 - 2010-03-04 19:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-05-03 00:59 - 2009-07-07 13:23 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-03-04 19:21 - 2010-03-04 19:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-03-07 20:13 - 2014-03-07 13:45 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030701\algo.dll
2014-03-08 12:17 - 2014-03-08 04:17 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030800\algo.dll
2013-12-02 11:42 - 2013-12-02 11:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-06 19:00 - 2014-03-06 19:00 - 03630704 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-23 09:05 - 2014-02-23 09:05 - 16265096 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Owner\Local Settings:du5uwGMlLCgRtGRro4fqN1TZI2z
AlternateDataStreams: C:\Users\Owner\AppData\Local:du5uwGMlLCgRtGRro4fqN1TZI2z
AlternateDataStreams: C:\Users\Owner\AppData\Local\Application Data:du5uwGMlLCgRtGRro4fqN1TZI2z
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KSS => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/08/2014 00:15:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29875704
Error: (03/08/2014 00:15:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29875704
Error: (03/08/2014 00:15:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2014 00:15:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29874566
Error: (03/08/2014 00:15:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29874566
Error: (03/08/2014 00:15:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2014 03:57:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13353
Error: (03/08/2014 03:57:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13353
Error: (03/08/2014 03:57:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2014 03:57:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12230
System errors:
=============
Error: (03/08/2014 03:57:30 AM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (03/08/2014 03:57:31 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/07/2014 08:13:23 PM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (03/07/2014 01:02:39 PM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (03/07/2014 04:21:42 AM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (03/06/2014 09:21:39 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/06/2014 08:15:02 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (03/06/2014 08:14:12 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (03/06/2014 08:14:11 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (03/06/2014 08:10:59 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Microsoft Office Sessions:
=========================
Error: (03/08/2014 00:15:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29875704
Error: (03/08/2014 00:15:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29875704
Error: (03/08/2014 00:15:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2014 00:15:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29874566
Error: (03/08/2014 00:15:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29874566
Error: (03/08/2014 00:15:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2014 03:57:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13353
Error: (03/08/2014 03:57:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13353
Error: (03/08/2014 03:57:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2014 03:57:49 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12230
CodeIntegrity Errors:
===================================
Date: 2014-03-06 20:14:12.069
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-06 20:14:11.945
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-06 20:14:11.835
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-06 20:14:11.726
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-17 21:23:53.806
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-17 21:23:53.697
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-17 21:23:53.588
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-17 21:23:53.463
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-12-08 00:25:36.005
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-12-08 00:25:35.896
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 3892.54 MB
Available physical RAM: 2252.67 MB
Total Pagefile: 7783.27 MB
Available Pagefile: 5385.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:720.25 GB) (Free:580.27 GB) NTFS
Drive d: () (Fixed) (Total:191.16 GB) (Free:186.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3137C1B8)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=720 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=191 GB) - (Type=OF Extended)
==================== End Of Log ============================
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-08 12:38:25
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000071 ATA_____ rev.0002 931.51GB
Running: GMER.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kgloapow.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----