Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 02
Ran by steph (administrator) on STEPH-PC on 01-05-2014 14:47:18
Running from C:\Users\steph\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\Asus\InstantOn for NB\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\Asus\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\WDC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\Asus\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\Asus\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\Asus\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\Social Privacy DNS\dnswatch.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\Asus\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-18] (ASUS)
HKLM-x32\...\Run: [dnsshield] => C:\Program Files (x86)\Social Privacy DNS\dnswatch.exe [214016 2013-11-28] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-01] (Microsoft Corporation)
HKU\S-1-5-21-4010653172-623774165-1176597284-1001\...\Run: [Google Update] => C:\Users\steph\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-20] (Google Inc.)
HKU\S-1-5-21-4010653172-623774165-1176597284-1001\...\Run: [GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-23] (Google Inc.)
AppInit_DLLs: C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files => C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files File Not Found
AppInit_DLLs-x32: C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files => "C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe ()
==================== Internet (Whitelisted) ====================
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Social Privacy - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll No File
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: GreatArcadeHits Add-on - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Users\steph\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3BD90CE2-2058-41CD-8FD8-3637A49D5CA7}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{74F9D3B9-726F-4F04-B58C-7ABA91CBE8D0}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{79056CFD-8C06-4990-8D76-397229840373}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{84B157F0-3AD5-4883-8A82-AFE96AFEF7FD}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\steph\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\steph\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\steph\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\steph\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\steph\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\steph\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\steph\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\steph\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\
FF Extension: GreatArcadeHits Add-on - C:\Users\steph\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\ []
FF HKCU\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Social Privacy\FF\
Chrome:
=======
CHR HomePage: hxxp://www.yahoo.com/
CHR StartupUrls: "hxxp://google.com/"
CHR Extension: (Google Docs) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20]
CHR Extension: (Google Drive) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-20]
CHR Extension: (YouTube) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-20]
CHR Extension: (Google Search) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-20]
CHR Extension: (JavaScript Popup Blocker) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2014-01-01]
CHR Extension: (InvisibleHand) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2014-01-01]
CHR Extension: (Google Wallet) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (Gmail) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-20]
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx [2013-11-20]
==================== Services (Whitelisted) =================
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-01 14:47 - 2014-05-01 14:47 - 00000000 ____D () C:\Users\steph\Downloads\FRST-OlderVersion
2014-05-01 14:43 - 2014-05-01 14:43 - 00000707 _____ () C:\Users\steph\Desktop\JRT.txt
2014-05-01 14:27 - 2014-05-01 14:27 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 14:26 - 2014-05-01 14:26 - 01016261 _____ (Thisisu) C:\Users\steph\Downloads\JRT.exe
2014-05-01 14:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-01 14:09 - 2014-05-01 14:13 - 00000000 ____D () C:\AdwCleaner
2014-05-01 14:08 - 2014-05-01 14:09 - 01310621 _____ () C:\Users\steph\Downloads\adwcleaner.exe
2014-05-01 10:39 - 2014-05-01 10:39 - 00001886 _____ () C:\Users\steph\Desktop\fixlist.txt
2014-05-01 10:11 - 2014-05-01 10:11 - 00000000 ____D () C:\Users\steph\AppData\Roaming\Mozilla
2014-04-28 16:11 - 2014-04-28 16:11 - 583655120 _____ () C:\Windows\MEMORY.DMP
2014-04-28 16:11 - 2014-04-28 16:11 - 00262144 _____ () C:\Windows\Minidump\042814-17238-01.dmp
2014-04-28 16:11 - 2014-04-28 16:11 - 00000000 ____D () C:\Windows\Minidump
2014-04-28 15:38 - 2014-04-28 15:39 - 04745728 _____ (AVAST Software) C:\Users\steph\Downloads\aswmbr.exe
2014-04-28 15:17 - 2014-04-28 15:18 - 00025945 _____ () C:\Users\steph\Downloads\Addition.txt
2014-04-28 15:15 - 2014-05-01 14:47 - 00014423 _____ () C:\Users\steph\Downloads\FRST.txt
2014-04-28 15:14 - 2014-05-01 14:47 - 00000000 ____D () C:\FRST
2014-04-28 15:13 - 2014-05-01 14:47 - 02062336 _____ (Farbar) C:\Users\steph\Downloads\FRST64.exe
2014-04-26 15:04 - 2014-05-01 14:21 - 00000562 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4010653172-623774165-1176597284-1001.job
2014-04-26 15:04 - 2014-04-26 15:04 - 00003588 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4010653172-623774165-1176597284-1001
2014-04-26 15:04 - 2014-04-26 15:04 - 00002559 _____ () C:\Users\steph\Desktop\GoToMeeting Quick Connect.lnk
2014-04-26 15:03 - 2014-04-26 15:04 - 00000000 ____D () C:\Users\steph\AppData\Local\Citrix
2014-04-26 11:39 - 2014-04-26 11:39 - 00071398 _____ (jpshortstuff) C:\Users\steph\Downloads\GooredFix (1).exe
2014-04-26 11:37 - 2014-04-26 11:39 - 00000000 ____D () C:\Users\steph\Desktop\GooredFix Backups
2014-04-26 11:36 - 2014-04-26 11:36 - 00071398 _____ (jpshortstuff) C:\Users\steph\Downloads\GooredFix.exe
2014-04-25 12:32 - 2014-04-25 12:32 - 00002116 _____ () C:\Users\steph\Downloads\attachment
2014-04-24 12:15 - 2014-04-24 12:28 - 100307736 _____ (Microsoft Corporation) C:\Users\steph\Downloads\msert (2).exe
2014-04-24 12:13 - 2014-04-24 12:13 - 00085075 _____ () C:\Users\steph\Downloads\msert (1).exe
2014-04-24 12:13 - 2014-04-24 12:13 - 00085073 _____ () C:\Users\steph\Downloads\msert.exe
2014-04-24 11:39 - 2014-04-24 11:39 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-04-24 11:38 - 2014-04-24 11:38 - 00002139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-24 11:35 - 2014-04-24 11:37 - 13829304 _____ (Microsoft Corporation) C:\Users\steph\Downloads\mseinstall.exe
2014-04-24 11:05 - 2014-04-24 11:07 - 00001188 _____ () C:\Users\steph\Desktop\Live PC Help.lnk
2014-04-24 10:46 - 2014-04-24 10:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\steph\Downloads\SpyHunter-Installer.exe
2014-04-24 10:43 - 2014-04-24 10:43 - 00000000 __SHD () C:\Users\steph\AppData\Local\EmieUserList
2014-04-24 10:43 - 2014-04-24 10:43 - 00000000 __SHD () C:\Users\steph\AppData\Local\EmieSiteList
2014-04-24 10:43 - 2014-04-24 10:43 - 00000000 ____D () C:\Users\steph\AppData\Roaming\rightbackup
2014-04-24 10:41 - 2014-04-24 10:41 - 05046352 _____ (Systweak Inc ) C:\Users\steph\Downloads\rcp_dcomnew_sec_728.exe
2014-04-16 17:02 - 2014-03-06 03:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-16 17:02 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-16 17:02 - 2014-03-06 02:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-16 17:02 - 2014-03-06 01:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-16 17:02 - 2014-03-06 01:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-16 17:02 - 2014-03-06 01:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-16 17:02 - 2014-03-06 01:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-16 17:02 - 2014-03-06 01:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-16 17:02 - 2014-03-06 01:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-16 17:02 - 2014-03-06 01:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-16 17:02 - 2014-03-06 01:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-16 17:02 - 2014-03-06 01:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-16 17:02 - 2014-03-06 01:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-16 17:02 - 2014-03-06 01:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-16 17:02 - 2014-03-06 01:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-16 17:02 - 2014-03-06 01:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-16 17:02 - 2014-03-06 01:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-16 17:02 - 2014-03-06 01:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-16 17:02 - 2014-03-06 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-16 17:02 - 2014-03-06 00:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-16 17:02 - 2014-03-06 00:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-16 17:02 - 2014-03-06 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-16 17:02 - 2014-03-06 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-16 17:02 - 2014-03-06 00:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-16 17:02 - 2014-03-06 00:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-16 17:02 - 2014-03-06 00:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-16 17:02 - 2014-03-06 00:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-16 17:02 - 2014-03-06 00:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-16 17:02 - 2014-03-06 00:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 17:02 - 2014-03-06 00:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-16 17:02 - 2014-03-06 00:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-16 17:02 - 2014-03-06 00:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-16 17:02 - 2014-03-05 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 17:02 - 2014-03-05 22:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-16 17:02 - 2014-03-05 22:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-16 17:01 - 2014-03-06 02:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-16 17:01 - 2014-03-06 01:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 17:01 - 2014-03-06 01:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-16 17:01 - 2014-03-06 00:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 17:01 - 2014-03-06 00:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-16 17:01 - 2014-03-06 00:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-16 17:01 - 2014-03-05 23:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 17:01 - 2014-03-05 23:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-16 17:01 - 2014-03-05 23:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 17:01 - 2014-03-05 23:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 17:01 - 2014-03-05 22:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 17:01 - 2014-03-05 22:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 17:01 - 2014-03-05 22:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 18:03 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 18:03 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 18:03 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 18:03 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 18:03 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 18:02 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 18:02 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 18:02 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 18:02 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 18:02 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 18:02 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 18:02 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 18:02 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 18:02 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 18:02 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 18:02 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 18:02 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 17:56 - 2014-04-09 17:56 - 00467179 _____ () C:\Users\steph\Downloads\sydneys vaccination.htm
2014-04-09 17:56 - 2014-04-09 17:56 - 00000000 ____D () C:\Users\steph\Downloads\sydneys vaccination_files
2014-04-09 17:53 - 2014-04-09 17:53 - 00465114 _____ () C:\Users\steph\Downloads\sydneys rabies.htm
2014-04-09 17:53 - 2014-04-09 17:53 - 00000000 ____D () C:\Users\steph\Downloads\sydneys rabies_files
2014-04-09 17:51 - 2014-04-09 17:52 - 04877865 _____ () C:\Users\steph\Downloads\Attachments_201449.zip
==================== One Month Modified Files and Folders =======
2014-05-01 14:47 - 2014-05-01 14:47 - 00000000 ____D () C:\Users\steph\Downloads\FRST-OlderVersion
2014-05-01 14:47 - 2014-04-28 15:15 - 00014423 _____ () C:\Users\steph\Downloads\FRST.txt
2014-05-01 14:47 - 2014-04-28 15:14 - 00000000 ____D () C:\FRST
2014-05-01 14:47 - 2014-04-28 15:13 - 02062336 _____ (Farbar) C:\Users\steph\Downloads\FRST64.exe
2014-05-01 14:43 - 2014-05-01 14:43 - 00000707 _____ () C:\Users\steph\Desktop\JRT.txt
2014-05-01 14:31 - 2013-03-04 10:45 - 01576118 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 14:27 - 2014-05-01 14:27 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 14:26 - 2014-05-01 14:26 - 01016261 _____ (Thisisu) C:\Users\steph\Downloads\JRT.exe
2014-05-01 14:22 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 14:22 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 14:21 - 2014-04-26 15:04 - 00000562 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4010653172-623774165-1176597284-1001.job
2014-05-01 14:16 - 2014-01-01 17:54 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 14:16 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 14:15 - 2013-03-04 11:01 - 00000000 ___HD () C:\ASUS.DAT
2014-05-01 14:15 - 2009-07-13 22:08 - 00014910 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-01 14:14 - 2013-03-04 10:41 - 00583682 _____ () C:\Windows\PFRO.log
2014-05-01 14:14 - 2009-07-13 21:51 - 00042267 _____ () C:\Windows\setupact.log
2014-05-01 14:13 - 2014-05-01 14:09 - 00000000 ____D () C:\AdwCleaner
2014-05-01 14:09 - 2014-05-01 14:08 - 01310621 _____ () C:\Users\steph\Downloads\adwcleaner.exe
2014-05-01 14:01 - 2014-01-20 18:14 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001UA.job
2014-05-01 14:01 - 2014-01-17 13:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 14:01 - 2014-01-01 17:54 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-01 12:33 - 2013-11-20 19:25 - 00000272 _____ () C:\Windows\Tasks\GreatArcadeHits.job
2014-05-01 10:39 - 2014-05-01 10:39 - 00001886 _____ () C:\Users\steph\Desktop\fixlist.txt
2014-05-01 10:24 - 2013-12-31 09:09 - 00000000 ____D () C:\Users\steph\AppData\Roaming\uTorrent
2014-05-01 10:15 - 2014-01-20 18:14 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001Core.job
2014-05-01 10:11 - 2014-05-01 10:11 - 00000000 ____D () C:\Users\steph\AppData\Roaming\Mozilla
2014-04-29 11:22 - 2014-01-01 17:58 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-28 16:11 - 2014-04-28 16:11 - 583655120 _____ () C:\Windows\MEMORY.DMP
2014-04-28 16:11 - 2014-04-28 16:11 - 00262144 _____ () C:\Windows\Minidump\042814-17238-01.dmp
2014-04-28 16:11 - 2014-04-28 16:11 - 00000000 ____D () C:\Windows\Minidump
2014-04-28 15:39 - 2014-04-28 15:38 - 04745728 _____ (AVAST Software) C:\Users\steph\Downloads\aswmbr.exe
2014-04-28 15:18 - 2014-04-28 15:17 - 00025945 _____ () C:\Users\steph\Downloads\Addition.txt
2014-04-26 15:04 - 2014-04-26 15:04 - 00003588 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4010653172-623774165-1176597284-1001
2014-04-26 15:04 - 2014-04-26 15:04 - 00002559 _____ () C:\Users\steph\Desktop\GoToMeeting Quick Connect.lnk
2014-04-26 15:04 - 2014-04-26 15:03 - 00000000 ____D () C:\Users\steph\AppData\Local\Citrix
2014-04-26 11:39 - 2014-04-26 11:39 - 00071398 _____ (jpshortstuff) C:\Users\steph\Downloads\GooredFix (1).exe
2014-04-26 11:39 - 2014-04-26 11:37 - 00000000 ____D () C:\Users\steph\Desktop\GooredFix Backups
2014-04-26 11:36 - 2014-04-26 11:36 - 00071398 _____ (jpshortstuff) C:\Users\steph\Downloads\GooredFix.exe
2014-04-25 12:32 - 2014-04-25 12:32 - 00002116 _____ () C:\Users\steph\Downloads\attachment
2014-04-24 12:28 - 2014-04-24 12:15 - 100307736 _____ (Microsoft Corporation) C:\Users\steph\Downloads\msert (2).exe
2014-04-24 12:13 - 2014-04-24 12:13 - 00085075 _____ () C:\Users\steph\Downloads\msert (1).exe
2014-04-24 12:13 - 2014-04-24 12:13 - 00085073 _____ () C:\Users\steph\Downloads\msert.exe
2014-04-24 11:39 - 2014-04-24 11:39 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-04-24 11:38 - 2014-04-24 11:38 - 00002139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-24 11:37 - 2014-04-24 11:35 - 13829304 _____ (Microsoft Corporation) C:\Users\steph\Downloads\mseinstall.exe
2014-04-24 11:31 - 2013-12-31 09:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-24 11:07 - 2014-04-24 11:05 - 00001188 _____ () C:\Users\steph\Desktop\Live PC Help.lnk
2014-04-24 11:04 - 2013-03-04 11:01 - 00002176 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-04-24 10:46 - 2014-04-24 10:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\steph\Downloads\SpyHunter-Installer.exe
2014-04-24 10:43 - 2014-04-24 10:43 - 00000000 __SHD () C:\Users\steph\AppData\Local\EmieUserList
2014-04-24 10:43 - 2014-04-24 10:43 - 00000000 __SHD () C:\Users\steph\AppData\Local\EmieSiteList
2014-04-24 10:43 - 2014-04-24 10:43 - 00000000 ____D () C:\Users\steph\AppData\Roaming\rightbackup
2014-04-24 10:41 - 2014-04-24 10:41 - 05046352 _____ (Systweak Inc ) C:\Users\steph\Downloads\rcp_dcomnew_sec_728.exe
2014-04-24 10:36 - 2014-01-31 09:07 - 00000000 ____D () C:\Users\steph\AppData\Roaming\SoftGrid Client
2014-04-20 00:18 - 2014-01-17 13:49 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-20 00:17 - 2014-01-17 13:49 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 00:17 - 2014-01-17 13:49 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 20:53 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 13:24 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 11:06 - 2013-11-21 23:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 11:03 - 2013-11-21 23:25 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 17:56 - 2014-04-09 17:56 - 00467179 _____ () C:\Users\steph\Downloads\sydneys vaccination.htm
2014-04-09 17:56 - 2014-04-09 17:56 - 00000000 ____D () C:\Users\steph\Downloads\sydneys vaccination_files
2014-04-09 17:53 - 2014-04-09 17:53 - 00465114 _____ () C:\Users\steph\Downloads\sydneys rabies.htm
2014-04-09 17:53 - 2014-04-09 17:53 - 00000000 ____D () C:\Users\steph\Downloads\sydneys rabies_files
2014-04-09 17:52 - 2014-04-09 17:51 - 04877865 _____ () C:\Users\steph\Downloads\Attachments_201449.zip
2014-04-06 10:49 - 2014-01-01 17:54 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-06 10:49 - 2014-01-01 17:54 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-05 08:50 - 2014-01-20 18:14 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001UA
2014-04-05 08:50 - 2014-01-20 18:14 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001Core
Files to move or delete:
====================
C:\ProgramData\SetWallpaper.exe
Some content of TEMP:
====================
C:\Users\steph\AppData\Local\Temp\newsetup.exe
C:\Users\steph\AppData\Local\Temp\nsj9449.exe
C:\Users\steph\AppData\Local\Temp\nso99A7.exe
C:\Users\steph\AppData\Local\Temp\nsoCDB2.exe
C:\Users\steph\AppData\Local\Temp\nsyD419.exe
C:\Users\steph\AppData\Local\Temp\Quarantine.exe
C:\Users\steph\AppData\Local\Temp\SHSetup.exe
C:\Users\steph\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-16 13:17
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014 02
Ran by steph at 2014-05-01 14:48:15
Running from C:\Users\steph\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.16 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.3.585 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{8E29C1CE-346A-3F59-AE22-8C5B7F230498}) (Version: 5.3.1.18536 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GoToMeeting 6.2.0.1350 (HKCU\...\GoToMeeting) (Version: 6.2.0.1350 - CitrixOnline)
GreatArcadeHits (HKCU\...\{856AD396-519D-4C7A-BED6-6785F64924BC}) (Version: 1.0 - GreatArcadeHits) <==== ATTENTION
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.2.0 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6454 - Realtek Semiconductor Corp.)
Social Privacy DNS (HKLM-x32\...\dnsshield) (Version: - )
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
==================== Restore Points =========================
24-04-2014 18:17:23 Windows Update
27-04-2014 18:23:00 Windows Update
01-05-2014 17:16:36 Windows Update
==================== Hosts content: ==========================
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0E32453E-00FD-4829-BFD6-A8F883E25DDA} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {54907FDB-6F07-4FAE-A60C-1ED04AB5A911} - System32\Tasks\GreatArcadeHits => C:\Users\steph\AppData\Local\GreatArcadeHits\GAHUpdate.exe [2014-01-30] () <==== ATTENTION
Task: {802CF01F-1A70-43C5-B82A-DBEB9FAE728C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {80E17AFA-0336-4495-9109-219B1017A4E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-20] (Adobe Systems Incorporated)
Task: {93176498-1603-4697-86CA-AF000A82599F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {AB642FBE-89F7-4016-B617-9164EB75E789} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {B3E3222F-73D7-4C58-BE5E-69F28C611A07} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)
Task: {BA34E45F-6110-4011-80A5-4BC6DC710FB7} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {C2104414-7BA7-4373-BD5C-D79DFC824F9D} - System32\Tasks\G2MUpdateTask-S-1-5-21-4010653172-623774165-1176597284-1001 => C:\Users\steph\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe [2014-04-26] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EAD64A78-6C7C-4893-80D7-A2A2E5282906} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001UA => C:\Users\steph\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
Task: {FEEE2E63-9648-4CF6-A71D-3DC7283A741A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001Core => C:\Users\steph\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4010653172-623774165-1176597284-1001.job => C:\Users\steph\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001Core.job => C:\Users\steph\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4010653172-623774165-1176597284-1001UA.job => C:\Users\steph\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GreatArcadeHits.job => C:\Users\steph\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-10-15 15:39 - 2011-05-05 05:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-10-15 15:39 - 2011-09-15 20:35 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-28 22:14 - 2013-11-28 22:14 - 00214016 _____ () C:\Program Files (x86)\Social Privacy DNS\dnswatch.exe
2007-07-12 11:11 - 2007-07-12 11:11 - 01163264 _____ () C:\Program Files (x86)\Asus\Wireless Console 3\acAuth.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-04-29 11:22 - 2014-04-23 17:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-29 11:22 - 2014-04-23 17:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-29 11:22 - 2014-04-23 17:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-29 11:22 - 2014-04-23 17:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-29 11:22 - 2014-04-23 17:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-29 11:22 - 2014-04-23 17:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-29 11:22 - 2014-04-23 17:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 4000.13 MB
Available physical RAM: 2387.2 MB
Total Pagefile: 7998.43 MB
Available Pagefile: 6060.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:295.67 GB) (Free:202.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:145.09 GB) (Free:144.98 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: EF790277)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=296 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=145 GB) - (Type=OF Extended)
==================== End Of Log ============================
I can't find the adwcleaner log