Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Uni Deals, Clipconverter keeps coming back

Started by mikzcena , Apr 22 2015 05:56 AM

clipconverter.cc unideals pop up

Please log in to reply

#1
mikzcena

Posted 22 April 2015 - 05:56 AM

New Member

Member
3 posts

So everytime i turn my computer on i get a clipconverter.cc pop up that prompts me to download this video that I tried downloading before. But I uninstalled clipconverter.cc before because it didnt work and now it's back. And Unideals keeps coming back on my chrome extensions.

PLEASE HELP BECAUSE I WANT TO BE RID OF IT ONCE AND FOR ALL.

I have adwcleaner and farbar recovery scan tool. I already used the adwcleaner three times but each restart the clipconverter.cc still pops up.

#2
mikzcena

Posted 22 April 2015 - 06:01 AM

New Member

Topic Starter
Member
3 posts

This is my recent farbar scan

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015

Ran by mikzcena (administrator) on MIK on 22-04-2015 15:51:42

Running from C:\Users\mikzcena\Downloads

Loaded Profiles: mikzcena (Available profiles: mikzcena)

Platform: Windows 8 Pro (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe

(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\AsusWSPanel.exe

() C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\AsusWSService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-14] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ASUSWSLoader.exe [63296 2014-07-08] ()

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)

HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)

HKLM-x32\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,userinit.exe, [X]

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-29] ( (Qualcomm®Atheros®))

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)

HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)

HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-18] ()

Startup: C:\Users\mikzcena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skins - {All 3 Generations} The beauty of Skins.lnk [2015-03-23]

ShortcutTarget: Skins - {All 3 Generations} The beauty of Skins.lnk -> C:\ProgramData\{bc4e8652-f454-47e6-bc4e-e8652f45194b}\Skins - {All 3 Generations} The beauty of Skins.exe ()

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.8.381\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-16] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-16] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-16] (Microsoft Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-16] (Microsoft Corporation)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-16] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-16] (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-22] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-22] (Google Inc.)

FF Plugin HKU\S-1-5-21-3479329477-2905831885-3971676153-1001: @citrixonline.com/appdetectorplugin -> C:\Users\mikzcena\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-07] (Citrix Online)

FF Plugin HKU\S-1-5-21-3479329477-2905831885-3971676153-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\mikzcena\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)

FF Plugin HKU\S-1-5-21-3479329477-2905831885-3971676153-1001: @talk.google.com/O1DPlugin -> C:\Users\mikzcena\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)

FF Plugin HKU\S-1-5-21-3479329477-2905831885-3971676153-1001: @tools.google.com/Google Update;version=3 -> C:\Users\mikzcena\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin HKU\S-1-5-21-3479329477-2905831885-3971676153-1001: @tools.google.com/Google Update;version=9 -> C:\Users\mikzcena\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin HKU\S-1-5-21-3479329477-2905831885-3971676153-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mikzcena\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-18] (Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:\Users\mikzcena\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\mikzcena\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)

Chrome:

=======

CHR HomePage: Profile 1 ->

CHR StartupUrls: Profile 1 -> "hxxp://google.ae/"

CHR Profile: C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-12]

CHR Extension: (Google Docs) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-12]

CHR Extension: (Google Drive) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-12]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-12]

CHR Extension: (YouTube) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-12]

CHR Extension: (Gett on Gmail) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbciedilfeajpopddflmkgggjgefcme [2015-04-22]

CHR Extension: (Google Search) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-12]

CHR Extension: (GExtend) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkjhlnnlabicokdgaecdeihkdlkdhjm [2015-04-22]

CHR Extension: (Google Sheets) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-12]

CHR Extension: (WhiteDueAls) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\galgbnbfnpclkcodanhhefaliedilfcg [2015-04-12]

CHR Extension: (Crash Bandicoot 3D Racing) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\neoimfbegckkjkghndcgicfcknplgjcf [2015-04-12]

CHR Extension: (Google Wallet) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-12]

CHR Extension: (Gmail) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-12]

CHR Profile: C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Docs) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]

CHR Extension: (Google Drive) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]

CHR Extension: (YouTube) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]

CHR Extension: (Google Search) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]

CHR Extension: (PanicButton) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2015-03-15]

CHR Extension: (Bookmark Manager) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-21]

CHR Extension: (Google Wallet) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]

CHR Extension: (Gmail) - C:\Users\mikzcena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-30] (ASUS)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-29] (Windows ® Win 7 DDK provider) [File not signed]

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-03-18] (Microsoft Corporation)

R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)

R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)

R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)

R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-03] (Intel® Corporation) [File not signed]

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-24] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-24] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-13] (ASUS Corporation)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-29] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)

R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)

R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)

R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2015-04-22] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-24] (Intel Corporation)

R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-30] (Windows ® Win 7 DDK provider)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 15:51 - 2015-04-22 15:53 - 00022066 _____ () C:\Users\mikzcena\Downloads\FRST.txt

2015-04-22 15:47 - 2015-04-22 15:47 - 02099712 _____ (Farbar) C:\Users\mikzcena\Downloads\FRST64.exe

2015-04-22 15:43 - 2015-04-22 15:43 - 00002281 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2015-04-22 15:43 - 2015-04-22 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-04-22 15:42 - 2015-04-22 15:48 - 00000854 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-04-22 15:42 - 2015-04-22 15:47 - 00000850 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-04-22 15:42 - 2015-04-22 15:42 - 00003826 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-04-22 15:42 - 2015-04-22 15:42 - 00003590 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-04-22 15:24 - 2015-04-22 15:29 - 00000232 _____ () C:\Windows\setupact.log

2015-04-22 15:24 - 2015-04-22 15:24 - 00000000 _____ () C:\Windows\setuperr.log

2015-04-22 15:08 - 2015-04-22 15:08 - 00001291 _____ () C:\Users\mikzcena\Desktop\Should I Remove It.lnk

2015-04-22 15:08 - 2015-04-22 15:08 - 00000000 ____D () C:\Program Files (x86)\Reason

2015-04-22 15:07 - 2015-04-22 15:07 - 02178872 _____ (Reason Software Company Inc.) C:\Users\mikzcena\Downloads\ShouldIRemoveIt_Setup.exe

2015-04-22 15:02 - 2015-04-22 15:02 - 00000000 ____D () C:\Program Files (x86)\Gett on Gmail

2015-04-22 15:01 - 2015-04-22 15:01 - 00000000 ____D () C:\ProgramData\gnenicjjlkombinaffladapdjllfhlbl

2015-04-22 14:50 - 2015-04-22 14:50 - 02217984 _____ () C:\Users\mikzcena\Downloads\adwcleaner_4.201.exe

2015-04-22 14:44 - 2015-04-22 15:03 - 00000000 ____D () C:\Program Files (x86)\SystemAugment

2015-04-22 14:43 - 2015-04-22 14:43 - 00000000 ____D () C:\Program Files (x86)\GExtend

2015-04-22 14:42 - 2015-04-22 14:42 - 00000000 ____D () C:\ProgramData\egkfainlcacfgiflgcopceolmiafbfki

2015-04-19 19:46 - 2015-04-20 16:07 - 03602567 _____ () C:\Users\mikzcena\Downloads\Wonders of the Modern World.pptx

2015-04-18 19:42 - 2015-04-22 15:41 - 00863516 _____ () C:\Windows\WindowsUpdate.log

2015-04-18 18:39 - 2015-04-18 18:40 - 32159196 _____ () C:\Users\mikzcena\Downloads\Sucker Punch Full Trailer 1 Official (HD).mp4

2015-04-16 21:18 - 2015-04-16 21:18 - 00000000 __RHD () C:\MSOCache

2015-04-16 20:50 - 2015-04-18 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2015-04-16 20:50 - 2015-04-16 20:55 - 00002423 _____ () C:\Users\mikzcena\Desktop\Word 2013.lnk

2015-04-16 20:50 - 2015-04-16 20:55 - 00002422 _____ () C:\Users\mikzcena\Desktop\PowerPoint 2013.lnk

2015-04-16 20:48 - 2015-04-16 20:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2015-04-16 20:30 - 2015-04-16 20:30 - 01076408 _____ (Microsoft Corporation) C:\Users\mikzcena\Downloads\Setup.X86.en-US_O365ProPlusRetail_d3078171-da79-4717-8bec-8bde2381a655_TX_PR_b_0_.exe

2015-04-15 17:28 - 2015-03-23 02:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-04-15 17:28 - 2015-03-23 02:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-04-15 17:28 - 2015-03-23 02:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-04-15 17:28 - 2015-03-23 02:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-04-15 17:28 - 2015-03-23 02:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-04-15 17:28 - 2015-03-23 02:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-04-15 17:28 - 2015-03-23 02:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-04-15 17:28 - 2015-03-14 12:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll

2015-04-15 17:28 - 2015-03-14 12:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll

2015-04-15 15:48 - 2015-03-24 01:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-04-15 15:48 - 2015-03-24 01:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-04-15 15:48 - 2015-03-24 01:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll

2015-04-15 15:48 - 2015-03-24 01:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-04-15 15:48 - 2015-03-24 01:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll

2015-04-15 15:48 - 2015-03-20 08:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll

2015-04-15 15:48 - 2015-03-20 08:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-04-15 15:48 - 2015-03-20 08:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-04-15 15:48 - 2015-03-20 07:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe

2015-04-15 15:48 - 2015-03-20 06:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe

2015-04-15 15:48 - 2015-03-20 06:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2015-04-15 15:48 - 2015-03-20 06:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2015-04-15 15:48 - 2015-03-13 08:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-04-15 15:48 - 2015-02-21 03:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll

2015-04-15 15:47 - 2015-03-14 12:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-04-15 15:47 - 2015-03-14 05:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-04-15 15:47 - 2015-03-14 05:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-04-15 15:47 - 2015-03-14 05:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-04-15 15:47 - 2015-03-14 05:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-04-15 15:47 - 2015-03-14 05:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-04-15 15:47 - 2015-03-14 04:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-04-15 15:47 - 2015-03-14 04:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-04-15 15:47 - 2015-03-14 04:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-04-15 15:47 - 2015-03-14 04:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll

2015-04-15 15:47 - 2015-03-14 04:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2015-04-15 15:47 - 2015-03-14 04:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-04-15 15:47 - 2015-03-14 04:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-04-15 15:47 - 2015-03-14 04:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-04-15 15:47 - 2015-03-14 04:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-04-15 15:47 - 2015-03-14 04:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-04-15 15:47 - 2015-03-14 03:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-04-15 15:47 - 2015-03-14 03:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-04-15 15:47 - 2015-03-13 08:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-04-15 15:47 - 2015-03-13 08:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-04-15 15:47 - 2015-03-13 07:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-04-15 15:47 - 2015-03-13 07:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-04-15 15:47 - 2015-03-13 07:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-04-15 15:47 - 2015-03-13 07:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-04-15 15:47 - 2015-03-13 07:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-04-15 15:47 - 2015-03-13 07:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-04-15 15:47 - 2015-03-13 07:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2015-04-15 15:47 - 2015-03-13 07:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-04-15 15:47 - 2015-03-13 07:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-04-15 15:47 - 2015-03-13 07:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-04-15 15:47 - 2015-03-13 07:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-04-15 15:47 - 2015-03-13 06:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2015-04-15 15:47 - 2015-03-13 06:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2015-04-15 15:47 - 2015-03-13 06:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-04-15 15:47 - 2015-03-13 06:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-04-15 15:47 - 2015-03-13 06:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-04-15 15:47 - 2015-03-13 06:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

2015-04-15 15:47 - 2015-03-13 06:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-04-15 15:47 - 2015-03-13 06:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-04-15 15:47 - 2015-03-13 06:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-04-15 15:47 - 2015-03-13 06:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-04-15 15:47 - 2015-03-13 06:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-04-15 15:47 - 2015-03-13 06:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-04-15 15:47 - 2015-03-04 14:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys

2015-04-15 15:47 - 2015-03-04 07:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll

2015-04-15 15:47 - 2015-03-04 06:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll

2015-04-15 15:47 - 2015-02-24 12:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys

2015-04-14 16:53 - 2015-04-14 16:53 - 00010671 _____ () C:\Users\mikzcena\Downloads\meeting (1).collab

2015-04-12 22:26 - 2015-04-12 22:26 - 00000000 ____D () C:\ProgramData\{e984b962-6f00-73d5-e984-4b9626f0e589}

2015-04-12 15:07 - 2015-04-12 15:07 - 00000000 ____D () C:\Program Files (x86)\SystemProtect

2015-04-12 15:04 - 2015-04-21 20:36 - 00000020 _____ () C:\Users\mikzcena\AppData\Roaming\appdataFr3.bin

2015-04-12 15:04 - 2015-04-14 15:07 - 00000000 ____D () C:\Program Files (x86)\QeuiickViewerr

2015-04-12 15:03 - 2015-04-12 15:03 - 00000000 ____D () C:\Program Files (x86)\ActiveDiscount

2015-04-05 15:41 - 2015-04-05 15:43 - 00000000 ___SD () C:\Windows\system32\GWX

2015-04-05 15:41 - 2015-04-05 15:41 - 00000000 ___SD () C:\Windows\SysWOW64\GWX

2015-03-30 14:12 - 2015-03-30 14:12 - 00001162 _____ () C:\Users\mikzcena\Desktop\waste your life away - Shortcut.lnk

2015-03-29 18:20 - 2015-03-29 18:21 - 00683879 _____ () C:\Users\mikzcena\Downloads\GifCam.zip

2015-03-23 17:17 - 2015-03-23 17:17 - 00000000 ____D () C:\Program Files (x86)\IndepthEdit

2015-03-23 17:13 - 2015-04-12 15:08 - 00000000 ____D () C:\ProgramData\{bc4e8652-f454-47e6-bc4e-e8652f45194b}

2015-03-23 17:13 - 2015-03-23 17:13 - 00000000 ____D () C:\ProgramData\{3afa7d0f-07d5-c5ea-3afa-a7d0f07df43c}

2015-03-23 17:04 - 2015-04-22 15:02 - 00000000 ____D () C:\ProgramData\15033682731607246572

2015-03-23 17:03 - 2015-03-23 17:03 - 00000000 ____D () C:\ProgramData\{fdff4388-33a0-fdbf-fdff-f438833a0e20}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 15:51 - 2014-10-07 22:04 - 00000588 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3479329477-2905831885-3971676153-1001.job

2015-04-22 15:51 - 2014-08-13 23:43 - 00000000 ____D () C:\FRST

2015-04-22 15:49 - 2014-07-25 23:45 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3479329477-2905831885-3971676153-1001

2015-04-22 15:42 - 2014-07-26 18:13 - 00000000 ____D () C:\Users\mikzcena\AppData\Local\Deployment

2015-04-22 15:40 - 2013-08-22 19:36 - 00000000 ____D () C:\Windows\system32\sru

2015-04-22 15:39 - 2015-02-10 22:59 - 00000000 ____D () C:\Users\mikzcena\Documents\View Itinerary_files

2015-04-22 15:39 - 2014-09-16 11:50 - 04916736 ___SH () C:\Users\mikzcena\Downloads\Thumbs.db

2015-04-22 15:36 - 2014-08-24 12:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-04-22 15:35 - 2014-07-25 23:43 - 00000000 ____D () C:\Users\mikzcena\AppData\Roaming\WebStorage

2015-04-22 15:32 - 2014-07-26 18:27 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3479329477-2905831885-3971676153-1001UA.job

2015-04-22 15:31 - 2014-07-25 23:06 - 00000074 _____ () C:\Users\mikzcena\AppData\Roaming\sp_data.sys

2015-04-22 15:30 - 2014-07-30 16:18 - 00000000 ___DO () C:\Users\mikzcena\SkyDrive

2015-04-22 15:29 - 2014-08-13 23:17 - 00000000 ____D () C:\AdwCleaner

2015-04-22 15:29 - 2013-08-22 18:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-04-22 15:23 - 2014-09-18 07:05 - 00092160 ___SH () C:\Users\mikzcena\Desktop\Thumbs.db

2015-04-22 15:19 - 2014-07-26 19:01 - 00000000 ____D () C:\Users\mikzcena\AppData\Roaming\uTorrent

2015-04-22 15:18 - 2014-07-27 17:57 - 00000000 ____D () C:\Users\mikzcena\AppData\Local\CrashDumps

2015-04-22 15:16 - 2014-11-12 18:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-04-22 15:08 - 2014-08-22 23:17 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin

2015-04-22 14:59 - 2013-08-22 17:25 - 00524288 ___SH () C:\Windows\system32\config\BBI

2015-04-22 14:49 - 2014-07-26 18:12 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5832FF22-693E-4A61-880B-83E86905B42C}

2015-04-21 18:32 - 2014-07-26 18:27 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3479329477-2905831885-3971676153-1001Core.job

2015-04-19 19:46 - 2014-08-14 17:08 - 00091136 ___SH () C:\Users\mikzcena\Documents\Thumbs.db

2015-04-19 18:18 - 2014-07-25 23:05 - 00000000 ____D () C:\Users\mikzcena\AppData\Local\Packages

2015-04-19 18:18 - 2013-08-22 19:36 - 00000000 ____D () C:\Windows\AppReadiness

2015-04-18 13:46 - 2013-08-22 18:44 - 05111904 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-04-18 04:24 - 2014-08-12 23:51 - 00000000 ____D () C:\Users\Public\CyberLink

2015-04-17 14:34 - 2013-08-22 19:36 - 00000000 ____D () C:\Windows\AppCompat

2015-04-17 13:11 - 2013-08-22 19:36 - 00000000 ____D () C:\Windows\rescache

2015-04-16 20:37 - 2015-02-01 18:58 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-04-16 20:36 - 2013-12-14 10:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2015-04-16 20:36 - 2013-08-22 19:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2015-04-16 18:30 - 2013-08-22 19:20 - 00000000 ____D () C:\Windows\CbsTemp

2015-04-16 00:15 - 2014-12-12 02:12 - 00000000 ____D () C:\Windows\system32\appraiser

2015-04-16 00:15 - 2014-08-05 17:13 - 00000000 ___SD () C:\Windows\system32\CompatTel

2015-04-15 18:03 - 2014-07-30 17:35 - 00000000 ____D () C:\Windows\system32\MRT

2015-04-15 17:59 - 2014-07-30 17:35 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-04-15 15:40 - 2014-11-12 13:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll

2015-04-15 01:17 - 2014-11-12 18:34 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-04-14 03:24 - 2015-03-14 00:22 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-04-14 03:24 - 2015-03-14 00:22 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-13 22:15 - 2014-10-07 22:04 - 00003584 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3479329477-2905831885-3971676153-1001

2015-03-26 01:37 - 2013-12-14 10:33 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-03-23 17:05 - 2015-01-01 23:09 - 00000000 ____D () C:\ProgramData\1887373585

==================== Files in the root of some directories =======

2015-04-12 15:04 - 2015-04-21 20:36 - 0000020 _____ () C:\Users\mikzcena\AppData\Roaming\appdataFr3.bin

2014-07-27 12:37 - 2014-07-27 12:37 - 0000021 _____ () C:\Users\mikzcena\AppData\Roaming\my_intel.sys

2014-07-25 23:06 - 2015-04-22 15:31 - 0000074 _____ () C:\Users\mikzcena\AppData\Roaming\sp_data.sys

2012-05-03 15:12 - 2012-05-03 15:12 - 0000532 _____ () C:\Users\mikzcena\AppData\Local\datos.txt

2015-04-13 16:19 - 2015-04-22 15:03 - 0011800 _____ () C:\Users\mikzcena\AppData\Local\Temp-log.txt

2014-03-06 00:04 - 2014-03-06 00:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2013-12-14 10:34 - 2012-09-07 15:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd

2013-12-14 10:34 - 2009-07-22 14:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

2013-12-14 10:34 - 2012-09-07 15:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

2014-07-26 20:15 - 2014-07-26 20:19 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

2014-07-26 20:14 - 2014-07-26 20:15 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe

C:\ProgramData\SetStretch.VBS

Some content of TEMP:

====================

C:\Users\mikzcena\AppData\Local\Temp\10C0.exe

C:\Users\mikzcena\AppData\Local\Temp\44B8.exe

C:\Users\mikzcena\AppData\Local\Temp\938C.exe

C:\Users\mikzcena\AppData\Local\Temp\A520.exe

C:\Users\mikzcena\AppData\Local\Temp\FC10.exe

C:\Users\mikzcena\AppData\Local\Temp\Quarantine.exe

C:\Users\mikzcena\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-14 01:32

==================== End Of Log ============================

#3
mikzcena

Posted 22 April 2015 - 06:03 AM

New Member

Topic Starter
Member
3 posts

And the addition txt. of farbar.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015

Ran by mikzcena at 2015-04-22 15:57:40

Running from C:\Users\mikzcena\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)

Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)

Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.171 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.7 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)

ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)

ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)

ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

Blackboard Collaborate Launcher (HKLM-x32\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)

CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)

Citrix Online Launcher (HKLM-x32\...\{75B8A55E-0762-4676-AAC0-6FDF025B034B}) (Version: 1.0.220 - Citrix)

CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)

Final Draft (HKLM-x32\...\{E8FDC52C-83F4-4A0F-AA65-D0E8C0F3302F}) (Version: 9.0.0.163 - Final Draft, Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc‎.‎)

Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)

Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)

Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)

League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden

Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4711.1002 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)

NVIDIA Graphics Driver 332.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.04 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1002 - Microsoft Corporation) Hidden

Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7095 - Realtek Semiconductor Corp.)

Should I Remove It (HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)

Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Unity Web Player (HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Vegas Pro 10.0 (64-bit) (HKLM\...\{C616FD4F-11F5-11E0-A38F-0013D3D69929}) (Version: 10.0.470 - Sony)

Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)

WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.8.381 - ASUS Cloud Corporation)

Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

05-04-2015 02:27:35 Windows Update

12-04-2015 20:53:18 Scheduled Checkpoint

16-04-2015 18:29:20 Windows Update

22-04-2015 15:08:17 Installed Should I Remove It

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 17:25 - 2015-01-27 17:16 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01B2CDFA-3630-4C03-B842-CFD8F15040C8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {07C6E278-BBD7-4B9E-9F9F-42C984974F33} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2013-11-28] ()

Task: {102F01E2-6940-4AAA-BB00-1350370E70CF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3479329477-2905831885-3971676153-1001UA => C:\Users\mikzcena\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {11296E20-94DA-4DC8-B8F1-4DE0CFD3251E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {13092D7D-9244-42B0-ABD8-BDB02169DEC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)

Task: {23E43056-2A84-4A96-9A42-2E74003B278B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3479329477-2905831885-3971676153-1001Core => C:\Users\mikzcena\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {2B2C3E30-4ABE-46E6-B6F7-974504B56100} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-04-22] ()

Task: {2BEEC5AE-7283-470F-B0D0-41B69F089914} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-08] (ASUSTeK Computer Inc.)

Task: {3E683A8C-B444-4B09-9DE4-7815A88A939C} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-04-22] ()

Task: {4AC0919B-1948-4C85-A595-3CD9F76E75F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)

Task: {4DAD0CD9-9AAD-4F3E-B122-45ABC71C40AD} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-30] ()

Task: {5E3CC02C-05C6-4CCD-83C4-486C20E3D480} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {65AFC185-0A51-45BB-94EF-0FE1ECF743C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-10] (Microsoft Corporation)

Task: {698FA4BF-A4BF-4683-9CF0-5CA6CA6E3279} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-13] (AsusTek)

Task: {77841A97-8033-4224-A0F1-953E7C9C122B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)

Task: {799958AC-9B77-4101-BA40-DEA311FA41CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-04-16] (Microsoft Corporation)

Task: {7CC4A931-EBCC-404C-A661-0CB5559F411A} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-05] ()

Task: {86A7330A-383C-4C89-92FB-B97C9DEA8466} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-16] (Microsoft Corporation)

Task: {899A138A-6185-4928-B5F4-F893BBF77002} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)

Task: {92DBCA22-CF83-4963-B41A-4D71D4FA9560} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-30] (ASUS)

Task: {939FE943-61A1-496A-8BA4-CDB4AD44DF6A} - System32\Tasks\G2MUpdateTask-S-1-5-21-3479329477-2905831885-3971676153-1001 => C:\Users\mikzcena\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-13] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {97010869-90E5-4560-A1AE-67CDCBF66879} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)

Task: {BA25E131-1D4E-4D67-BA80-6BF6EA941345} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe

Task: {D9810206-F437-450F-BA69-BEA5584A55BD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)

Task: {DE47C446-1737-4CCC-BF9A-693782A216DB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-30] (ASUSTek Computer Inc.)

Task: {DEA252E6-5217-47B6-B1DA-C3D34F90D3D7} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-08] (ASUS)

Task: {E36B5192-0F4A-42B3-B0BA-912C33BB33DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-04-16] (Microsoft Corporation)

Task: {F7FD8C29-9EA8-41B2-8C6B-1B2BBED21F34} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {FB4BBD08-F9BA-4264-9726-27362AEB5754} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3479329477-2905831885-3971676153-1001

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3479329477-2905831885-3971676153-1001.job => C:\Users\mikzcena\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3479329477-2905831885-3971676153-1001Core.job => C:\Users\mikzcena\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3479329477-2905831885-3971676153-1001UA.job => C:\Users\mikzcena\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-06 00:01 - 2013-12-05 12:04 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-04-16 20:48 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2015-04-16 20:56 - 2015-04-16 20:56 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2013-08-30 04:01 - 2013-08-30 04:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll

2012-03-08 06:27 - 2012-03-08 06:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\ACVsWin.dll

2014-07-08 17:42 - 2014-07-08 17:42 - 01325376 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.8.381\AsusWSService.exe

2013-09-10 06:23 - 2013-09-10 06:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll

2013-10-09 08:41 - 2013-10-09 08:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll

2014-03-05 23:55 - 2013-10-24 01:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2015-04-16 20:56 - 2015-04-16 20:56 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll

2015-04-22 15:43 - 2015-04-14 01:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll

2015-04-22 15:43 - 2015-04-14 01:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\mikzcena\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mikzcena\Pictures\tumblr_mafbqoswHb1qz8nbdo2_1280.jpg

DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "CLMLServer"

HKLM\...\StartupApproved\Run32: => "APSDaemon"

HKLM\...\StartupApproved\Run32: => "QuickTime Task"

HKU\S-1-5-21-3479329477-2905831885-3971676153-1001\...\StartupApproved\Run: => "Power2GoExpress"

==================== Accounts: =============================

Administrator (S-1-5-21-3479329477-2905831885-3971676153-500 - Administrator - Disabled)

Guest (S-1-5-21-3479329477-2905831885-3971676153-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3479329477-2905831885-3971676153-1003 - Limited - Enabled)

mikzcena (S-1-5-21-3479329477-2905831885-3971676153-1001 - Administrator - Enabled) => C:\Users\mikzcena

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (04/22/2015 03:49:48 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 47c

Start Time: 01d07cf1b7c96b25

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: abc72c4a-e8e5-11e4-8397-54271e50ea8e

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/22/2015 03:48:17 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)

Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

Error: (04/22/2015 03:30:39 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: BtvStack.exe, version: 8.0.1.312, time stamp: 0x5298349b

Faulting module name: audio.dll, version: 8.0.1.312, time stamp: 0x52983567

Exception code: 0xc0000005

Fault offset: 0x000000000001b928

Faulting process id: 0x1328

Faulting application start time: 0xBtvStack.exe0

Faulting application path: BtvStack.exe1

Faulting module path: BtvStack.exe2

Report Id: BtvStack.exe3

Faulting package full name: BtvStack.exe4

Faulting package-relative application ID: BtvStack.exe5

Error: (04/22/2015 03:30:07 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x48c

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

Faulting package full name: mbamservice.exe4

Faulting package-relative application ID: mbamservice.exe5

Error: (04/22/2015 03:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: BtvStack.exe, version: 8.0.1.312, time stamp: 0x5298349b

Faulting module name: audio.dll, version: 8.0.1.312, time stamp: 0x52983567

Exception code: 0xc0000005

Fault offset: 0x000000000001b928

Faulting process id: 0x12d8

Faulting application start time: 0xBtvStack.exe0

Faulting application path: BtvStack.exe1

Faulting module path: BtvStack.exe2

Report Id: BtvStack.exe3

Faulting package full name: BtvStack.exe4

Faulting package-relative application ID: BtvStack.exe5

Error: (04/22/2015 03:24:29 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x6e0

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

Faulting package full name: mbamservice.exe4

Faulting package-relative application ID: mbamservice.exe5

Error: (04/22/2015 03:16:00 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: BtvStack.exe, version: 8.0.1.312, time stamp: 0x5298349b

Faulting module name: audio.dll, version: 8.0.1.312, time stamp: 0x52983567

Exception code: 0xc0000005

Fault offset: 0x000000000001b928

Faulting process id: 0x1290

Faulting application start time: 0xBtvStack.exe0

Faulting application path: BtvStack.exe1

Faulting module path: BtvStack.exe2

Report Id: BtvStack.exe3

Faulting package full name: BtvStack.exe4

Faulting package-relative application ID: BtvStack.exe5

Error: (04/22/2015 03:15:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x690

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

Faulting package full name: mbamservice.exe4

Faulting package-relative application ID: mbamservice.exe5

Error: (04/22/2015 03:09:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ShouldIRemoveIt.exe, version: 1.0.4.36591, time stamp: 0x5524822e

Faulting module name: LSASRV.dll, version: 6.3.9600.17415, time stamp: 0x54504358

Exception code: 0xc0000005

Fault offset: 0x000000000005036a

Faulting process id: 0xecc

Faulting application start time: 0xShouldIRemoveIt.exe0

Faulting application path: ShouldIRemoveIt.exe1

Faulting module path: ShouldIRemoveIt.exe2

Report Id: ShouldIRemoveIt.exe3

Faulting package full name: ShouldIRemoveIt.exe4

Faulting package-relative application ID: ShouldIRemoveIt.exe5

Error: (04/22/2015 03:08:13 PM) (Source: MsiInstaller) (EventID: 1002) (User: MIK)

Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

System errors:

=============

Error: (04/22/2015 03:30:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

Error: (04/22/2015 03:28:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (04/22/2015 03:28:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Microsoft Office ClickToRun Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/22/2015 03:28:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (04/22/2015 03:28:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/22/2015 03:28:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/22/2015 03:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (04/22/2015 03:28:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The ZAtheros Bt and Wlan Coex Agent service terminated unexpectedly. It has done this 1 time(s).

Error: (04/22/2015 03:28:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).

Error: (04/22/2015 03:28:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Dynamic Platform and Thermal Framework Low Power Mode Service Application service terminated unexpectedly. It has done this 1 time(s).

Microsoft Office Sessions:

=========================

Error: (04/22/2015 03:49:48 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: LiveComm.exe17.5.9600.2068947c01d07cf1b7c96b254294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exeabc72c4a-e8e5-11e4-8397-54271e50ea8emicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/22/2015 03:48:17 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)

Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (04/22/2015 03:30:39 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: BtvStack.exe8.0.1.3125298349baudio.dll8.0.1.31252983567c0000005000000000001b928132801d07cefb3e84265C:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dllfffb22d2-e8e2-11e4-8397-54271e50ea8e

Error: (04/22/2015 03:30:07 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a48c01d07cefa68d3e32C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeed49add7-e8e2-11e4-8397-54271e50ea8e

Error: (04/22/2015 03:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: BtvStack.exe8.0.1.3125298349baudio.dll8.0.1.31252983567c0000005000000000001b92812d801d07ceef348e508C:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll382922dd-e8e2-11e4-8396-54271e50ea8e

Error: (04/22/2015 03:24:29 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a6e001d07ceedce65917C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe239cefd8-e8e2-11e4-8396-54271e50ea8e

Error: (04/22/2015 03:16:00 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: BtvStack.exe8.0.1.3125298349baudio.dll8.0.1.31252983567c0000005000000000001b928129001d07ceda8fce35aC:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dllf45fea98-e8e0-11e4-8395-54271e50ea8e

Error: (04/22/2015 03:15:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a69001d07ced9e26095aC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exee4d5adb0-e8e0-11e4-8395-54271e50ea8e

Error: (04/22/2015 03:09:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ShouldIRemoveIt.exe1.0.4.365915524822eLSASRV.dll6.3.9600.1741554504358c0000005000000000005036aecc01d07cecb7e1cc5cC:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exeC:\Windows\SYSTEM32\LSASRV.dll1c9ffd08-e8e0-11e4-8394-54271e50ea8e

Error: (04/22/2015 03:08:13 PM) (Source: MsiInstaller) (EventID: 1002) (User: MIK)

Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

CodeIntegrity Errors:

===================================

Date: 2015-04-21 03:18:16.762

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-19 05:04:17.187

Date: 2015-04-17 12:38:20.303

Date: 2015-04-15 17:58:13.347

Date: 2015-04-15 17:58:13.014

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-12 19:48:00.408

Date: 2015-04-12 19:48:00.173

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-11 14:50:22.596

Date: 2015-04-11 14:50:22.346

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-09 18:40:14.168

==================== Memory info ===========================

Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz

Percentage of memory in use: 41%

Total physical RAM: 6027.4 MB

Available physical RAM: 3496.38 MB

Total Pagefile: 6987.4 MB

Available Pagefile: 4419.16 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:215.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:502.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 18D7B1D3)

Partition: GPT Partition Type.

==================== End Of Log ============================

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: clipconverter.cc, unideals, pop up

Security → Virus, Spyware, Malware Removal → clipconverter.cc pop up malware Started by forestdave , 01 Oct 2018 clipconverter malware, pop ups and 2 more...	0 replies 2,849 views	forestdave 01 Oct 2018
Security → Virus, Spyware, Malware Removal → Invalid external drive H:/ and f:/ keep popping up in explorer Started by Evelyn Smith , 01 Jul 2016 external drive, pop up and 1 more...	7 replies 3,258 views	RKinner 06 Jul 2016
Security → Virus, Spyware, Malware Removal → Laptop has copious pop-up ads, browser freeze ups [Solved] Started by stanhilliard , 08 Jul 2015 pop-up, browser freezups and 1 more... 1 2	Hot 26 replies 5,893 views	Essexboy 15 Jul 2015
Security → Virus, Spyware, Malware Removal → Laptop too slow - Google Chrome Infected [Solved] Started by micalparkz , 18 May 2015 chrome, infected, pop-up and 4 more... 1 2 3 6 →	Hot 79 replies 15,382 views	BrianDrab 28 Jun 2015
Software → Office → Word 2010 Starter freezes with a pop-up Started by scarletb79 , 15 May 2015 word, 2010, starter, freeze and 3 more...	4 replies 3,265 views	Fusionbomb 20 May 2015