My 18 mo old Asus laptop has been running poorly for the last number of weeks. Especially suffering from slowness and occasional weird graphic anomalies. During this time and before the weekly scans by SuperAntiSpyware never showed anything beyond the normal cookies and other tracking stuff. A few weeks ago when I noticed the degraded performance the spyware scans were still not showing anything noteworthy. Due to my suspicion I ran Avast! and got two hits. I ran the fix and it was "gone." A few days ago they showed up again when I ran Avast.

The symptoms in addition to the above: my spyware program SuperAntiSpyware has been running incredibly slow (taking 6+ hours) in the 'Complete Scan' Mode, there are frequent hangs in my FireFox browser (29.0.1), and video crashing when disconnecting from an external monitor. It blames the Silverlite plugin. After the last hit in Avast! the special boot check Avast! does took so long I canceled it. All of these are outside the norm how it used to run.

Thanks

DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126
Run by Asus at 13:12:25 on 2014-06-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6028.4072 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\ENAgent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\System32\spool\drivers\x64\3\E_IATIIBE.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\system32\EscSvc64.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.bing.com
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIIBE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-400 Series" /EF "HKCU"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{82D31D4D-1CCA-4A17-A34A-F19EA2269084} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{9C92ACE0-A0C6-40DC-B267-A81D28415406} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035}\64C4143584 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035}\7416C6168797F535F5949494F583835373 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035}\75C414E4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035}\D496649643632303C402A45647071636B6020313244402355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035}\D496649643632303C402A45647071636B6020313343302355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035}\D496649643632303C402A45647071636B6020324442302355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F63EB1E1-44FF-4050-B138-7CAA29F58035}\D496649643632303C402A45647071636B6021414543402355636572756 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\8stb0zgz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-1 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-8-1 208416]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-7 16152]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-8-1 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-8-1 423240]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-4-13 277120]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-4-24 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-1 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-29 85328]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-12-29 106144]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-4-24 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-3-27 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-3-27 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-11 135952]
R2 ENAgent;Epson Redirect Agent;C:\Windows\SysWOW64\ENAgent.exe [2014-6-18 4209856]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2013-8-1 151648]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2012-5-10 608864]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-8-1 135824]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-6-9 435032]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-12-29 158880]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-5-7 17152]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-3-27 1304912]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-12-29 30368]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-2-20 200488]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-4-17 169752]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-11-6 342528]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-7 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-7 787736]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2013-7-20 292968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-7-20 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-10-28 107288]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-10 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-5-5 19456]
S3 RTCore64;RTCore64;C:\RMclock\RTCore64.sys [2013-7-21 7168]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-10-28 204568]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-9 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-20 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-06-19 15:26:09 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{94631FA2-110E-445E-9221-3E1C1B38DB59}\offreg.dll
2014-06-18 21:11:10 4209856 ----a-w- C:\Windows\SysWow64\ENAgent.exe
2014-06-17 15:28:15 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{94631FA2-110E-445E-9221-3E1C1B38DB59}\mpengine.dll
2014-06-13 14:44:53 -------- d-sh--w- C:\Users\Asus\AppData\Local\EmieUserList
2014-06-13 14:44:53 -------- d-sh--w- C:\Users\Asus\AppData\Local\EmieSiteList
2014-06-10 21:09:48 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-10 21:09:47 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-23 04:33:54 -------- d-----w- C:\Users\Asus\AppData\Local\DDMSettings
.
==================== Find3M ====================
.
2014-06-19 15:03:03 387 ----a-w- C:\Users\Asus\AppData\Roaming\sp_data.sys
2014-06-13 04:44:19 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-13 04:44:19 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-16 07:53:18 341848 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2014-05-12 10:26:58 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-05-12 10:26:58 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-05-07 21:56:05 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-24 19:20:52 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-04-24 19:20:52 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-04-24 19:20:52 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-04-24 19:20:52 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-04-24 19:20:52 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-04-24 19:20:51 43152 ----a-w- C:\Windows\avastSS.scr
2014-04-15 06:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-03-31 13:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-26 14:44:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-03-26 14:44:48 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-03-26 14:27:50 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-03-26 14:27:50 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
.
============= FINISH: 13:12:49.59 ===============

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-06-19 13:47:31
-----------------------------
13:47:31.543 OS Version: Windows x64 6.1.7601 Service Pack 1
13:47:31.543 Number of processors: 4 586 0x2A07
13:47:31.553 ComputerName: AIR UserName:
13:47:33.403 Initialize success
13:47:33.403 VM: initialized successfully
13:47:33.403 VM: outdated driver version !
13:47:36.203 AVAST engine defs: 14061900
13:47:38.743 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:47:38.743 Disk 0 Vendor: Hitachi_HTS547575A9E384 JE4OA60A Size: 715404MB BusType: 11
13:47:38.863 Disk 0 MBR read successfully
13:47:38.863 Disk 0 MBR scan
13:47:38.873 Disk 0 Windows 7 default MBR code
13:47:38.873 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:47:38.873 Disk 0 default boot code
13:47:38.893 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715302 MB offset 206848
13:47:39.003 Disk 0 scanning C:\Windows\system32\drivers
13:47:48.633 Service scanning
13:48:13.303 Modules scanning
13:48:13.633 Disk 0 trace - called modules:
13:48:13.643 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
13:48:13.643 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005ff8060]
13:48:13.653 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa8005b23520]
13:48:13.653 5 ACPI.sys[fffff88000edd7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005a014e0]
13:48:15.053 AVAST engine scan C:\Windows
13:48:17.576 AVAST engine scan C:\Windows\system32
13:51:10.692 AVAST engine scan C:\Windows\system32\drivers
13:51:24.782 AVAST engine scan C:\Users\Asus
13:56:42.109 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\MBR.dat"
13:56:42.109 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt 061914.txt"

:snwelcome:

All I am really looking at that needs to be removed is SearchProtect, lets clean you up some and go from there


-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner (http://www.bleepingcomputer.com/download/adwcleaner/)
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.


Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.





http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

# AdwCleaner v3.212 - Report created 20/06/2014 at 08:44:13
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Asus - AIR
# Running from : C:\Users\Asus\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Asus\AppData\Local\Temp\mt_ffx
File Deleted : C:\Users\Asus\AppData\Local\Temp\Uninstall.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\8stb0zgz.default\prefs.js ]


[ File : C:\Users\Test 7\AppData\Roaming\Mozilla\Firefox\Profiles\89gyak8z.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=100000031&locale=en_US&apn_uid=4C064989-13BA-4F47-9E87-B75F05AB91A1&apn_ptnrs=%5ETV&apn_sauid=724F9E42-FB06-451A-AC69-914831E7187D&apn_dtid=%5EOSJ000%5EYY%5EUS&q={searchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN38204992811008812&ctid=CT3309350&UM=2
Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=946F10BF48659DD2&affID=119557&tt=070813_wt3&tsp=4972
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [10929 octets] - [25/11/2013 22:02:37]
AdwCleaner[R1].txt - [2211 octets] - [20/06/2014 08:42:10]
AdwCleaner[S0].txt - [9853 octets] - [25/11/2013 22:03:36]
AdwCleaner[S1].txt - [2113 octets] - [20/06/2014 08:44:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2173 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Asus on Fri 06/20/2014 at 8:52:31.31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1202347141-2088458147-1770352953-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B8D907B0-B2D3-4D0C-A75B-4AB7D3B974A8}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Asus\appdata\locallow\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\8stb0zgz.default\minidumps [41 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 06/20/2014 at 9:00:19.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

http://i.imgur.com/GUZVCQN.jpg Please download Malwarebytes Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.

http://i24.photobucket.com/albums/c30/ken545/MBAM_zps65e8300e.jpg (http://s24.photobucket.com/user/ken545/media/MBAM_zps65e8300e.jpg.html)


Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click Update Now
After the update completes, click the Scan Now Button.


http://i24.photobucket.com/albums/c30/ken545/MBAM2_zpsabeea657.jpg (http://s24.photobucket.com/user/ken545/media/MBAM2_zpsabeea657.jpg.html)


A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Installed and scan run.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/20/2014
Scan Time: 6:56:24 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.20.14
Rootkit Database: v2014.06.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Asus

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 310305
Time Elapsed: 11 min, 34 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
PUP.Optional.ConduitSearchProtect, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SearchProtect, \SearchProtect\bin\cltmng.exe, Quarantined, [0cb20674ff7c35014939617ac24146ba]

Registry Data: 0
(No malicious items detected)

Folders: 5
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3282812, Quarantined, [f0ce37434734bf7782c61a74bf434cb4],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3288691, Quarantined, [16a8ed8d4635fb3ba3a5c7c755ad39c7],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3297861, Quarantined, [6a543a40c1ba42f4b39558365da5a759],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\plugins, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],

Files: 79
PUP.Optional.FastFreeConverter.A, C:\Users\Asus\AppData\Local\Temp\FastFreeConverter_Somoto2.exe, Quarantined, [ac12e69495e611257d898391b0514eb2],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ToolbarHelper.exe, Quarantined, [f5c923575229d75f0a39f8260ef2fc04],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\nsq55EF.exe, Quarantined, [1aa49ae067142b0bfd677aa854ad43bd],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\nsx258F.exe, Quarantined, [dde1c1b972093402e87cc75b6998f30d],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\nsyC795.exe, Quarantined, [4e7056240774de58aabaa082db26629e],
PUP.Optional.OptimizePro.A, C:\Users\Asus\AppData\Local\Temp\OptimizerPro.exe, Quarantined, [ccf28feb76050135e85f46d85ca42ad6],
PUP.Optional.Installrex, C:\Users\Asus\AppData\Local\Temp\jt3bLItO.exe.part, Quarantined, [3c829bdf314a3cfa3538a4cd56ab768a],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\nsoF4C0.exe, Quarantined, [06b88ded9cdf39fdec78ea38986958a8],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\SPStub.exe, Quarantined, [5569c8b2f289191d6e328e92ad54867a],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\mconduitinstaller.exe, Quarantined, [0db1d9a1fc7ffe38ac0acd5140c07c84],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\nsc5D22.exe, Quarantined, [b905c2b8b7c412241450022025dcbe42],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\nsm4E6F.exe, Quarantined, [3d81e991d3a8c5719cc861c1659c30d0],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\nsmFE9B.exe, Quarantined, [d6e8d5a5a0db87af22429e8407fa916f],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus5270\CrxUpdater_d.exe, Quarantined, [645a2456afcc270f62a7e75e5ca8768a],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busA208\CrxUpdater_d.exe, Quarantined, [65591d5db1caaa8ccd3cde678084ef11],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busA42D\CrxUpdater_d.exe, Quarantined, [c0fedaa06b10082e8e7bb98ce81cee12],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busB65E\CrxUpdater_d.exe, Quarantined, [526cd4a6ff7c74c2b5546fd63dc7f907],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busBEDE\CrxUpdater_d.exe, Quarantined, [4c7298e207742e081decb88dec187888],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busBF4B\CrxUpdater_d.exe, Quarantined, [dae4f58552296acc86831f26b74d41bf],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busC56B\CrxUpdater_d.exe, Quarantined, [75491e5c9ae15bdba267f64f07fd60a0],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busE026\CrxUpdater_d.exe, Quarantined, [5a649cde6a1159dd79905ee7d33118e8],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busF404\CrxUpdater_d.exe, Quarantined, [c2fc9ae0b0cb13239871cb7acc387f81],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus52B6\CrxUpdater_d.exe, Quarantined, [e5d916641f5ca98dea1f4cf9e61e629e],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus66BE\CrxUpdater_d.exe, Quarantined, [229cbbbf0279b58142c7ee579b69e21e],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7487\CrxUpdater_d.exe, Quarantined, [c1fd3941cfacf83e44c5c3828e768f71],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus74C1\CrxUpdater_d.exe, Quarantined, [08b6fd7d2f4cc1757297c87df014619f],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus754E\CrxUpdater_d.exe, Quarantined, [6a54aad08eed05314fbad96c8a7ab54b],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7629\CrxUpdater_d.exe, Quarantined, [f4cac6b4314a7abccf3a85c081838080],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7A7C\CrxUpdater_d.exe, Quarantined, [09b582f8c1ba7db97495ad98b351a15f],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7C6F\CrxUpdater_d.exe, Quarantined, [cfef84f6c5b6a29425e459ecd92b7d83],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7CBD\CrxUpdater_d.exe, Quarantined, [f7c71763ed8e2d099970c4811ce8d030],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7D1B\CrxUpdater_d.exe, Quarantined, [893585f5a9d20b2bdc2dd273dc289868],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7D2A\CrxUpdater_d.exe, Quarantined, [2c92aad0f586ea4c8c7dcb7a6c9830d0],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7D2D\CrxUpdater_d.exe, Quarantined, [0faf2c4e047726102ddcc87d3bc902fe],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus7E43\CrxUpdater_d.exe, Quarantined, [17a73842c4b7ca6c52b76fd6768ee917],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus83EE\CrxUpdater_d.exe, Quarantined, [c7f73a40e992a195a36649fc08fc5da3],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus8583\CrxUpdater_d.exe, Quarantined, [5a640d6da2d90d29e623133257ad1be5],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus897A\CrxUpdater_d.exe, Quarantined, [0bb3d1a9a4d7270f62a741041aea936d],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus8AE0\CrxUpdater_d.exe, Quarantined, [58667efceb90f83e1aef2a1b6d9720e0],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus8C57\CrxUpdater_d.exe, Quarantined, [328c79012259dc5a98711a2b59abea16],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus950E\CrxUpdater_d.exe, Quarantined, [6f4f23570e6ddf5790799fa617ed1fe1],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus9DE8\CrxUpdater_d.exe, Quarantined, [932b502a52298ea8ae5bd86da95b08f8],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busF464\CrxUpdater_d.exe, Quarantined, [0db1651546354ceaec1d9baa947028d8],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busF681\CrxUpdater_d.exe, Quarantined, [d7e7d9a11c5f2511be4b6dd831d3a858],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busFEDC\CrxUpdater_d.exe, Quarantined, [a21c7bffe2997abcb059da6b669eca36],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\busFFB7\CrxUpdater_d.exe, Quarantined, [7f3f88f2f883ab8b62a7a4a1a361de22],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus188F\CrxUpdater_d.exe, Quarantined, [3886106a7b001c1a7891291c19eb669a],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus21DA\CrxUpdater_d.exe, Quarantined, [605e4931abd0ee48aa5f380de51fc63a],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus2448\CrxUpdater_d.exe, Quarantined, [5b631664b8c3f54188814afb8d7746ba],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus2838\CrxUpdater_d.exe, Quarantined, [f5c963179ddeb77f76938bba5da742be],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus3C2B\CrxUpdater_d.exe, Quarantined, [cfef6d0d205ba294fa0f3e076d9712ee],
PUP.Optional.CRX.A, C:\Users\Asus\AppData\Local\Temp\bus41B6\CrxUpdater_d.exe, Quarantined, [803e304a17642a0cb85171d4986c827e],
PUP.Optional.Babylon.A, C:\Users\Asus\AppData\Local\Temp\6620CE5F-BAB0-7891-8CE3-4AC149312A5E\Latest\MntrDLLInstall.dll, Quarantined, [b8064139ccaf7bbb002c68b5dc2524dc],
PUP.Optional.Babylon.A, C:\Users\Asus\AppData\Local\Temp\6620CE5F-BAB0-7891-8CE3-4AC149312A5E\Latest\NTRedirect.dll, Quarantined, [ebd33743106b6ec80f95d56baa5a9070],
PUP.Optional.Babylon.A, C:\Users\Asus\AppData\Local\Temp\6620CE5F-BAB0-7891-8CE3-4AC149312A5E\Latest\Setup.exe, Quarantined, [e5d97ffb661544f2cc704cd27987ed13],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3282812\ctbe.exe, Quarantined, [c1fd106a1f5c1d19c4d575a998681ae6],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3282812\ieLogic.exe, Quarantined, [f0ce0c6e04772a0c336d061a31d06b95],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3282812\statisticsStub.exe, Quarantined, [6559106a3e3d3303ab7bf912e31e9d63],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3282812\stub.exe, Quarantined, [744ae2986e0db87ec62ae836ed13ff01],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3288691\ism.exe, Quarantined, [4b73bebcec8fb284c4aba3e8ae5337c9],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\chLogic.exe, Quarantined, [e6d82357f883ae888b15819f35cc1fe1],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\ctbe.exe, Quarantined, [883689f1255670c6346533eb49b725db],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\ieLogic.exe, Quarantined, [98266515156642f4ebb5e13fbc458f71],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\spch.exe, Quarantined, [dbe308723b4053e31a8636ead031ac54],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\statisticsStub.exe, Quarantined, [a41af18983f8a69010161af1857cdd23],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\plugins\TBVerifier.dll, Quarantined, [b40a7cfe106b34027d472d15b54b837d],
PUP.Optional.Installex, C:\Users\Asus\Downloads\Revolution.2012.S02E01.hdtv-lol.mp4, Quarantined, [bc02a8d2f8838aac6dad81e13bc60cf4],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3282812\chromeid.txt, Quarantined, [f0ce37434734bf7782c61a74bf434cb4],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3282812\setup.ini.txt, Quarantined, [f0ce37434734bf7782c61a74bf434cb4],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3288691\chromeid.txt, Quarantined, [16a8ed8d4635fb3ba3a5c7c755ad39c7],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3288691\setup.ini.txt, Quarantined, [16a8ed8d4635fb3ba3a5c7c755ad39c7],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3297861\chromeid.txt, Quarantined, [6a543a40c1ba42f4b39558365da5a759],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3297861\setup.ini.txt, Quarantined, [6a543a40c1ba42f4b39558365da5a759],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\chromeid.txt, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\CT3309350.txt, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\initData.json, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\manifest.json, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\setup.ini.txt, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Local\Temp\ct3309350\stub.exe, Quarantined, [7a447406fe7d9d99f850741a7e843bc5],

Physical Sectors: 0
(No malicious items detected)


(end)

Good, looks like we are removing a bunch of crappola :) I remember working with you awhile back .

There is a new scanner out that that is really good at picking up malware entries, lets run a scan and see if there is anything left to remove

Please download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save it to your desktop.
Please download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Now that you mention it I remember you helping me with my desktop. :D:

Posting in two parts because it said that the combined reports were too long for one post.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Asus (administrator) on AIR on 21-06-2014 08:41:46
Running from C:\Users\Asus\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIBE.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11407120 2012-03-27] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-21] (ASUS)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-05] (AVAST Software)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1202347141-2088458147-1770352953-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6564120 2014-06-10] (SUPERAntiSpyware)
HKU\S-1-5-21-1202347141-2088458147-1770352953-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIBE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBE78D6EADD8BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {C031556C-FBBB-4B40-8A8E-A25930BA5BAA} URL = https://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\8stb0zgz.default
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Flash and Video Download - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\8stb0zgz.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-06-16]
FF Extension: NoScript - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\8stb0zgz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-24]
FF Extension: Adblock Plus - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\8stb0zgz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-01]

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultSearchProvider: Delta Search
CHR DefaultSearchURL: http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=946F10BF48659DD2&affID=119557&tt=070813_wt3&tsp=4972
CHR DefaultNewTabURL:
CHR Extension: (Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-01]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-01]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-01]
CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-01]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-01]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-24]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-24] (AVAST Software)
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed]
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-04] (SEIKO EPSON CORPORATION)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-24] ()
S3 RTCore64; C:\RMclock\RTCore64.sys [7168 2005-05-25] () [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 cpuz136; \??\C:\Users\Asus\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-21 08:41 - 2014-06-21 08:42 - 00018735 _____ () C:\Users\Asus\Desktop\FRST.txt
2014-06-21 08:41 - 2014-06-21 08:41 - 02083328 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2014-06-21 08:41 - 2014-06-21 08:41 - 00000000 ____D () C:\FRST
2014-06-21 08:38 - 2014-06-21 08:40 - 01070592 _____ (Farbar) C:\Users\Asus\Desktop\FRST.exe
2014-06-21 05:23 - 2014-06-21 05:31 - 469673093 _____ () C:\Users\Asus\Downloads\Dominion.S01E01._-lol.mp4
2014-06-20 18:55 - 2014-06-20 19:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 18:54 - 2014-06-20 18:54 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-20 18:54 - 2014-06-20 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-20 18:54 - 2014-06-20 18:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-20 18:54 - 2014-06-20 18:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-20 18:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-20 18:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-20 18:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-20 09:00 - 2014-06-20 09:00 - 00001285 _____ () C:\Users\Asus\Desktop\JRT.txt
2014-06-20 08:52 - 2014-06-20 08:52 - 00000000 ____D () C:\Windows\ERUNT
2014-06-20 08:51 - 2014-06-20 08:51 - 01016261 _____ (Thisisu) C:\Users\Asus\Desktop\JRT.exe
2014-06-20 08:47 - 2014-06-20 08:47 - 00002253 _____ () C:\Users\Asus\Desktop\AdwCleaner[S1].txt
2014-06-20 08:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-20 08:40 - 2014-06-20 08:40 - 01333465 _____ () C:\Users\Asus\Desktop\AdwCleaner.exe
2014-06-19 21:03 - 2014-06-19 21:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-19 13:56 - 2014-06-19 13:56 - 00001986 _____ () C:\Users\Asus\Desktop\aswMBR.txt 061914.txt
2014-06-19 13:56 - 2014-06-19 13:56 - 00000512 _____ () C:\Users\Asus\Desktop\MBR.dat
2014-06-19 13:46 - 2014-06-19 13:46 - 05185536 _____ (AVAST Software) C:\Users\Asus\Desktop\aswMBR.exe
2014-06-19 13:42 - 2014-06-19 13:42 - 00002598 _____ () C:\Users\Asus\Desktop\Attach.txt 061914.zip
2014-06-19 13:41 - 2014-06-19 13:41 - 00022876 _____ () C:\Users\Asus\Desktop\DDS.txt 061914.txt
2014-06-19 13:41 - 2014-06-19 13:41 - 00007516 _____ () C:\Users\Asus\Desktop\Attach.txt 061914.txt
2014-06-19 13:12 - 2014-06-19 13:12 - 00022876 _____ () C:\Users\Asus\Desktop\dds.txt
2014-06-19 13:12 - 2014-06-19 13:12 - 00007516 _____ () C:\Users\Asus\Desktop\attach.txt
2014-06-19 13:11 - 2014-06-19 13:11 - 00688992 ____R (Swearware) C:\Users\Asus\Desktop\dds.scr
2014-06-19 13:08 - 2014-06-19 13:08 - 00031952 _____ () C:\Users\Asus\Desktop\ERUNT README.TXT
2014-06-19 13:08 - 2014-06-19 13:08 - 00000000 ____D () C:\Windows\ERDNT
2014-06-19 13:07 - 2014-06-19 13:07 - 00000928 _____ () C:\Users\Test 7\Desktop\NTREGOPT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000928 _____ () C:\Users\Asus\Desktop\NTREGOPT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000909 _____ () C:\Users\Test 7\Desktop\ERUNT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000909 _____ () C:\Users\Asus\Desktop\ERUNT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-19 13:07 - 2014-06-19 13:07 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-19 13:04 - 2014-06-19 13:05 - 00791393 _____ (Lars Hederer ) C:\Users\Asus\Desktop\erunt-setup.exe
2014-06-18 23:36 - 2014-06-19 00:27 - 364692794 _____ () C:\Users\Asus\Downloads\Falling.Skies.S04E01.WEB-DL.XviD-FUM.avi
2014-06-18 17:11 - 2012-07-04 21:02 - 04209856 _____ (SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
2014-06-16 08:14 - 2014-06-16 08:27 - 782980577 _____ () C:\Users\Asus\Downloads\Game_of_Thrones_S04E10_720p___x264_-SN.mp4
2014-06-13 10:44 - 2014-06-13 10:44 - 00000000 __SHD () C:\Users\Asus\AppData\Local\EmieUserList
2014-06-13 10:44 - 2014-06-13 10:44 - 00000000 __SHD () C:\Users\Asus\AppData\Local\EmieSiteList
2014-06-12 10:51 - 2014-06-12 10:51 - 00002156 _____ () C:\Users\Asus\Documents\WT 1.41.7.30.txt
2014-06-12 10:48 - 2014-06-12 10:48 - 00001231 _____ () C:\Users\Asus\Documents\WT 1.41.7.33.txt
2014-06-12 10:46 - 2014-06-12 10:46 - 00000486 _____ () C:\Users\Asus\Documents\WT 1.41.7.44.txt
2014-06-12 10:42 - 2014-06-12 10:42 - 00000351 _____ () C:\Users\Asus\Documents\WT 1.41.7.54.txt
2014-06-12 10:40 - 2014-06-12 10:40 - 00001973 _____ () C:\Users\Asus\Documents\WT 1.41.7.50.txt
2014-06-12 03:12 - 2014-06-12 03:12 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-06-12 03:12 - 2014-06-12 03:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-06-10 17:13 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-10 17:13 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-10 17:13 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-10 17:13 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-10 17:13 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-10 17:13 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-10 17:13 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-10 17:13 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-10 17:13 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-10 17:13 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-10 17:13 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-10 17:13 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-10 17:13 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-10 17:13 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-10 17:13 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-10 17:13 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-10 17:13 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-10 17:13 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-10 17:13 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 17:13 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-10 17:13 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-10 17:13 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-10 17:13 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-10 17:13 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-10 17:13 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-10 17:13 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-10 17:13 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-10 17:13 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-10 17:13 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-10 17:13 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-10 17:13 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-10 17:13 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-10 17:13 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-10 17:13 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-10 17:13 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-10 17:13 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-10 17:13 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 17:13 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-10 17:13 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-10 17:13 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-10 17:13 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-10 17:13 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-10 17:13 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-10 17:13 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-10 17:13 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-10 17:13 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-10 17:13 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-10 17:13 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-10 17:13 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-10 17:13 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-10 17:13 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-10 17:13 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-10 17:13 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-10 17:13 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 17:13 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-10 17:13 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-10 17:13 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-10 17:13 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-10 17:13 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-10 17:13 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-10 17:13 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-10 17:13 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-10 17:13 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-10 17:13 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-10 17:13 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 17:13 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-10 17:09 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-10 17:09 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 18:48 - 2014-06-08 18:48 - 00000048 _____ () C:\Users\Asus\Documents\Dark Circles.txt
2014-06-08 13:14 - 2014-06-08 13:14 - 00000168 _____ () C:\Users\Asus\Documents\Grout Cleaner.txt
2014-06-04 23:58 - 2014-06-05 00:04 - 359428776 _____ () C:\Users\Asus\Downloads\Revolution.2012.S02E22._.XviD-AFG.avi
2014-06-04 22:58 - 2014-06-04 23:47 - 292318613 _____ () C:\Users\Asus\Downloads\Revolution.2012.S02E21.lol.mp4
2014-06-02 07:39 - 2014-06-02 07:45 - 364678650 _____ () C:\Users\Asus\Downloads\Turn.S01E09._.XviD-AFG.avi
2014-06-01 23:04 - 2014-06-01 23:23 - 347342058 _____ () C:\Users\Asus\Downloads\Game.of.Thrones.S04E08.x264-killers.mp4
2014-05-30 15:52 - 2014-06-07 20:09 - 00000198 _____ () C:\Users\Asus\Documents\UschiBusiness.txt
2014-05-27 14:07 - 2014-05-27 14:14 - 374227354 _____ () C:\Users\Asus\Downloads\Turn.S01E08._.XviD-AFG.avi
2014-05-23 00:33 - 2014-05-23 00:33 - 00000000 ____D () C:\Users\Asus\AppData\Local\DDMSettings

==================== One Month Modified Files and Folders =======

2014-06-21 08:42 - 2014-06-21 08:41 - 00018735 _____ () C:\Users\Asus\Desktop\FRST.txt
2014-06-21 08:41 - 2014-06-21 08:41 - 02083328 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2014-06-21 08:41 - 2014-06-21 08:41 - 00000000 ____D () C:\FRST
2014-06-21 08:40 - 2014-06-21 08:38 - 01070592 _____ (Farbar) C:\Users\Asus\Desktop\FRST.exe
2014-06-21 08:29 - 2013-08-01 15:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-21 06:54 - 2013-07-20 04:04 - 01112963 _____ () C:\Windows\WindowsUpdate.log
2014-06-21 05:31 - 2014-06-21 05:23 - 469673093 _____ () C:\Users\Asus\Downloads\Dominion.S01E01._-lol.mp4
2014-06-21 05:20 - 2009-07-14 00:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 05:20 - 2009-07-14 00:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 05:13 - 2013-07-20 02:19 - 00000387 _____ () C:\Users\Asus\AppData\Roaming\sp_data.sys
2014-06-21 05:12 - 2010-11-20 23:47 - 00294376 _____ () C:\Windows\PFRO.log
2014-06-21 05:12 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-21 05:12 - 2009-07-14 00:51 - 00096957 _____ () C:\Windows\setupact.log
2014-06-20 19:13 - 2014-06-20 18:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 19:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\TAPI
2014-06-20 18:54 - 2014-06-20 18:54 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-20 18:54 - 2014-06-20 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-20 18:54 - 2014-06-20 18:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-20 18:54 - 2014-06-20 18:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-20 09:00 - 2014-06-20 09:00 - 00001285 _____ () C:\Users\Asus\Desktop\JRT.txt
2014-06-20 08:52 - 2014-06-20 08:52 - 00000000 ____D () C:\Windows\ERUNT
2014-06-20 08:51 - 2014-06-20 08:51 - 01016261 _____ (Thisisu) C:\Users\Asus\Desktop\JRT.exe
2014-06-20 08:47 - 2014-06-20 08:47 - 00002253 _____ () C:\Users\Asus\Desktop\AdwCleaner[S1].txt
2014-06-20 08:44 - 2013-11-25 22:02 - 00000000 ____D () C:\AdwCleaner
2014-06-20 08:40 - 2014-06-20 08:40 - 01333465 _____ () C:\Users\Asus\Desktop\AdwCleaner.exe
2014-06-20 08:11 - 2014-04-21 17:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 21:03 - 2014-06-19 21:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-19 13:56 - 2014-06-19 13:56 - 00001986 _____ () C:\Users\Asus\Desktop\aswMBR.txt 061914.txt
2014-06-19 13:56 - 2014-06-19 13:56 - 00000512 _____ () C:\Users\Asus\Desktop\MBR.dat
2014-06-19 13:46 - 2014-06-19 13:46 - 05185536 _____ (AVAST Software) C:\Users\Asus\Desktop\aswMBR.exe
2014-06-19 13:42 - 2014-06-19 13:42 - 00002598 _____ () C:\Users\Asus\Desktop\Attach.txt 061914.zip
2014-06-19 13:41 - 2014-06-19 13:41 - 00022876 _____ () C:\Users\Asus\Desktop\DDS.txt 061914.txt
2014-06-19 13:41 - 2014-06-19 13:41 - 00007516 _____ () C:\Users\Asus\Desktop\Attach.txt 061914.txt
2014-06-19 13:16 - 2013-08-11 14:25 - 00003232 _____ () C:\Users\Asus\Documents\pw.txt
2014-06-19 13:12 - 2014-06-19 13:12 - 00022876 _____ () C:\Users\Asus\Desktop\dds.txt
2014-06-19 13:12 - 2014-06-19 13:12 - 00007516 _____ () C:\Users\Asus\Desktop\attach.txt
2014-06-19 13:11 - 2014-06-19 13:11 - 00688992 ____R (Swearware) C:\Users\Asus\Desktop\dds.scr
2014-06-19 13:08 - 2014-06-19 13:08 - 00031952 _____ () C:\Users\Asus\Desktop\ERUNT README.TXT
2014-06-19 13:08 - 2014-06-19 13:08 - 00000000 ____D () C:\Windows\ERDNT
2014-06-19 13:07 - 2014-06-19 13:07 - 00000928 _____ () C:\Users\Test 7\Desktop\NTREGOPT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000928 _____ () C:\Users\Asus\Desktop\NTREGOPT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000909 _____ () C:\Users\Test 7\Desktop\ERUNT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000909 _____ () C:\Users\Asus\Desktop\ERUNT.lnk
2014-06-19 13:07 - 2014-06-19 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-19 13:07 - 2014-06-19 13:07 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-19 13:05 - 2014-06-19 13:04 - 00791393 _____ (Lars Hederer ) C:\Users\Asus\Desktop\erunt-setup.exe
2014-06-19 11:03 - 2013-08-01 16:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-19 00:27 - 2014-06-18 23:36 - 364692794 _____ () C:\Users\Asus\Downloads\Falling.Skies.S04E01.WEB-DL.XviD-FUM.avi
2014-06-17 13:05 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-16 11:22 - 2013-08-11 23:19 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\vlc
2014-06-16 09:57 - 2013-10-27 13:55 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Skype
2014-06-16 08:51 - 2013-07-20 01:06 - 00000000 ____D () C:\Users\Asus\AppData\Local\VirtualStore
2014-06-16 08:27 - 2014-06-16 08:14 - 782980577 _____ () C:\Users\Asus\Downloads\Game_of_Thrones_S04E10_720p___x264_-SN.mp4
2014-06-13 10:44 - 2014-06-13 10:44 - 00000000 __SHD () C:\Users\Asus\AppData\Local\EmieUserList
2014-06-13 10:44 - 2014-06-13 10:44 - 00000000 __SHD () C:\Users\Asus\AppData\Local\EmieSiteList
2014-06-13 00:46 - 2014-05-13 13:23 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-06-13 00:46 - 2013-09-16 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-06-13 00:46 - 2013-08-23 21:33 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-06-13 00:46 - 2013-08-23 21:32 - 00000000 ____D () C:\ProgramData\DivX
2014-06-13 00:45 - 2013-08-23 21:34 - 00000000 ____D () C:\Program Files\DivX
2014-06-13 00:44 - 2013-08-01 15:12 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-13 00:44 - 2013-08-01 15:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-13 00:44 - 2013-08-01 15:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 10:51 - 2014-06-12 10:51 - 00002156 _____ () C:\Users\Asus\Documents\WT 1.41.7.30.txt
2014-06-12 10:48 - 2014-06-12 10:48 - 00001231 _____ () C:\Users\Asus\Documents\WT 1.41.7.33.txt
2014-06-12 10:46 - 2014-06-12 10:46 - 00000486 _____ () C:\Users\Asus\Documents\WT 1.41.7.44.txt
2014-06-12 10:42 - 2014-06-12 10:42 - 00000351 _____ () C:\Users\Asus\Documents\WT 1.41.7.54.txt
2014-06-12 10:40 - 2014-06-12 10:40 - 00001973 _____ () C:\Users\Asus\Documents\WT 1.41.7.50.txt
2014-06-12 03:13 - 2014-04-07 13:24 - 00000000 ____D () C:\ProgramData\Garmin
2014-06-12 03:13 - 2014-04-07 13:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-12 03:12 - 2014-06-12 03:12 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-06-12 03:12 - 2014-06-12 03:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-06-12 03:12 - 2014-04-07 13:24 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-06-12 03:12 - 2014-04-07 13:24 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-06-11 12:58 - 2014-03-12 16:34 - 00000042 _____ () C:\Users\Asus\Documents\Tom Addy.txt
2014-06-10 22:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-10 20:50 - 2013-08-01 00:18 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-10 19:07 - 2013-07-21 15:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 19:05 - 2013-07-20 14:46 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 19:04 - 2013-08-01 11:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 19:02 - 2014-05-04 12:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 18:48 - 2014-06-08 18:48 - 00000048 _____ () C:\Users\Asus\Documents\Dark Circles.txt
2014-06-08 13:14 - 2014-06-08 13:14 - 00000168 _____ () C:\Users\Asus\Documents\Grout Cleaner.txt
2014-06-08 05:13 - 2014-06-10 17:09 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-10 17:09 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 20:09 - 2014-05-30 15:52 - 00000198 _____ () C:\Users\Asus\Documents\UschiBusiness.txt
2014-06-05 17:17 - 2014-04-01 14:47 - 00246272 ___SH () C:\Users\Asus\Documents\Thumbs.db
2014-06-05 00:04 - 2014-06-04 23:58 - 359428776 _____ () C:\Users\Asus\Downloads\Revolution.2012.S02E22._.XviD-AFG.avi
2014-06-04 23:47 - 2014-06-04 22:58 - 292318613 _____ () C:\Users\Asus\Downloads\Revolution.2012.S02E21.lol.mp4
2014-06-02 07:45 - 2014-06-02 07:39 - 364678650 _____ () C:\Users\Asus\Downloads\Turn.S01E09._.XviD-AFG.avi
2014-06-01 23:23 - 2014-06-01 23:04 - 347342058 _____ () C:\Users\Asus\Downloads\Game.of.Thrones.S04E08.x264-killers.mp4
2014-05-30 06:21 - 2014-06-10 17:13 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-10 17:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-10 17:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-10 17:13 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-10 17:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-10 17:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-10 17:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-10 17:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-10 17:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-10 17:13 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-10 17:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-10 17:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-10 17:13 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-10 17:13 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-10 17:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-10 17:13 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-10 17:13 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-10 17:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-10 17:13 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-10 17:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-10 17:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-10 17:13 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-10 17:13 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-10 17:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-10 17:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-10 17:13 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-10 17:13 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-10 17:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-10 17:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-10 17:13 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-10 17:13 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-10 17:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-10 17:13 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-10 17:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-10 17:13 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-10 17:13 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-10 17:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-10 17:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-10 17:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-10 17:13 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-10 17:13 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-10 17:13 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-10 17:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-10 17:13 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-10 17:13 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-10 17:13 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-10 17:13 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-10 17:13 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-10 17:13 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-10 17:13 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-10 17:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-10 17:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 16:15 - 2014-01-01 05:39 - 00000000 ____D () C:\Users\Asus\Documents\recipes
2014-05-27 14:14 - 2014-05-27 14:07 - 374227354 _____ () C:\Users\Asus\Downloads\Turn.S01E08._.XviD-AFG.avi
2014-05-25 20:28 - 2013-08-01 20:20 - 00000000 ____D () C:\Users\Asus\AppData\Local\CrashDumps
2014-05-24 09:07 - 2013-08-01 15:12 - 00000000 ____D () C:\Users\Asus\AppData\Local\Adobe
2014-05-24 08:33 - 2013-08-01 16:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-23 00:33 - 2014-05-23 00:33 - 00000000 ____D () C:\Users\Asus\AppData\Local\DDMSettings

Some content of TEMP:
====================
C:\Users\Asus\AppData\Local\Temp\DivXSetup.exe
C:\Users\Asus\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Asus\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Asus\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Asus\AppData\Local\Temp\Quarantine.exe
C:\Users\Asus\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Asus\AppData\Local\Temp\tbSomo.dll
C:\Users\Asus\AppData\Local\Temp\uninst1.exe
C:\Users\Asus\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Asus\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 07:59

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Asus at 2014-06-21 08:42:26
Running from C:\Users\Asus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,2,385,0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.1 - ASUS)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-400 Series Printer Uninstall (HKLM\...\EPSON XP-400 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.3 - ASUS)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PRJPROR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0E4FF5B8-C02A-4745-BF5F-564E1894DB3F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {470455B0-34B0-4B8A-AA05-68D7611E909B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {6718F35E-0791-428C-86A1-38192C8310CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13] (Adobe Systems Incorporated)
Task: {78DCF487-AB3F-468B-89AB-80D3D131D7BD} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {C22A8F0E-615F-46BF-9305-B119C9A8D90B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-05-07] (ASUSTek Computer Inc.)
Task: {D208980D-8945-4874-8FB0-9FF8453E5EF4} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {F451CD28-B222-482D-AA3A-F34CEF852758} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-24] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-02-22 15:18 - 2012-02-22 15:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-06-20 16:46 - 2014-06-20 16:46 - 02783232 _____ () C:\Program Files\AVAST Software\Avast\defs\14062001\algo.dll
2014-06-21 08:41 - 2014-06-21 08:41 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062100\algo.dll
2012-02-21 14:49 - 2012-02-21 14:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-10-22 15:57 - 2013-10-22 15:57 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-06-19 21:03 - 2014-06-19 21:03 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^Users^Asus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Epson all-in-one Registration.lnk => C:\Windows\pss\Epson all-in-one Registration.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2014 05:13:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2014 07:10:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2014 06:48:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/20/2014 07:53:13 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (06/20/2014 09:17:07 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (06/21/2014 05:13:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2014 07:10:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2014 06:48:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-02-24 10:43:04.030
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 10:43:03.937
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 10:43:03.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 10:43:03.672
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 10:43:03.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 10:43:03.453
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 10:43:03.344
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 10:43:03.188
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 08:04:31.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-02-24 08:04:31.088
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 6027.91 MB
Available physical RAM: 3809.14 MB
Total Pagefile: 12053.99 MB
Available Pagefile: 9588.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:554.94 GB) NTFS
Drive d: (XP-400) (CDROM) (Total:0.16 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: F92E411B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=699 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Lets do this first, then run a new scan with FRST and post the log please



Open Chrome
Click the Chrome menu http://i24.photobucket.com/albums/c30/ken545/Clipboard01_zps2e55f676.jpgon the browser toolbar.
Click on Settings
Then Manage Search Engines
Highlite Delta Search and select Delete

It's not under Start>All Programs, checked under 'Programs and Features", also Start>Search>Chrome and it doesn't show up. Chrome is uninstalled.

I saw 3 entries related to Delta Search on Chome on the FRST log, if Chome is uninstalled than we wont worry about it. Do you see signs of Delta Search popping up anywhere ?

How are things running now ?

Delta search doesn't ring a bell.

Things are running smoother. I'll give it some stress to see if anything fails.

Also I don't know if I have a new anomaly or not. When on some websites the mouse-over box is white rather than filled in. Like the box is being blocked. I haven't ever noticed this on this laptop. Further checking and it's only affecting FireFox not IE.

Make sure FF is up to date, click on Help> About and you should have version 30.0, if not update it. Let me know if this helps

Just checked, FF updated to 30.0 now.

Are you still having the mouse problem ?

Yes. On certain sites the mouse-over is near blank.

Since this is just related to FF, it might be a add on that is causing problems.


Open Firefox
Go to Help
Restart with Add-ons Disabled




If still problems then lets set FF back to default



Open Firefox
Click on Help > Troubleshooting Information > Reset Firefox to its default state

I restarted FF with the addons disabled and the problem has gone away. What's the best way to restart then one at a time to find the problem?

Not sure what add ons you have. You can open FF and look up at the top left for 3 small vertical bars and click on it and then Add Ons and you can enable or disable them as you wish

Going to try that.

The two I would have expected, Adblock Plus or NoScript weren't the culprit. It was avast! Online Security extension that was causing mayhem with the mouse overs.

I meant 3 small horizontal bars

The stacked three horizontal bars are on the right with my layout. It has New Window, Print, Options, Add-ons, etc. That one right?

Yes, click on Add ons

I have disabled the avast! addon. The mouse over boxes are fixed now.

Good :bigthumb:

Double click on AdwCleaner.exe to run the tool again.

Click on the Uninstall button.
Click Yes when asked are you sure you want to uninstall.
Both AdwCleaner.exe, its folder and all logs will be removed.


You can keep Malwarebytes, you can drag Junkware Removal Tool and FRST to the trash



How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/index.php?showtopic=57817)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)

Removed AdwCleaner, Junkware Removal Tool and FRST. Same for ERUNT, dds.scr and aswMBR?

Yes, you can remove them as these tools are updated quite often and if you ever need them again ( hopefully not ) the helper can just have you download a new copy

Ken :)

All done. My laptop is running much better now. Is that it?

If your happy than I'm happy :)

Unless you feel there are other issues than you could say we're done

I'm happy. :thanks:

Great

Take care,

Ken :)