Xalchs
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by Xalchs
-
Ah speak of the devil. 2013/01/08 17:38:50 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50145, Process: skype.exe) 2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50146, Process: skype.exe) 2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50147, Process: skype.exe) 2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50149, Process: avastsvc.exe)
-
I've had no new 'suspicious attacks so far' so i'd assume it worked! Thanks alot Charlie i really appreciate your effort
-
# AdwCleaner v2.105 - Logfile created 01/08/2013 at 17:17:32 # Updated 08/01/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : jordan - JORDS-LAPTOP # Boot Mode : Normal # Running from : C:\Users\jordan\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\ProgramData\boost_interprocess File Deleted : C:\Users\Public\Desktop\eBay.lnk ***** [Registry] ***** Key Deleted : HKCU\Software\InstallCore Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\Software\InstallCore Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16453 [OK] Registry is clean. -\\ Google Chrome v23.0.1271.97 File : C:\Users\jordan\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd[...] Deleted [l.2130] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2X[...] ************************* AdwCleaner[R1].txt - [1669 octets] - [08/01/2013 17:12:07] AdwCleaner[R2].txt - [1729 octets] - [08/01/2013 17:14:54] AdwCleaner[R3].txt - [1789 octets] - [08/01/2013 17:17:20] AdwCleaner[s2].txt - [1542 octets] - [08/01/2013 17:17:32] ########## EOF - C:\AdwCleaner[s2].txt - [1602 octets] ##########
-
# AdwCleaner v2.105 - Logfile created 01/08/2013 at 17:12:07 # Updated 08/01/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : jordan - JORDS-LAPTOP # Boot Mode : Normal # Running from : C:\Users\jordan\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Users\Public\Desktop\eBay.lnk Folder Found : C:\ProgramData\boost_interprocess ***** [Registry] ***** Key Found : HKCU\Software\InstallCore Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\Software\InstallCore Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16453 [OK] Registry is clean. -\\ Google Chrome v23.0.1271.97 File : C:\Users\jordan\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.12] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtCtB0D0EyByE0FzztBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1667708790" ] Found [l.2130] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtCtB0D0EyByE0FzztBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1667708790" ] ************************* AdwCleaner[R1].txt - [1542 octets] - [08/01/2013 17:12:07] ########## EOF - C:\AdwCleaner[R1].txt - [1602 octets] ##########
-
When i tried to run it i couldn't as its currently not compatible with windows 8.
-
Heres the Logs. mbar-log-2013-01-08 (15-52-01).txt mbar-log-2013-01-08 (16-23-49).txt system-log.txt
-
The first test came up clear, Now moving onto second one. But before i do i keep getting a popup box when starting MBAR saying 'Registry value "Applnit_Dlls" has been found, which may be caused by rootkit activity. Note: Press "No" button if you're not sure (Did that the first time i ran MBAR). If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.'
-
The issue i'm having is the fact while on youtube Malwarebytes keep's blocking suspicious websites from opening ranging from multiple IPs.
-
RogueKiller V8.4.2 [Jan 6 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 8 (6.2.9200 ) 64 bits version Started in : Normal mode User : jordan [Admin rights] Mode : Scan -- Date : 01/08/2013 15:16:18 ¤¤¤ Bad processes : 2 ¤¤¤ [sUSP PATH] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe -> KILLED [TermProc] [RESIDUE] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe -> KILLED [TermProc] ¤¤¤ Registry Entries : 3 ¤¤¤ [TASK][sUSP PATH] Funmoods : C:\Users\jordan\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE /Check -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD7500BPVT-22HXZT3 +++++ --- User --- [MBR] a28acfdbbcabbc589d67099ef5b3cfce [bSP] 646baac4cfb0869c0929879fc315b231 : MBR Code unknown Partition table: 0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 715404 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_01082013_02d1516.txt >> RKreport[1]_S_01082013_02d1516.txt
-
DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.9.2 Run by jordan at 22:49:11 on 2013-01-07 Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.8007.4683 [GMT 0:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\dwm.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Windows\system32\dashost.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\mfevtps.exe C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\RfBtnSvc64.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskhostex.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Acer\Acer Power Management\ePowerTray.exe C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Elantech\ETDCtrl.exe c:\Program Files (x86)\Bluetooth Suite\BtTray.exe c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\puush\puush.exe C:\Users\jordan\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Users\jordan\AppData\Local\Akamai\netsession_win.exe C:\Users\jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Dolby PCEE4\pcee4.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\EgisTec IPS\PMMUpdate.exe C:\Program Files\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://acer13.msn.com uDefault_Page_URL = hxxp://acer13.msn.com mStart Page = hxxp://acer13.msn.com uProxyOverride = <local> mWinlogon: Userinit = userinit.exe, BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [AdobeBridge] <no file> mRun: [bakupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h mRun: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart mRun: [LManager] <no file> dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} StartupFolder: C:\Users\jordan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe mPolicies-System: DisableCAD = dword:1 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B} : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\35B4951353434373 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\56465727F616D6 : DHCPNameServer = 152.105.250.79 152.105.250.80 TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\6796277696E6D65646961633634333230343 : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{A10F49CF-5495-47E9-9E07-DCA82E339E8D} : DHCPNameServer = 150.200.3.2 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> x64-mStart Page = hxxp://acer13.msn.com x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Run: [btPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-mPolicies-System: DisableCAD = dword:1 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-8-28 645952] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-11-28 752672] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-11-28 335784] R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2012-10-8 30056] R1 aswnet;avast! AG Firewall Core Driver;C:\Windows\System32\Drivers\aswnet.sys [2012-11-28 468144] R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2012-11-28 984144] R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2012-11-28 370288] R1 ccSet_NARA;NARA Settings Manager;C:\Windows\System32\Drivers\NARAx64\0401000.00A\ccSetx64.sys [2012-8-28 168608] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\Drivers\mwlPSDFilter.sys [2012-8-3 22648] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\Drivers\mwlPSDNserv.sys [2012-8-3 20520] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\Drivers\mwlPSDVDisk.sys [2012-8-3 62776] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2012-11-28 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2012-11-28 71600] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-7-31 207488] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-28 44808] R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-7-27 2415760] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-8-21 348784] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-28 165760] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-3 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-3 682344] R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-11-28 237920] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-28 218320] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-28 177144] R2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-9-15 86016] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-7-11 3939008] R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2012-8-28 93296] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-28 364416] R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [2012-8-28 81536] R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\Drivers\b57xdbd.sys [2012-6-15 72280] R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\Drivers\b57xdmp.sys [2012-6-15 21080] R3 bScsiMSa;bScsiMSa;C:\Windows\System32\Drivers\bScsiMSa.sys [2012-6-18 55384] R3 bScsiSDa;bScsiSDa;C:\Windows\System32\Drivers\bScsiSDa.sys [2012-6-19 70744] R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2012-8-28 33944] R3 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-7-31 659600] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-8-11 315280] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-10 342528] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\Drivers\k57nd60a.sys [2012-6-2 425472] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-1-3 24176] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-11-28 300392] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-11-28 513456] R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2012-8-28 26736] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632] S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-11-28 66720] S2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2012-8-28 88728] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2012-8-28 344216] S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2012-8-28 114840] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2012-8-28 178840] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2012-8-28 76952] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2012-8-28 135832] S3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2012-8-28 574616] S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752] S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-11-28 69672] S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-7-31 466064] S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-7-12 174160] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-20 1432400] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\Drivers\mferkdet.sys [2012-11-28 106112] S3 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-7-30 259136] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656] . =============== Created Last 30 ================ . 2013-01-04 00:01:31 -------- d-----r- C:\Sandbox 2013-01-03 23:59:13 -------- d-----w- C:\Program Files\Sandboxie 2013-01-03 23:37:19 -------- d-----w- C:\Program Files\CCleaner 2013-01-03 22:59:54 -------- d-----w- C:\Users\jordan\AppData\Roaming\Malwarebytes 2013-01-03 22:59:45 -------- d-----w- C:\ProgramData\Malwarebytes 2013-01-03 22:59:42 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-01-03 22:59:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-01-03 22:59:34 -------- d-----w- C:\Users\jordan\AppData\Local\Programs 2013-01-03 22:32:04 -------- d-----w- C:\Fraps 2012-12-30 20:35:35 -------- d-----w- C:\Program Files\HyperCam 2 2012-12-30 18:47:44 -------- d-----w- C:\Windows\en 2012-12-30 18:47:24 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-12-30 18:45:58 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\DSETUP.dll 2012-12-30 18:45:58 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\DXSETUP.exe 2012-12-30 18:45:58 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\dsetup32.dll 2012-12-30 18:45:56 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\DSETUP.dll 2012-12-30 18:45:56 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\DXSETUP.exe 2012-12-30 18:45:56 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\dsetup32.dll 2012-12-30 18:45:52 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\DSETUP.dll 2012-12-30 18:45:52 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\DXSETUP.exe 2012-12-30 18:45:52 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\dsetup32.dll 2012-12-30 18:45:48 -------- d-----w- C:\Users\jordan\AppData\Local\Windows Live 2012-12-30 18:45:00 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2012-12-30 18:19:38 -------- d-----w- C:\Program Files (x86)\Sony Setup 2012-12-30 17:45:38 -------- d-----w- C:\Users\jordan\AppData\Roaming\TechSmith 2012-12-30 17:45:34 -------- d-----w- C:\Users\jordan\AppData\Local\TechSmith 2012-12-30 17:37:17 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared 2012-12-30 17:34:18 -------- d-----w- C:\Users\jordan\AppData\Local\Sony 2012-12-30 17:34:18 -------- d-----w- C:\Program Files\Sony 2012-12-30 17:34:18 -------- d-----w- C:\Program Files (x86)\Sony 2012-12-30 17:28:39 -------- d-----w- C:\Program Files (x86)\Audacity 2012-12-21 15:12:20 362496 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-21 15:12:20 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-21 15:12:19 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-21 15:12:19 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-20 22:22:12 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-12-20 22:22:05 -------- d-----w- C:\Users\jordan\AppData\Local\PunkBuster 2012-12-20 22:15:35 -------- d-----w- C:\Users\jordan\AppData\Local\Ubisoft Game Launcher 2012-12-20 22:15:20 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-12-20 22:15:20 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-12-20 22:15:17 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-12-20 20:10:36 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared 2012-12-20 20:02:51 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared 2012-12-20 17:05:46 -------- d-----w- C:\Program Files (x86)\Autodesk 2012-12-20 16:14:46 -------- d-----w- C:\Program Files\Autodesk 2012-12-20 16:14:27 -------- d-----w- C:\Users\jordan\AppData\Roaming\Autodesk 2012-12-20 16:14:11 -------- d-----w- C:\Autodesk 2012-12-20 16:13:54 -------- d-----w- C:\Users\jordan\AppData\Local\Autodesk 2012-12-20 16:13:50 -------- d-----w- C:\Program Files (x86)\Common Files\Autodesk Shared 2012-12-20 16:12:38 -------- d-----w- C:\Users\jordan\AppData\Local\Akamai 2012-12-20 16:12:26 -------- d-----w- C:\ProgramData\Applications 2012-12-20 10:39:14 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2012-12-20 10:39:09 -------- d-----w- C:\Users\jordan\SystemRequirementsLab 2012-12-16 17:55:02 890880 ----a-w- C:\Windows\SysWow64\msctf.dll 2012-12-16 17:55:02 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll 2012-12-16 17:55:02 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll 2012-12-16 17:55:02 1120768 ----a-w- C:\Windows\System32\msctf.dll 2012-12-16 17:55:00 641536 ----a-w- C:\Windows\System32\WSShared.dll 2012-12-16 17:54:59 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll 2012-12-16 17:54:59 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll 2012-12-16 17:54:59 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll 2012-12-16 17:54:59 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll 2012-12-16 17:54:59 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll 2012-12-16 00:24:13 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2012-12-16 00:24:13 -------- d-----w- C:\Program Files (x86)\World of Warcraft 2012-12-16 00:24:13 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2012-12-16 00:23:31 -------- d-----w- C:\ProgramData\Battle.net 2012-12-15 22:47:46 -------- d-----w- C:\Users\jordan\AppData\Roaming\puush 2012-12-15 22:47:37 -------- d-----w- C:\Program Files (x86)\puush 2012-12-15 17:09:03 -------- d-----w- C:\Users\jordan\AppData\Local\clear.fi 2012-12-15 16:51:08 -------- d-----w- C:\Users\jordan\AppData\Local\assembly 2012-12-15 16:39:21 -------- d-----w- C:\Windows\PCHEALTH 2012-12-15 16:36:59 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-12-15 16:36:47 -------- d-----w- C:\Users\jordan\AppData\Local\Microsoft Help 2012-12-15 16:34:12 -------- d-----w- C:\Users\jordan\AppData\Local\MicrosoftStore 2012-12-13 21:05:45 213696 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10187.bin 2012-12-13 18:24:10 -------- d-----r- C:\Users\jordan\Dropbox 2012-12-13 18:20:07 -------- d-----w- C:\Users\jordan\AppData\Roaming\Dropbox 2012-12-13 15:00:24 144384 ----a-w- C:\Windows\System32\tssdisai.dll 2012-12-13 15:00:24 135680 ----a-w- C:\Windows\System32\appserverai.dll 2012-12-13 15:00:24 126976 ----a-w- C:\Windows\System32\RDWebAI.dll 2012-12-13 15:00:24 122880 ----a-w- C:\Windows\System32\VmHostAI.dll 2012-12-13 15:00:21 148480 ----a-w- C:\Windows\System32\poqexec.exe 2012-12-13 15:00:21 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe 2012-12-12 22:53:11 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2012-12-12 22:53:11 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2012-12-12 21:48:45 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-12-12 21:48:45 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-12-12 21:48:41 945152 ----a-w- C:\Windows\System32\resetengmig.dll 2012-12-12 21:48:41 443392 ----a-w- C:\Windows\System32\ReAgent.dll 2012-12-12 21:48:41 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll 2012-12-12 21:48:41 132096 ----a-w- C:\Windows\System32\sysreset.exe 2012-12-12 21:48:41 1009664 ----a-w- C:\Windows\System32\reseteng.dll 2012-12-12 20:54:56 4056576 ----a-w- C:\Windows\System32\win32k.sys 2012-12-12 14:02:42 -------- d-----w- C:\Users\jordan\AppData\Local\My Games 2012-12-11 18:50:14 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll 2012-12-11 18:50:14 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll 2012-12-11 18:50:13 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2012-12-11 18:46:02 -------- d-----w- C:\Riot Games 2012-12-11 18:02:24 -------- d-----w- C:\Users\jordan\AppData\Local\PMB Files 2012-12-11 18:02:23 -------- d-----w- C:\ProgramData\PMB Files 2012-12-11 18:01:17 -------- d-----w- C:\Users\jordan\.swt 2012-12-09 19:30:40 -------- d-----w- C:\Users\jordan\AppData\Local\Red 5 Studios 2012-12-09 17:46:18 -------- d-----w- C:\Program Files (x86)\Xiph.Org 2012-12-09 17:46:12 -------- d--h--w- C:\Windows\msdownld.tmp 2012-12-09 17:46:11 -------- d-----w- C:\Windows\SysWow64\directx 2012-12-09 17:45:27 -------- d-----w- C:\Program Files (x86)\Red 5 Studios . ==================== Find3M ==================== . 2012-11-29 23:06:06 80736 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-29 23:06:06 695648 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-11-29 20:11:19 468144 ----a-w- C:\Windows\System32\drivers\aswnet.sys 2012-11-28 22:54:33 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-28 22:54:30 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-11-28 22:54:30 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll 2012-11-27 08:52:58 595456 ----a-w- C:\Windows\SysWow64\tsccvid64.dll 2012-11-27 08:52:58 571392 ----a-w- C:\Windows\SysWow64\tsccvid.dll 2012-11-26 18:20:50 270848 ----a-w- C:\Windows\SysWow64\tsc2_codec64.dll 2012-11-26 18:20:50 234496 ----a-w- C:\Windows\SysWow64\tsc2_codec32.dll 2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll 2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll 2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll 2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll 2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL 2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL 2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys 2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll 2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll 2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll 2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll 2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll 2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll 2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll 2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll 2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll 2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll 2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll 2012-11-06 07:52:07 445160 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2012-11-06 07:52:04 277736 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2012-11-06 07:36:23 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys 2012-11-06 07:36:14 96488 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys 2012-11-06 07:35:34 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2012-11-06 07:35:31 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2012-11-06 07:33:46 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll 2012-11-06 07:33:46 253512 ----a-w- C:\Windows\System32\audiodg.exe 2012-11-06 07:33:45 490064 ----a-w- C:\Windows\System32\AudioEng.dll 2012-11-06 07:33:45 447792 ----a-w- C:\Windows\System32\AudioSes.dll 2012-11-06 07:33:30 1566432 ----a-w- C:\Windows\System32\ole32.dll 2012-11-06 05:00:06 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll 2012-11-06 05:00:06 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll 2012-11-06 05:00:06 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll 2012-11-06 04:54:13 2205696 ----a-w- C:\Windows\SysWow64\PrintConfig.dll 2012-11-06 04:48:27 1150160 ----a-w- C:\Windows\SysWow64\ole32.dll 2012-11-06 04:19:59 470016 ----a-w- C:\Windows\System32\wlanmsm.dll 2012-11-06 04:18:58 84992 ----a-w- C:\Windows\SysWow64\fdWCN.dll 2012-11-06 04:17:58 110080 ----a-w- C:\Windows\System32\dafWCN.dll 2012-11-06 04:17:44 718848 ----a-w- C:\Windows\System32\BFE.DLL 2012-11-06 04:17:43 2302464 ----a-w- C:\Windows\System32\authui.dll 2012-11-06 04:17:42 785920 ----a-w- C:\Windows\System32\audiosrv.dll 2012-11-06 04:17:41 169472 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll 2012-11-06 04:17:35 2146816 ----a-w- C:\Windows\System32\actxprxy.dll 2012-11-06 04:17:33 322560 ----a-w- C:\Windows\System32\aaclient.dll 2012-11-06 04:17:32 212992 ----a-w- C:\Windows\System32\bthprops.cpl 2012-11-06 04:00:44 99328 ----a-w- C:\Windows\System32\wushareduxresources.dll 2012-11-06 04:00:17 16384 ----a-w- C:\Windows\System32\iscsilog.dll 2012-11-06 03:58:53 9728 ----a-w- C:\Windows\System32\wlanhlp.dll 2012-11-06 03:56:35 9728 ----a-w- C:\Windows\SysWow64\wlanhlp.dll 2012-11-06 03:55:44 22528 ----a-w- C:\Windows\System32\drivers\fxppm.sys 2012-11-06 03:55:09 212992 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2012-11-06 03:55:02 90624 ----a-w- C:\Windows\System32\drivers\amdk8.sys 2012-11-06 03:55:02 89088 ----a-w- C:\Windows\System32\drivers\intelppm.sys 2012-11-06 03:55:02 88064 ----a-w- C:\Windows\System32\drivers\amdppm.sys 2012-11-06 03:55:02 87552 ----a-w- C:\Windows\System32\drivers\processr.sys 2012-11-06 03:54:40 74752 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2012-11-06 03:54:09 859136 ----a-w- C:\Windows\System32\drivers\http.sys 2012-11-06 03:53:56 51712 ----a-w- C:\Windows\System32\drivers\bthenum.sys 2012-11-06 03:53:44 560640 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-11-06 03:53:12 1171968 ----a-w- C:\Windows\System32\drivers\bthport.sys 2012-11-06 03:52:49 366080 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2012-11-06 03:51:47 665600 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-03 05:26:40 34816 ----a-w- C:\Windows\System32\dpnsvr.exe 2012-11-03 05:26:12 32256 ----a-w- C:\Windows\SysWow64\dpnsvr.exe 2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhupnp.dll 2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhpast.dll 2012-11-03 05:24:34 58880 ----a-w- C:\Windows\SysWow64\dpnathlp.dll 2012-11-03 05:24:34 375808 ----a-w- C:\Windows\SysWow64\dpnet.dll 2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhupnp.dll 2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhpast.dll 2012-11-03 05:24:11 67584 ----a-w- C:\Windows\System32\dpnathlp.dll 2012-11-03 05:24:11 463872 ----a-w- C:\Windows\System32\dpnet.dll 2012-11-03 05:04:21 4096 ----a-w- C:\Windows\System32\dpnlobby.dll 2012-11-03 05:04:19 3584 ----a-w- C:\Windows\System32\dpnaddr.dll 2012-11-03 05:00:54 3072 ----a-w- C:\Windows\SysWow64\dpnlobby.dll 2012-11-03 05:00:53 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll 2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr . ============= FINISH: 22:49:52.19 ===============
-
DDS: DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Boot Device: \Device\HarddiskVolume3 Install Date: 28/11/2012 18:12:13 System Uptime: 07/01/2013 20:33:23 (2 hours ago) . Motherboard: Acer | | VA50_HC_CR Processor: Intel® Core i7-3630QM CPU @ 2.40GHz | U3E1 | 1200/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 675 GiB total, 308.448 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Description: Bluetooth USB Module Device ID: USB\VID_0489&PID_E04E\6&226C637B&0&1 Manufacturer: Qualcomm Atheros Communications Name: Bluetooth USB Module PNP Device ID: USB\VID_0489&PID_E04E\6&226C637B&0&1 Service: BTHUSB . ==== System Restore Points =================== . RP2: 06/01/2013 01:12:40 - Scheduled Checkpoint . ==== Installed Programs ====================== . clear.fi SDK- Movie 2 clear.fi SDK - Video 2 Acer Backup Manager Acer Device Fast-lane Acer Instant Update Service Acer Power Management Acer Recovery Management AcerCloud AcerCloud Docs Adobe AIR Adobe Download Assistant Adobe Photoshop CS6 Agatha Christie - Death on the Nile Akamai NetSession Interface Aloha TriPeaks Audacity 2.0.2 Autodesk 3ds Max Design 2013 64-bit Autodesk Backburner 2013.0.0 Autodesk Civil View for 3ds Max Design 2013 Autodesk DirectConnect 2013 64-bit Autodesk Download Manager Autodesk Essential Skills Movies for 3ds Max Design 2013 64-bit Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013 64-bit Autodesk Inventor Server Engine for 3ds Max Design 2013 64-bit Autodesk Material Library 2013 Autodesk Material Library Base Resolution Image Library 2013 Autodesk Material Library Medium Resolution Image Library 2013 Autodesk Network License Manager Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit avast! Free Antivirus Backup Manager v4 Bejeweled 3 Broadcom Card Reader Driver Installer Camtasia Studio 8 Cave Story+ CCleaner clear.fi Media clear.fi Photo Composite 2013 64-bit CyberLink MediaEspresso 6.5 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Delicious: Emily's True Love Premium Edition Dolby Home Theater v4 Dropbox eBay Worldwide ETDWare PS/2-X64 11.6.4.001_WHQL Far Cry® 3 FileZilla Client 3.6.0.2 Final Drive: Nitro Fraps (remove only) Garry's Mod Google Chrome Google Update Helper Governor of Poker 2 Premium Edition HyperCam 2 Identity Card Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® Trusted Connect Service Client Island Tribe Java 7 Update 9 Java Auto Updater Jewel Match 3 John Deere Drive Green Launch Manager League of Legends Live Updater Magic Academy Malwarebytes Anti-Malware version 1.70.0.1100 Metro 2033 Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Movie Maker MSVCRT MSVCRT Redists MSVCRT110 MSVCRT110_amd64 MyWinLocker MyWinLocker 4 MyWinLocker Suite Norton Online Backup Norton Online Backup ARA NTI Media Maker 9 NVIDIA Control Panel 306.97 NVIDIA Graphics Driver 306.97 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA PhysX NVIDIA PhysX System Software 9.12.0613 NVIDIA Update 1.10.8 NVIDIA Update Components Office Addin Orcs Must Die! Orcs Must Die! 2 Pando Media Booster PDF Settings CS6 Penguins! Photo Common Photo Gallery PlanetSide 2 Plants vs. Zombies - Game of the Year Polar Bowler Portal Portal 2 PunkBuster Services puush Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros WiFi Driver Installation Realtek High Definition Audio Driver Sandboxie 3.76 (64-bit) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Shared C Run-time for x64 Shredder Sid Meier's Civilization V Skype Click to Call Skype™ 6.0 Sony Vegas Pro 8.0 Spotify Steam System Requirements Lab CYRI Tales of Lagoona Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update Installer for WildTangent Games App Uplay Vegas Pro 12.0 (64-bit) Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) WildTangent Games WildTangent Games App Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 4.20 (32-bit) World of Warcraft Xiph.Org Open Codecs 0.85.17777 Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 07/01/2013 20:36:14, Error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The system cannot find the file specified. 07/01/2013 20:36:14, Error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The system cannot find the file specified. 07/01/2013 20:34:56, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 07/01/2013 20:34:56, Error: Service Control Manager [7024] - 07/01/2013 20:34:07, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The system cannot find the file specified. 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9000000024417. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x8000000027dce. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x60000000471df. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x4000000033aeb. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000033649. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000024f5f. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000024e86. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x30000000224dd. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x30000000224c4. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2e000000033a80. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003a8cc. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000336f9. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003356b. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003353e. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000025255. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000024d4c. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000002403a. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000002267d. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000224cd. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000001d3fa. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1b000000027a6f. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000003cb01. The name of the file is "<unable to determine file name>". 07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x10000000224bd. The name of the file is "<unable to determine file name>". . ==== End Of File ===========================