JDM521

Hi Gringo, Thank you so much for the advice and help. I have no other questions at this stage so feel free to close the thread. Thanks.

Hi Gringo Copy of report below. C:\$RECYCLE.BIN\S-1-5-21-825500813-2040206905-2132996130-1120\$R6FF715.exe Win32/OpenCandy application

Hi Gringo. No problems encountered. Computer is running well. Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.11.17.05 Windows 8 x64 NTFSInternet Explorer 10.0.9200.16736DarynSpilsbury :: DARYN-PC [administrator] 18/11/2013 7:05:51 AMmbam-log-2013-11-18 (07-05-51).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 276477Time elapsed: 2 minute(s), 3 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1C:\Users\darynspilsbury\Downloads\winamp565_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. (end) Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:12:00 AM, on 18/11/2013Platform: Unknown Windows (WinNT 6.02.1008)MSIE: Unable to get Internet Explorer version!Boot mode: Normal Running processes:C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exeC:\Program Files (x86)\MiniBin\MiniBin.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Users\darynspilsbury\Desktop\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKLM\..\Run: [MiniBin] C:\Program Files (x86)\MiniBin\MiniBin.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Wieland.localO17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Wieland.localO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLLO20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dllO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 6360 bytes

Hi Gringo. Combofix report below. No problems encountered. Computer is running well. ComboFix 13-11-12.01 - DarynSpilsbury 15/11/2013 12:42:56.2.4 - x64Microsoft Windows 8 Pro 6.2.9200.0.1252.61.2057.18.7889.6279 [GMT 10:00]Running from: c:\users\darynspilsbury\Desktop\ComboFix.exeCommand switches used :: c:\users\darynspilsbury\Desktop\CFScript.txtAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2013-10-15 to 2013-11-15 )))))))))))))))))))))))))))))))..2013-11-15 02:46 . 2013-11-15 02:46 -------- d-----w- c:\users\Default\AppData\Local\temp2013-11-14 23:46 . 2009-09-04 07:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll2013-11-14 23:46 . 2006-09-28 06:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll2013-11-14 23:46 . 2013-11-14 23:46 -------- d-----w- c:\program files (x86)\Winamp Detect2013-11-14 23:46 . 2013-11-14 23:46 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine2013-11-14 23:46 . 2013-11-14 23:46 -------- d-----w- c:\program files (x86)\Winamp2013-11-14 23:14 . 2013-11-14 23:14 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-14 23:14 . 2013-11-14 23:14 -------- d-----w- c:\program files\iTunes2013-11-14 23:14 . 2013-11-14 23:14 -------- d-----w- c:\program files (x86)\iTunes2013-11-14 23:14 . 2013-11-14 23:14 -------- d-----w- c:\program files\iPod2013-11-14 05:39 . 2013-11-14 05:39 -------- d-----w- c:\windows\ERUNT2013-11-14 05:35 . 2013-11-14 05:36 -------- d-----w- C:\AdwCleaner2013-11-14 01:25 . 2013-11-14 01:25 300720 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10225.bin2013-11-13 22:44 . 2013-11-13 22:44 -------- d-----w- c:\programdata\Malwarebytes2013-11-13 22:44 . 2013-11-13 22:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-11-13 22:44 . 2013-04-04 04:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-11-13 21:07 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys2013-11-12 01:07 . 2013-11-12 01:07 -------- d-----w- c:\program files\TeraCopy2013-11-11 04:45 . 2013-11-11 04:48 -------- d-----w- c:\users\guardian2013-11-11 04:44 . 2013-11-13 23:05 -------- d-----w- c:\users\darynspilsbury2013-11-11 02:32 . 2013-11-11 02:35 -------- d-----w- c:\program files\Common Files\Autodesk Shared2013-11-11 02:32 . 2013-11-11 02:32 -------- d-----w- c:\program files (x86)\Autodesk2013-11-11 02:31 . 2013-11-11 02:35 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared2013-11-11 00:51 . 2013-11-11 00:51 -------- d-----w- c:\program files\7-Zip2013-11-08 01:35 . 2013-11-08 01:35 -------- d-----w- c:\program files (x86)\iMobie2013-11-07 20:36 . 2013-07-19 22:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-11-07 20:36 . 2013-07-19 22:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll2013-11-06 23:09 . 2013-11-06 23:13 -------- d-----w- c:\programdata\FLEXnet2013-11-06 23:04 . 2013-11-06 23:04 -------- d-----w- c:\program files\Common Files\Macrovision Shared2013-11-06 23:02 . 2013-11-11 02:34 -------- d-----w- c:\program files\Autodesk2013-11-06 23:01 . 2010-05-26 01:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll2013-11-06 23:01 . 2010-05-26 01:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll2013-11-06 23:01 . 2010-05-26 01:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll2013-11-06 23:01 . 2010-05-26 01:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll2013-11-06 23:01 . 2010-05-26 01:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll2013-11-06 23:01 . 2010-05-26 01:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll2013-11-06 23:01 . 2010-05-26 01:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll2013-11-06 23:01 . 2010-05-26 01:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll2013-11-06 23:01 . 2006-03-31 02:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll2013-11-06 22:58 . 2013-11-06 22:58 -------- d-----w- c:\program files (x86)\Reference Assemblies2013-11-06 22:58 . 2013-11-06 22:58 -------- d-----w- c:\program files (x86)\MSBuild2013-11-06 22:57 . 2013-11-06 22:57 -------- d-----w- c:\program files\Reference Assemblies2013-11-06 22:57 . 2013-11-06 22:57 -------- d-----w- c:\program files\MSBuild2013-11-06 22:56 . 2012-07-06 02:02 778856 ----a-w- c:\windows\SysWow64\PresentationNative_v0300.dll2013-11-06 22:56 . 2012-07-06 02:02 35400 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe2013-11-06 22:56 . 2012-07-06 02:02 35400 ----a-w- c:\windows\system32\TsWpfWrp.exe2013-11-06 22:56 . 2012-07-06 02:02 1166440 ----a-w- c:\windows\system32\PresentationNative_v0300.dll2013-11-06 22:46 . 2013-11-11 02:35 -------- d-----w- c:\programdata\Autodesk2013-11-06 22:22 . 2013-11-06 22:22 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information2013-11-06 22:22 . 2013-11-06 22:22 -------- d-----w- c:\program files (x86)\Ricoh2013-11-06 22:22 . 2012-09-21 03:35 106496 ----a-w- c:\windows\system32\drivers\risdxc64.sys2013-11-06 22:22 . 2009-05-28 08:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll2013-11-06 22:22 . 2009-05-28 08:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll2013-11-06 22:16 . 2013-11-06 22:16 -------- d-----w- c:\program files (x86)\SystemRequirementsLab2013-11-06 21:20 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll2013-11-06 21:19 . 2013-11-06 21:19 -------- d-----w- c:\program files (x86)\Foxit Software2013-11-06 21:19 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll2013-11-06 21:19 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll2013-11-06 21:19 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll2013-11-06 21:19 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll2013-11-06 21:19 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll2013-11-06 21:19 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll2013-11-06 21:19 . 2012-09-20 07:55 3265256 ----a-w- c:\windows\system32\drivers\evbda.sys2013-11-06 21:17 . 2012-11-06 04:19 710656 ----a-w- c:\windows\system32\winhttp.dll2013-11-06 21:16 . 2013-07-03 00:22 2839552 ----a-w- c:\windows\system32\msftedit.dll2013-11-06 21:05 . 2013-11-05 22:58 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-06 17:14 . 2013-11-13 21:09 -------- d-----w- c:\windows\system32\MRT2013-11-06 11:31 . 2013-11-07 05:59 -------- d-----w- c:\windows\Panther2013-11-06 05:11 . 2013-11-06 05:11 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center2013-11-06 05:01 . 2013-01-09 23:26 1611776 ----a-w- c:\windows\SysWow64\mmc.exe2013-11-06 04:57 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll2013-11-06 04:57 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll2013-11-06 04:45 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys2013-11-06 04:45 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys2013-11-06 04:45 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys2013-11-06 04:45 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys2013-11-06 04:43 . 2013-04-28 22:28 915968 ----a-w- c:\windows\system32\uxtheme.dll2013-11-06 04:40 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll2013-11-06 04:40 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll2013-11-06 04:40 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe2013-11-06 04:40 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe2013-11-06 04:40 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll2013-11-06 04:40 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll2013-11-06 04:38 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2013-11-06 04:38 . 2012-10-06 04:53 2893824 ----a-w- c:\windows\system32\msmpeg2vdec.dll2013-11-06 04:38 . 2012-10-06 04:15 2400256 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll2013-11-06 04:38 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll2013-11-06 04:38 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll2013-11-06 04:36 . 2013-02-02 08:23 830464 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll2013-11-06 04:35 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll2013-11-06 04:34 . 2013-04-27 05:20 733184 ----a-w- c:\windows\system32\win32spl.dll2013-11-06 04:34 . 2013-07-02 01:41 337752 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS2013-11-06 04:34 . 2013-07-02 01:41 213336 ----a-w- c:\windows\system32\drivers\UCX01000.SYS2013-11-06 04:33 . 2013-11-06 16:33 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys2013-11-06 04:33 . 2013-11-06 04:33 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-11-06 04:33 . 2013-11-06 04:33 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-11-06 04:33 . 2013-11-06 04:33 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-11-06 04:33 . 2013-11-06 04:33 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-11-06 04:33 . 2013-11-06 04:33 334648 ----a-w- c:\windows\system32\aswBoot.exe2013-11-06 04:33 . 2013-11-06 04:33 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-11-06 04:33 . 2013-11-06 04:33 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-11-06 04:33 . 2013-11-06 04:33 43152 ----a-w- c:\windows\avastSS.scr2013-11-06 04:33 . 2013-11-06 04:33 -------- d-----w- c:\program files\AVAST Software2013-11-06 04:33 . 2013-11-06 04:33 -------- d-----w- c:\programdata\AVAST Software2013-11-06 04:31 . 2013-04-09 04:51 14267904 ----a-w- c:\windows\system32\wmp.dll2013-11-06 04:27 . 2013-11-06 04:27 -------- d-----w- c:\programdata\Oracle2013-11-06 04:27 . 2013-11-06 04:27 -------- d-----w- c:\program files (x86)\Common Files\Java2013-11-06 04:27 . 2013-11-06 04:27 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-11-06 04:27 . 2013-11-06 04:27 -------- d-----w- c:\program files (x86)\Java2013-11-06 03:53 . 2013-11-06 03:53 -------- d-----w- c:\program files (x86)\MiniBin2013-11-06 03:32 . 2013-11-11 04:37 -------- d-----w- C:\Outlook Files2013-11-06 03:09 . 2013-11-06 04:46 -------- d-----w- c:\windows\SysWow64\NV2013-11-06 03:09 . 2013-11-06 04:46 -------- d-----w- c:\windows\system32\NV2013-11-06 03:08 . 2013-11-06 03:08 -------- d-----w- c:\programdata\Intel2013-11-06 03:07 . 2012-08-27 06:49 276288 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe2013-11-06 03:07 . 2012-08-27 06:49 170304 ----a-w- c:\windows\system32\igfxtray.exe2013-11-06 03:07 . 2012-08-27 06:49 509248 ----a-w- c:\windows\system32\igfxsrvc.exe2013-11-06 03:07 . 2012-08-27 06:49 441152 ----a-w- c:\windows\system32\igfxpers.exe2013-11-06 03:07 . 2012-08-27 06:49 251712 ----a-w- c:\windows\system32\igfxext.exe2013-11-06 03:07 . 2012-08-27 06:49 398656 ----a-w- c:\windows\system32\hkcmd.exe2013-11-06 03:07 . 2013-11-06 03:07 -------- d-----w- C:\DRIVERS2013-11-06 03:07 . 2012-08-27 06:49 5899072 ----a-w- c:\windows\system32\GfxUI.exe2013-11-06 03:07 . 2012-08-27 06:49 184640 ----a-w- c:\windows\system32\difx64.exe2013-11-06 02:59 . 2013-11-06 02:59 -------- dc----w- c:\windows\system32\DRVSTORE2013-11-06 02:59 . 2012-08-21 02:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys..(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-11-06 01:36 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-09-05 00:12 . 2013-09-05 00:12 66344 ----a-w- c:\windows\system32\ibmpmsvc.exe2013-09-05 00:12 . 2013-09-05 00:12 60712 ----a-w- c:\windows\system32\ibmpmctl.exe2013-09-05 00:12 . 2013-09-05 00:12 54528 ----a-w- c:\windows\system32\drivers\ibmpmdrv.sys2013-09-05 00:12 . 2013-09-05 00:12 40232 ----a-w- c:\windows\system32\tpinspm.dll2013-09-04 07:12 . 2013-09-04 07:12 2252504 ----a-w- c:\windows\system32\BtwRSupportService.exe2013-09-04 07:12 . 2013-09-04 07:12 66264 ----a-w- c:\windows\system32\btwdi.dll2013-09-04 07:12 . 2013-09-04 07:12 2232024 ----a-w- c:\windows\system32\BcmBtRSupport.dll2013-09-04 07:12 . 2013-09-04 07:12 166104 ----a-w- c:\windows\system32\drivers\btwampfl.sys2013-09-04 07:12 . 2013-09-04 07:12 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys2013-08-30 17:02 . 2013-08-30 17:02 3345376 ----a-w- c:\windows\system32\drivers\NETwew00.sys2013-08-19 21:02 . 2013-08-19 21:02 204568 ----a-w- c:\windows\system32\drivers\ssudmdm.sys2013-08-19 21:02 . 2013-08-19 21:02 103576 ----a-w- c:\windows\system32\drivers\ssudbus.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]"MiniBin"="c:\program files (x86)\MiniBin\MiniBin.exe" [2013-10-11 69632]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-01 254336]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-06 3568312]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"PromptOnSecureDesktop"= 0 (0x0)"ConsentPromptBehaviorAdmin"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"EnableCursorSuppression"= 1 (0x1)"ConsentPromptBehaviorUser"= 3 (0x3).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1)"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll.R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]R3 ivusb;Initio Driver for USB Default Controller;c:\windows\System32\drivers\ivusb.sys;c:\windows\SYSNATIVE\drivers\ivusb.sys [x]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]R4 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]R4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]R4 L4301_Solar;Logitech Solar Keyboard Service;c:\program files\Logitech\SolarApp\L4301_Solar.exe;c:\program files\Logitech\SolarApp\L4301_Solar.exe [x]R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]S2 StartMenuService;StartMenu8 Service;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe [x]S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\System32\drivers\dc3d.sys;c:\windows\SYSNATIVE\drivers\dc3d.sys [x]S3 NETwNe64;@oem24.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\System32\drivers\point64.sys;c:\windows\SYSNATIVE\drivers\point64.sys [x]S3 risdxc;risdxc;c:\windows\System32\drivers\risdxc64.sys;c:\windows\SYSNATIVE\drivers\risdxc64.sys [x]S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-11-13 21:24 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.48\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 02:32].2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 02:32]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]2013-11-07 01:17 2328264 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]2013-11-07 01:17 2328264 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]2013-11-07 01:17 2328264 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-11-06 04:33 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-02-27 2041192]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-27 170304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-27 398656]"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-27 441152]"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=c:\windows\System32\nvinitx.dll.------- Supplementary Scan -------.IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105TCP: DhcpNameServer = 192.168.1.10 192.168.1.1.- - - - ORPHANS REMOVED - - - -.ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone)@SACL=(02 0000).Completion time: 2013-11-15 12:47:37ComboFix-quarantined-files.txt 2013-11-15 02:47ComboFix2.txt 2013-11-14 20:46.Pre-Run: 391,613,374,464 bytes freePost-Run: 391,312,244,736 bytes free.- - End Of File - - ECD11430AC1D3DF131498333ABE67812A36C5E4F47E84449FF07ED3517B43A31

Computer is running good. Log from Combofix below: ComboFix 13-11-12.01 - DarynSpilsbury 15/11/2013 6:37.1.4 - x64Microsoft Windows 8 Pro 6.2.9200.0.1252.61.2057.18.7889.6192 [GMT 10:00]Running from: c:\users\darynspilsbury\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\SysWow64\FlashPlayerApp.exeF:\Autorun.inf..((((((((((((((((((((((((( Files Created from 2013-10-14 to 2013-11-14 )))))))))))))))))))))))))))))))..2013-11-14 20:44 . 2013-11-14 20:44 -------- d-----w- c:\users\Default\AppData\Local\temp2013-11-14 05:39 . 2013-11-14 05:39 -------- d-----w- c:\windows\ERUNT2013-11-14 05:35 . 2013-11-14 05:36 -------- d-----w- C:\AdwCleaner2013-11-14 01:25 . 2013-11-14 01:25 300720 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10225.bin2013-11-13 22:44 . 2013-11-13 22:44 -------- d-----w- c:\programdata\Malwarebytes2013-11-13 22:44 . 2013-11-13 22:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-11-13 22:44 . 2013-04-04 04:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-11-13 21:07 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys2013-11-12 01:07 . 2013-11-12 01:07 -------- d-----w- c:\program files\TeraCopy2013-11-11 04:45 . 2013-11-11 04:48 -------- d-----w- c:\users\guardian2013-11-11 04:44 . 2013-11-13 23:05 -------- d-----w- c:\users\darynspilsbury2013-11-11 02:32 . 2013-11-11 02:35 -------- d-----w- c:\program files\Common Files\Autodesk Shared2013-11-11 02:32 . 2013-11-11 02:32 -------- d-----w- c:\program files (x86)\Autodesk2013-11-11 02:31 . 2013-11-11 02:35 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared2013-11-11 00:51 . 2013-11-11 00:51 -------- d-----w- c:\program files\7-Zip2013-11-08 01:35 . 2013-11-08 01:35 -------- d-----w- c:\program files (x86)\iMobie2013-11-07 20:36 . 2013-07-19 22:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-11-07 20:36 . 2013-07-19 22:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll2013-11-06 23:09 . 2013-11-06 23:13 -------- d-----w- c:\programdata\FLEXnet2013-11-06 23:04 . 2013-11-06 23:04 -------- d-----w- c:\program files\Common Files\Macrovision Shared2013-11-06 23:02 . 2013-11-11 02:34 -------- d-----w- c:\program files\Autodesk2013-11-06 23:01 . 2010-05-26 01:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll2013-11-06 23:01 . 2010-05-26 01:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll2013-11-06 23:01 . 2010-05-26 01:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll2013-11-06 23:01 . 2010-05-26 01:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll2013-11-06 23:01 . 2010-05-26 01:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll2013-11-06 23:01 . 2010-05-26 01:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll2013-11-06 23:01 . 2010-05-26 01:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll2013-11-06 23:01 . 2010-05-26 01:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll2013-11-06 23:01 . 2006-03-31 02:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll2013-11-06 22:58 . 2013-11-06 22:58 -------- d-----w- c:\program files (x86)\Reference Assemblies2013-11-06 22:58 . 2013-11-06 22:58 -------- d-----w- c:\program files (x86)\MSBuild2013-11-06 22:57 . 2013-11-06 22:57 -------- d-----w- c:\program files\Reference Assemblies2013-11-06 22:57 . 2013-11-06 22:57 -------- d-----w- c:\program files\MSBuild2013-11-06 22:56 . 2012-07-06 02:02 778856 ----a-w- c:\windows\SysWow64\PresentationNative_v0300.dll2013-11-06 22:56 . 2012-07-06 02:02 35400 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe2013-11-06 22:56 . 2012-07-06 02:02 35400 ----a-w- c:\windows\system32\TsWpfWrp.exe2013-11-06 22:56 . 2012-07-06 02:02 1166440 ----a-w- c:\windows\system32\PresentationNative_v0300.dll2013-11-06 22:46 . 2013-11-11 02:35 -------- d-----w- c:\programdata\Autodesk2013-11-06 22:22 . 2013-11-06 22:22 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information2013-11-06 22:22 . 2013-11-06 22:22 -------- d-----w- c:\program files (x86)\Ricoh2013-11-06 22:22 . 2012-09-21 03:35 106496 ----a-w- c:\windows\system32\drivers\risdxc64.sys2013-11-06 22:22 . 2009-05-28 08:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll2013-11-06 22:22 . 2009-05-28 08:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll2013-11-06 22:16 . 2013-11-06 22:16 -------- d-----w- c:\program files (x86)\SystemRequirementsLab2013-11-06 21:20 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll2013-11-06 21:19 . 2013-11-06 21:19 -------- d-----w- c:\program files (x86)\Foxit Software2013-11-06 21:19 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll2013-11-06 21:19 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll2013-11-06 21:19 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll2013-11-06 21:19 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll2013-11-06 21:19 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll2013-11-06 21:19 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll2013-11-06 21:19 . 2012-09-20 07:55 3265256 ----a-w- c:\windows\system32\drivers\evbda.sys2013-11-06 21:17 . 2012-11-06 04:19 710656 ----a-w- c:\windows\system32\winhttp.dll2013-11-06 21:16 . 2013-07-03 00:22 2839552 ----a-w- c:\windows\system32\msftedit.dll2013-11-06 21:05 . 2013-11-05 22:58 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-06 17:14 . 2013-11-13 21:09 -------- d-----w- c:\windows\system32\MRT2013-11-06 11:31 . 2013-11-07 05:59 -------- d-----w- c:\windows\Panther2013-11-06 05:11 . 2013-11-06 05:11 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center2013-11-06 05:01 . 2013-01-09 23:26 1611776 ----a-w- c:\windows\SysWow64\mmc.exe2013-11-06 04:57 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll2013-11-06 04:57 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll2013-11-06 04:45 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys2013-11-06 04:45 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys2013-11-06 04:45 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys2013-11-06 04:45 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys2013-11-06 04:43 . 2013-04-28 22:28 915968 ----a-w- c:\windows\system32\uxtheme.dll2013-11-06 04:40 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll2013-11-06 04:40 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll2013-11-06 04:40 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe2013-11-06 04:40 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe2013-11-06 04:40 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll2013-11-06 04:40 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll2013-11-06 04:38 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2013-11-06 04:38 . 2012-10-06 04:53 2893824 ----a-w- c:\windows\system32\msmpeg2vdec.dll2013-11-06 04:38 . 2012-10-06 04:15 2400256 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll2013-11-06 04:38 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll2013-11-06 04:38 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll2013-11-06 04:36 . 2013-02-02 08:23 830464 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll2013-11-06 04:35 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll2013-11-06 04:34 . 2013-04-27 05:20 733184 ----a-w- c:\windows\system32\win32spl.dll2013-11-06 04:34 . 2013-07-02 01:41 337752 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS2013-11-06 04:34 . 2013-07-02 01:41 213336 ----a-w- c:\windows\system32\drivers\UCX01000.SYS2013-11-06 04:33 . 2013-11-06 16:33 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys2013-11-06 04:33 . 2013-11-06 04:33 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-11-06 04:33 . 2013-11-06 04:33 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-11-06 04:33 . 2013-11-06 04:33 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-11-06 04:33 . 2013-11-06 04:33 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-11-06 04:33 . 2013-11-06 04:33 334648 ----a-w- c:\windows\system32\aswBoot.exe2013-11-06 04:33 . 2013-11-06 04:33 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-11-06 04:33 . 2013-11-06 04:33 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-11-06 04:33 . 2013-11-06 04:33 43152 ----a-w- c:\windows\avastSS.scr2013-11-06 04:33 . 2013-11-06 04:33 -------- d-----w- c:\program files\AVAST Software2013-11-06 04:33 . 2013-11-06 04:33 -------- d-----w- c:\programdata\AVAST Software2013-11-06 04:31 . 2013-04-09 04:51 14267904 ----a-w- c:\windows\system32\wmp.dll2013-11-06 04:27 . 2013-11-06 04:27 -------- d-----w- c:\programdata\Oracle2013-11-06 04:27 . 2013-11-06 04:27 -------- d-----w- c:\program files (x86)\Common Files\Java2013-11-06 04:27 . 2013-11-06 04:27 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-11-06 04:27 . 2013-11-06 04:27 -------- d-----w- c:\program files (x86)\Java2013-11-06 03:58 . 2013-11-06 03:58 -------- d-----w- c:\program files (x86)\foobar20002013-11-06 03:53 . 2013-11-06 03:53 -------- d-----w- c:\program files (x86)\MiniBin2013-11-06 03:45 . 2013-11-06 04:21 -------- d-----r- C:\Work2013-11-06 03:32 . 2013-11-11 04:37 -------- d-----w- C:\Outlook Files2013-11-06 03:09 . 2013-11-06 04:46 -------- d-----w- c:\windows\SysWow64\NV2013-11-06 03:09 . 2013-11-06 04:46 -------- d-----w- c:\windows\system32\NV2013-11-06 03:08 . 2013-11-06 03:08 -------- d-----w- c:\programdata\Intel2013-11-06 03:07 . 2012-08-27 06:49 276288 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe2013-11-06 03:07 . 2012-08-27 06:49 170304 ----a-w- c:\windows\system32\igfxtray.exe2013-11-06 03:07 . 2012-08-27 06:49 509248 ----a-w- c:\windows\system32\igfxsrvc.exe2013-11-06 03:07 . 2012-08-27 06:49 441152 ----a-w- c:\windows\system32\igfxpers.exe2013-11-06 03:07 . 2012-08-27 06:49 251712 ----a-w- c:\windows\system32\igfxext.exe2013-11-06 03:07 . 2012-08-27 06:49 398656 ----a-w- c:\windows\system32\hkcmd.exe2013-11-06 03:07 . 2013-11-06 03:07 -------- d-----w- C:\DRIVERS2013-11-06 03:07 . 2012-08-27 06:49 5899072 ----a-w- c:\windows\system32\GfxUI.exe2013-11-06 03:07 . 2012-08-27 06:49 184640 ----a-w- c:\windows\system32\difx64.exe2013-11-06 02:59 . 2013-11-06 02:59 -------- dc----w- c:\windows\system32\DRVSTORE2013-11-06 02:59 . 2012-08-21 02:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys2013-11-06 02:59 . 2013-11-06 02:59 -------- d-----w- c:\program files\iPod2013-11-06 02:59 . 2013-11-06 02:59 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-06 02:59 . 2013-11-06 02:59 -------- d-----w- c:\program files\iTunes2013-11-06 02:59 . 2013-11-06 02:59 -------- d-----w- c:\program files (x86)\iTunes2013-11-06 02:59 . 2013-11-06 02:59 -------- d-----w- c:\programdata\Apple Computer2013-11-06 02:59 . 2013-11-06 02:59 -------- d-----w- c:\program files (x86)\Apple Software Update2013-11-06 02:58 . 2013-11-06 02:58 -------- d-----w- c:\program files\Common Files\Apple..(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-11-06 01:36 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-09-05 00:12 . 2013-09-05 00:12 66344 ----a-w- c:\windows\system32\ibmpmsvc.exe2013-09-05 00:12 . 2013-09-05 00:12 60712 ----a-w- c:\windows\system32\ibmpmctl.exe2013-09-05 00:12 . 2013-09-05 00:12 54528 ----a-w- c:\windows\system32\drivers\ibmpmdrv.sys2013-09-05 00:12 . 2013-09-05 00:12 40232 ----a-w- c:\windows\system32\tpinspm.dll2013-09-04 07:12 . 2013-09-04 07:12 2252504 ----a-w- c:\windows\system32\BtwRSupportService.exe2013-09-04 07:12 . 2013-09-04 07:12 66264 ----a-w- c:\windows\system32\btwdi.dll2013-09-04 07:12 . 2013-09-04 07:12 2232024 ----a-w- c:\windows\system32\BcmBtRSupport.dll2013-09-04 07:12 . 2013-09-04 07:12 166104 ----a-w- c:\windows\system32\drivers\btwampfl.sys2013-09-04 07:12 . 2013-09-04 07:12 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys2013-08-30 17:02 . 2013-08-30 17:02 3345376 ----a-w- c:\windows\system32\drivers\NETwew00.sys2013-08-19 21:02 . 2013-08-19 21:02 204568 ----a-w- c:\windows\system32\drivers\ssudmdm.sys2013-08-19 21:02 . 2013-08-19 21:02 103576 ----a-w- c:\windows\system32\drivers\ssudbus.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]"MiniBin"="c:\program files (x86)\MiniBin\MiniBin.exe" [2013-10-11 69632]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-01 254336]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-06 3568312].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"PromptOnSecureDesktop"= 0 (0x0)"ConsentPromptBehaviorAdmin"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"EnableCursorSuppression"= 1 (0x1)"ConsentPromptBehaviorUser"= 3 (0x3).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1)"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll.R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]R3 ivusb;Initio Driver for USB Default Controller;c:\windows\System32\drivers\ivusb.sys;c:\windows\SYSNATIVE\drivers\ivusb.sys [x]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]R4 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]R4 L4301_Solar;Logitech Solar Keyboard Service;c:\program files\Logitech\SolarApp\L4301_Solar.exe;c:\program files\Logitech\SolarApp\L4301_Solar.exe [x]R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]S2 StartMenuService;StartMenu8 Service;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe;c:\program files (x86)\IObit\Start Menu 8\StartMenuServices.exe [x]S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\System32\drivers\dc3d.sys;c:\windows\SYSNATIVE\drivers\dc3d.sys [x]S3 NETwNe64;@oem24.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\System32\drivers\point64.sys;c:\windows\SYSNATIVE\drivers\point64.sys [x]S3 risdxc;risdxc;c:\windows\System32\drivers\risdxc64.sys;c:\windows\SYSNATIVE\drivers\risdxc64.sys [x]S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-11-13 21:24 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.48\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 02:32].2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 02:32]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]2013-11-07 01:17 2328264 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]2013-11-07 01:17 2328264 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]2013-11-07 01:17 2328264 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-11-06 04:33 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-02-27 2041192]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-27 170304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-27 398656]"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-27 441152]"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=c:\windows\System32\nvinitx.dll.------- Supplementary Scan -------.IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105TCP: DhcpNameServer = 192.168.1.10 192.168.1.1.- - - - ORPHANS REMOVED - - - -.ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone)@SACL=(02 0000).Completion time: 2013-11-15 06:46:25ComboFix-quarantined-files.txt 2013-11-14 20:46.Pre-Run: 368,459,530,240 bytes freePost-Run: 368,409,505,792 bytes free.- - End Of File - - 9C7BBCB8E34C5B571E3C591655039F07A36C5E4F47E84449FF07ED3517B43A31

# AdwCleaner v3.012 - Report created 14/11/2013 at 15:36:39 # Updated 11/11/2013 by Xplode # Operating System : Windows 8 Pro (64 bits) # Username : DarynSpilsbury - DARYN-PC # Running from : C:\Users\darynspilsbury\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\END ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Conduit ***** [ Browsers ] ***** -\\ Internet Explorer v0.0.0.0 -\\ Google Chrome v31.0.1650.48 [ File : C:\Users\darynspilsbury\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\darynspilsbury\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1149 octets] - [14/11/2013 15:35:28] AdwCleaner[s0].txt - [837 octets] - [14/11/2013 15:36:39] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [896 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 8 Pro x64 Ran by DarynSpilsbury on Thu 14/11/2013 at 15:39:52.81 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-825500813-2040206905-2132996130-1120\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 14/11/2013 at 15:45:24.66 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thank you Gringo. Copy of reports below. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: BrowserJavaVersion: 10.45.2 Run by DarynSpilsbury at 13:36:01 on 2013-11-14 Microsoft Windows 8 Pro 6.2.9200.0.1252.61.2057.18.7889.6440 [GMT 10:00] . AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\dwm.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe C:\Windows\system32\dashost.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhostex.exe c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\MiniBin\MiniBin.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\foobar2000\foobar2000.exe C:\Program Files\Microsoft Office 15\root\office15\outlook.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [MiniBin] C:\Program Files (x86)\MiniBin\MiniBin.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll TCP: Interfaces\{694F2018-EA84-4BAA-A982-91FC7D28C757} : DHCPNameServer = 192.168.1.10 192.168.1.1 TCP: Interfaces\{91F8DAC1-5556-4383-ABBB-683EDDCAD600} : DHCPNameServer = 192.168.1.1 Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe x64-mPolicies-System: PromptOnSecureDesktop = dword:0 x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-11-6 65776] R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-11-6 205320] R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-2-28 30496] R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-11-6 1032416] R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswsp.sys [2013-11-6 409832] R1 nvkflt;nvkflt;C:\Windows\System32\Drivers\nvkflt.sys [2013-2-28 284448] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-11-6 38984] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-11-6 84328] R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-6 50344] R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-6 1907896] R2 StartMenuService;StartMenu8 Service;C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2013-11-6 75584] R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\Drivers\bcbtums.sys [2013-9-4 170712] R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752] R3 NETwNe64;@oem24.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2013-8-31 3345376] R3 risdxc;risdxc;C:\Windows\System32\Drivers\risdxc64.sys [2013-11-7 106496] R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656] S3 btwampfl;btwampfl;C:\Windows\System32\Drivers\btwampfl.sys [2013-9-4 166104] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-8-20 103576] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-7 1432400] S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\Drivers\ivusb.sys [2010-7-29 29720] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-8-20 204568] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248] S4 BcmBtRSupport;Bluetooth Radio Control Service;C:\Windows\System32\BtwRSupportService.exe [2013-9-4 2252504] S4 L4301_Solar;Logitech Solar Keyboard Service;C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-1-31 405744] S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-10 383264] . =============== Created Last 30 ================ . 2013-11-14 01:25:03 300720 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10225.bin 2013-11-13 23:05:25 -------- d-----w- C:\Users\darynspilsbury\.swt 2013-11-13 23:04:51 -------- d-----w- C:\Users\darynspilsbury\AppData\Roaming\Azureus 2013-11-13 22:45:26 -------- d-----w- C:\Users\darynspilsbury\AppData\Roaming\Malwarebytes 2013-11-13 22:44:25 -------- d-----w- C:\ProgramData\Malwarebytes 2013-11-13 22:44:24 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-11-13 22:44:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-13 22:44:12 -------- d-----w- C:\Users\darynspilsbury\AppData\Local\Programs 2013-11-13 21:21:04 -------- d-----w- C:\Users\darynspilsbury\AppData\Local\Adobe 2013-11-12 22:35:07 -------- d-----w- C:\Users\darynspilsbury\AppData\Roaming\TeraCopy 2013-11-12 01:07:16 -------- d-----w- C:\Program Files\TeraCopy 2013-11-11 21:47:56 -------- d-----w- C:\Users\darynspilsbury\AppData\Local\ElevatedDiagnostics 2013-11-11 05:26:22 -------- d-----w- C:\Users\darynspilsbury\AppData\Roaming\foobar2000 2013-11-11 05:06:06 -------- d-----w- C:\Users\darynspilsbury\AppData\Local\Google 2013-11-11 04:58:11 -------- d-----w- C:\Users\darynspilsbury\AppData\Roaming\Foxit Software 2013-11-11 04:47:10 -------- d-----w- C:\Users\darynspilsbury\AppData\Roaming\AVAST Software 2013-11-11 04:45:21 -------- d-----r- C:\Users\darynspilsbury\Searches 2013-11-11 04:45:20 -------- d-----r- C:\Users\darynspilsbury\Contacts 2013-11-11 02:32:42 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared 2013-11-11 02:32:22 -------- d-----w- C:\Program Files (x86)\Autodesk 2013-11-11 02:31:41 -------- d-----w- C:\Program Files (x86)\Common Files\Autodesk Shared 2013-11-08 01:35:33 -------- d-----w- C:\Program Files (x86)\iMobie 2013-11-07 20:36:56 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2013-11-07 20:36:56 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2013-11-06 23:37:35 -------- d-----w- C:\Windows\pss 2013-11-06 23:04:15 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared 2013-11-06 23:02:35 -------- d-----w- C:\Program Files\Autodesk 2013-11-06 23:01:21 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll 2013-11-06 23:01:21 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll 2013-11-06 23:01:20 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll 2013-11-06 23:01:20 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll 2013-11-06 23:01:18 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll 2013-11-06 23:01:18 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll 2013-11-06 23:01:16 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll 2013-11-06 23:01:16 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll 2013-11-06 22:56:46 778856 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll 2013-11-06 22:56:46 35400 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe 2013-11-06 22:56:46 35400 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2013-11-06 22:56:46 1166440 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll 2013-11-06 22:22:23 196608 ----a-w- C:\Windows\System32\RiSDIcon.dll 2013-11-06 22:22:23 188416 ----a-w- C:\Windows\System32\RiMMCIcon.dll 2013-11-06 22:22:23 106496 ----a-w- C:\Windows\System32\drivers\risdxc64.sys 2013-11-06 22:22:23 -------- d-----w- C:\Program Files (x86)\Ricoh 2013-11-06 22:16:17 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2013-11-06 21:20:47 3236864 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll 2013-11-06 21:19:37 -------- d-----w- C:\Program Files (x86)\Foxit Software 2013-11-06 21:19:25 929792 ----a-w- C:\Windows\SysWow64\mfnetsrc.dll 2013-11-06 21:19:25 677888 ----a-w- C:\Windows\System32\mfnetcore.dll 2013-11-06 21:19:25 673280 ----a-w- C:\Windows\System32\mfmpeg2srcsnk.dll 2013-11-06 21:19:25 1172992 ----a-w- C:\Windows\System32\mfnetsrc.dll 2013-11-06 21:19:24 568832 ----a-w- C:\Windows\SysWow64\mfnetcore.dll 2013-11-06 21:19:24 513024 ----a-w- C:\Windows\SysWow64\mfmpeg2srcsnk.dll 2013-11-06 21:19:00 3265256 ----a-w- C:\Windows\System32\drivers\evbda.sys 2013-11-06 21:17:58 976384 ----a-w- C:\Windows\System32\KernelBase.dll 2013-11-06 21:05:26 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-11-06 21:05:26 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-06 17:14:56 -------- d-----w- C:\Windows\System32\MRT 2013-11-06 11:31:43 -------- d-----w- C:\Windows\Panther 2013-11-06 05:11:03 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center 2013-11-06 05:01:50 274432 ----a-w- C:\Windows\System32\srmstormod.dll 2013-11-06 04:57:35 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2013-11-06 04:57:33 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2013-11-06 04:45:08 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-11-06 04:45:08 54488 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-11-06 04:45:05 99328 ----a-w- C:\Windows\System32\drivers\usbcir.sys 2013-11-06 04:45:05 210560 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2013-11-06 04:43:53 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-11-06 04:40:59 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-11-06 04:40:59 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-11-06 04:40:45 1255936 ----a-w- C:\Windows\System32\certutil.exe 2013-11-06 04:40:44 141312 ----a-w- C:\Windows\System32\cryptnet.dll 2013-11-06 04:40:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-11-06 04:40:44 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-11-06 04:38:47 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-11-06 04:38:06 2893824 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-11-06 04:38:06 2400256 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-11-06 04:38:01 595968 ----a-w- C:\Windows\System32\qedit.dll 2013-11-06 04:38:01 496640 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-11-06 04:36:58 830464 ----a-w- C:\Windows\System32\wbem\WmiPrvSD.dll 2013-11-06 04:35:43 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll 2013-11-06 04:34:57 733184 ----a-w- C:\Windows\System32\win32spl.dll 2013-11-06 04:34:56 447320 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2013-11-06 04:34:56 337752 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2013-11-06 04:34:56 213336 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS 2013-11-06 04:33:38 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-11-06 04:33:38 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-11-06 04:33:38 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-11-06 04:33:38 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-11-06 04:33:38 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-11-06 04:33:37 43152 ----a-w- C:\Windows\avastSS.scr 2013-11-06 04:33:27 -------- d-----w- C:\Program Files\AVAST Software 2013-11-06 04:33:18 -------- d-----w- C:\ProgramData\AVAST Software 2013-11-06 04:31:57 3552768 ----a-w- C:\Windows\System32\tquery.dll 2013-11-06 04:27:22 -------- d-----w- C:\ProgramData\Oracle 2013-11-06 04:27:17 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-11-06 03:58:35 -------- d-----w- C:\Program Files (x86)\foobar2000 2013-11-06 03:53:42 -------- d-----w- C:\Program Files (x86)\MiniBin 2013-11-06 03:45:49 -------- d-----r- C:\Work 2013-11-06 03:32:22 -------- d-----w- C:\Outlook Files 2013-11-06 03:09:41 -------- d-----w- C:\Windows\SysWow64\NV 2013-11-06 03:09:41 -------- d-----w- C:\Windows\System32\NV 2013-11-06 03:07:40 276288 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe 2013-11-06 03:07:39 509248 ----a-w- C:\Windows\System32\igfxsrvc.exe 2013-11-06 03:07:39 170304 ----a-w- C:\Windows\System32\igfxtray.exe 2013-11-06 03:07:38 441152 ----a-w- C:\Windows\System32\igfxpers.exe 2013-11-06 03:07:38 251712 ----a-w- C:\Windows\System32\igfxext.exe 2013-11-06 03:07:33 398656 ----a-w- C:\Windows\System32\hkcmd.exe 2013-11-06 03:07:32 5899072 ----a-w- C:\Windows\System32\GfxUI.exe 2013-11-06 03:07:32 184640 ----a-w- C:\Windows\System32\difx64.exe 2013-11-06 03:07:32 -------- d-----w- C:\DRIVERS 2013-11-06 02:59:24 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2013-11-06 02:59:11 -------- d-----w- C:\Program Files\iPod 2013-11-06 02:59:10 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-06 02:59:10 -------- d-----w- C:\Program Files\iTunes 2013-11-06 02:59:10 -------- d-----w- C:\Program Files (x86)\iTunes 2013-11-06 02:58:49 -------- d-----w- C:\Program Files\Bonjour 2013-11-06 02:58:49 -------- d-----w- C:\Program Files (x86)\Bonjour 2013-11-06 02:58:34 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive 2013-11-06 02:58:28 -------- d-----w- C:\ProgramData\Microsoft SkyDrive 2013-11-06 02:55:02 566480 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe 2013-11-06 02:53:43 -------- d-----w- C:\Program Files\Microsoft Office 15 2013-11-06 02:51:37 -------- d-----w- C:\Program Files\Defraggler 2013-11-06 02:50:43 -------- d-----w- C:\Program Files\CCleaner 2013-11-06 02:40:27 -------- d-----w- C:\ProgramData\IObit 2013-11-06 02:40:18 -------- d-----w- C:\Program Files (x86)\IObit 2013-11-06 01:51:11 -------- d-----w- C:\Program Files\Synaptics 2013-11-06 01:49:20 997664 ----a-w- C:\Windows\System32\nv3dappshext.dll 2013-11-06 01:49:20 55584 ----a-w- C:\Windows\System32\nv3dappshextr.dll 2013-11-06 01:49:19 884512 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-11-06 01:49:19 6382880 ----a-w- C:\Windows\System32\nvcpl.dll 2013-11-06 01:49:19 63776 ----a-w- C:\Windows\System32\nvshext.dll 2013-11-06 01:49:19 3460896 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-11-06 01:49:19 2934933 ----a-w- C:\Windows\System32\nvcoproc.bin 2013-11-06 01:49:19 2558240 ----a-w- C:\Windows\System32\nvsvcr.dll 2013-11-06 01:49:19 118560 ----a-w- C:\Windows\System32\nvmctray.dll 2013-11-06 01:49:17 558880 ----a-w- C:\Windows\SysWow64\oemdspif.dll 2013-11-06 01:48:47 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2013-11-06 01:48:44 -------- d-----w- C:\Program Files\NVIDIA Corporation 2013-11-06 01:48:44 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2013-11-06 01:43:30 -------- d-----w- C:\Program Files\Common Files\Intel 2013-11-06 01:43:29 -------- d-----w- C:\Program Files (x86)\Common Files\Intel 2013-11-06 01:43:28 56832 ----a-w- C:\Windows\System32\OpenCL.DLL 2013-11-06 01:43:28 56320 ----a-w- C:\Windows\SysWow64\OpenCL.DLL 2013-11-06 01:43:28 -------- d-----w- C:\Intel 2013-11-06 01:37:39 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin 2013-11-06 01:37:34 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2013-11-06 01:37:23 -------- d-----w- C:\ProgramData\PRICache . ==================== Find3M ==================== . 2013-10-12 08:45:20 2241536 ----a-w- C:\Windows\System32\wininet.dll 2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll 2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-10-10 11:53:35 96600 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys 2013-10-10 09:21:20 1160192 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-10 09:20:43 723968 ----a-w- C:\Windows\System32\BFE.DLL 2013-10-02 23:25:41 1300992 ----a-w- C:\Windows\System32\gdi32.dll 2013-10-01 23:37:57 1569280 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-10-01 23:37:53 2035712 ----a-w- C:\Windows\SysWow64\authui.dll 2013-10-01 23:26:49 1890816 ----a-w- C:\Windows\System32\crypt32.dll 2013-10-01 23:26:45 2304512 ----a-w- C:\Windows\System32\authui.dll 2013-10-01 22:22:19 1022976 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-09-23 22:30:14 419328 ----a-w- C:\Windows\System32\schannel.dll 2013-09-23 22:30:03 323072 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-09-13 22:36:37 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-09-13 22:36:23 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-09-13 22:36:23 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-09-13 22:36:14 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll 2013-09-13 22:34:14 40448 ----a-w- C:\Windows\System32\wuapp.exe 2013-09-13 22:33:55 252928 ----a-w- C:\Windows\System32\WUSettingsProvider.dll 2013-09-13 22:33:55 142848 ----a-w- C:\Windows\System32\wuwebv.dll 2013-09-13 22:33:54 99328 ----a-w- C:\Windows\System32\wudriver.dll 2013-09-13 22:33:54 1622016 ----a-w- C:\Windows\System32\wucltux.dll 2013-09-13 22:33:42 328192 ----a-w- C:\Windows\System32\ubpm.dll 2013-09-13 22:33:39 175104 ----a-w- C:\Windows\System32\storewuauth.dll 2013-09-05 00:12:16 66344 ----a-w- C:\Windows\System32\ibmpmsvc.exe 2013-09-05 00:12:16 60712 ----a-w- C:\Windows\System32\ibmpmctl.exe 2013-09-05 00:12:16 54528 ----a-w- C:\Windows\System32\drivers\ibmpmdrv.sys 2013-09-05 00:12:14 40232 ----a-w- C:\Windows\System32\tpinspm.dll 2013-09-04 07:12:54 2252504 ----a-w- C:\Windows\System32\BtwRSupportService.exe 2013-09-04 07:12:52 66264 ----a-w- C:\Windows\System32\btwdi.dll 2013-09-04 07:12:52 2232024 ----a-w- C:\Windows\System32\BcmBtRSupport.dll 2013-09-04 07:12:52 166104 ----a-w- C:\Windows\System32\drivers\btwampfl.sys 2013-09-04 07:12:38 170712 ----a-w- C:\Windows\System32\drivers\bcbtums.sys 2013-09-04 03:11:23 576512 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-08-30 17:02:26 3345376 ----a-w- C:\Windows\System32\drivers\NETwew00.sys 2013-08-30 05:43:40 61784 ----a-w- C:\Windows\System32\drivers\crashdmp.sys 2013-08-30 05:20:13 1173504 ----a-w- C:\Windows\System32\UIAutomationCore.dll 2013-08-29 23:48:12 914432 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll 2013-08-23 07:22:24 2062848 ----a-w- C:\Windows\System32\d3d11.dll 2013-08-23 05:11:57 4040192 ----a-w- C:\Windows\System32\win32k.sys 2013-08-23 01:44:40 1711616 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-08-21 06:39:29 465240 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-08-19 21:02:12 204568 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys 2013-08-19 21:02:12 103576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys 2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys 2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll 2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe 2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe 2013-08-16 05:21:43 688640 ----a-w- C:\Windows\System32\WSShared.dll 2013-08-16 05:21:43 183808 ----a-w- C:\Windows\System32\WSSync.dll 2013-08-16 05:21:42 204800 ----a-w- C:\Windows\System32\WSClient.dll 2013-08-16 05:21:42 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll 2013-08-16 05:21:42 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-08-16 05:21:18 368640 ----a-w- C:\Windows\System32\sppwinob.dll 2013-08-16 05:21:18 1164288 ----a-w- C:\Windows\System32\sppobjs.dll 2013-08-16 05:21:12 81408 ----a-w- C:\Windows\System32\setupcln.dll 2013-08-16 05:21:00 120320 ----a-w- C:\Windows\System32\sppc.dll 2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll . ============= FINISH: 13:36:39.07 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Pro Boot Device: \Device\HarddiskVolume1 Install Date: 6/11/2013 11:37:13 AM System Uptime: 14/11/2013 7:14:19 AM (6 hours ago) . Motherboard: LENOVO | | 2359CTO Processor: Intel® Core i5-3360M CPU @ 2.80GHz | CPU Socket - U3E1 | 2801/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 465 GiB total, 342.444 GiB free. D: is CDROM () F: is FIXED (NTFS) - 298 GiB total, 42.71 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ACPI\LEN0078\5&2890D699&0 Manufacturer: Name: PNP Device ID: ACPI\LEN0078\5&2890D699&0 Service: . ==== System Restore Points =================== . RP1: 6/11/2013 12:47:41 PM - Installed 7-Zip 9.20 (x64 edition) RP2: 11/11/2013 10:51:21 AM - Installed 7-Zip 9.20 (x64 edition) . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) Adobe Flash Player 11 Plugin Apple Application Support Apple Mobile Device Support Apple Software Update AutoCAD 2013 - English AutoCAD 2013 Language Pack - English Autodesk Content Service Autodesk Content Service Language Pack Autodesk Inventor Fusion 2013 Autodesk Inventor Fusion plug-in for AutoCAD 2013 Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 Autodesk Material Library 2013 Autodesk Material Library Base Resolution Image Library 2013 Autodesk Sync avast! Free Antivirus Bonjour CCleaner Defraggler FARO LS 1.1.406.58 foobar2000 v1.2.9 Foxit PhantomPDF Google Chrome Google Update Helper Intel® Processor Graphics Intel® SDK for OpenCL - CPU Only Runtime Package iTunes Java 7 Update 45 Java Auto Updater Lenovo Power Management Driver Logitech Solar App 1.10 Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Mouse and Keyboard Center Microsoft Office Home and Business 2013 - en-us Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 NVIDIA 3D Vision Driver 311.00 NVIDIA Control Panel 311.00 NVIDIA Graphics Driver 311.00 NVIDIA Install Application NVIDIA nView 136.53 NVIDIA Optimus 1.11.3 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component PhoneClean 3.0.3 RICOH_Media_Driver_v2.24.18.01 Start Menu 8 System Requirements Lab for Intel TeraCopy 2.27 ThinkPad UltraNav Driver . ==== Event Viewer Messages From Past Week ======== . . ==== End Of File ===========================

Just performed a scan on my computer and it returned 4 entries. Folders Detected: 2C:\Users\Daryn\AppData\Local\Temp\ct2504091 (PUP.Optional.Conduit.A) -> No action taken.C:\Users\darynspilsbury\AppData\Local\Temp\ct2504091 (PUP.Optional.Conduit.A) -> No action taken. Files Detected: 2C:\Users\Daryn\AppData\Local\Temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Users\darynspilsbury\AppData\Local\Temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> No action taken. Do I need to do anything with these files? Thanks.