Jump to content

flymedic

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by flymedic

  1. Results of screen317's Security Check version 0.99.69 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` VAT-Spy Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Adobe Reader XI Google Chrome 28.0.1500.71 Google Chrome 28.0.1500.72 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 44% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  2. Attached are the logs requested. Thank you Scott mbar-log-2013-07-14 (08-12-00).txt system-log.txt eset.txt adwcleaner.txt
  3. I believe my three kids playing with my computer has gotten me a bug. My hard drive is now saying it is full or virtually full, depending on the day. Help Please. I have copied the DDS report below. Scott DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2 Run by Keatts at 21:10:28 on 2013-07-12 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7886.6002 [GMT -5:00] . AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ASRock\XFast LAN\cfosspeed.exe C:\Windows\System32\rundll32.exe C:\Program Files\ASRock\XFast LAN\spd.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\DnsBasic\dnsbasic.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\DnsBasic\dnsbasic.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\XFastUSB\XFastUsb.exe C:\Program Files (x86)\PasswordBox\pbbtnService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: {5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4} - <orphaned> BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: DDownyLaoweApp: {8251C5D4-71A4-8644-2B18-B3BAB548C191} - C:\ProgramData\DDownyLaoweApp\51ccdf839bd54.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll uRun: [ASRockXTU] <no file> mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{DD8027BE-3365-4BB4-A230-8C2B98C0321B} : DHCPNameServer = 192.168.1.1 AppInit_DLLs= c:\progra~2\saveas\sprote~1.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760] R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2013-3-2 31016] R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-3-2 647736] R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-3-2 28216] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-2 16152] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216] R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2013-3-2 17192] R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2013-3-2 16648] R2 DnsBasic Service;DnsBasic Service;C:\Program Files (x86)\DnsBasic\dnsbasic.exe [2013-6-10 22528] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-2 14904] R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-1 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-1 701512] R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-3-1 67584] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-3-2 59392] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-3-2 84608] R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536] R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-2 342528] R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-2 356120] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-2 788760] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-1 25928] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-3-2 32344] R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2013-3-2 34752] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2013-6-16 32320] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-1 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-1 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-1 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-1 1255736] . =============== Created Last 30 ================ . 2013-07-13 02:02:17 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30F15BF1-22A3-4B97-B74E-9D2422B7C807}\mpengine.dll 2013-07-13 02:00:40 -------- d-----w- C:\Windows\System32\MRT 2013-07-12 17:22:46 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2013-07-12 17:22:34 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2013-07-12 17:22:25 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2013-07-12 17:22:17 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-07-12 08:30:48 9552976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-07-11 11:22:08 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll 2013-07-11 11:21:57 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-07-11 11:21:57 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-07-08 17:49:44 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-07-08 17:49:44 -------- d-----w- C:\Program Files\iTunes 2013-07-08 17:49:44 -------- d-----w- C:\Program Files\iPod 2013-07-08 17:49:44 -------- d-----w- C:\Program Files (x86)\iTunes 2013-06-29 01:05:41 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2013-06-29 01:05:41 -------- d-----w- C:\Program Files (x86)\World of Warcraft 2013-06-29 01:05:41 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2013-06-29 01:04:29 -------- d-----w- C:\ProgramData\Battle.net 2013-06-28 00:55:45 -------- d-----w- C:\ProgramData\StarApp 2013-06-28 00:55:16 -------- d-----w- C:\ProgramData\BetterSoft 2013-06-28 00:54:53 -------- d-----w- C:\Program Files (x86)\SaveAs 2013-06-28 00:54:48 -------- d-----w- C:\ProgramData\DDownyLaoweApp 2013-06-28 00:54:24 -------- d-----w- C:\ProgramData\InstallMate 2013-06-24 02:21:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-20 22:05:07 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3E77F10-34D2-4893-8524-2BEF18B4207C}\gapaengine.dll 2013-06-19 02:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-06-16 14:18:29 32320 ----a-w- C:\Windows\System32\drivers\FNETTBOH_305.SYS . ==================== Find3M ==================== . 2013-07-13 02:02:59 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp 2013-07-13 02:02:59 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys 2013-06-24 02:21:48 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-06-24 02:21:48 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-19 02:50:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-06-12 21:51:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-12 21:51:09 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll . ============= FINISH: 21:10:34.37 =============== DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/2/2013 12:07:27 AM System Uptime: 7/12/2013 9:02:46 PM (0 hours ago) . Motherboard: ASRock | | Z77 Extreme6 Processor: Intel® Core i5-3570K CPU @ 3.40GHz | CPUSocket | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 60 GiB total, 0.79 GiB free. D: is CDROM () E: is FIXED (NTFS) - 298 GiB total, 156.146 GiB free. X: is FIXED (NTFS) - 119 GiB total, 106.041 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {678dcf40-e2e6-11d5-8cd5-e960089ea00a} Description: Programming Support Device ID: ROOT\PROGRAMMING_SUPPORT\0001 Manufacturer: Mad Catz Name: Programmable Root Enumerator PNP Device ID: ROOT\PROGRAMMING_SUPPORT\0001 Service: SaiNtBus . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader XI (11.0.03) Apple Application Support Apple Mobile Device Support Apple Software Update Asmedia ASM106x SATA Host Controller Driver ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.250 ASRock InstantBoot v1.29 ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 Bonjour Broadcom NetLink Controller Canon MP495 series MP Drivers Core Temp 1.0 RC4 CyberLink MediaEspresso DDownyLaoweApp DnsBasic 1.0 build 111 Etron USB3.0 Host Controller File Type Assistant Free File Viewer 2012 Google Chrome Google Earth Google Update Helper InfoAtoms [uninstall] Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® Smart Connect Technology 2.0 x64 Intel® USB 3.0 eXtensible Host Controller Driver iTunes Java 7 Update 25 Java Auto Updater Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Flight Simulator X Microsoft Flight Simulator X Service Pack 1 Microsoft Flight Simulator X Service Pack 2 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK OptimizerPro PasswordBox PDFCreator Pirate101 Realtek High Definition Audio Driver SaveAs 1.74 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) THX TruStudio TOPCAT 2.72 Beta 4 - Take-Off and Landing Performance Calculation Tool Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) VAT-Spy Wizard101 World of Warcraft XFast LAN v6.61 XFastUSB Zuma Deluxe 1.0 . ==== End Of File ===========================
  4. Thank you for your help. I have done all requested and here are the reports Junkware Removal Tool (JRT) by Thisisu Version: 4.6.9 (03.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Keatts on Fri 03/08/2013 at 12:10:37.08 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ba00b7b1-0351-477a-b948-23e3ee5a73d4} Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ba00b7b1-0351-477a-b948-23e3ee5a73d4} ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_current_user\software\aol toolbar Successfully deleted: [Registry Key] hkey_local_machine\software\aol toolbar Successfully deleted: [Registry Key] hkey_local_machine\software\conduit Successfully deleted: [Registry Key] hkey_local_machine\software\firstsearch Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\dnu.exe Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdate Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser.1 Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller.1 Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3287822 Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1} Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3ef64538-8b54-4573-b48f-4d34b0238ab2} Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{3ef64538-8b54-4573-b48f-4d34b0238ab2} Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ba00b7b1-0351-477a-b948-23e3ee5a73d4} Successfully deleted: [Registry Key] hkey_classes_root\clsid\{f0e98552-8e47-4c6c-9b3a-11ab0549f94d} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\aol toolbar" Successfully deleted: [Folder] "C:\Users\Keatts\appdata\local\aol toolbar" Successfully deleted: [Folder] "C:\Users\Keatts\appdata\local\conduit" Successfully deleted: [Folder] "C:\Users\Keatts\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Users\Keatts\appdata\locallow\pricegong" Successfully deleted: [Folder] "C:\Program Files (x86)\aol toolbar" Successfully deleted: [Folder] "C:\Program Files (x86)\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\infoatoms" Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 03/08/2013 at 12:13:18.00 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.08.15 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Keatts :: KEATTS-PC [administrator] Protection: Enabled 3/8/2013 12:24:24 PM mbam-log-2013-03-08 (12-24-24).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 207556 Time elapsed: 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.15.2 Run by Keatts at 12:25:13 on 2013-03-08 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7886.6122 [GMT -6:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\ASRock\XFast LAN\spd.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\ASRock\XFast LAN\cfosspeed.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\PasswordBox\pbbtnService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\XFastUSB\XFastUsb.exe C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Windows\explorer.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll uRun: [ASRockXTU] <no file> mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: [spUninstallCleanUp] REG delete HKEY_CURRENT_USER\Software\SearchProtect /f uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{DD8027BE-3365-4BB4-A230-8C2B98C0321B} : DHCPNameServer = 192.168.1.1 SSODL: WebCheck - <orphaned> x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760] R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2013-3-2 31016] R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-3-2 647736] R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-3-2 28216] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-2 16152] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2013-3-2 17192] R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2013-3-2 16648] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-2 14904] R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-1 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-1 682344] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008] R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-3-1 67584] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-3-2 59392] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-3-2 84608] R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536] R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-2 342528] R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2012-2-9 44992] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-2 356120] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-2 788760] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-1 24176] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-3-2 32344] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2013-3-2 34752] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-1 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-1 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-1 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-1 1255736] . =============== Created Last 30 ================ . 2013-03-08 18:13:47 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{947A6DF1-20EC-4A70-AF41-4E752C97C9FB}\mpengine.dll 2013-03-08 18:10:36 -------- d-----w- C:\Windows\ERUNT 2013-03-08 18:10:28 -------- d-----w- C:\JRT 2013-03-08 18:05:32 -------- d-----w- C:\components 2013-03-07 02:23:05 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-03-04 02:55:11 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-04 02:55:11 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-03-04 02:55:10 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-02 08:02:19 -------- d-----w- C:\Windows\Panther 2013-03-02 07:05:37 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-03-02 07:05:36 99840 ----a-w- C:\Windows\System32\wudriver.dll 2013-03-02 07:05:35 36864 ----a-w- C:\Windows\System32\wuapp.exe 2013-03-02 07:05:35 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2013-03-02 06:38:16 -------- d-----w- C:\Users\Keatts\AppData\Local\Cyberlink 2013-03-02 06:35:56 -------- d-----w- C:\Program Files\Broadcom 2013-03-02 06:35:35 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp 2013-03-02 06:35:35 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys 2013-03-02 06:34:34 -------- d-----w- C:\Program Files (x86)\ASM106xSATA 2013-03-02 06:34:04 84608 ----a-w- C:\Windows\System32\drivers\EtronXHCI.sys 2013-03-02 06:34:04 59392 ----a-w- C:\Windows\System32\drivers\EtronHub3.sys 2013-03-02 06:34:04 -------- d-----w- C:\Program Files (x86)\Etron Technology 2013-03-02 06:33:36 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys 2013-03-02 06:33:29 788760 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys 2013-03-02 06:33:28 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys 2013-03-02 06:32:53 -------- d-sh--w- C:\Windows\Installer 2013-03-02 06:32:39 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2013-03-02 06:32:37 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys 2013-03-02 06:24:38 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll 2013-03-02 06:24:10 -------- d-----w- C:\Intel 2013-03-01 22:18:48 -------- d-----w- C:\Users\Keatts\AppData\Roaming\Malwarebytes 2013-03-01 22:18:38 -------- d-----w- C:\ProgramData\Malwarebytes 2013-03-01 22:18:37 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-01 22:18:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-01 22:18:04 -------- d-----w- C:\Users\Keatts\AppData\Local\Programs 2013-03-01 20:35:18 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2013-03-01 20:23:06 -------- d-----w- C:\Windows\PCHEALTH 2013-03-01 19:25:34 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-01 19:25:34 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-03-01 19:25:18 -------- d-----w- C:\Users\Keatts\AppData\Local\CrashDumps 2013-03-01 19:20:58 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll 2013-03-01 19:20:58 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX 2013-03-01 19:20:58 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL 2013-03-01 19:20:58 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX 2013-03-01 19:20:58 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2013-03-01 19:20:58 -------- d-----w- C:\Program Files (x86)\PDFCreator 2013-03-01 19:20:37 -------- d-----w- C:\Program Files (x86)\PasswordBox 2013-03-01 19:07:58 -------- d-----w- C:\Users\Keatts\AppData\Local\Deal Spy 2013-03-01 19:06:22 -------- d-----w- C:\Program Files\Core Temp 2013-03-01 19:05:52 -------- d-----w- C:\ProgramData\APN 2013-03-01 18:08:50 -------- d-----w- C:\Users\Keatts\AppData\Local\Adobe 2013-03-01 17:51:56 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6380462A-DE49-4230-9D53-FB9200B8FDA8}\gapaengine.dll 2013-03-01 17:49:24 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-03-01 17:49:24 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-03-01 17:42:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-03-01 17:42:48 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2013-03-01 17:42:48 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-03-01 17:42:48 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-03-01 17:42:48 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-03-01 17:42:48 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-03-01 17:42:48 1448448 ----a-w- C:\Windows\System32\lsasrv.dll 2013-03-01 17:42:47 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2013-03-01 17:42:47 366592 ----a-w- C:\Windows\System32\qdvd.dll 2013-03-01 17:38:02 -------- d-----w- C:\Users\Keatts\AppData\Local\WindowsUpdate 2013-03-01 17:22:24 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-03-01 17:22:24 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-03-01 17:22:24 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-03-01 17:22:24 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-03-01 17:16:56 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll 2013-03-01 17:15:12 55296 ----a-w- C:\Windows\SysWow64\cero.rs 2013-03-01 17:14:58 2315776 ----a-w- C:\Windows\System32\tquery.dll 2013-03-01 17:12:53 723456 ----a-w- C:\Windows\System32\EncDec.dll 2013-03-01 17:12:53 67072 ----a-w- C:\Windows\splwow64.exe 2013-03-01 17:12:53 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2013-03-01 17:12:53 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2013-03-01 17:12:52 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2013-03-01 17:12:52 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2013-03-01 17:12:52 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-03-01 17:12:49 77312 ----a-w- C:\Windows\System32\packager.dll 2013-03-01 17:12:49 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-03-01 17:12:48 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2013-03-01 17:12:48 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-03-01 17:12:48 1031680 ----a-w- C:\Windows\System32\rdpcore.dll . ==================== Find3M ==================== . 2013-03-02 06:36:11 16648 ----a-w- C:\Windows\System32\drivers\FNETURPX.SYS 2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-20 21:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-01-20 21:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll . ============= FINISH: 12:25:17.77 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/2/2013 12:07:27 AM System Uptime: 3/8/2013 6:32:03 AM (6 hours ago) . Motherboard: ASRock | | Z77 Extreme6 Processor: Intel® Core i5-3570K CPU @ 3.40GHz | CPUSocket | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 60 GiB total, 42.214 GiB free. D: is CDROM (UDF) E: is FIXED (NTFS) - 298 GiB total, 156.161 GiB free. X: is FIXED (NTFS) - 119 GiB total, 106.041 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP16: 3/1/2013 4:24:09 PM - Windows Update RP17: 3/3/2013 8:55:03 PM - Installed Java 7 Update 15 RP18: 3/5/2013 11:33:29 AM - Windows Update . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader XI (11.0.02) AOL Toolbar Asmedia ASM106x SATA Host Controller Driver ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.250 ASRock InstantBoot v1.29 ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 Broadcom NetLink Controller Core Temp 1.0 RC4 CyberLink MediaEspresso Download Updater (AOL Inc.) Etron USB3.0 Host Controller InfoAtoms [uninstall] Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® Smart Connect Technology 2.0 x64 Intel® USB 3.0 eXtensible Host Controller Driver Java 7 Update 15 Java Auto Updater Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Flight Simulator X Microsoft Flight Simulator X Service Pack 1 Microsoft Flight Simulator X Service Pack 2 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK PasswordBox PDFCreator Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) THX TruStudio Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) XFast LAN v6.61 XFastUSB . ==== End Of File ===========================
  5. I built a new computer this past weekend and almost immediately started having problems with internet explorer. I would get a notice that malwarbytes blocked IP 66.150.140.41 everytime I opened IE. I was attempting to post this topic and would get an error message blocking me from making the post. I found on my start orb internet explorer 64 bit and opened it and have not had the problem repeat thus far so I removed shortcut from task bar and put the 64 bit shortcut on task bar. However I still want to make sure there is nothing on my computer. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.15.2 Run by Keatts at 16:39:22 on 2013-03-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7886.6045 [GMT -6:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ASRock\XFast LAN\spd.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\ASRock\XFast LAN\cfosspeed.exe C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\Keatts\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe C:\Users\Keatts\AppData\Roaming\SearchProtect\bin\cltmng.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\PasswordBox\pbbtnService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\XFastUSB\XFastUsb.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\program files (x86)\deal spy\deal spy-bg.exe c:\program files (x86)\aol toolbar\aoltbServer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uURLSearchHooks: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - C:\Program Files (x86)\MixiDJ_V8\prxtbMixi.dll mURLSearchHooks: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - C:\Program Files (x86)\MixiDJ_V8\prxtbMixi.dll mWinlogon: Userinit = userinit.exe, BHO: Social Privacy: {09942569-D515-42BE-9F5A-A439B20F91AB} - C:\Program Files (x86)\Social Privacy\sp.dll BHO: Deal Spy: {11111111-1111-1111-1111-110211621176} - C:\Program Files (x86)\Deal Spy\Deal Spy.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Keatts\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll BHO: GetSavin 5.0: {9976482F-FF0E-4797-B5AC-7E7AA3FCB3B7} - C:\Users\Keatts\AppData\Local\getsavin\ie\getsavin_1361393438.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - C:\Program Files (x86)\MixiDJ_V8\prxtbMixi.dll BHO: PricePeep: {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll TB: MixiDJ V8 Toolbar: {E4C3A8B6-7724-45D1-A629-17B69118EBCD} - C:\Program Files (x86)\MixiDJ_V8\prxtbMixi.dll TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll TB: MixiDJ V8 Toolbar: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - C:\Program Files (x86)\MixiDJ_V8\prxtbMixi.dll TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll uRun: [ASRockXTU] <no file> mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{DD8027BE-3365-4BB4-A230-8C2B98C0321B} : DHCPNameServer = 192.168.1.1 SSODL: WebCheck - <orphaned> x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760] R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2013-3-2 31016] R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-3-2 647736] R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-3-2 28216] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-2 16152] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2013-3-2 17192] R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2013-3-2 16648] R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-2-20 93984] R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Keatts\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-3-1 107520] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-2 14904] R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-1 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-1 682344] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008] R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-2-27 66560] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-3-2 59392] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-3-2 84608] R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536] R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-2 342528] R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2012-2-9 44992] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-2 356120] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-2 788760] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-1 24176] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-3-2 32344] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2013-3-2 34752] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-1 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-1 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-1 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-1 1255736] . =============== Created Last 30 ================ . 2013-03-07 02:23:05 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D28A9B91-50A2-4B3B-ADF8-A0950D577055}\mpengine.dll 2013-03-05 17:33:38 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-03-04 02:55:11 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-04 02:55:11 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-03-04 02:55:10 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-02 08:02:19 -------- d-----w- C:\Windows\Panther 2013-03-02 07:05:37 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-03-02 07:05:36 99840 ----a-w- C:\Windows\System32\wudriver.dll 2013-03-02 07:05:35 36864 ----a-w- C:\Windows\System32\wuapp.exe 2013-03-02 07:05:35 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2013-03-02 06:38:16 -------- d-----w- C:\Users\Keatts\AppData\Local\Cyberlink 2013-03-02 06:35:56 -------- d-----w- C:\Program Files\Broadcom 2013-03-02 06:35:35 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp 2013-03-02 06:35:35 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys 2013-03-02 06:34:34 -------- d-----w- C:\Program Files (x86)\ASM106xSATA 2013-03-02 06:34:04 84608 ----a-w- C:\Windows\System32\drivers\EtronXHCI.sys 2013-03-02 06:34:04 59392 ----a-w- C:\Windows\System32\drivers\EtronHub3.sys 2013-03-02 06:34:04 -------- d-----w- C:\Program Files (x86)\Etron Technology 2013-03-02 06:33:36 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys 2013-03-02 06:33:29 788760 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys 2013-03-02 06:33:28 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys 2013-03-02 06:32:53 -------- d-sh--w- C:\Windows\Installer 2013-03-02 06:32:39 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2013-03-02 06:32:37 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys 2013-03-02 06:24:38 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll 2013-03-02 06:24:10 -------- d-----w- C:\Intel 2013-03-01 22:18:48 -------- d-----w- C:\Users\Keatts\AppData\Roaming\Malwarebytes 2013-03-01 22:18:38 -------- d-----w- C:\ProgramData\Malwarebytes 2013-03-01 22:18:37 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-01 22:18:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-01 22:18:04 -------- d-----w- C:\Users\Keatts\AppData\Local\Programs 2013-03-01 20:35:18 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2013-03-01 20:23:06 -------- d-----w- C:\Windows\PCHEALTH 2013-03-01 19:25:34 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-01 19:25:34 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-03-01 19:25:18 -------- d-----w- C:\Users\Keatts\AppData\Local\CrashDumps 2013-03-01 19:24:21 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility 2013-03-01 19:20:58 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll 2013-03-01 19:20:58 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX 2013-03-01 19:20:58 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL 2013-03-01 19:20:58 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX 2013-03-01 19:20:58 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2013-03-01 19:20:58 -------- d-----w- C:\Program Files (x86)\PDFCreator 2013-03-01 19:20:39 -------- d-----w- C:\Users\Keatts\AppData\Local\AOL Toolbar 2013-03-01 19:20:37 -------- d-----w- C:\Program Files (x86)\PasswordBox 2013-03-01 19:20:19 -------- d-----w- C:\Users\Keatts\AppData\Roaming\DefaultTab 2013-03-01 19:20:06 -------- d-----w- C:\Program Files (x86)\Social Privacy 2013-03-01 19:20:01 -------- d-----w- C:\ProgramData\AOL Toolbar 2013-03-01 19:20:01 -------- d-----w- C:\Program Files (x86)\AOL Toolbar 2013-03-01 19:09:01 -------- d-----w- C:\Program Files (x86)\Conduit 2013-03-01 19:08:57 -------- d-----w- C:\Program Files (x86)\SearchProtect 2013-03-01 19:08:14 -------- d-----w- C:\Users\Keatts\AppData\Roaming\SearchProtect 2013-03-01 19:08:14 -------- d-----w- C:\Users\Keatts\AppData\Local\Conduit 2013-03-01 19:08:13 -------- d-----w- C:\Program Files (x86)\MixiDJ_V8 2013-03-01 19:07:59 -------- d-----w- C:\Program Files (x86)\PricePeep 2013-03-01 19:07:58 -------- d-----w- C:\Users\Keatts\AppData\Local\Deal Spy 2013-03-01 19:07:55 -------- d-----w- C:\Program Files (x86)\InfoAtoms 2013-03-01 19:07:54 -------- d-----w- C:\Users\Keatts\AppData\Local\Updater26276 2013-03-01 19:07:53 -------- d-----w- C:\Program Files (x86)\Deal Spy 2013-03-01 19:07:38 -------- d-----w- C:\Users\Keatts\AppData\Local\getsavin 2013-03-01 19:06:22 -------- d-----w- C:\Program Files\Core Temp 2013-03-01 19:05:52 -------- d-----w- C:\ProgramData\APN 2013-03-01 18:08:50 -------- d-----w- C:\Users\Keatts\AppData\Local\Adobe 2013-03-01 17:51:56 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6380462A-DE49-4230-9D53-FB9200B8FDA8}\gapaengine.dll 2013-03-01 17:49:24 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-03-01 17:49:24 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-03-01 17:42:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-03-01 17:42:48 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2013-03-01 17:42:48 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-03-01 17:42:48 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-03-01 17:42:48 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-03-01 17:42:48 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-03-01 17:42:48 1448448 ----a-w- C:\Windows\System32\lsasrv.dll 2013-03-01 17:42:47 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2013-03-01 17:42:47 366592 ----a-w- C:\Windows\System32\qdvd.dll 2013-03-01 17:38:02 -------- d-----w- C:\Users\Keatts\AppData\Local\WindowsUpdate 2013-03-01 17:22:24 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-03-01 17:22:24 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-03-01 17:22:24 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-03-01 17:22:24 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-03-01 17:16:56 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll 2013-03-01 17:15:12 55296 ----a-w- C:\Windows\SysWow64\cero.rs 2013-03-01 17:14:58 2315776 ----a-w- C:\Windows\System32\tquery.dll 2013-03-01 17:12:53 723456 ----a-w- C:\Windows\System32\EncDec.dll 2013-03-01 17:12:53 67072 ----a-w- C:\Windows\splwow64.exe 2013-03-01 17:12:53 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2013-03-01 17:12:53 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2013-03-01 17:12:52 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2013-03-01 17:12:52 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2013-03-01 17:12:52 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-03-01 17:12:49 77312 ----a-w- C:\Windows\System32\packager.dll 2013-03-01 17:12:49 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-03-01 17:12:48 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2013-03-01 17:12:48 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-03-01 17:12:48 1031680 ----a-w- C:\Windows\System32\rdpcore.dll . ==================== Find3M ==================== . 2013-03-02 06:36:11 16648 ----a-w- C:\Windows\System32\drivers\FNETURPX.SYS 2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-20 21:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-01-20 21:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll . ============= FINISH: 16:39:27.18 =============== DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/2/2013 12:07:27 AM System Uptime: 3/7/2013 2:05:49 PM (2 hours ago) . Motherboard: ASRock | | Z77 Extreme6 Processor: Intel® Core i5-3570K CPU @ 3.40GHz | CPUSocket | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 60 GiB total, 42.26 GiB free. D: is CDROM (UDF) E: is FIXED (NTFS) - 298 GiB total, 156.161 GiB free. X: is FIXED (NTFS) - 119 GiB total, 106.041 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP16: 3/1/2013 4:24:09 PM - Windows Update RP17: 3/3/2013 8:55:03 PM - Installed Java 7 Update 15 RP18: 3/5/2013 11:33:29 AM - Windows Update . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader XI (11.0.02) AOL Toolbar Asmedia ASM106x SATA Host Controller Driver ASRock App Charger v1.0.5 ASRock eXtreme Tuner v0.1.250 ASRock InstantBoot v1.29 ASRock SmartConnect v1.0.6 ASRock XFast RAM v2.0.9 Broadcom NetLink Controller Core Temp 1.0 RC4 CyberLink MediaEspresso Deal Spy DefaultTab Download Updater (AOL Inc.) Etron USB3.0 Host Controller GetSavin InfoAtoms [uninstall] Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® Smart Connect Technology 2.0 x64 Intel® USB 3.0 eXtensible Host Controller Driver Java 7 Update 15 Java Auto Updater Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Flight Simulator X Microsoft Flight Simulator X Service Pack 1 Microsoft Flight Simulator X Service Pack 2 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MixiDJ V8 Toolbar MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK PasswordBox PDFCreator PricePeep Realtek High Definition Audio Driver Search Protect by conduit Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Social Privacy THX TruStudio Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) XFast LAN v6.61 XFastUSB . ==== Event Viewer Messages From Past Week ======== . 3/7/2013 2:05:57 PM, Error: volmgr [46] - Crash dump initialization failed! 3/3/2013 4:57:04 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win64/Sirefef.B&threatid=2147657891 Name: Virus:Win64/Sirefef.B ID: 2147657891 Severity: Severe Category: Virus Path: file:_E:\Windows\System32\services.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: NT AUTHORITY\SYSTEM Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Action: Clean Action Status: No additional actions required Error Code: 0x8007007f Error description: The specified procedure could not be found. Signature Version: AV: 1.145.963.0, AS: 1.145.963.0, NIS: 18.36.0.0 Engine Version: AM: 1.1.9203.0, NIS: 2.1.8904.0 3/2/2013 12:32:14 AM, Error: Service Control Manager [7023] - The Intel® Content Protection HECI Service service terminated with the following error: %%-2147024637 3/2/2013 1:03:08 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 3/1/2013 12:52:31 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The service has not been started. 3/1/2013 11:56:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243). 3/1/2013 11:52:12 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.851.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 3/1/2013 11:52:12 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.851.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 3/1/2013 11:52:12 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.851.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8050a003 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 3/1/2013 11:51:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3/1/2013 11:51:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3/1/2013 11:51:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3/1/2013 11:50:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3/1/2013 11:50:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3/1/2013 11:50:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3/1/2013 11:33:55 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845). 3/1/2013 11:33:55 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2797052). 3/1/2013 11:33:22 AM, Error: Service Control Manager [7023] - 3/1/2013 11:32:50 AM, Error: Service Control Manager [7034] - The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). 3/1/2013 11:32:50 AM, Error: Service Control Manager [7031] - The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.