Jump to content

traveling_steve

Members
  • Posts

    10
  • Joined

  • Last visited

Everything posted by traveling_steve

  1. Here are the logs, Nothing was detected or cleaned and strangly the stopped IP block message has not recurred since performing the scan too. So maybe normal operation? Tks Steve Malwarebytes Anti-Rootkit BETA 1.01.0.1021 www.malwarebytes.org Database version: v2013.03.20.12 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16519 Taryn :: TARYN_HP [administrator] 20/03/2013 22:31:29 mbar-log-2013-03-20 (22-31-29).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 9180 Time elapsed: 38 minute(s), 3 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ++++++++++++++++++++++++++++++++++++++ --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1021 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.16519 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 1.896000 GHz Memory total: 8013484032, free: 5589594112 ------------ Kernel report ------------ 03/20/2013 21:52:29 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\amd_sata.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\System32\drivers\amd_xata.sys \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\hpdskflt.sys \SystemRoot\System32\drivers\amdkmpfd.sys \SystemRoot\System32\drivers\wd.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\DRIVERS\MOBK.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \??\C:\Program Files\McAfee\AppStats\MfeASKM.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\System32\drivers\amdppm.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\RtsBaStor.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\system32\DRIVERS\netr28x.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\System32\drivers\rtbth.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\System32\drivers\usbohci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbfilter.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\CmBatt.sys \SystemRoot\System32\drivers\BATTC.SYS \SystemRoot\system32\DRIVERS\Smb_driver_AMDASF.sys \SystemRoot\system32\DRIVERS\Accelerometer.sys \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\System32\drivers\WirelessButtonDriver64.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\Drivers\BtAudioBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\system32\drivers\AtihdW86.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\DRIVERS\stwrt64.sys \SystemRoot\system32\DRIVERS\BthLEEnum.sys \SystemRoot\system32\DRIVERS\rfcomm.sys \SystemRoot\System32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\System32\Drivers\BtL2caScoIf.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\system32\DRIVERS\mfencbdc.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_amd_sata.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\System32\drivers\WinUSB.sys \SystemRoot\System32\drivers\WUDFRd.sys \SystemRoot\system32\DRIVERS\appexDrv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\McPvDrv.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\system32\drivers\cfwids.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\System32\drivers\WSDPrint.sys \SystemRoot\System32\drivers\WSDScan.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8008140060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000002b\ Lower Device Object: 0xfffffa80081127f0 Lower Device Driver Name: \Driver\amd_sata\ Driver name found: amd_sata Initialization returned 0x0 Port sub-driver loaded: \??\C:\Windows\System32\Drivers\storport.sys (0x0) Load Function returned 0x0 Downloaded database version: v2013.03.20.12 Initializing... Done! <<<2>>> Device number: 0, partition: 4 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8008140060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8008140b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8008140060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa8008096b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\ DevicePointer: 0xfffffa800697f040, DeviceName: Unknown, DriverName: \Driver\amd_xata\ DevicePointer: 0xfffffa80081127f0, DeviceName: \Device\0000002b\, DriverName: \Driver\amd_sata\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0xfffff8a00df00e30, 0xfffffa8008140060, 0xfffffa800dc1d090 Lower DeviceData: 0xfffff8a0003f50f0, 0xfffffa80081127f0, 0xfffffa80072a29c0 Partition type: GUID <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 4 Partition type: GUID <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 11FB3334 GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 1953525167 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 437006278 GPT Header CurrentLba = 1 BackupLba 1953525167 GPT Header FirstUsableLba 34 LastUsableLba 1953525134 GPT Header Guid a07862c1-54f1-47ec-82a0-5da27c8ea545 GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 437006278 Backup GPT header CurrentLba = 1953525167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134 Backup GPT header Guid a07862c1-54f1-47ec-82a0-5da27c8ea545 Backup GPT header Contains 128 partition entries starting at LBA 1953525135 Backup GPT header Partition entry size = 128 Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID c94212b6-bf32-4bef-927f-d76ade434ff4 FirstLBA 2048 Last LBA 821247 Attributes 1 Partition Name Basic data partition Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID c10ee97b-8fd8-467f-9d6c-624dddcec58 FirstLBA 821248 Last LBA 1353727 Attributes 0 Partition Name EFI system partition GPT Partition 1 is bootable Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID a69db083-dfc6-4f25-9b63-40e1a830fd6b FirstLBA 1353728 Last LBA 1615871 Attributes 0 Partition Name Microsoft reserved partition Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID e8902853-f7f-46c8-b926-60ca6d9940fb FirstLBA 1615872 Last LBA 1913204735 Attributes 0 Partition Name Basic data partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 7b09071b-7506-4af3-9462-4383a6c631a FirstLBA 1913204736 Last LBA 1953523711 Attributes 1 Partition Name Basic data partition Disk Size: 1000204886016 bytes Sector size: 512 bytes Done! Performing system, memory and registry scan... Done! Scan finished =======================================
  2. MrC Removed AVG and rebooted, Chrome and IE still attempting to access the IP 217.41.223.104 this was not on all websites and was notably on Facebook.com. NOTE: when we were trying to download the earlier roguekiller software, the browser would instead link to facebook rather than the correct URL. Still quite concerned that there is something trying to download or upload information. Thanks steve
  3. Here is the most recent file content: 2013/03/20 12:24:37 GMT TARYN_HP Taryn MESSAGE IP Protection stopped successfully 2013/03/20 12:24:42 GMT TARYN_HP Taryn MESSAGE Database refreshed successfully 2013/03/20 12:24:42 GMT TARYN_HP Taryn MESSAGE Starting IP protection 2013/03/20 12:24:53 GMT TARYN_HP Taryn MESSAGE IP Protection started successfully 2013/03/20 17:23:25 GMT TARYN_HP Taryn MESSAGE Stopping protection 2013/03/20 17:23:25 GMT TARYN_HP Taryn MESSAGE Protection stopped successfully 2013/03/20 17:23:27 GMT TARYN_HP Taryn MESSAGE Stopping IP protection 2013/03/20 17:23:28 GMT TARYN_HP Taryn MESSAGE IP Protection stopped successfully 2013/03/20 19:51:24 GMT TARYN_HP (null) MESSAGE Starting protection 2013/03/20 19:51:24 GMT TARYN_HP (null) MESSAGE Protection started successfully 2013/03/20 19:51:24 GMT TARYN_HP (null) MESSAGE Starting IP protection 2013/03/20 19:51:35 GMT TARYN_HP Taryn MESSAGE IP Protection started successfully 2013/03/20 19:56:17 GMT TARYN_HP Taryn IP-BLOCK 217.41.223.104 (Type: outgoing, Port: 49246, Process: chrome.exe) 2013/03/20 19:56:17 GMT TARYN_HP Taryn IP-BLOCK 217.41.223.104 (Type: outgoing, Port: 49247, Process: chrome.exe) 2013/03/20 19:56:18 GMT TARYN_HP Taryn IP-BLOCK 217.41.223.104 (Type: outgoing, Port: 49248, Process: chrome.exe) 2013/03/20 19:56:18 GMT TARYN_HP Taryn IP-BLOCK 217.41.223.104 (Type: outgoing, Port: 49249, Process: chrome.exe) 2013/03/20 19:56:26 GMT TARYN_HP Taryn IP-BLOCK 217.41.223.104 (Type: outgoing, Port: 49256, Process: chrome.exe) 2013/03/20 20:08:55 GMT TARYN_HP Taryn IP-BLOCK 217.41.223.104 (Type: outgoing, Port: 49409, Process: chrome.exe)
  4. Lets write that more clearly, When in IE and Chrome, when on google homepage, error came from Malware that it had successfully blocked access to a potentially malicious website.
  5. Oh, I spoke to soon... Malware sucessfuly blocked acess to a potentially militious website.. while online.
  6. MrC All Browsers seem to work as normal although Chrome advises that the preferences file has been deleted (I assume just need to make changes to the preferences and it'll create a new one) No other issues and it seems to be running smoothly as it did out the box. Many Thanks! Steve
  7. Here is the content of the file post removal # AdwCleaner v2.115 - Logfile created 03/20/2013 at 19:46:08 # Updated 17/03/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : Taryn - TARYN_HP # Boot Mode : Normal # Running from : C:\Users\Taryn\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\END Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\BrowserProtect Folder Deleted : C:\Users\Taryn\AppData\Local\Temp\boost_interprocess Folder Deleted : C:\Users\Taryn\AppData\Roaming\Babylon ***** [Registry] ***** Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Iminent Key Deleted : HKCU\Software\f55dcd8e268eb45 Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\f55dcd8e268eb45 Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16519 [OK] Registry is clean. -\\ Google Chrome v25.0.1364.172 File : C:\Users\Taryn\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.2481] : urls_to_restore_on_startup = [ "hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mnt[...] ************************* AdwCleaner[R1].txt - [10779 octets] - [20/03/2013 19:28:41] AdwCleaner[R2].txt - [10840 octets] - [20/03/2013 19:45:37] AdwCleaner[s1].txt - [10768 octets] - [20/03/2013 19:46:08] ########## EOF - C:\AdwCleaner[s1].txt - [10829 octets] ##########
  8. HI MrC Here's the file, I don't see anything that I immediately recognised as being needed. Thanks S +++++++++++++++++++++++++++ # AdwCleaner v2.115 - Logfile created 03/20/2013 at 19:28:41 # Updated 17/03/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : Taryn - TARYN_HP # Boot Mode : Normal # Running from : C:\Users\Taryn\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\END Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\BrowserProtect Folder Found : C:\Users\Taryn\AppData\Local\Temp\boost_interprocess Folder Found : C:\Users\Taryn\AppData\Roaming\Babylon ***** [Registry] ***** Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\Iminent Key Found : HKCU\Software\f55dcd8e268eb45 Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Found : HKLM\Software\DataMngr Key Found : HKLM\Software\Iminent Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Wow6432Node\f55dcd8e268eb45 Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKU\S-1-5-21-1981887922-2588862167-3017708501-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKU\S-1-5-21-1981887922-2588862167-3017708501-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16519 [OK] Registry is clean. -\\ Google Chrome v25.0.1364.172 File : C:\Users\Taryn\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.2481] : urls_to_restore_on_startup = [ "hxxp://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=DC21083E8E00F265" ] ************************* AdwCleaner[R1].txt - [10742 octets] - [20/03/2013 19:28:41] ########## EOF - C:\AdwCleaner[R1].txt - [10803 octets] ##########
  9. HI MrC, Thanks for helping, Deleted Browserprotector Below are the output Roguekiller generated info Tks Steve +++++++++++++++++++++++++++++++++++++++++++++++ RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 8 (6.2.9200 ) 64 bits version Started in : Normal mode User : Taryn [Admin rights] Mode : Scan -- Date : 03/20/2013 19:03:49 | ARK || FAK || MBR | ¤¤¤ Bad processes : 3 ¤¤¤ [sUSP PATH] avgrunasx.exe -- C:\ProgramData\MFAData\pack\avgrunasx.exe [7] -> KILLED [TermProc] [sUSP PATH] avgmfapx.exe -- C:\ProgramData\MFAData\pack\avgmfapx.exe [7] -> KILLED [TermThr] [RESIDUE] avgmfapx.exe -- C:\ProgramData\MFAData\pack\avgmfapx.exe [7] -> KILLED [TermThr] ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MQ01ABD100 SATA Disk Device +++++ --- User --- [MBR] 59be4e3c38f76117d48be273b1c991be [bSP] a86393ff34ce3cdfe6517bd02ffac930 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 953869 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_03202013_02d1903.txt >> RKreport[1]_S_03202013_02d1903.txt +++++++++++++++++++++++++++++++++++++++++++++++++ Time : 20/03/2013 19:03:49 -------------------------- [avgrunasx.exe.vir] -> C:\ProgramData\MFAData\pack\avgrunasx.exe [avgmfapx.exe.vir] -> C:\ProgramData\MFAData\pack\avgmfapx.exe [avgmfapx.exe.vir] -> C:\ProgramData\MFAData\pack\avgmfapx.exe
  10. HI, After a cnet download yesterday, my wife's new windows 8 laptop started misbehaving. Apparently Mixi.DJ toolbar was installed in chrome browser which quickly took control of all the browsers. In an attempt to remove this toolbar spyhunter4 was briefly installed. Now both of these have been uninstalled but there are still effects on the machine but these nothing is being picked by by malware or virus scanners. We're very grateful for any assistance! Thx Steve +++++++++++ DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16519 Run by Taryn at 17:28:26 on 2013-03-20 Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.7642.4463 [GMT 0:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\dwm.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Windows\SysWOW64\schtasks.exe C:\Windows\system32\dashost.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe C:\Program Files\McAfee\AppStats\MfeASUM.exe C:\Windows\system32\mfevtps.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\valWBFPolicyService.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe C:\PROGRA~1\McAfee\MSC\McAPExe.exe C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe C:\Program Files\Common Files\AuthenTec\TrueService.exe C:\Program Files\Common Files\AuthenTec\TrueService.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Users\Taryn\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe C:\ProgramData\MFAData\pack\avgrunasx.exe C:\Program Files\iPod\bin\iPodService.exe C:\ProgramData\MFAData\pack\avgmfapx.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Program Files (x86)\AVG\AVG2013\avgfws.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files (x86)\HP SimplePass\TouchControl.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\msiexec.exe C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&ie=ISO-8859-1&q=&sa=Search mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll uRun: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\Taryn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Taryn\AppData\Roaming\Dropbox\bin\Dropbox.exe IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.254 TCP: Interfaces\{8DDC1A49-ACD3-46F0-84FD-BE2E183F4DA0} : DHCPNameServer = 192.168.1.254 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-24 79528] R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-24 26280] R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\Drivers\amdkmpfd.sys [2012-7-10 35496] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2013-2-8 311096] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2013-2-8 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2013-2-8 45880] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-11-9 771096] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-11-9 339776] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2012-12-15 56336] R1 Avgfwfd;AVG network filter service;C:\Windows\System32\Drivers\avgfwd6a.sys [2012-9-4 50296] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2013-2-26 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2013-2-8 206136] R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2013-2-24 247608] R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-9-1 92536] R1 MfeASKM;McAfee Application Statistics Device Driver;C:\Program Files\McAfee\AppStats\MfeASKM.sys [2013-2-1 31408] R1 MOBKFilter;MOBKFilter;C:\Windows\System32\Drivers\MOBK.sys [2013-2-1 66040] R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-17 171600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-9 239616] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-8 361984] R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2012-9-1 199008] R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-2-19 1418184] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-2-19 282624] R2 BrowserProtect;BrowserProtect;C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-3-19 2569168] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-8-10 1641320] R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-2-1 220856] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-8-10 29600] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-20 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-20 682344] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-2-1 103472] R2 McMPFSvc;McAfee Personal Firewall;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-2-1 220856] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-2-1 220856] R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-2-1 220856] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-2-1 220856] R2 McPvDrv;McPvDrv Driver;C:\Windows\System32\Drivers\McPvDrv.sys [2013-2-1 74120] R2 MfeASUM;McAfee Application Statistics Service;C:\Program Files\McAfee\AppStats\MfeASUM.exe [2013-2-1 335216] R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-2-1 1007288] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-2-1 218320] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-2-1 177680] R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224] R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-2-13 1861288] R2 Sage AutoUpdate Manager Service;Sage AutoUpdate Manager Service;C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe [2012-7-5 8192] R2 Sage SData Service;Sage SData Service;C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe [2012-5-17 53248] R2 valWBFPolicyService;Validity WBF Policy Service;C:\Windows\System32\valWBFPolicyService.exe [2012-8-18 28160] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-18 98472] R3 BtAudioBusSrv;IVT Bluetooth Audio Bus Service;C:\Windows\System32\Drivers\BtAudioBus.sys [2012-6-15 23136] R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-11-9 69672] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-3-20 24176] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-11-9 309400] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-11-9 515528] R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\Drivers\mfencbdc.sys [2012-11-2 328976] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2012-9-1 1958984] R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-9-1 294544] R3 rtbth;RTBTH Bluetooth Device Driver;C:\Windows\System32\Drivers\rtbth.sys [2012-8-9 695392] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-9-1 690832] R3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-9-1 41272] R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2012-9-1 57000] R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-3 20288] R3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2012-12-17 23552] R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656] S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2012-10-26 20912] S0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2013-2-8 71480] S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2013-2-1 69168] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-2-27 4937264] S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-7-19 56904] S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752] S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-8-8 48736] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\Drivers\HipShieldK.sys [2013-2-1 197264] S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\Drivers\mfencrk.sys [2012-11-2 97208] S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-1 43832] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] . =============== Created Last 30 ================ . 2013-03-20 12:23:22 -------- d-----w- C:\Users\Taryn\AppData\Roaming\Malwarebytes 2013-03-20 12:23:00 -------- d-----w- C:\ProgramData\Malwarebytes 2013-03-20 12:22:49 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-20 12:22:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-20 12:22:31 -------- d-----w- C:\Users\Taryn\AppData\Local\Programs 2013-03-20 11:54:01 -------- d-----w- C:\Users\Taryn\AppData\Roaming\AVG2013 2013-03-20 11:53:08 -------- d-----w- C:\Users\Taryn\AppData\Roaming\TuneUp Software 2013-03-20 11:49:49 -------- d--h--w- C:\$AVG 2013-03-20 11:49:48 -------- d-----w- C:\ProgramData\AVG2013 2013-03-20 11:49:10 -------- d-----w- C:\Program Files (x86)\AVG 2013-03-20 11:30:32 -------- d--h--w- C:\ProgramData\Common Files 2013-03-20 11:30:31 -------- d-----w- C:\Users\Taryn\AppData\Local\MFAData 2013-03-20 11:30:31 -------- d-----w- C:\Users\Taryn\AppData\Local\Avg2013 2013-03-20 11:30:31 -------- d-----w- C:\ProgramData\MFAData 2013-03-20 10:06:24 -------- d-----w- C:\Program Files\Enigma Software Group 2013-03-20 10:05:58 -------- d-----w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP 2013-03-20 10:05:54 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-03-19 23:52:44 -------- d-----w- C:\Program Files (x86)\EPSViewer 2013-03-19 23:49:44 -------- d-----w- C:\Windows\SysWow64\searchplugins 2013-03-19 23:49:44 -------- d-----w- C:\Windows\SysWow64\Extensions 2013-03-19 23:49:20 -------- d-----w- C:\ProgramData\BrowserProtect 2013-03-19 23:46:01 -------- d-----w- C:\Users\Taryn\AppData\Roaming\Babylon 2013-03-19 23:46:01 -------- d-----w- C:\ProgramData\Babylon 2013-03-17 11:36:41 -------- d-----w- C:\Program Files\iPod 2013-03-17 11:36:40 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-03-17 11:36:40 -------- d-----w- C:\Program Files\iTunes 2013-03-17 11:36:40 -------- d-----w- C:\Program Files (x86)\iTunes 2013-03-14 10:24:59 700928 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2013-03-14 10:23:52 468992 ----a-w- C:\Windows\System32\MFMediaEngine.dll 2013-03-14 10:23:51 361984 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll 2013-03-14 10:23:49 622080 ----a-w- C:\Windows\System32\drivers\srv2.sys 2013-03-14 10:23:49 370688 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2013-03-14 10:23:49 247808 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2013-03-14 10:23:49 215552 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2013-03-14 10:23:46 1690624 ----a-w- C:\Windows\System32\GdiPlus.dll 2013-03-14 10:23:45 1437184 ----a-w- C:\Windows\SysWow64\GdiPlus.dll 2013-03-12 11:26:04 192784 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10196.bin 2013-03-11 16:12:18 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2013-02-27 12:36:20 1010688 ----a-w- C:\Windows\System32\reseteng.dll 2013-02-27 12:36:19 443392 ----a-w- C:\Windows\System32\ReAgent.dll 2013-02-27 12:36:19 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll 2013-02-26 23:40:46 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-02-25 12:30:28 150600 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 2013-02-25 12:30:04 1274456 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\pidgenx.dll 2013-02-24 23:37:28 247608 ----a-w- C:\Windows\System32\drivers\avgwfpa.sys 2013-02-22 05:13:58 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll 2013-02-22 05:13:58 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll . ==================== Find3M ==================== . 2013-03-05 23:07:25 78168 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-05 23:07:25 692568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-15 07:58:59 39936 ----a-w- C:\Windows\apppatch\apppatch64\acspecfc.dll 2013-02-15 06:35:40 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 01:30:04 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-02-12 00:56:19 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-02-12 00:25:18 4041728 ----a-w- C:\Windows\System32\win32k.sys 2013-02-08 04:37:56 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2013-02-08 04:37:54 311096 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-02-08 04:37:50 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2013-02-08 04:37:42 206136 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-02-08 04:37:40 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2013-02-07 04:09:56 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys 2013-02-07 03:34:58 10115072 ----a-w- C:\Windows\System32\twinui.dll 2013-02-07 03:33:47 2302464 ----a-w- C:\Windows\System32\authui.dll 2013-02-07 03:33:42 2146816 ----a-w- C:\Windows\System32\actxprxy.dll 2013-02-07 01:34:00 8856576 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-02-07 01:33:03 2033664 ----a-w- C:\Windows\SysWow64\authui.dll 2013-02-07 01:33:01 754176 ----a-w- C:\Windows\SysWow64\actxprxy.dll 2013-02-05 04:58:01 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-05 04:56:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-05 04:56:27 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-02-05 04:56:27 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-02-05 03:55:27 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-02-05 01:44:50 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll 2013-02-04 22:39:47 2246656 ----a-w- C:\Windows\System32\wininet.dll 2013-02-04 22:39:39 907776 ----a-w- C:\Windows\System32\uxtheme.dll 2013-02-04 22:38:55 3966464 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-04 22:38:53 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-02-02 11:19:44 496872 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-02-02 11:19:44 446184 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2013-02-02 11:19:41 329960 ----a-w- C:\Windows\System32\drivers\storport.sys 2013-02-02 11:19:33 61672 ----a-w- C:\Windows\System32\drivers\crashdmp.sys 2013-02-02 10:54:54 1933544 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-02-02 10:28:54 993512 ----a-w- C:\Windows\System32\drivers\ndis.sys 2013-02-02 10:28:54 2226408 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-02-02 09:42:07 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll 2013-02-02 08:40:58 375808 ----a-w- C:\Windows\SysWow64\wbem\WmiPrvSE.exe 2013-02-02 08:40:55 80896 ----a-w- C:\Windows\SysWow64\tasklist.exe 2013-02-02 08:40:55 79360 ----a-w- C:\Windows\SysWow64\taskkill.exe 2013-02-02 08:40:36 155136 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll 2013-02-02 08:40:35 370688 ----a-w- C:\Windows\SysWow64\WWanAPI.dll 2013-02-02 08:40:27 131072 ----a-w- C:\Windows\SysWow64\wbem\WmiDcPrv.dll 2013-02-02 08:40:26 410624 ----a-w- C:\Windows\SysWow64\wlroamextension.dll 2013-02-02 08:40:22 197632 ----a-w- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll 2013-02-02 08:40:22 10792448 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll 2013-02-02 08:40:01 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll 2013-02-02 08:39:59 325632 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-02-02 08:39:47 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll 2013-02-02 08:39:34 55296 ----a-w- C:\Windows\SysWow64\nlaapi.dll 2013-02-02 08:39:34 15872 ----a-w- C:\Windows\SysWow64\nlmproxy.dll 2013-02-02 08:39:34 12288 ----a-w- C:\Windows\SysWow64\nlmsprep.dll 2013-02-02 08:39:33 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll 2013-02-02 08:39:28 5090816 ----a-w- C:\Windows\SysWow64\mstscax.dll 2013-02-02 08:39:15 157696 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll 2013-02-02 08:38:54 567808 ----a-w- C:\Windows\SysWow64\duser.dll 2013-02-02 08:24:19 107520 ----a-w- C:\Windows\System32\taskkill.exe 2013-02-02 08:24:19 102400 ----a-w- C:\Windows\System32\tasklist.exe 2013-02-02 08:23:44 228352 ----a-w- C:\Windows\System32\XpsRasterService.dll 2013-02-02 08:23:43 475136 ----a-w- C:\Windows\System32\WWanAPI.dll 2013-02-02 08:23:37 611840 ----a-w- C:\Windows\System32\wpd_ci.dll 2013-02-02 08:23:37 105472 ----a-w- C:\Windows\System32\wpdbusenum.dll 2013-02-02 08:23:30 830464 ----a-w- C:\Windows\System32\wbem\WmiPrvSD.dll 2013-02-02 08:23:28 543232 ----a-w- C:\Windows\System32\wlroamextension.dll 2013-02-02 08:23:21 13643264 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll 2013-02-02 08:23:19 293376 ----a-w- C:\Windows\System32\Windows.Networking.Connectivity.dll 2013-02-02 08:23:18 731648 ----a-w- C:\Windows\System32\win32spl.dll 2013-02-02 08:23:16 87552 ----a-w- C:\Windows\System32\wersvc.dll 2013-02-02 08:22:28 448512 ----a-w- C:\Windows\System32\SettingSync.dll 2013-02-02 08:22:22 416256 ----a-w- C:\Windows\System32\schannel.dll 2013-02-02 08:21:45 467456 ----a-w- C:\Windows\System32\netprofmsvc.dll 2013-02-02 08:21:44 385024 ----a-w- C:\Windows\System32\ncsi.dll 2013-02-02 08:21:38 5977600 ----a-w- C:\Windows\System32\mstscax.dll 2013-02-02 08:21:10 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll 2013-02-02 08:20:47 260096 ----a-w- C:\Windows\System32\hotspotauth.dll 2013-02-02 08:20:31 729600 ----a-w- C:\Windows\System32\duser.dll 2013-02-02 07:30:05 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 07:25:52 297984 ----a-w- C:\Windows\System32\drivers\ks.sys 2013-02-02 07:25:26 82944 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-02-02 07:25:23 37632 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys 2013-01-14 03:56:14 6967016 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-10 01:53:32 28904 ----a-w- C:\Windows\System32\drivers\msgpiowin32.sys 2013-01-10 01:40:39 1448168 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-01-10 01:40:38 303848 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-01-10 01:39:29 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2013-01-10 01:39:22 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2013-01-10 01:29:56 91880 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2013-01-10 01:29:21 785504 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-01-09 23:26:53 83968 ----a-w- C:\Windows\SysWow64\wiaacmgr.exe 2013-01-09 23:26:46 1611776 ----a-w- C:\Windows\SysWow64\mmc.exe 2013-01-09 23:26:35 410624 ----a-w- C:\Windows\SysWow64\Windows.Networking.dll 2013-01-09 23:26:35 261120 ----a-w- C:\Windows\SysWow64\Windows.Media.dll 2013-01-09 23:26:23 1752064 ----a-w- C:\Windows\SysWow64\setupapi.dll 2013-01-09 23:26:20 67584 ----a-w- C:\Windows\SysWow64\samlib.dll 2013-01-09 23:26:04 890880 ----a-w- C:\Windows\SysWow64\msctf.dll 2013-01-09 23:26:03 436736 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL 2013-01-09 23:23:32 95232 ----a-w- C:\Windows\System32\wiaacmgr.exe 2013-01-09 23:23:25 2094592 ----a-w- C:\Windows\System32\mmc.exe 2013-01-09 23:23:23 240640 ----a-w- C:\Windows\System32\fsquirt.exe 2013-01-09 23:23:18 256000 ----a-w- C:\Windows\System32\WSDMon.dll . ============= FINISH: 17:29:04.74 =============== ++++++++++++++++++++++++++++++. DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Boot Device: \Device\HarddiskVolume2 Install Date: 08/12/2012 13:57:52 System Uptime: 20/03/2013 11:41:51 (6 hours ago) . Motherboard: Hewlett-Packard | | 18A7 Processor: AMD A8-4500M APU with Radeon™ HD Graphics | Socket FT1 | 1900/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 912 GiB total, 840.158 GiB free. D: is FIXED (NTFS) - 19 GiB total, 2.409 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP16: 27/02/2013 12:43:52 - Windows Update RP17: 08/03/2013 09:53:56 - McAfee Vulnerability Scanner RP18: 14/03/2013 10:48:40 - Windows Update RP19: 15/03/2013 11:51:24 - McAfee Vulnerability Scanner RP20: 17/03/2013 11:22:15 - Installed iCloud RP21: 20/03/2013 00:12:44 - Removed MixiDJ Chrome Toolbar . ==== Installed Programs ====================== . Accounts Adobe Flash Player 11 Plugin Adobe Photoshop Elements 11 Adobe Premiere Elements 11 Adobe Reader XI (11.0.02) Adobe Shockwave Player 11.6 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AMD Quick Stream AMD VISION Engine Control Center Apple Application Support Apple Mobile Device Support Apple Software Update AuthenTec TrueAPI 64-bit AVG 2013 Bonjour BrowserProtect Canon MG5200 series MP Drivers Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Connected Music powered by Universal Music Group version 1.0 CyberLink LabelPrint CyberLink Media Suite 10 CyberLink PhotoDirector CyberLink Power2Go 8 CyberLink PowerDirector 10 CyberLink PowerDVD CyberLink YouCam D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox Elements 11 Organizer Energy Star EPS Viewer Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.2.1.1 HP 3D DriveGuard HP Connected Music (Meridian - installer) HP CoolSense HP Customer Experience Enhancements HP Documentation HP Games HP Postscript Converter HP Quick Launch HP Recovery Manager HP Registration Service HP SimplePass HP Software Framework HP Support Assistant HP Utility Center HP Wireless Button Driver iCloud IDT Audio iTunes Malwarebytes Anti-Malware version 1.70.0.1100 McAfee All Access – Total Protection McAfee Online Backup Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Outlook 2013 - en-us Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component PRE11 STI 64Installer PSE11 STI Installer Ralink Bluetooth Stack64 Ralink RT3290 802.11bgn Wi-Fi Adapter Realtek Ethernet Controller Driver Realtek PCIE Card Reader Sage 50 Accounts 2013 Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Shared C Run-time for x64 swMSM Synaptics Pointing Device Driver Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Validity WBF DDK Visual Studio 2010 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Language Selector Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 20/03/2013 16:54:59, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.75. The computer with the IP address 192.168.1.74 did not allow the name to be claimed by this computer. 20/03/2013 15:04:42, Error: Microsoft-Windows-HttpEvent [15011] - Unable to create the error log file. Make sure that the error logging directory is correct. 20/03/2013 11:42:15, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. 20/03/2013 11:42:11, Error: Service Control Manager [7019] - The EsgScanner service depends on a service in a group which starts later. Change the order in the service dependency tree to ensure that all services required to start this service are starting before this service is started. 20/03/2013 11:42:11, Error: Service Control Manager [7018] - Detected circular dependencies auto-starting services. Check the service dependency tree. 20/03/2013 01:09:58, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfecore service. 19/03/2013 23:49:59, Error: Service Control Manager [7030] - The SProtection service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 17/03/2013 11:32:39, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running. 17/03/2013 11:31:39, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 17/03/2013 11:31:13, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 13/03/2013 13:04:36, Error: bowser [8003] - The master browser has received a server announcement from the computer STEVEO_LAP-TOSH that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8DDC1A49-ACD3-46F0-84FD-BE2E183F4DA0}. The master browser is stopping or an election is being forced. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.