Jump to content

beepbeep

Honorary Members
 View Profile  See their activity

  • Posts

    60

  • Joined

  • Last visited

 Content Type 

Everything posted by beepbeep

  1. beepbeep
    All processes killed ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Mark\Desktop\cmd.bat deleted successfully. C:\Users\Mark\Desktop\cmd.txt deleted successfully. DllUnregisterServer procedure not found in C:\Users\Mark\AppData\Local\Temp\3FE1ED05-BAB0-7891-9D82-99EFABF9E447\Latest\BExternal.dll C:\Users\Mark\AppData\Local\Temp\3FE1ED05-BAB0-7891-9D82-99EFABF9E447\Latest\BExternal.dll moved successfully. DllUnregisterServer procedure not found in C:\Users\Mark\AppData\Local\Temp\3FE1ED05-BAB0-7891-9D82-99EFABF9E447\Latest\IEHelper.dll C:\Users\Mark\AppData\Local\Temp\3FE1ED05-BAB0-7891-9D82-99EFABF9E447\Latest\IEHelper.dll moved successfully. File/Folder C:\Users\Mark\Downloads\FRST64(2).exe not found. C:\Users\Mark\Downloads\FRST64(1).exe moved successfully. C:\FRST\Quarantine folder moved successfully. C:\FRST\Logs folder moved successfully. C:\FRST\Hives\Users\00000002 folder moved successfully. C:\FRST\Hives\Users\00000001 folder moved successfully. C:\FRST\Hives\Users folder moved successfully. C:\FRST\Hives folder moved successfully. C:\FRST folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mark ->Temp folder emptied: 6427267 bytes ->Temporary Internet Files folder emptied: 44197355 bytes ->FireFox cache emptied: 7022583 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 515 bytes User: Mark Pocock User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1715504 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1248382 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 456443 bytes RecycleBin emptied: 58545953 bytes Total Files Cleaned = 114.00 mb OTM by OldTimer - Version 3.1.21.0 log created on 09182013_123352 Files moved on Reboot... C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. File move failed. C:\Windows\temp\lm\Mark\aipflib.log scheduled to be moved on reboot. File move failed. C:\Windows\temp\lm\Mark\LMutilps32.log scheduled to be moved on reboot. File move failed. C:\Windows\temp\lm\dsiwmis.log scheduled to be moved on reboot. File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot. Registry entries deleted on Reboot...
  2. beepbeep
    Results of screen317's Security Check version 0.99.73 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Windows Defender Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Flash Player 11.8.800.168 Adobe Reader XI Mozilla Firefox (23.0.1) Google Chrome 29.0.1547.62 Google Chrome 29.0.1547.66 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  3. beepbeep
    C:\Users\Mark\AppData\Local\Temp\3FE1ED05-BAB0-7891-9D82-99EFABF9E447\Latest\BExternal.dll a variant of Win32/Toolbar.Babylon.F application C:\Users\Mark\AppData\Local\Temp\3FE1ED05-BAB0-7891-9D82-99EFABF9E447\Latest\IEHelper.dll Win32/Toolbar.Babylon.E application
  4. beepbeep
    It's all working ok now.
  5. beepbeep
    Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.14.05 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16688 Mark :: MARK [administrator] 15/09/2013 18:15:31 mbam-log-2013-09-15 (18-15-31).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 444516 Time elapsed: 55 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 3 C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Users\Mark\Downloads\Setup(1).exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully. C:\Users\Mark\Downloads\Setup.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully. (end)
  6. beepbeep
    # AdwCleaner v3.004 - Report created 15/09/2013 at 15:25:55 # Updated 15/09/2013 by Xplode # Operating System : Windows 8 (64 bits) # Username : Mark - MARK # Running from : C:\Users\Mark\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\DSearchLink Folder Deleted : C:\Users\Mark\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\Mark\AppData\Roaming\Babylon File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\w6u0r3yc.default\user.js File Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\53ed7d1b73be543 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr [#] Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16688 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\w6u0r3yc.default\prefs.js ] Line Deleted : user_pref("CT3289075.installerVersion", "1.4.2.3"); Line Deleted : user_pref("extensions.delta.admin", false); Line Deleted : user_pref("extensions.delta.aflt", "babsst"); Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Line Deleted : user_pref("extensions.delta.autoRvrt", "false"); Line Deleted : user_pref("extensions.delta.dfltLng", "en"); Line Deleted : user_pref("extensions.delta.excTlbr", false); Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true); Line Deleted : user_pref("extensions.delta.id", "88983792000000000000164bf5a6f568"); Line Deleted : user_pref("extensions.delta.instlDay", "15962"); Line Deleted : user_pref("extensions.delta.instlRef", "sst"); Line Deleted : user_pref("extensions.delta.newTab", false); Line Deleted : user_pref("extensions.delta.prdct", "delta"); Line Deleted : user_pref("extensions.delta.prtnrId", "delta"); Line Deleted : user_pref("extensions.delta.rvrt", "false"); Line Deleted : user_pref("extensions.delta.smplGrp", "none"); Line Deleted : user_pref("extensions.delta.tlbrId", "base"); Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", ""); Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6"); Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.616:45:09"); Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6"); Line Deleted : user_pref("extensions.delta_i.babExt", ""); Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=121240&tsp=5005"); Line Deleted : user_pref("extensions.delta_i.srcExt", "ss"); -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [6628 octets] - [15/09/2013 14:25:40] AdwCleaner[R1].txt - [6688 octets] - [15/09/2013 14:28:18] AdwCleaner[s0].txt - [6132 octets] - [15/09/2013 15:25:55] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6192 octets] ##########
  7. beepbeep
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-09-2013 04 Ran by Mark (administrator) on MARK on 15-09-2013 09:28:14 Running from C:\Users\Mark\Downloads Windows 8 (X64) OS Language: English(UK) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (MC2Method.com) C:\Users\Mark\Downloads\MindFlasherText.exe (BrowserSafeguard) C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) C:\Users\Mark\Downloads\FRST64(2).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM-x32\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0AMQA2ADcAMwAxADcAOAA4ADgAMwAtAEQARABUACsAMAAtAEYATAArADkALQBTAFQAOQAwAEYAQQBQAFAAKwAxAA"&"prod=90"&"ver=9.0.902 [x] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations)) HKCU\...\Run: [subliminal Power] - C:\Program Files (x86)\Subliminal Power\Subliminal.exe /s HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Run: [MindFlasher] - C:\Users\Mark\Downloads\MindFlasherText.exe [295424 2013-07-22] (MC2Method.com) HKCU\...\Run: [browserSafeguard] - C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe [563200 2013-09-04] (BrowserSafeguard) HKLM-x32\...\Run: [LManager] - [x] HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:49263;https=127.0.0.1:49263 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=8898164BF5A6F568&affID=121240&tsp=5005 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com SearchScopes: HKLM - DefaultScope {6F699FA9-8BFF-49BA-83C1-0B067BE380B5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS SearchScopes: HKLM - {6F699FA9-8BFF-49BA-83C1-0B067BE380B5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS SearchScopes: HKLM-x32 - DefaultScope {6F699FA9-8BFF-49BA-83C1-0B067BE380B5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS SearchScopes: HKLM-x32 - {6F699FA9-8BFF-49BA-83C1-0B067BE380B5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS SearchScopes: HKCU - DefaultScope {6F699FA9-8BFF-49BA-83C1-0B067BE380B5} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=8898164BF5A6F568&affID=121240&tsp=5005 SearchScopes: HKCU - {6F699FA9-8BFF-49BA-83C1-0B067BE380B5} URL = SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={87177234-CF72-47C4-BA8D-7A239ABB17F4}&mid=ebf37969457947d09dc969c1a529aad6-18284b64c028a52bf8145a43c8a63f00f312ec43〈=us&ds=AVG&pr=fr&d=2013-01-01 10:44:25&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms} BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\w6u0r3yc.default FF user.js: detected! => C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\w6u0r3yc.default\user.js FF SelectedSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Skype Click to Call) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ==================== Services (Whitelisted) ================= R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [28560 2012-08-30] (ELAN Microelectronics Corp.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-17] (Dritek System INC.) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-17] (Dritek System Inc.) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-15 09:27 - 2013-09-15 09:27 - 01951102 _____ (Farbar) C:\Users\Mark\Downloads\FRST64(2).exe 2013-09-14 16:55 - 2013-09-14 16:55 - 00000000 ____D C:\Users\Mark\AppData\Local\avgchrome 2013-09-14 16:48 - 2013-09-14 16:49 - 00024139 _____ C:\Users\Mark\Downloads\Addition.txt 2013-09-14 16:47 - 2013-09-14 16:47 - 01950312 _____ (Farbar) C:\Users\Mark\Downloads\FRST64(1).exe 2013-09-14 16:47 - 2013-09-14 16:47 - 00000000 ____D C:\FRST 2013-09-14 16:45 - 2013-09-14 16:45 - 00003848 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task 2013-09-14 16:45 - 2013-09-14 16:45 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard 2013-09-14 16:44 - 2013-09-14 16:44 - 00001868 _____ C:\Users\Mark\Desktop\Search.lnk 2013-09-14 16:44 - 2013-09-14 16:44 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Babylon 2013-09-14 16:44 - 2013-09-14 16:44 - 00000000 ____D C:\ProgramData\DSearchLink 2013-09-14 16:44 - 2013-09-14 16:44 - 00000000 ____D C:\ProgramData\Babylon 2013-09-14 16:43 - 2013-09-14 16:43 - 01950312 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe 2013-09-14 16:43 - 2013-09-14 16:43 - 01290904 _____ (ExpressInstaller) C:\Users\Mark\Downloads\Setup.exe 2013-09-14 16:42 - 2013-09-14 16:42 - 00761160 _____ (Reimage®) C:\Users\Mark\Downloads\ReimageRepair(1).exe 2013-09-14 16:41 - 2013-09-14 16:41 - 00761160 _____ (Reimage®) C:\Users\Mark\Downloads\ReimageRepair.exe 2013-09-14 15:47 - 2013-09-14 15:47 - 00001081 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-14 10:20 - 2013-09-14 10:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-13 20:12 - 2013-09-13 20:13 - 00050472 _____ C:\Users\Mark\Desktop\RealDose - Home.htm 2013-09-13 08:02 - 2013-09-13 08:03 - 00317520 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 07:35 - 2013-09-05 21:09 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-12 07:35 - 2013-09-05 21:09 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-11 17:57 - 2013-09-11 17:57 - 00000000 ____D C:\Users\Mark\Desktop\Belinda_data 2013-09-11 16:19 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2013-09-11 11:54 - 2013-09-11 18:00 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Audacity 2013-09-11 11:54 - 2013-09-11 11:54 - 00000979 _____ C:\Users\Public\Desktop\Audacity.lnk 2013-09-11 11:54 - 2013-09-11 11:54 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-09-11 11:53 - 2013-09-11 11:53 - 22308174 _____ (Audacity Team ) C:\Users\Mark\Downloads\audacity-win-2.0.4.exe 2013-09-11 11:40 - 2013-09-11 12:05 - 00000000 ____D C:\Users\Mark\Documents\WEBINAR 2013-09-11 10:21 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2013-09-11 10:21 - 2013-08-16 06:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2013-09-11 10:21 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-09-11 10:21 - 2013-08-16 06:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-09-11 10:21 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2013-09-11 10:21 - 2013-08-16 06:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-09-11 10:21 - 2013-08-16 06:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-09-11 10:21 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2013-09-11 10:21 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2013-09-11 10:21 - 2013-08-15 23:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-09-11 10:20 - 2013-08-21 05:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-11 10:20 - 2013-08-21 05:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-11 10:20 - 2013-08-21 03:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-11 10:20 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2013-09-11 10:20 - 2013-08-16 06:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-09-11 10:20 - 2013-08-16 06:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2013-09-11 10:20 - 2013-08-16 06:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-09-11 10:20 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll 2013-09-11 10:20 - 2013-08-15 23:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-09-11 10:20 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2013-09-11 10:20 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2013-09-11 10:20 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll 2013-09-11 10:19 - 2013-08-21 05:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-11 10:19 - 2013-08-21 05:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-11 10:19 - 2013-08-21 05:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-11 10:19 - 2013-08-21 05:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-11 10:19 - 2013-08-21 03:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-11 10:19 - 2013-08-21 03:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-11 10:19 - 2013-08-21 03:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-11 10:19 - 2013-08-21 03:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-11 10:19 - 2013-08-21 03:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-11 10:19 - 2013-08-21 02:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-11 10:19 - 2013-08-21 00:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-09-11 10:19 - 2013-08-03 05:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-11 10:19 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-11 10:19 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-11 10:19 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-11 10:19 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-11 10:19 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-11 10:19 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-11 10:19 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-11 10:19 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-11 10:19 - 2013-07-06 01:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-11 10:19 - 2013-07-03 01:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-11 10:19 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-11 10:19 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-11 10:19 - 2013-07-03 01:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-11 10:19 - 2013-07-03 01:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-11 10:19 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-11 10:19 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-11 10:19 - 2013-07-01 23:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-11 10:19 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-11 10:19 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-11 10:19 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-11 10:19 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-11 10:19 - 2013-06-29 06:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-11 10:19 - 2013-06-29 02:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-11 10:19 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-11 10:19 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-11 10:19 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-11 10:19 - 2013-06-24 23:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-11 10:19 - 2013-06-24 23:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-11 10:19 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-11 10:19 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-11 10:19 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-11 10:19 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-11 10:19 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-11 10:19 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-11 10:19 - 2013-06-10 22:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-11 10:19 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-11 10:19 - 2013-06-10 20:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-11 10:19 - 2013-06-10 20:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-11 10:19 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-11 10:19 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-11 10:19 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-11 10:19 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-09 12:13 - 2013-09-09 12:13 - 00094926 _____ C:\Users\Mark\Desktop\Jon Loomer Digital For Advanced Facebook Marketers.htm 2013-09-05 17:16 - 2013-09-14 09:37 - 00000000 ____D C:\Users\Mark\Documents\Belinda 2013-08-30 08:31 - 2013-08-30 08:31 - 00064641 _____ C:\Users\Mark\Desktop\The Truth About Selling.htm 2013-08-26 13:16 - 2013-09-11 10:48 - 00000000 ____D C:\Windows\system32\MRT 2013-08-26 12:56 - 2013-07-02 01:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2013-08-26 12:56 - 2013-07-01 23:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2013-08-26 12:55 - 2013-07-09 07:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-26 12:55 - 2013-05-24 00:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-26 12:55 - 2013-05-23 23:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-26 12:53 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-26 12:53 - 2013-07-13 07:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-26 12:53 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-26 12:53 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2013-08-26 12:53 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2013-08-26 12:53 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-26 12:53 - 2013-07-13 05:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-26 12:53 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2013-08-26 12:53 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2013-08-20 11:40 - 2013-08-20 16:08 - 00000022 _____ C:\Users\Mark\Downloads\fwf.zip 2013-08-20 08:52 - 2013-08-20 08:52 - 00038093 _____ C:\Users\Mark\Desktop\Super Fast Business Success with James Schramko —.htm 2013-08-18 12:04 - 2013-08-18 12:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-09-15 09:27 - 2013-09-15 09:27 - 01951102 _____ (Farbar) C:\Users\Mark\Downloads\FRST64(2).exe 2013-09-15 09:27 - 2013-05-14 12:05 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Skype 2013-09-15 09:10 - 2012-07-26 08:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-15 09:08 - 2013-01-01 14:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-15 09:03 - 2013-07-22 13:44 - 00000188 _____ C:\Users\Mark\Downloads\MindFlasherText.ini 2013-09-15 09:03 - 2013-02-05 15:04 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-15 09:02 - 2013-05-01 20:18 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-15 09:02 - 2013-01-30 09:02 - 00000372 _____ C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job 2013-09-15 09:02 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-14 21:01 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI 2013-09-14 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-14 19:43 - 2013-05-01 20:18 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-14 16:55 - 2013-09-14 16:55 - 00000000 ____D C:\Users\Mark\AppData\Local\avgchrome 2013-09-14 16:49 - 2013-09-14 16:48 - 00024139 _____ C:\Users\Mark\Downloads\Addition.txt 2013-09-14 16:47 - 2013-09-14 16:47 - 01950312 _____ (Farbar) C:\Users\Mark\Downloads\FRST64(1).exe 2013-09-14 16:47 - 2013-09-14 16:47 - 00000000 ____D C:\FRST 2013-09-14 16:45 - 2013-09-14 16:45 - 00003848 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task 2013-09-14 16:45 - 2013-09-14 16:45 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard 2013-09-14 16:44 - 2013-09-14 16:44 - 00001868 _____ C:\Users\Mark\Desktop\Search.lnk 2013-09-14 16:44 - 2013-09-14 16:44 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Babylon 2013-09-14 16:44 - 2013-09-14 16:44 - 00000000 ____D C:\ProgramData\DSearchLink 2013-09-14 16:44 - 2013-09-14 16:44 - 00000000 ____D C:\ProgramData\Babylon 2013-09-14 16:43 - 2013-09-14 16:43 - 01950312 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe 2013-09-14 16:43 - 2013-09-14 16:43 - 01290904 _____ (ExpressInstaller) C:\Users\Mark\Downloads\Setup.exe 2013-09-14 16:42 - 2013-09-14 16:42 - 00761160 _____ (Reimage®) C:\Users\Mark\Downloads\ReimageRepair(1).exe 2013-09-14 16:41 - 2013-09-14 16:41 - 00761160 _____ (Reimage®) C:\Users\Mark\Downloads\ReimageRepair.exe 2013-09-14 15:47 - 2013-09-14 15:47 - 00001081 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-14 15:47 - 2013-01-01 14:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-14 10:20 - 2013-09-14 10:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-14 09:37 - 2013-09-05 17:16 - 00000000 ____D C:\Users\Mark\Documents\Belinda 2013-09-14 07:16 - 2013-02-05 15:04 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-13 20:13 - 2013-09-13 20:12 - 00050472 _____ C:\Users\Mark\Desktop\RealDose - Home.htm 2013-09-13 16:54 - 2012-07-26 06:26 - 00390896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2013-09-13 08:03 - 2013-09-13 08:02 - 00317520 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 10:54 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache 2013-09-11 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore 2013-09-11 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB 2013-09-11 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\en-GB 2013-09-11 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-09-11 21:00 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-11 18:00 - 2013-09-11 11:54 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Audacity 2013-09-11 17:57 - 2013-09-11 17:57 - 00000000 ____D C:\Users\Mark\Desktop\Belinda_data 2013-09-11 12:05 - 2013-09-11 11:40 - 00000000 ____D C:\Users\Mark\Documents\WEBINAR 2013-09-11 11:54 - 2013-09-11 11:54 - 00000979 _____ C:\Users\Public\Desktop\Audacity.lnk 2013-09-11 11:54 - 2013-09-11 11:54 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-09-11 11:53 - 2013-09-11 11:53 - 22308174 _____ (Audacity Team ) C:\Users\Mark\Downloads\audacity-win-2.0.4.exe 2013-09-11 10:48 - 2013-08-26 13:16 - 00000000 ____D C:\Windows\system32\MRT 2013-09-11 10:47 - 2013-01-01 14:02 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-11 10:23 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-10 18:08 - 2013-01-01 14:17 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-09 12:13 - 2013-09-09 12:13 - 00094926 _____ C:\Users\Mark\Desktop\Jon Loomer Digital For Advanced Facebook Marketers.htm 2013-09-08 19:11 - 2013-01-04 18:51 - 00000000 ____D C:\Users\Mark\Desktop\Parris-13 2013-09-06 15:12 - 2013-01-01 12:48 - 00000000 ____D C:\Users\Mark\Documents\Parris-1 2013-09-05 21:09 - 2013-09-12 07:35 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-05 21:09 - 2013-09-12 07:35 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-05 20:16 - 2013-02-27 13:04 - 00051712 ___SH C:\Users\Mark\Documents\Thumbs.db 2013-09-05 20:15 - 2013-01-01 12:19 - 00000000 ____D C:\Users\Mark\Documents\NEIL ASHER 2013-09-04 19:47 - 2013-05-01 20:18 - 00002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-08-30 10:18 - 2013-01-29 12:08 - 00000000 ____D C:\Users\Mark\Documents\11th Element 2013-08-30 08:48 - 2013-05-01 15:07 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 08:48 - 2013-05-01 15:07 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 08:48 - 2013-05-01 15:07 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 08:48 - 2013-02-05 15:04 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 08:48 - 2013-02-05 15:04 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 08:48 - 2013-02-05 15:04 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 08:48 - 2013-02-05 15:04 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 08:48 - 2013-02-05 15:04 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 08:47 - 2013-02-05 15:04 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 08:47 - 2013-02-05 15:04 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-08-30 08:31 - 2013-08-30 08:31 - 00064641 _____ C:\Users\Mark\Desktop\The Truth About Selling.htm 2013-08-29 15:34 - 2013-01-01 12:19 - 00000000 ____D C:\Users\Mark\Documents\Mark Pocock 2013-08-27 17:48 - 2013-04-08 09:08 - 00000000 ____D C:\Users\Mark\Documents\eye exercises 2013-08-27 11:15 - 2013-01-01 12:19 - 00000000 ____D C:\Users\Mark\Documents\Marcella Swipes 2013-08-27 08:34 - 2013-01-01 12:17 - 00000000 ____D C:\Users\Mark\Documents\Alexi 2013-08-26 21:54 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-08-26 21:54 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-08-26 21:54 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender 2013-08-26 21:54 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-08-22 19:24 - 2013-05-14 12:05 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-08-22 11:56 - 2013-06-22 17:27 - 00000000 ____D C:\Users\Mark\AppData\Local\Microsoft Help 2013-08-21 05:12 - 2013-09-11 10:19 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-21 05:12 - 2013-09-11 10:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-21 05:11 - 2013-09-11 10:20 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-21 05:11 - 2013-09-11 10:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-21 05:11 - 2013-09-11 10:19 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-21 03:34 - 2013-09-11 10:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-21 03:06 - 2013-09-11 10:19 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-21 03:06 - 2013-09-11 10:19 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-21 03:06 - 2013-09-11 10:19 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-08-21 03:05 - 2013-09-11 10:20 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-21 03:05 - 2013-09-11 10:19 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-21 02:43 - 2013-09-11 10:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-21 00:52 - 2013-09-11 10:19 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-08-20 16:08 - 2013-08-20 11:40 - 00000022 _____ C:\Users\Mark\Downloads\fwf.zip 2013-08-20 08:52 - 2013-08-20 08:52 - 00038093 _____ C:\Users\Mark\Desktop\Super Fast Business Success with James Schramko —.htm 2013-08-19 05:58 - 2013-01-01 11:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-18 12:04 - 2013-08-18 12:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-16 06:41 - 2013-09-11 10:20 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2013-08-16 06:39 - 2013-09-11 10:21 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2013-08-16 06:39 - 2013-09-11 10:20 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-08-16 06:32 - 2013-09-11 10:21 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2013-08-16 06:22 - 2013-09-11 10:21 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-08-16 06:22 - 2013-09-11 10:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2013-08-16 06:21 - 2013-09-11 10:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-08-16 06:21 - 2013-09-11 10:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2013-08-16 06:21 - 2013-09-11 10:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-08-16 06:21 - 2013-09-11 10:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-08-16 06:21 - 2013-09-11 10:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-08-16 06:21 - 2013-09-11 10:20 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2013-08-16 06:20 - 2013-09-11 10:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll Some content of TEMP: ==================== C:\Users\Mark\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll [2013-01-02 07:22] - [2012-09-20 05:10] - 1126912 ____A (Microsoft Corporation) 82DC81A069759FE726E274F0ADC8D606 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-10 06:29 ==================== End Of Log ============================
  8. beepbeep
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04 Ran by Mark at 2013-09-14 16:48:44 Running from C:\Users\Mark\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (HKCU Version: 3.3.1.29812) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader XI (11.0.04) (x32 Version: 11.0.04) Amazon Kindle (HKCU) Audacity 2.0.4 (x32 Version: 2.0.4) avast! Free Antivirus (x32 Version: 8.0.1497.0) BitGuard (x32) Broadcom Card Reader Driver Installer (Version: 15.4.7.1) BrowserSafeguard (x32) CCleaner (Version: 3.26) CyberLink PowerDVD 10 (x32 Version: 10.0.4220.52) Delta Chrome Toolbar (x32) Delta toolbar (x32 Version: 1.8.24.6) ETDWare PS/2-X64 11.6.8.001_WHQL (Version: 11.6.8.001) Google Chrome (x32 Version: 29.0.1547.66) Google Update Helper (x32 Version: 1.3.21.153) Identity Card (x32 Version: 2.00.3004) Intel® Management Engine Components (x32 Version: 8.1.0.1252) Intel® Processor Graphics (x32 Version: 9.17.10.2867) Intel® Rapid Storage Technology (x32 Version: 11.5.4.1001) Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.388.1) Launch Manager (x32 Version: 7.0.5) Live Updater (x32 Version: 2.00.3004) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014) Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) Nero 12 Essentials OEM.a01 (x32 Version: 12.5.00000) Nero BackItUp (x32 Version: 12.0.0016) Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00000) Nero BackItUp Help (CHM) (x32 Version: 12.0.1000) Nero ControlCenter (x32 Version: 11.0.14500.0.45) Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003) Nero Core Components (x32 Version: 11.0.16900.1.27) Nero Express (x32 Version: 12.0.16001) Nero Express Help (CHM) (x32 Version: 12.0.1000) Nero Launcher (x32 Version: 12.0.3000) Nero RescueAgent (x32 Version: 12.0.3001) Nero RescueAgent Help (CHM) (x32 Version: 12.0.1000) Nero Update (x32 Version: 11.0.11500.28.0) Packard Bell Device Fast-lane (Version: 1.00.3007) Packard Bell Power Management (Version: 7.00.3006) Packard Bell Recovery Management (Version: 6.00.3011) Prerequisite installer (x32 Version: 12.0.0002) Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.41) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657) Skype Click to Call (x32 Version: 6.11.13348) Skype™ 6.6 (x32 Version: 6.6.106) TheBestSpinner3 (x32) Visual C++ 8.0 Runtime Setup Package (x64) (x32 Version: 9.0.0.623) ==================== Restore Points ========================= 26-08-2013 12:14:21 Windows Update 04-09-2013 07:13:36 Scheduled Checkpoint 11-09-2013 09:46:22 Windows Update ==================== Hosts content: ========================== 2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0044CDAC-B53A-418C-B38B-81603A895421} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10] (Adobe Systems Incorporated) Task: {042853CB-8C48-4167-AE8B-5AAB5CF87FFE} - System32\Tasks\EPUpdater => C:\Users\Mark\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () Task: {07C5B879-B332-40BB-9032-F1B3F5CF81FD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv Task: {07CF8222-D3D7-4A1D-8795-4FAF04176E77} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {128B9A8F-35B4-42FC-BE46-F337C858D473} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01] (Google Inc.) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {194F557E-EFA8-4F3C-8671-6DE96E8D11BC} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated) Task: {1A0F5502-EF45-49AB-ABC0-B582197339B7} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1978372828-636451710-408125832-1003 => C:\Windows\System32\portabledeviceapi.dll [2012-07-26] (Microsoft Corporation) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {1FAD35A1-4EA0-4D0D-9129-8CE3250C4433} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation) Task: {2913EA31-65B3-4774-83EC-DF68C58E7A53} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe Task: {2A34D15B-8149-4750-A2C3-43C493600980} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1978372828-636451710-408125832-1003 Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {345B911D-2724-4F73-A288-79B211922A7C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {5018B6E5-7FA6-4A44-90B6-169F1A920D19} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2012-08-30] () Task: {53EAF883-E70C-4CF0-A678-9D277D49AFAB} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {8684A4E2-B1FA-4693-9004-8054D5F9B622} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {96D7F16C-1280-49B8-90B1-58225BC71307} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01] (Google Inc.) Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {9C1842DE-362D-4E5A-85BF-832DC1539256} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2012-06-22] () Task: {A5806938-884F-41D9-9AF1-66D6AAEB1D46} - System32\Tasks\BitGuard => Sc.exe start BitGuard Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {D40A8E01-0DEE-47C9-9B0E-3F42A3C77094} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1978372828-636451710-408125832-1001 Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E2DF7A62-D6B8-4A46-84B3-01931E605870} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1978372828-636451710-408125832-500 Task: {E4CA9E01-2C47-492E-BA2B-4D1705D27714} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe [2013-09-14] () Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {F4B76B82-C0BC-4CE3-A174-B63336E82A80} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe ==================== Loaded Modules (whitelisted) ============= 2013-07-22 11:30 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE 2012-07-26 02:22 - 2012-07-26 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\IME\SHARED\IMEROAMING.DLL 2013-04-30 12:01 - 2013-03-02 03:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe 2013-01-07 15:12 - 2013-01-07 15:12 - 00252448 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2013-01-07 15:12 - 2013-01-07 15:12 - 00509984 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2012-07-26 00:57 - 2012-07-26 04:08 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe 2012-07-26 00:59 - 2012-07-26 05:55 - 00033504 _____ (Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe 2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2013-01-28 14:47 - 2013-01-28 14:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2012-10-17 05:01 - 2012-06-11 04:28 - 12503184 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2013-01-07 15:12 - 2013-01-07 15:12 - 00171040 _____ (Intel Corporation) C:\Windows\System32\igfxtray.exe 2013-01-07 15:12 - 2013-01-07 15:12 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc 2013-01-07 15:12 - 2013-01-07 15:12 - 00399392 _____ (Intel Corporation) C:\Windows\System32\hkcmd.exe 2013-01-07 15:12 - 2013-01-07 15:12 - 00441888 _____ (Intel Corporation) C:\Windows\System32\igfxpers.exe 2012-09-05 11:29 - 2012-08-28 01:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-06-21 09:58 - 2013-06-21 09:58 - 19875432 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe 2012-07-26 02:13 - 2012-07-26 04:08 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2013-09-14 16:45 - 2013-09-10 15:35 - 02845152 _____ () C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe 2013-05-18 08:17 - 2013-04-09 05:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2013-09-14 16:47 - 2013-09-14 16:47 - 01950312 _____ (Farbar) C:\Users\Mark\Downloads\FRST64(1).exe 2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll 2013-09-12 07:35 - 2013-09-05 21:09 - 14395864 _____ (Adobe Systems, Inc.) C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx 2013-01-01 14:29 - 2011-06-01 10:16 - 00496976 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx 2013-01-01 14:29 - 2012-05-22 17:05 - 00046416 _____ (vbAccelerator) C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll 2013-09-14 16:45 - 2013-09-10 15:34 - 02700768 _____ () C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll 2013-08-18 12:04 - 2013-08-18 12:04 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/14/2013 11:13:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 11:12:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 11:05:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 11:05:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 07:07:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 07:07:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 07:07:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 07:06:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 07:06:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/14/2013 07:05:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MARK) Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (09/14/2013 03:42:05 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (09/14/2013 03:42:15 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 11:05:13 on ‎14/‎09/‎2013 was unexpected. Error: (09/14/2013 11:18:25 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error: (09/14/2013 11:17:58 AM) (Source: DCOM) (User: MARK) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (09/14/2013 11:17:55 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error: (09/14/2013 11:17:55 AM) (Source: DCOM) (User: MARK) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (09/14/2013 11:17:25 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error: (09/14/2013 11:16:58 AM) (Source: DCOM) (User: MARK) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (09/14/2013 11:16:55 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error: (09/14/2013 11:16:55 AM) (Source: DCOM) (User: MARK) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 50% Total physical RAM: 3909.27 MB Available physical RAM: 1945.05 MB Total Pagefile: 4613.27 MB Available Pagefile: 2691.13 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: (Packard Bell) (Fixed) (Total:446.19 GB) (Free:390.94 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: FE6878C5) Partition: GPT Partition Type ==================== End Of Log ============================
  9. beepbeep
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04 Ran by Mark (administrator) on MARK on 14-09-2013 16:47:42 Running from C:\Users\Mark\Downloads Windows 8 (X64) OS Language: English(UK) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  10. beepbeep
    when I started my laptop this morning it came up with a box Btv.stack.exe - I tried to open command prompt but I can't open that and then I tried to run Malwarebytes but that won't open and a box comes up with: C:\program files (86)\Malwarebytes'Anti-Malware\mbam.exe and then it follows with a box that says: splwow64.exe What can I do to fix it? thanks beepbeep
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.