Jump to content

Captainsharpe

Honorary Members
  • Posts

    30
  • Joined

  • Last visited

Everything posted by Captainsharpe

  1. Thanks a lot for your help and timely responses. Much appreciated!

  2. Results of screen317's Security Check version 0.99.79 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender 360 Internet Security 2013 WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 51 Adobe Flash Player 11.9.900.170 Mozilla Firefox (26.0) Google Chrome 31.0.1650.63 Google Chrome 32.0.1700.76 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe Mobile Partner OnlineUpdate ouc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  3. Hi, Checked with my programs and features window and it is indeed gone. Thanks! Much appreciated.
  4. SystemLook 30.07.11 by jpshortstuff Log created at 19:32 on 19/01/2014 by Jeff Administrator - Elevation successful ========== regfind ========== Searching for "Scorpion" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3A9F56B942D9A2546BFE41756DE52495] "ProductName"="ScorpionSaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8BA5CD9129705784F8B198C6A5C96EEA\SourceList] "PackageName"="ScorpionSaver.msi" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A1F1E372A1B7C6347A384A8A9CA70D63] "ProductName"="ScorpionSaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A1F1E372A1B7C6347A384A8A9CA70D63\SourceList] "PackageName"="ScorpionSaver.msi" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Wow6432Node\CLSID\DFDDBCE0-2600-46A8-8375-84C8E83E21B7] @="ScorpionSaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Wow6432Node\CLSID\DFDDBCE0-2600-46A8-8375-84C8E83E21B7\InProcServer32] @="C:\Program Files(x86)\ScorpionSaver\IECore.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "c:\Program Files (x86)\ScorpionSaver\"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "c:\Program Files\ScorpionSaver Services\"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BA3348DBF8E8C0558DB16F05F1C1140] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakWFP64.sys" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB] "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\ff_bootstrap.js" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB] "3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\ff_bootstrap.js" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20] "3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89] "3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9] "3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3B786268CB4A7F156A3BDF6701444F22] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakProxy64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3FB1AAC4382437047A03618BF727B859] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\Microsoft.Deployment.WindowsInstaller.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33] "3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D2EB987C8C8A46578D4943D5A9A1467] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\Installbat.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB] "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\SendJson.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB] "3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\SendJson.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6FB4398202577895B83B74B08F79C3A2] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60] "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60] "3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7AB2AE85638F6255CA2F35481D3A8828] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\PCProxyDLL.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107] "3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\background.js" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35] "3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555] "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\CustomActionInstall" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555] "3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\CustomActionInstall" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7] "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\IECore.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7] "3A9F56B942D9A2546BFE41756DE52495"="c:\Program Files (x86)\ScorpionSaver\IECore.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1A8F5D2D938A495DBE3BC97E2BC5FA3] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\Installbat64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A] "3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CD07F81309AB63E4D8592E422645EB73] "8BA5CD9129705784F8B198C6A5C96EEA"="01:\Software\AppDataLow\Software\ScorpionSaver\key" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2E5AC6B3591558529A290643010F81B] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB43A5010EFA4C0579B8B61313C79FE6] "6BA018E6E43F3A949AF3E90563067F81"="c:\Program Files\ScorpionSaver Services\AdpeakWFPInstaller.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937] "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937] "3A9F56B942D9A2546BFE41756DE52495"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3A9F56B942D9A2546BFE41756DE52495\InstallProperties] "DisplayName"="ScorpionSaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6BA018E6E43F3A949AF3E90563067F81\InstallProperties] "DisplayName"="ScorpionSaver Services" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A1F1E372A1B7C6347A384A8A9CA70D63\InstallProperties] "DisplayName"="ScorpionSaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}] "DisplayName"="ScorpionSaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}] "DisplayName"="ScorpionSaver" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\AppId_Catalog\049970F0] "AppFullPath"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\049970F0] "AppFullPath"="c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe" [HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\Scorpion Saver] [HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\Scorpion Saver] -= EOF =-
  5. Hi, Attaching the requested logs: FIXLOG: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 03Ran by Jeff at 2014-01-19 13:30:32 Run:1Running from C:\Users\Jeff\Desktop\FARBARBoot Mode: Normal============================================== Content of fixlist:*****************HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => ""="Driver"***************** HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => Key deleted successfully. ==== End of Fixlog ==== ADWCLEANER LOG: # AdwCleaner v3.017 - Report created 19/01/2014 at 13:35:38# Updated 12/01/2014 by Xplode# Operating System : Windows 8 (64 bits)# Username : Jeff - PO-PC# Running from : C:\Users\Jeff\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 -\\ Mozilla Firefox v26.0 (en-US) [ File : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default\prefs.js ] -\\ Google Chrome v32.0.1700.76 [ File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4369 octets] - [16/09/2013 09:13:03]AdwCleaner[R1].txt - [2251 octets] - [24/09/2013 21:11:48]AdwCleaner[R2].txt - [1102 octets] - [19/01/2014 13:31:05]AdwCleaner[s0].txt - [4459 octets] - [16/09/2013 09:14:00]AdwCleaner[s1].txt - [2324 octets] - [24/09/2013 21:12:51]AdwCleaner[s2].txt - [1024 octets] - [19/01/2014 13:35:38] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1084 octets] ########## MALWAREBYTES LOG: Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2014.01.19.05 Windows 8 x64 NTFSInternet Explorer 10.0.9200.16750Jeff :: PO-PC [administrator] Protection: Enabled 1/19/2014 1:37:30 PMmbam-log-2014-01-19 (13-37-30).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 623734Time elapsed: 24 minute(s), 53 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)
  6. Here is the Addition report: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 03Ran by Jeff at 2014-01-19 12:37:30Running from C:\Users\Jeff\Desktop\FARBARBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: 360 Internet Security 2013 (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}AS: 360 Internet Security 2013 (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 360 Internet Security (x32 Version: 4.8.0.4800 - Qihu 360 Software Co., Ltd.)7-Zip 9.22beta (x32 Version: - )Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.0.0 - Adobe Systems)Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) HiddenAdobe Creative Suite 6 Master Collection (x32 Version: 6 - Adobe Systems Incorporated)Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) HiddenAdobe Widget Browser (x32 Version: 2.0 Build 348 - Adobe Systems Incorporated.)Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) HiddenAkamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.)ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.) HiddenArcGIS 10.1 License Manager (x32 Version: 10.1.2891 - Environmental Systems Research Institute, Inc.)ArcGIS 10.1 License Manager (x32 Version: 10.1.2891 - Environmental Systems Research Institute, Inc.) HiddenAutoCAD 2014 - English (Version: 19.1.108.1 - Autodesk) HiddenAutoCAD 2014 - English (Version: 19.1.42.0 - Autodesk) HiddenAutoCAD 2014 Language Pack - English (Version: 19.1.42.0 - Autodesk) HiddenAutodesk 360 (Version: 4.7.0.802 - Autodesk)Autodesk App Manager (x32 Version: 1.1.0 - Autodesk)Autodesk AutoCAD 2014 - English (Version: 19.1.42.0 - Autodesk)Autodesk AutoCAD 2014 - English SP1 (Version: 1 - Autodesk)Autodesk AutoCAD Map 3D 2014 (Version: 16.0.014.2 - Autodesk) HiddenAutodesk AutoCAD Map 3D 2014 Language Pack (Version: 16.0.014.2 - Autodesk) HiddenAutodesk Autodesk AutoCAD Map 3D 2014 (Version: 16.0.014.2 - Autodesk)Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk)Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) HiddenAutodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) HiddenAutodesk Featured Apps (x32 Version: 1.1.0 - Autodesk)Autodesk Material Library 2014 (x32 Version: 4.0.19.0 - Autodesk)Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.19.0 - Autodesk)Autodesk Material Library Low Resolution Image Library 2014 (x32 Version: 4.0.19.0 - Autodesk)Autodesk Material Library Medium Resolution Image Library 2014 (x32 Version: 4.0.19.0 - Autodesk)Autodesk ReCap (Version: 1.0.43.13 - Autodesk)Autodesk ReCap (Version: 1.0.43.13 - Autodesk) HiddenAutodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) HiddenAutodesk Revit 2014 (Version: 13.07.22211 - Autodesk)Autodesk Vasari Beta 3 (Version: 13.06.18120 - Autodesk)Autodesk Workflows 2014 (Version: 4.0.19.0 - Autodesk, Inc.)BitTorrent (HKCU Version: 7.8.2.30332 - BitTorrent Inc.)Bonjour (Version: 3.0.0.10 - Apple Inc.)Classic Shell (Version: 4.0.2 - IvoSoft)DAEMON Tools Ultra (x32 Version: 1.1.0.0103 - Disc Soft Ltd)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)Dota 2 (x32 Version: - Valve)Dropbox (HKCU Version: 2.4.1 - Dropbox, Inc.)EPSON Scan (x32 Version: - )ESET Online Scanner v3 (x32 Version: - )ETDWare PS/2-X64 11.5.11.3_WHQL (Version: 11.5.11.3 - ELAN Microelectronic Corp.)FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630 - FARO Scanner Production)GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) HiddenGoogle Chrome (x32 Version: 32.0.1700.76 - Google Inc.)Google Earth (x32 Version: 7.1.2.2041 - Google)Google Talk Plugin (x32 Version: 5.1.2.17113 - Google)Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) HiddenIBM SPSS Statistics 22 (Version: 22.0.0.0 - IBM Corp)Intel PROSet Wireless (Version: - ) HiddenIntel® Processor Graphics (x32 Version: 9.18.10.3165 - Intel Corporation)Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.5.5.0480 - Intel Corporation)Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)Intel® PROSet/Wireless WiFi Software (Version: 15.05.7000.1709 - Intel Corporation)iTunes (Version: 11.1.3.8 - Apple Inc.)Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenK-Lite Mega Codec Pack 10.0.5 (x32 Version: 10.0.5 - )League of Legends (x32 Version: 3.0.0 - Riot Games)League of Legends (x32 Version: 3.0.0 - Riot Games) HiddenMalwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) HiddenMicrosoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) HiddenMobile Partner (x32 Version: 23.003.07.00.1070 - Huawei Technologies Co.,Ltd)Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)Mozilla Maintenance Service (x32 Version: 23.0.1 - Mozilla)NVIDIA 3D Vision Driver 332.21 (Version: 332.21 - NVIDIA Corporation)NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)NVIDIA Graphics Driver 332.21 (Version: 332.21 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) HiddenNVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) HiddenNVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) HiddenQualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6954 - Realtek Semiconductor Corp.)Revit 2014 (Version: 13.07.22211 - Autodesk) HiddenRevit 2014 Language Pack - English (Version: 13.07.22211 - Autodesk) HiddenScorpionSaver (x32 Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTIONService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) HiddenSHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) HiddenSketchUp 2013 (x32 Version: 13.0.3689 - Trimble Navigation Limited)SketchUp Import for AutoCAD 2014 (x32 Version: 1.1.0 - Autodesk)Skype Web Plugin (x32 Version: 2.3.12417.17599 - Skype Technologies S.A.)Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)StarCraft II (x32 Version: - Blizzard Entertainment)Steam (x32 Version: - Valve Corporation)Tweaking.com - Windows Repair (All in One) (x32 Version: 1.9.18 - Tweaking.com)Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)Vasari Beta 3 (Version: 13.06.18120 - Autodesk) HiddenVasari Beta 3 Language Pack - English (Version: 13.06.18120 - Autodesk) HiddenVasari Prototype CFD Visualisation Plug-in (x32 Version: 2012 - Autodesk, Inc.)Vasari Solar Radiation Plug-in (x32 Version: 2012 - Autodesk, Inc.)Vasari STL Export Plug-in (x32 Version: 2012 - Autodesk, Inc.)Vasari Wind Analysis Plug-in (x32 Version: 2012 - Autodesk, Inc.)Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177 - Microsoft Corporation)Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177 - Microsoft Corporation)VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)WD Drive Utilities (x32 Version: 1.0.3.3 - Western Digital Technologies, Inc.)WD Quick View (x32 Version: 2.2.1.6 - Western Digital Technologies, Inc.)WD Security (x32 Version: 1.0.3.3 - Western Digital Technologies, Inc.)WD SmartWare (Version: 2.2.1.6 - Western Digital Technologies, Inc.)WD SmartWare Installer (x32 Version: 2.2.1.6 - Western Digital Technologies, Inc.)WinRAR archiver (x32 Version: - )World of Tanks (x32 Version: - Wargaming.net)ZipX V3.01 (x32 Version: - WinX Software) ==================== Restore Points ========================= 28-12-2013 02:59:30 Scheduled Checkpoint05-01-2014 16:37:30 Scheduled Checkpoint09-01-2014 07:48:58 Windows Update15-01-2014 06:50:54 Windows Update ==================== Hosts content: ========================== 2013-09-17 17:02 - 2013-09-17 17:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {030D4D3F-CE6A-4650-9136-1DE96F4E2824} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)Task: {11F3CC81-E155-4067-999A-678752B3B8E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-01] (Google Inc.)Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {26F90A2C-AC59-44DC-BD76-913AC3224D15} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001UA => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-08] (Google Inc.)Task: {3F6827DC-100C-46EB-B7F7-61EAD6B864FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001Core => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-08] (Google Inc.)Task: {8BC97286-B02A-43D3-8A2B-979CFFA48CBB} - \Dealply No Task FileTask: {8EE1A937-133E-46CE-BBBB-FE962E698A18} - System32\Tasks\Western Digital\SmartWare\____Volume_6dfa9a68_b2f7_4b8f_af9b_a56cd0643bdd______Volume_29557f25_127d_11e3_be77_6c71d9234bf8__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2013-11-02] (Western Digital Technologies, Inc.)Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {DA425C2D-65EF-4308-AC5C-58F8D12173B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-01] (Google Inc.)Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {FA35C2AC-CC87-479C-B43F-BAA730D16743} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {FE4831FF-71FE-4C2E-8A67-A04C080DB1AA} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001Core.job => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001UA.job => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-08 15:32 - 2013-12-19 15:33 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll2013-08-31 20:00 - 2013-12-19 13:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2013-08-31 16:06 - 2009-06-02 00:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll2012-07-26 02:58 - 2012-07-26 02:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll2012-12-14 04:42 - 2012-12-14 04:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2013-02-04 23:21 - 2013-02-04 23:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll2013-02-04 23:21 - 2013-02-04 23:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll2013-02-04 23:21 - 2013-02-04 23:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll2013-02-04 23:21 - 2013-02-04 23:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2013-12-27 03:20 - 2009-01-10 05:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll2013-12-27 03:20 - 2009-06-22 13:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll2013-12-27 03:20 - 2010-05-14 04:57 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll2013-12-27 03:20 - 2010-02-10 09:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll2013-12-27 03:20 - 2012-06-17 21:56 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll2013-12-27 03:20 - 2010-02-10 09:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll2013-09-30 13:38 - 2013-12-19 15:33 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll2014-01-16 17:20 - 2014-01-11 05:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll2014-01-16 17:20 - 2014-01-11 05:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll2014-01-16 17:20 - 2014-01-11 05:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll2014-01-16 17:20 - 2014-01-11 05:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll2014-01-16 17:20 - 2014-01-11 05:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll2014-01-16 17:20 - 2014-01-11 05:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll2013-11-04 10:24 - 2014-01-19 09:36 - 36967424 _____ () C:\Users\Jeff\AppData\Roaming\Spotify\Data\libcef.dll2013-11-04 10:24 - 2014-01-19 09:36 - 00887808 _____ () C:\Users\Jeff\AppData\Roaming\Spotify\Data\libglesv2.dll2013-11-04 10:24 - 2014-01-19 09:36 - 00109568 _____ () C:\Users\Jeff\AppData\Roaming\Spotify\Data\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => ""="Driver" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Could not start eventlog service, could not read events. The requested service has already been started. More help is available by typing NET HELPMSG 2182. ==================== Memory info =========================== Percentage of memory in use: 49%Total physical RAM: 8077.5 MBAvailable physical RAM: 4079.58 MBTotal Pagefile: 9293.5 MBAvailable Pagefile: 4227.84 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:245.48 GB) (Free:80.31 GB) NTFSDrive d: () (Fixed) (Total:230.94 GB) (Free:139.52 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 477 GB) (Disk ID: 00000000) Partition: GPT Partition Type==================== End Of Log ============================
  7. Here is the FRST report: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 03Ran by Jeff (administrator) on PO-PC on 19-01-2014 12:36:59Running from C:\Users\Jeff\Desktop\FARBARWindows 8 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360rps.exe(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\deepscan\ZhuDongFangYu.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Flexera Software, Inc.) C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe(Atheros Commnucations) C:\Windows\System32\AdminService.exe(Flexera Software, Inc.) C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe(ESRI) C:\Program Files (x86)\ArcGIS\License10.1\bin\ARCGIS.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe() C:\ProgramData\DatacardService\HWDeviceService64.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360sd.exe(Akamai Technologies, Inc.) C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe(Akamai Technologies, Inc.) C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360rp.exe(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Spotify Ltd) C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google) C:\Users\Jeff\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Spotify Ltd) C:\Users\Jeff\AppData\Roaming\Spotify\spotify.exe() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyHelper.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-31] (ELAN Microelectronics Corp.)HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-08-31] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-08-31] (Realtek Semiconductor)HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)HKLM\...\Run: [360sd] - C:\Program Files\360\360 Internet Security\360sdrun.exe [273848 2013-12-11] (Qihu 360 Software Co., Ltd.)HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)HKLM-x32\...\Run: [] - [x]HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-08-12] (Autodesk, Inc.)HKCU\...\Run: [360sd] - C:\Program Files\360\360 Internet Security\360sdrun.exe [273848 2013-12-11] (Qihu 360 Software Co., Ltd.)HKCU\...\Run: [Google Update] - C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-08] (Google Inc.)HKCU\...\Run: [spotify Web Helper] - C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-19] (Spotify Ltd)HKCU\...\Policies\Explorer: [] AppInit_DLLs: C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnkShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - {E365ED18-FAD8-474D-9042-3EC8AE3644BF} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=586383&p={searchTerms}BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 167.206.13.180 167.206.13.181 192.168.1.1Tcpip\..\Interfaces\{5185BC43-9369-4E89-999B-C33F9D0A9A2A}: [NameServer] FireFox:========FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.defaultFF Homepage: www.google.comFF Keyword.URL: user_pref("keyword.URL", "");FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No FileFF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jeff\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jeff\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Users\Jeff\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Users\Jeff\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin ProgramFiles/Appdata: C:\Users\Jeff\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-08-31] Chrome: =======CHR HomePage: CHR RestoreOnStartup: "translate_accepted_count": { "zh-TW"CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()CHR Plugin: (360 Internet Security 2013) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppagaglfkmlpgobnlenhknilehpmcbo\1.0_1\plugin/360webshield.dll (Qihu 360 Software Co., Ltd.)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No FileCHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No FileCHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll No FileCHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No FileCHR Extension: (Google Docs) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-01]CHR Extension: (Google Drive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-01]CHR Extension: (YouTube) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-01]CHR Extension: (Google Search) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-01]CHR Extension: (Google Wallet) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]CHR Extension: (Gmail) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-01]CHR Extension: (360 WebShield Plug-in) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppagaglfkmlpgobnlenhknilehpmcbo [2013-09-15]CHR HKLM-x32\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - C:\Program Files\360\360 Internet Security\safemon\360webshield.crx [2013-09-15] ==================== Services (Whitelisted) ================= U2 360rp; C:\Program Files\360\360 Internet Security\360rps.exe [295608 2013-12-11] (Qihu 360 Software Co., Ltd.)U2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [1408904 2012-01-05] (Flexera Software, Inc.)U2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations)U2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)U3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-06-25] (Disc Soft Ltd)U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-31] (ELAN Microelectronics Corp.)U2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)U2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-06-17] ()U3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] ()U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)U3 scan; C:\Program Files\360\360 Internet Security\scan.dll [423144 2013-02-19] (S.C. BitDefender S.R.L)U2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-02] (Western Digital Technologies, Inc.)U2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)U2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation)U2 ZhuDongFangYu; C:\Program Files\360\360 Internet Security\deepscan\zhudongfangyu.exe [225216 2013-11-27] (Qihu 360 Software Co., Ltd.) ==================== Drivers (Whitelisted) ==================== U1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [97480 2013-11-27] (Qihu 360 Software Co., Ltd.)U3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [67272 2013-03-27] (Qihu 360 Software Co., Ltd.)U1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305856 2013-11-29] (Qihu 360 Software Co., Ltd.)U1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [41152 2013-12-08] (Qihu 360 Software Co., Ltd.)U1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [228544 2013-11-29] (Qihu 360 Software Co., Ltd.)U1 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV64.SYS [179904 2013-12-09] (Qihu 360 Software Co., Ltd.)U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)U3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2013-08-31] (Disc Soft Ltd)U3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-22] (Huawei Technologies Co., Ltd.)U3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2013-08-31] (Windows ® Codename Longhorn DDK provider)U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)U1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [300320 2013-12-19] (NVIDIA Corporation)U3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-31] (Synaptics Incorporated)U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)U3 catchme; \??\C:\ComboFix\catchme.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-19 12:34 - 2014-01-19 12:36 - 00000000 ____D C:\Users\Jeff\Desktop\FARBAR2014-01-19 12:02 - 2014-01-19 12:02 - 00029299 _____ C:\Users\Jeff\Desktop\dds.txt2014-01-19 12:02 - 2014-01-19 12:02 - 00008164 _____ C:\Users\Jeff\Desktop\attach.txt2014-01-19 12:00 - 2014-01-19 12:00 - 00688992 ____R (Swearware) C:\Users\Jeff\Desktop\dds.com2014-01-19 11:40 - 2014-01-19 11:41 - 01236282 _____ C:\Users\Jeff\Desktop\AdwCleaner.exe2014-01-19 09:37 - 2014-01-19 09:37 - 00021150 _____ C:\Users\Jeff\Desktop\557645af5f86aeac2b9f28501471a9b129db97b6.zip2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 ____D C:\Users\Jeff\Desktop\attachment2014-01-19 00:13 - 2014-01-19 00:13 - 55321604 _____ C:\Users\Jeff\Desktop\stormwater_plan.ai2014-01-19 00:13 - 2014-01-19 00:13 - 55191387 _____ C:\Users\Jeff\Desktop\programmingdraft.ai2014-01-17 03:53 - 2014-01-17 03:54 - 01785961 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_lot_tree_parking [Converted].ai2014-01-17 00:47 - 2014-01-17 00:47 - 00231807 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_LU [Converted].ai2014-01-17 00:13 - 2014-01-17 00:13 - 00543107 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_flood [Converted].ai2014-01-16 23:46 - 2014-01-16 23:47 - 00373508 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_publictrans [Converted].ai2014-01-16 23:27 - 2014-01-16 23:27 - 00596711 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_zoning [Converted].ai2014-01-16 22:43 - 2014-01-17 03:53 - 104168342 _____ C:\Users\Jeff\Desktop\Basemap_140116_site [Converted].ai2014-01-16 21:43 - 2014-01-16 21:43 - 214960058 _____ C:\Users\Jeff\Desktop\Basemap_140116_site.ai2014-01-16 01:15 - 2014-01-16 01:15 - 84941916 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace [Converted].ai2014-01-16 01:11 - 2014-01-16 01:11 - 02720773 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace.ai2014-01-15 23:53 - 2014-01-15 23:53 - 14803611 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].dwg2014-01-15 23:49 - 2014-01-16 00:08 - 84847213 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].ai2014-01-15 14:38 - 2014-01-15 23:39 - 59358838 _____ C:\Users\Jeff\Desktop\Basemap_140115.ai2014-01-15 11:08 - 2014-01-15 11:24 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP05 (1)2014-01-15 11:05 - 2014-01-15 11:05 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP052014-01-15 11:00 - 2014-01-15 11:01 - 13945361 _____ C:\Users\Jeff\Desktop\tl_2013_47_tract.zip2014-01-15 00:47 - 2014-01-15 00:47 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_B020012014-01-14 23:37 - 2013-12-07 01:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll2014-01-14 23:37 - 2013-12-07 01:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-01-14 23:37 - 2013-12-07 00:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll2014-01-14 23:37 - 2013-12-07 00:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-01-14 23:37 - 2013-10-31 00:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll2014-01-14 23:37 - 2013-10-31 00:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll2014-01-14 23:37 - 2013-10-30 23:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll2014-01-14 23:37 - 2013-10-30 22:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys2014-01-14 23:37 - 2013-10-28 00:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll2014-01-14 23:37 - 2013-10-27 23:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll2014-01-14 23:37 - 2013-10-13 15:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys2014-01-14 23:37 - 2013-08-27 00:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2014-01-14 23:37 - 2013-08-27 00:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2014-01-14 23:37 - 2013-08-26 17:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2014-01-14 23:37 - 2013-08-26 17:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2014-01-13 23:54 - 2014-01-13 23:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2014-01-13 10:13 - 2014-01-17 14:26 - 00000000 ____D C:\Users\Jeff\Desktop\GIS2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\SysWOW64\NV2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\system32\NV2014-01-12 09:35 - 2013-12-19 15:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-01-12 09:35 - 2013-12-19 15:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-01-12 09:35 - 2013-12-19 15:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-01-12 09:35 - 2013-12-19 15:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2014-01-12 09:35 - 2013-12-19 15:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2014-01-12 09:35 - 2013-12-19 15:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-01-12 09:35 - 2013-12-19 15:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2014-01-12 09:35 - 2013-12-19 15:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-01-12 09:35 - 2013-12-19 15:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-01-12 09:35 - 2013-12-19 15:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-01-12 09:35 - 2013-12-19 15:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-01-12 09:35 - 2013-12-19 15:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-01-12 09:35 - 2013-12-19 15:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-01-12 09:35 - 2013-12-19 15:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2014-01-12 09:35 - 2013-12-19 15:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-01-12 09:35 - 2013-12-19 15:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2014-01-12 09:35 - 2013-12-19 15:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll2014-01-12 09:35 - 2013-12-19 15:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll2014-01-12 09:35 - 2013-12-19 15:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-01-12 09:35 - 2013-12-19 15:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-01-12 09:35 - 2013-12-19 15:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-01-12 09:35 - 2013-12-19 15:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-01-12 09:35 - 2013-12-19 15:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-01-12 09:35 - 2013-12-19 15:33 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys2014-01-12 09:35 - 2013-12-19 15:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-01-12 09:35 - 2013-12-19 15:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys2014-01-09 02:49 - 2014-01-09 02:49 - 00000000 ____D C:\Program Files (x86)\SkypeWebPlugin2014-01-02 09:30 - 2014-01-02 09:30 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Wargaming.net2013-12-29 22:19 - 2012-04-25 22:04 - 00450048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys2013-12-29 22:19 - 2012-04-22 20:58 - 00238080 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys2013-12-29 22:19 - 2012-04-22 20:57 - 00104448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys2013-12-29 22:19 - 2012-04-22 20:57 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys2013-12-29 22:19 - 2012-04-22 20:57 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys2013-12-29 22:19 - 2012-04-22 20:57 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys2013-12-29 22:19 - 2011-12-30 20:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys2013-12-29 22:19 - 2010-10-08 03:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys2013-12-29 22:19 - 2010-09-26 05:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys2013-12-29 22:19 - 2010-08-05 18:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys2013-12-29 22:19 - 2010-07-26 20:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys2013-12-29 22:19 - 2010-03-19 23:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys2013-12-27 22:51 - 2013-12-27 22:51 - 00000000 ____D C:\Users\Jeff\AppData\Local\SkypeWebPlugin2013-12-27 03:21 - 2013-12-27 03:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf2013-12-27 03:20 - 2013-12-29 22:19 - 00000000 ____D C:\ProgramData\DatacardService2013-12-27 03:20 - 2013-12-29 22:19 - 00000000 ____D C:\Program Files (x86)\Mobile Partner2013-12-27 03:20 - 2013-12-27 03:20 - 00000000 ____D C:\ProgramData\Mobile Partner2013-12-27 03:20 - 2011-08-16 03:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll2013-12-22 19:46 - 2013-12-22 23:03 - 00000000 ____D C:\Users\Jeff\Documents\StarCraft II2013-12-22 19:46 - 2013-12-22 19:53 - 00000000 ____D C:\Program Files (x86)\StarCraft II2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Battle.net ==================== One Month Modified Files and Folders ======= 2014-01-19 12:37 - 2013-10-08 20:22 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001UA.job2014-01-19 12:36 - 2014-01-19 12:34 - 00000000 ____D C:\Users\Jeff\Desktop\FARBAR2014-01-19 12:35 - 2013-08-31 20:53 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Skype2014-01-19 12:34 - 2013-09-15 21:02 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\360safe2014-01-19 12:27 - 2013-11-04 10:24 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Spotify2014-01-19 12:19 - 2013-09-01 01:04 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-01-19 12:04 - 2013-08-31 19:54 - 01294472 _____ C:\Windows\WindowsUpdate.log2014-01-19 12:03 - 2013-11-27 16:42 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\ClassicShell2014-01-19 12:02 - 2014-01-19 12:02 - 00029299 _____ C:\Users\Jeff\Desktop\dds.txt2014-01-19 12:02 - 2014-01-19 12:02 - 00008164 _____ C:\Users\Jeff\Desktop\attach.txt2014-01-19 12:00 - 2014-01-19 12:00 - 00688992 ____R (Swearware) C:\Users\Jeff\Desktop\dds.com2014-01-19 12:00 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\system32\sru2014-01-19 11:48 - 2013-08-31 20:02 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2390293640-1901313879-3085246707-10012014-01-19 11:48 - 2012-07-26 02:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI2014-01-19 11:43 - 2013-09-01 01:04 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-01-19 11:42 - 2013-09-16 09:13 - 00000000 ____D C:\AdwCleaner2014-01-19 11:42 - 2013-09-01 10:30 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat2014-01-19 11:42 - 2013-08-31 20:01 - 00000000 ____D C:\ProgramData\NVIDIA2014-01-19 11:42 - 2013-08-31 19:52 - 01269316 _____ C:\Windows\PFRO.log2014-01-19 11:42 - 2012-07-26 02:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT2014-01-19 11:42 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\BBI2014-01-19 11:41 - 2014-01-19 11:40 - 01236282 _____ C:\Users\Jeff\Desktop\AdwCleaner.exe2014-01-19 11:32 - 2013-09-03 08:37 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\vlc2014-01-19 10:08 - 2013-09-15 23:20 - 00000000 ____D C:\Program Files (x86)\FileHippo.com2014-01-19 09:37 - 2014-01-19 09:37 - 00021150 _____ C:\Users\Jeff\Desktop\557645af5f86aeac2b9f28501471a9b129db97b6.zip2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 ____D C:\Users\Jeff\Desktop\attachment2014-01-19 00:13 - 2014-01-19 00:13 - 55321604 _____ C:\Users\Jeff\Desktop\stormwater_plan.ai2014-01-19 00:13 - 2014-01-19 00:13 - 55191387 _____ C:\Users\Jeff\Desktop\programmingdraft.ai2014-01-18 23:37 - 2012-07-26 02:21 - 00048351 _____ C:\Windows\setupact.log2014-01-18 23:10 - 2013-12-18 14:56 - 00000000 ____D C:\Users\Jeff\Desktop\ULI Competition2014-01-18 09:25 - 2013-11-04 10:24 - 00000000 ____D C:\Users\Jeff\AppData\Local\Spotify2014-01-17 14:26 - 2014-01-13 10:13 - 00000000 ____D C:\Users\Jeff\Desktop\GIS2014-01-17 13:37 - 2013-09-01 01:07 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Mozilla2014-01-17 04:37 - 2013-10-08 20:22 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2390293640-1901313879-3085246707-1001Core.job2014-01-17 04:21 - 2013-08-31 17:50 - 06204928 ___SH C:\Users\Jeff\Desktop\Thumbs.db2014-01-17 03:54 - 2014-01-17 03:53 - 01785961 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_lot_tree_parking [Converted].ai2014-01-17 03:53 - 2014-01-16 22:43 - 104168342 _____ C:\Users\Jeff\Desktop\Basemap_140116_site [Converted].ai2014-01-17 02:35 - 2013-08-31 16:48 - 00000000 ____D C:\Users\Jeff\AppData\Local\PMB Files2014-01-17 02:35 - 2013-08-31 16:48 - 00000000 ____D C:\ProgramData\PMB Files2014-01-17 00:47 - 2014-01-17 00:47 - 00231807 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_LU [Converted].ai2014-01-17 00:13 - 2014-01-17 00:13 - 00543107 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_flood [Converted].ai2014-01-16 23:47 - 2014-01-16 23:46 - 00373508 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_publictrans [Converted].ai2014-01-16 23:27 - 2014-01-16 23:27 - 00596711 _____ C:\Users\Jeff\Desktop\Basemap_140116_site_zoning [Converted].ai2014-01-16 21:43 - 2014-01-16 21:43 - 214960058 _____ C:\Users\Jeff\Desktop\Basemap_140116_site.ai2014-01-16 04:48 - 2013-08-31 09:30 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\BitTorrent2014-01-16 03:06 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Jeff\Desktop\SAVI2014-01-16 01:15 - 2014-01-16 01:15 - 84941916 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace [Converted].ai2014-01-16 01:11 - 2014-01-16 01:11 - 02720773 _____ C:\Users\Jeff\Desktop\Basemap_140115_openspace.ai2014-01-16 00:08 - 2014-01-15 23:49 - 84847213 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].ai2014-01-15 23:53 - 2014-01-15 23:53 - 14803611 _____ C:\Users\Jeff\Desktop\Basemap_140115 [Converted].dwg2014-01-15 23:39 - 2014-01-15 14:38 - 59358838 _____ C:\Users\Jeff\Desktop\Basemap_140115.ai2014-01-15 13:06 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\rescache2014-01-15 11:24 - 2014-01-15 11:08 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP05 (1)2014-01-15 11:05 - 2014-01-15 11:05 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_DP052014-01-15 11:01 - 2014-01-15 11:00 - 13945361 _____ C:\Users\Jeff\Desktop\tl_2013_47_tract.zip2014-01-15 01:52 - 2013-08-31 20:12 - 00000000 ____D C:\Windows\system32\MRT2014-01-15 01:51 - 2013-08-31 20:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-01-15 01:51 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\WinStore2014-01-15 00:47 - 2014-01-15 00:47 - 00000000 ____D C:\Users\Jeff\Desktop\ACS_12_5YR_B020012014-01-13 23:55 - 2014-01-13 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2014-01-13 10:03 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\AUInstallAgent2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\SysWOW64\NV2014-01-12 22:06 - 2014-01-12 22:06 - 00000000 ____D C:\Windows\system32\NV2014-01-12 09:37 - 2013-08-31 20:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2014-01-11 03:32 - 2013-08-31 17:50 - 00000775 _____ C:\Users\Jeff\Desktop\Movies to watch.txt2014-01-09 03:02 - 2012-07-26 03:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-01-09 03:02 - 2012-07-26 03:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-01-09 02:49 - 2014-01-09 02:49 - 00000000 ____D C:\Program Files (x86)\SkypeWebPlugin2014-01-08 08:40 - 2013-08-31 17:50 - 00011340 _____ C:\Users\Jeff\Desktop\Sharing List.xlsx2014-01-02 09:30 - 2014-01-02 09:30 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Wargaming.net2013-12-29 22:19 - 2013-12-27 03:20 - 00000000 ____D C:\ProgramData\DatacardService2013-12-29 22:19 - 2013-12-27 03:20 - 00000000 ____D C:\Program Files (x86)\Mobile Partner2013-12-28 21:59 - 2013-08-31 17:02 - 00000000 ____D C:\ProgramData\FLEXnet2013-12-27 22:51 - 2013-12-27 22:51 - 00000000 ____D C:\Users\Jeff\AppData\Local\SkypeWebPlugin2013-12-27 03:21 - 2013-12-27 03:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf2013-12-27 03:20 - 2013-12-27 03:20 - 00000000 ____D C:\ProgramData\Mobile Partner2013-12-25 22:37 - 2013-08-31 17:48 - 00000000 ____D C:\Users\Jeff\Desktop\Resume2013-12-23 19:36 - 2013-11-08 01:42 - 00000000 ____D C:\Users\Jeff\Desktop\SAVI Data2013-12-22 23:03 - 2013-12-22 19:46 - 00000000 ____D C:\Users\Jeff\Documents\StarCraft II2013-12-22 19:53 - 2013-12-22 19:46 - 00000000 ____D C:\Program Files (x86)\StarCraft II2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment2013-12-22 19:46 - 2013-12-22 19:46 - 00000000 ____D C:\ProgramData\Battle.net Some content of TEMP:====================C:\Users\Jeff\AppData\Local\Temp\AcDeltree.exeC:\Users\Jeff\AppData\Local\Temp\AutoCAD_2014_SP1_64bit[1].exeC:\Users\Jeff\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Jeff\AppData\Local\Temp\nvSCPAPI64.dllC:\Users\Jeff\AppData\Local\Temp\nvStInst.exeC:\Users\Jeff\AppData\Local\Temp\oi_{91C710AC-46BD-4972-B253-B85CB9F527C6}.exeC:\Users\Jeff\AppData\Local\Temp\SkypeSetup.exeC:\Users\Jeff\AppData\Local\Temp\vlc-2.1.1-win64.exeC:\Users\Jeff\AppData\Local\Temp\vlc-2.1.2-win64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-17 13:21 ==================== End Of Log ============================
  8. Sorry, this is a duplicate post. I thought my previous post did not successfully post.
  9. Hi, I recently discovered two programs both named "Scorpion Saver" in my programs and features window. When I tried to uninstall, I was prevented from doing so with a message: The feature you are trying to use is on a network resource that is unavailable." I have ran a full system scan with Malwarebytes but was unable to find and remove. Please advice. Attached in the next post is my DDS reports. Thank you.
  10. Hi, I recently found two separate programs with the same name "scorpion saver" when I opened up my programs and features window. When I tried to uninstall, it says "The feature you are trying to use is on a network resource that is unavailable" and will not let me proceed. I have already ran Malwarebytes full scans and was not able to remove. The following is my DDS report. Please advice. Thank you. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.45.2Run by Jeff at 12:02:22 on 2014-01-19Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8078.4892 [GMT -5:00].AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: 360 Internet Security 2013 *Enabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}SP: 360 Internet Security 2013 *Enabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\dwm.exeC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\360\360 Internet Security\360rps.exeC:\Program Files\360\360 Internet Security\deepscan\zhudongfangyu.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\System32\spoolsv.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exeC:\Windows\system32\AdminService.exeC:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exeC:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exeC:\Program Files (x86)\ArcGIS\License10.1\bin\ARCGIS.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Elantech\ETDService.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\system32\dashost.exeC:\ProgramData\DatacardService\HWDeviceService64.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exeC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\taskhostex.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Windows\Explorer.EXEC:\Program Files\Classic Shell\ClassicStartMenu.exeC:\ProgramData\DatacardService\DCSHelper.exeC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files\Elantech\ETDGesture.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\System32\igfxpers.exeC:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\360\360 Internet Security\360sd.exeC:\Users\Jeff\AppData\Local\Akamai\netsession_win.exeC:\Users\Jeff\AppData\Local\Akamai\netsession_win.exeC:\Program Files\360\360 Internet Security\360rp.exeC:\Program Files\Autodesk\Autodesk Sync\AdSync.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\360\360 Internet Security\safemon\360tray.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Jeff\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeC:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankmStart Page = about:blankuProxyOverride = <local>;*.localBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dlluRun: [Akamai NetSession Interface] "C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe"uRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exeuRun: [360sd] "C:\Program Files\360\360 Internet Security\360sdrun.exe"uRun: [Google Update] "C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [spotify Web Helper] "C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbyloginmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exemRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exeStartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEuPolicies-Explorer: NoDrives = dword:0uPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoDrives = dword:0mPolicies-System: EnableSecureUIAPath = dword:1IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllTrusted Zone: dell.comTCP: NameServer = 167.206.13.180 167.206.13.181 192.168.1.1TCP: Interfaces\{5185BC43-9369-4E89-999B-C33F9D0A9A2A} : NameServer = TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D} : DHCPNameServer = 167.206.13.180 167.206.13.181 192.168.1.1TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\05271647470294E637479647574756 : DHCPNameServer = 10.0.16.1TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\0527164747355636572756 : DHCPNameServer = 172.16.4.67 172.16.4.68 172.16.32.7TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\14962707F627470264275656027596D26496 : DHCPNameServer = 168.95.1.1 168.95.192.1TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\23332334166656C416474756 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\3596E6764756C673030323D224834324 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\4554C4553513235343 : DHCPNameServer = 192.168.1.254 75.153.176.1TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\65944454F44525F4E453837333 : DHCPNameServer = 192.168.0.1TCP: Interfaces\{7515AD1C-116A-41FE-9665-AC7AD702E858} : DHCPNameServer = 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllAppInit_DLLs= C:\Windows\SysWOW64\nvinit.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = about:blankx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchx64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -sx64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStartx64-Run: [360sd] "C:\Program Files\360\360 Internet Security\360sdrun.exe"x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"x64-mPolicies-Explorer: NoDrives = dword:0x64-mPolicies-System: EnableSecureUIAPath = dword:1x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default\FF - prefs.js: browser.startup.homepage - www.google.comFF - prefs.js: keyword.URL - FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllFF - plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dllFF - plugin: C:\Users\Jeff\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll.============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-8-31 644968]R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2014-1-12 32544]R1 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\System32\Drivers\360AntiHacker64.sys [2013-9-15 97480]R1 360Box64;360Box mini-filter driver;C:\Windows\System32\Drivers\360Box64.sys [2013-9-15 305856]R1 360Camera;360Safe Camera Filter Service;C:\Windows\System32\Drivers\360Camera64.sys [2013-9-15 41152]R1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\System32\Drivers\360FsFlt.sys [2013-9-15 228544]R1 BAPIDRV;BAPIDRV;C:\Windows\System32\Drivers\BAPIDRV64.SYS [2013-9-15 179904]R1 nvkflt;nvkflt;C:\Windows\System32\Drivers\nvkflt.sys [2014-1-12 300320]R2 360rp;360 Internet Security Real-time Protection Loading Service;C:\Program Files\360\360 Internet Security\360rps.exe [2013-9-15 295608]R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-11-13 755240]R2 ArcGIS License Manager;ArcGIS License Manager;C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [2012-1-5 1408904]R2 AtherosSvc;AtherosSvc;C:\Windows\System32\AdminService.exe [2013-6-25 208384]R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984]R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-5-27 99632]R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-16 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-16 701512]R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-2 1494304]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-1 15129376]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-18 411936]R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-11-2 1042808]R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-11-2 270704]R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-11-15 1153840]R2 ZhuDongFangYu;Proactive Defence;C:\Program Files\360\360 Internet Security\deepscan\ZhuDongFangYu.exe [2013-12-23 225216]R3 360AvFlt;360AvFlt mini-filter driver;C:\Windows\System32\Drivers\360AvFlt.sys [2013-9-15 67272]R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-11-13 156160]R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-6-25 565760]R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;C:\Windows\System32\Drivers\dtscsibus.sys [2013-8-31 29696]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2013-7-11 380680]R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2013-9-13 21152]R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\Drivers\ew_jubusenum.sys [2013-12-29 90112]R3 i8042HDR;Keyboard Filter Driver;C:\Windows\System32\Drivers\i8042HDR.sys [2013-8-31 15920]R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-8-31 169752]R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2013-8-31 119528]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-9-16 25928]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\Drivers\nvvad64v.sys [2013-12-17 39200]R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-8-31 34544]S2 Mobile Partner. RunOuc;Mobile Partner. OUC;C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-12-29 655712]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-11-13 156160]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]S3 Disc Soft Bus Service;Disc Soft Bus Service;C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-6-25 632352]S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\Drivers\ew_hwusbdev.sys [2013-12-29 117248]S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\Drivers\ew_usbenumfilter.sys [2013-12-29 13952]S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-8-31 1471792]S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\Drivers\ew_jucdcacm.sys [2013-12-29 104448]S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\Drivers\ew_juextctrl.sys [2013-12-29 30720]S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\Drivers\ew_juwwanecm.sys [2013-12-29 238080]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-11-15 272176]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-8-20 204568]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"ShellExec: SC2Editor.exe: open="C:/Program Files (x86)/StarCraft II/Support/SC2Editor.exe" "%1"ShellExec: SC2Switcher.exe: open="C:/Program Files (x86)/StarCraft II/Support/SC2Switcher.exe" "%1".=============== Created Last 30 ================.2014-01-19 14:48:15 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10230.bin2014-01-14 04:54:59 92272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll2014-01-13 03:06:35 -------- d-----w- C:\Windows\SysWow64\NV2014-01-13 03:06:35 -------- d-----w- C:\Windows\System32\NV2014-01-09 07:49:05 -------- d-----w- C:\Program Files (x86)\SkypeWebPlugin2014-01-02 14:30:03 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Wargaming.net2013-12-30 03:19:06 90112 ----a-w- C:\Windows\System32\drivers\ew_jubusenum.sys2013-12-30 03:19:06 76800 ----a-w- C:\Windows\System32\drivers\ew_jucdcecm.sys2013-12-30 03:19:06 450048 ----a-w- C:\Windows\System32\drivers\ewusbwwan.sys2013-12-30 03:19:06 32768 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys2013-12-30 03:19:06 30720 ----a-w- C:\Windows\System32\drivers\ew_juextctrl.sys2013-12-30 03:19:06 238080 ----a-w- C:\Windows\System32\drivers\ew_juwwanecm.sys2013-12-30 03:19:06 225920 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys2013-12-30 03:19:06 22016 ----a-w- C:\Windows\System32\drivers\ew_hwupgrade.sys2013-12-30 03:19:06 13952 ----a-w- C:\Windows\System32\drivers\ew_usbenumfilter.sys2013-12-30 03:19:06 117248 ----a-w- C:\Windows\System32\drivers\ew_hwusbdev.sys2013-12-30 03:19:06 104448 ----a-w- C:\Windows\System32\drivers\ew_jucdcacm.sys2013-12-30 03:19:06 1001472 ----a-w- C:\Windows\System32\drivers\mod7700.sys2013-12-28 03:51:52 -------- d-----w- C:\Users\Jeff\AppData\Local\SkypeWebPlugin2013-12-27 08:20:54 -------- d-----w- C:\ProgramData\Mobile Partner2013-12-27 08:20:41 1490656 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01007.dll2013-12-27 08:20:34 -------- d-----w- C:\Program Files (x86)\Mobile Partner2013-12-27 08:20:17 -------- d-----w- C:\ProgramData\DatacardService2013-12-23 00:46:47 -------- d-----w- C:\ProgramData\Blizzard Entertainment2013-12-23 00:46:47 -------- d-----w- C:\Program Files (x86)\StarCraft II2013-12-23 00:46:47 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment2013-12-23 00:46:13 -------- d-----w- C:\ProgramData\Battle.net.==================== Find3M ====================.2014-01-09 08:02:07 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-01-09 08:02:07 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe2013-12-19 18:53:44 67072 ----a-w- C:\Windows\System32\nv3dappshextr.dll2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll2013-12-19 18:53:44 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll2013-12-19 18:53:44 1065248 ----a-w- C:\Windows\System32\nv3dappshext.dll2013-12-19 05:01:48 3539040 ----a-w- C:\Windows\System32\nvcoproc.bin2013-12-19 04:20:22 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe2013-12-10 03:49:34 179904 ----a-w- C:\Windows\System32\drivers\BAPIDRV64.SYS2013-12-10 02:13:11 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll2013-12-10 02:13:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll2013-12-09 02:04:01 41152 ----a-w- C:\Windows\System32\drivers\360Camera64.sys2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll2013-11-29 07:55:21 228544 ----a-w- C:\Windows\System32\drivers\360FsFlt.sys2013-11-29 07:55:11 305856 ----a-w- C:\Windows\System32\drivers\360Box64.sys2013-11-27 12:10:43 97480 ----a-w- C:\Windows\System32\drivers\360AntiHacker64.sys2013-11-23 06:43:58 420864 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-23 05:05:01 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-14 11:58:09 1884448 ----a-w- C:\Windows\System32\nvdispco6433182.dll2013-11-14 11:58:09 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433182.dll2013-11-06 23:18:57 4036608 ----a-w- C:\Windows\System32\win32k.sys2013-11-05 00:48:47 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-11-01 05:38:21 312320 ----a-w- C:\Windows\System32\msieftp.dll2013-11-01 03:49:24 273408 ----a-w- C:\Windows\SysWow64\msieftp.dll2013-10-31 05:56:24 915968 ----a-w- C:\Windows\System32\MPSSVC.dll2013-10-31 05:56:02 758784 ----a-w- C:\Windows\System32\FirewallAPI.dll2013-10-31 04:01:46 550400 ----a-w- C:\Windows\SysWow64\FirewallAPI.dll2013-10-31 03:42:19 74752 ----a-w- C:\Windows\System32\drivers\mpsdrv.sys2013-10-28 05:50:42 588288 ----a-w- C:\Windows\System32\SHCore.dll2013-10-28 04:05:52 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll2013-10-25 06:19:12 915968 ----a-w- C:\Windows\System32\uxtheme.dll2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-10-23 10:30:23 1884448 ----a-w- C:\Windows\System32\nvdispco6433165.dll2013-10-23 10:30:23 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433165.dll.============= FINISH: 12:02:38.02 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 8Boot Device: \Device\HarddiskVolume2Install Date: 8/31/2013 8:54:51 PMSystem Uptime: 1/19/2014 11:42:47 AM (1 hours ago).Motherboard: ASUSTeK COMPUTER INC. | | N56VJProcessor: Intel® Core i7-3630QM CPU @ 2.40GHz | SOCKET 0 | 2401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 245 GiB total, 80.305 GiB free.D: is FIXED (NTFS) - 231 GiB total, 139.523 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP45: 12/27/2013 9:59:30 PM - Scheduled CheckpointRP46: 1/5/2014 11:37:30 AM - Scheduled CheckpointRP47: 1/9/2014 2:48:58 AM - Windows UpdateRP48: 1/15/2014 1:50:54 AM - Windows Update.==== Installed Programs ======================.360 Internet Security7-Zip 9.22betaAdobe Acrobat X Pro - English, Français, DeutschAdobe AIRAdobe Creative Suite 6 Master CollectionAdobe Flash Player 11 PluginAdobe Help ManagerAdobe Widget BrowserAkamai NetSession InterfaceApple Application SupportApple Mobile Device SupportApple Software UpdateArcGIS 10.1 for DesktopArcGIS 10.1 License ManagerAutoCAD 2014 - EnglishAutoCAD 2014 Language Pack - EnglishAutodesk 360Autodesk App ManagerAutodesk AutoCAD 2014 - EnglishAutodesk AutoCAD 2014 - English SP1Autodesk AutoCAD Map 3D 2014Autodesk AutoCAD Map 3D 2014 Language PackAutodesk Autodesk AutoCAD Map 3D 2014Autodesk Content ServiceAutodesk Content Service Language PackAutodesk Featured AppsAutodesk Material Library 2014Autodesk Material Library Base Resolution Image Library 2014Autodesk Material Library Low Resolution Image Library 2014Autodesk Material Library Medium Resolution Image Library 2014Autodesk ReCapAutodesk ReCap Language Pack-EnglishAutodesk Revit 2014Autodesk Vasari Beta 3Autodesk Workflows 2014BitTorrentBonjourClassic ShellDAEMON Tools UltraDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDota 2DropboxEPSON ScanESET Online Scanner v3ETDWare PS/2-X64 11.5.11.3_WHQLFARO LS 1.1.501.0 (64bit)GeForce Experience NvStream Client ComponentsGoogle ChromeGoogle EarthGoogle Talk PluginGoogle Update HelperIBM SPSS Statistics 22Intel PROSet WirelessIntel® Processor GraphicsIntel® PROSet/Wireless for Bluetooth® + High SpeedIntel® SDK for OpenCL - CPU Only Runtime PackageIntel® PROSet/Wireless WiFi SoftwareiTunesJava 7 Update 45Java Auto UpdaterK-Lite Mega Codec Pack 10.0.5League of LegendsMalwarebytes Anti-Malware version 1.75.0.1300Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Home and Student 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2012 Native Client Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Mobile PartnerMozilla Firefox 26.0 (x86 en-US)Mozilla Maintenance ServiceNVIDIA 3D Vision Driver 332.21NVIDIA Control Panel 332.21NVIDIA GeForce Experience 1.8.1NVIDIA Graphics Driver 332.21NVIDIA Install ApplicationNVIDIA LED Visualizer 1.0NVIDIA Network ServiceNVIDIA Optimus Update 10.11.15NVIDIA PhysXNVIDIA PhysX System Software 9.13.0725NVIDIA ShadowPlay 10.11.15NVIDIA Stereoscopic 3D DriverNVIDIA Update 10.11.15NVIDIA Update CoreNVIDIA Virtual Audio 1.2.19Pando Media BoosterPDF Settings CS6Qualcomm Atheros Client Installation ProgramQualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverQuickTimeRealtek High Definition Audio DriverRevit 2014Revit 2014 Language Pack - EnglishScorpionSaverSecurity Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2850016) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2837597) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionSHIELD StreamingSketchUp 2013SketchUp Import for AutoCAD 2014Skype Web PluginSkype™ 6.11SpotifyStarCraft IISteamTweaking.com - Windows Repair (All in One)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2850079) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2837593) 32-Bit EditionVasari Beta 3Vasari Beta 3 Language Pack - EnglishVasari Prototype CFD Visualisation Plug-inVasari Solar Radiation Plug-inVasari STL Export Plug-inVasari Wind Analysis Plug-inVisual C++ 2008 - x64 (KB958357) - v9.0.30729.177Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177VLC media player 2.0.6VLC media player 2.1.2WD Drive UtilitiesWD Quick ViewWD SecurityWD SmartWareWD SmartWare InstallerWinRAR archiverWorld of TanksZipX V3.01.==== Event Viewer Messages From Past Week ========.1/19/2014 11:42:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. OUC service to connect.1/19/2014 11:42:54 AM, Error: Service Control Manager [7000] - The Mobile Partner. OUC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File ===========================
  11. Nvm I found the log. It isn't provided everyday. I'll upload them here: 2013/09/19 12:53:16 -0400 PO-PC Jeff MESSAGE Executing scheduled update: Daily 2013/09/19 12:53:22 -0400 PO-PC Jeff MESSAGE Scheduled update executed successfully: database updated from version v2013.09.16.06 to version v2013.09.19.06 2013/09/19 12:53:22 -0400 PO-PC Jeff MESSAGE Starting database refresh 2013/09/19 12:53:22 -0400 PO-PC Jeff MESSAGE Stopping IP protection 2013/09/19 12:53:22 -0400 PO-PC Jeff MESSAGE IP Protection stopped successfully 2013/09/19 12:53:24 -0400 PO-PC Jeff MESSAGE Database refreshed successfully 2013/09/19 12:53:24 -0400 PO-PC Jeff MESSAGE Starting IP protection 2013/09/19 12:53:25 -0400 PO-PC Jeff MESSAGE IP Protection started successfully 2013/09/19 13:14:04 -0400 PO-PC Jeff IP-BLOCK 194.146.189.130 (Type: incoming, Port: 47870, Process: skype.exe) 2013/09/19 13:14:04 -0400 PO-PC Jeff IP-BLOCK 194.146.189.130 (Type: incoming, Port: 47870, Process: svchost.exe) 2013/09/19 13:14:04 -0400 PO-PC Jeff IP-BLOCK 194.146.189.130 (Type: incoming, Port: 47870, Process: svchost.exe) 2013/09/19 13:14:04 -0400 PO-PC Jeff IP-BLOCK 194.146.189.130 (Type: incoming, Port: 47870, Process: svchost.exe) 2013/09/19 23:07:42 -0400 PO-PC (null) MESSAGE Starting protection 2013/09/19 23:07:42 -0400 PO-PC (null) MESSAGE Protection started successfully 2013/09/19 23:07:42 -0400 PO-PC (null) MESSAGE Starting IP protection 2013/09/19 23:07:43 -0400 PO-PC (null) MESSAGE IP Protection started successfully 2013/09/19 23:20:32 -0400 PO-PC (null) MESSAGE Starting protection 2013/09/19 23:20:32 -0400 PO-PC (null) MESSAGE Protection started successfully 2013/09/19 23:20:32 -0400 PO-PC (null) MESSAGE Starting IP protection 2013/09/19 23:20:33 -0400 PO-PC (null) MESSAGE IP Protection started successfully 2013/09/19 23:36:26 -0400 PO-PC (null) MESSAGE Starting protection 2013/09/19 23:36:26 -0400 PO-PC (null) MESSAGE Protection started successfully 2013/09/19 23:36:26 -0400 PO-PC (null) MESSAGE Starting IP protection 2013/09/19 23:36:27 -0400 PO-PC (null) MESSAGE IP Protection started successfully 2013/09/23 17:49:52 -0400 PO-PC Jeff MESSAGE Executing scheduled update: Daily 2013/09/23 17:49:52 -0400 PO-PC Jeff ERROR Scheduled update failed: No address found failed with error code 0 2013/09/23 18:46:24 -0400 PO-PC Jeff IP-BLOCK 194.146.191.234 (Type: outgoing, Port: 54847, Process: bittorrent.exe) 2013/09/23 19:17:04 -0400 PO-PC Jeff IP-BLOCK 194.146.191.234 (Type: outgoing, Port: 54847, Process: bittorrent.exe) 2013/09/23 19:32:48 -0400 PO-PC Jeff IP-BLOCK 91.188.34.186 (Type: outgoing, Port: 54847, Process: bittorrent.exe) 2013/09/23 19:32:56 -0400 PO-PC Jeff IP-BLOCK 194.146.191.234 (Type: outgoing, Port: 54847, Process: bittorrent.exe) 2013/09/23 19:34:16 -0400 PO-PC Jeff IP-BLOCK 77.78.237.215 (Type: outgoing, Port: 54847, Process: bittorrent.exe) 2013/09/23 19:45:51 -0400 PO-PC (null) MESSAGE Starting protection 2013/09/23 19:45:51 -0400 PO-PC (null) MESSAGE Protection started successfully 2013/09/23 19:45:51 -0400 PO-PC (null) MESSAGE Starting IP protection 2013/09/23 19:45:52 -0400 PO-PC (null) MESSAGE IP Protection started successfully 2013/09/24 22:13:27 -0400 PO-PC (null) MESSAGE Starting protection 2013/09/24 22:13:27 -0400 PO-PC (null) MESSAGE Protection started successfully 2013/09/24 22:13:27 -0400 PO-PC (null) MESSAGE Starting IP protection 2013/09/24 22:13:28 -0400 PO-PC (null) MESSAGE IP Protection started successfully
  12. Is this the protection log? Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.19.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16688 Jeff :: PO-PC [administrator] Protection: Enabled 9/25/2013 6:29:39 PM mbam-log-2013-09-25 (18-29-39).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 498827 Time elapsed: 15 minute(s), 37 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  13. Here is the first log: # AdwCleaner v3.005 - Report created 24/09/2013 at 22:12:51# Updated 22/09/2013 by Xplode# Operating System : Windows 8 (64 bits)# Username : Jeff - PO-PC# Running from : C:\Users\Jeff\Desktop\adwcleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16688 -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default\prefs.js ] -\\ Google Chrome v29.0.1547.76 [ File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [863 octets] - [16/09/2013 10:13:03]AdwCleaner[R1].txt - [981 octets] - [24/09/2013 22:11:48]AdwCleaner[s0].txt - [923 octets] - [16/09/2013 10:14:00]AdwCleaner[s1].txt - [903 octets] - [24/09/2013 22:12:51] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [962 octets] ########## Here is the second log: Results of screen317's Security Check version 0.99.73 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender 360 Internet Security 2013 WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Flash Player 11.8.800.168 Mozilla Firefox (23.0.1) Google Chrome 29.0.1547.66 Google Chrome 29.0.1547.76 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  14. So it is normal that I still receive those messages about malwarebytes blocking potential suspicious sites? I'm just using the web for regular activities like facebook and research...
  15. I noticed one important update and a couple optional ones. The "important" one was for 2010 Microsoft Office applications and was posted back in July 2013. The "optional" one was just posted earlier this month. I updated both of them and it was successful. Is there anything else that I should do? What exactly was wrong with my computer in the first place? I actually noticed the same message again just last night, saying it has blocked access to potentially malicious websites.
  16. Also Maurice, I'll be out of town for the next couple days and won't be bringing my laptop with me. Just giving you a heads up if you don't hear back from me in the next couple days. I'll be back on Monday. Thanks!
  17. Here it is: Farbar Service Scanner Version: 13-09-2013Ran by Jeff (administrator) on 20-09-2013 at 07:08:24Running from "C:\Users\Jeff\Desktop"Microsoft Windows 8 (X64)Boot Mode: Normal**************************************************************** Internet Services:============ Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo.com is accessible. Windows Firewall:============= Firewall Disabled Policy: ================== System Restore:============ System Restore Disabled Policy: ======================== Action Center:============ Windows Update:============wuauserv Service is not running. Checking service configuration:The start type of wuauserv service is OK.The ImagePath of wuauserv service is OK.The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll". Windows Autoupdate Disabled Policy: ============================ Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is set to Demand. The default start type is Auto.The ImagePath of WinDefend service is OK. Windows Defender Disabled Policy: ==========================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]"DisableAntiSpyware"=DWORD:1 Other Services:============== File Check:========C:\Windows\System32\nsisvc.dll => MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys => MD5 is legitC:\Windows\System32\dhcpcore.dll => MD5 is legitC:\Windows\System32\drivers\afd.sys => MD5 is legitC:\Windows\System32\drivers\tdx.sys => MD5 is legitC:\Windows\System32\Drivers\tcpip.sys => MD5 is legitC:\Windows\System32\dnsrslvr.dll => MD5 is legitC:\Windows\System32\mpssvc.dll => MD5 is legitC:\Windows\System32\bfe.dll[2013-09-10 22:13] - [2013-06-10 15:15] - 0723968 ____A (Microsoft Corporation) 73133A0C0CA63817BFF2CB9DE65B64E7 C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legitC:\Windows\System32\SDRSVC.dll => MD5 is legitC:\Windows\System32\vssvc.exe => MD5 is legitC:\Windows\System32\wscsvc.dll => MD5 is legitC:\Windows\System32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\System32\wuaueng.dll[2013-09-10 22:13] - [2013-08-16 01:21] - 3275776 ____A (Microsoft Corporation) 9DEC60D4783377097014DFCCA31E69F8 C:\Windows\System32\qmgr.dll => MD5 is legitC:\Windows\System32\es.dll => MD5 is legitC:\Windows\System32\cryptsvc.dll => MD5 is legitC:\Program Files\Windows Defender\MpSvc.dll => MD5 is legitC:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  18. Hi Maurice, So I ran the Windows Repair and there are several log files. I'm not sure if you want me to upload all of them? I'll paste them below. Starting Repairs... Start (9/19/2013 11:26:40 PM) 01 - Reset Registry Permissions 01/03 HKEY_CURRENT_USER & Sub Keys Start (9/19/2013 11:26:40 PM) Running Repair Under Current User Account Done (9/19/2013 11:26:45 PM) 01 - Reset Registry Permissions 02/03 HKEY_LOCAL_MACHINE & Sub Keys Start (9/19/2013 11:26:45 PM) Running Repair Under System Account Done (9/19/2013 11:26:48 PM) 01 - Reset Registry Permissions 03/03 HKEY_CLASSES_ROOT & Sub Keys Start (9/19/2013 11:26:48 PM) Running Repair Under System Account Done (9/19/2013 11:28:00 PM) 02 - Reset File Permissions 01/15 C:\360SANDBOX & Sub Folders Start (9/19/2013 11:28:00 PM) Running Repair Under System Account Done (9/19/2013 11:28:02 PM) 02 - Reset File Permissions 02/15 C:\AdwCleaner & Sub Folders Start (9/19/2013 11:28:02 PM) Running Repair Under System Account Done (9/19/2013 11:28:05 PM) 02 - Reset File Permissions 03/15 C:\Autodesk & Sub Folders Start (9/19/2013 11:28:05 PM) Running Repair Under System Account Done (9/19/2013 11:28:24 PM) 02 - Reset File Permissions 04/15 C:\Intel & Sub Folders Start (9/19/2013 11:28:24 PM) Running Repair Under System Account Done (9/19/2013 11:28:26 PM) 02 - Reset File Permissions 05/15 C:\MSOCache & Sub Folders Start (9/19/2013 11:28:26 PM) Running Repair Under System Account Done (9/19/2013 11:28:28 PM) 02 - Reset File Permissions 06/15 C:\NVIDIA & Sub Folders Start (9/19/2013 11:28:28 PM) Running Repair Under System Account Done (9/19/2013 11:28:31 PM) 02 - Reset File Permissions 07/15 C:\PerfLogs & Sub Folders Start (9/19/2013 11:28:31 PM) Running Repair Under System Account Done (9/19/2013 11:28:33 PM) 02 - Reset File Permissions 08/15 C:\Program Files & Sub Folders Start (9/19/2013 11:28:33 PM) Running Repair Under System Account Done (9/19/2013 11:29:37 PM) 02 - Reset File Permissions 09/15 C:\Program Files (x86) & Sub Folders Start (9/19/2013 11:29:37 PM) Running Repair Under System Account Done (9/19/2013 11:30:48 PM) 02 - Reset File Permissions 10/15 C:\ProgramData & Sub Folders Start (9/19/2013 11:30:48 PM) Running Repair Under System Account Done (9/19/2013 11:31:07 PM) 02 - Reset File Permissions 11/15 C:\Python27 & Sub Folders Start (9/19/2013 11:31:07 PM) Running Repair Under System Account Done (9/19/2013 11:31:17 PM) 02 - Reset File Permissions 12/15 C:\Qoobox & Sub Folders Start (9/19/2013 11:31:17 PM) Running Repair Under System Account Done (9/19/2013 11:31:20 PM) 02 - Reset File Permissions 13/15 C:\RegBackup & Sub Folders Start (9/19/2013 11:31:20 PM) Running Repair Under System Account Done (9/19/2013 11:31:22 PM) 02 - Reset File Permissions 14/15 C:\swapfile.sys & Sub Folders Start (9/19/2013 11:31:22 PM) Running Repair Under System Account Done (9/19/2013 11:31:25 PM) 02 - Reset File Permissions 15/15 C:\Windows & Sub Folders Start (9/19/2013 11:31:25 PM) Running Repair Under System Account Done (9/19/2013 11:33:26 PM) 02 - Reset File Permissions 01/03 D:\Program Files & Sub Folders Start (9/19/2013 11:33:26 PM) Running Repair Under System Account Done (9/19/2013 11:33:28 PM) 02 - Reset File Permissions 02/03 D:\Riot Games & Sub Folders Start (9/19/2013 11:33:28 PM) Running Repair Under System Account Done (9/19/2013 11:33:51 PM) 02 - Reset File Permissions 03/03 D:\Torrent Downloads & Sub Folders Start (9/19/2013 11:33:51 PM) Running Repair Under System Account Done (9/19/2013 11:33:54 PM) 02 - Reset File Permissions: Cleanup & Sub Folders Start (9/19/2013 11:33:54 PM) Running Repair Under System Account Done (9/19/2013 11:33:58 PM) 03 - Register System Files Start (9/19/2013 11:33:58 PM) Running Repair Under Current User Account Running Repair Under System Account Done (9/19/2013 11:34:27 PM) 05 - Repair Windows Firewall Start (9/19/2013 11:34:27 PM) Running Repair Under Current User Account Running Repair Under System Account Done (9/19/2013 11:35:01 PM) 16 - Repair Windows Updates Start (9/19/2013 11:35:01 PM) Running Repair Under Current User Account Running Repair Under System Account Done (9/19/2013 11:35:22 PM) Cleaning up empty logs... All Selected Repairs Done. Done (9/19/2013 11:35:22 PM) Total Repair Time: 00:08:42 ...YOU MUST RESTART YOUR SYSTEM... Running Repair Under Current User Account The Internet Connection Sharing (ICS) service is not started. More help is available by typing NET HELPMSG 3521. The Internet Connection Sharing (ICS) service could not be started. The service did not report an error. More help is available by typing NET HELPMSG 3534. The Internet Connection Sharing (ICS) service is not started. More help is available by typing NET HELPMSG 3521. The Internet Connection Sharing (ICS) service could not be started. The service did not report an error. More help is available by typing NET HELPMSG 3534. The Windows Update service is not started. More help is available by typing NET HELPMSG 3521. The system cannot find the file specified.The Cryptographic Services service is not started. More help is available by typing NET HELPMSG 3521. The Background Intelligent Transfer Service service is not started. More help is available by typing NET HELPMSG 3521. The Windows Update service is not started. More help is available by typing NET HELPMSG 3521. The system cannot find the file specified. WARNING HKEY_CLASSES_ROOT\* : registry key is skipped (contains wildcard) WARNING HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard) HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver : 2 The system cannot find the file specified. HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver.1 : 2 The system cannot find the file specified. WARNING HKEY_CLASSES_ROOT\Wow6432Node\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard) WARNING HKEY_CLASSES_ROOT\* : registry key is skipped (contains wildcard) WARNING HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard) HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver : 2 The system cannot find the file specified. HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver.1 : 2 The system cannot find the file specified. WARNING HKEY_CLASSES_ROOT\Wow6432Node\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard) HKEY_CURRENT_USER\Software\360Safe - RegSetKeySecurity Error : 5 Access is denied. WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\* : registry key is skipped (contains wildcard) WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\* : registry key is skipped (contains wildcard) HKEY_CURRENT_USER\Software\360Safe - RegSetKeySecurity Error : 5 Access is denied. WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\* : registry key is skipped (contains wildcard) WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\* : registry key is skipped (contains wildcard) HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360AntiHacker - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64 - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances\360TopInstance64 - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera\Enum - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances\360TopInstance - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360rp - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\BAPIDRV - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360AntiHacker - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64 - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances\360TopInstance64 - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera\Enum - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances\360TopInstance - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360rp - RegSetKeySecurity Error : 5 Access is denied. HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\BAPIDRV - RegSetKeySecurity Error : 5 Access is denied.
  19. Hi Maurice, Here are the following logs you requested: Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2013.09.16.06 Windows 8 x64 NTFSInternet Explorer 10.0.9200.16688Jeff :: PO-PC [administrator] Protection: Enabled 9/19/2013 8:19:26 AMmbam-log-2013-09-19 (08-19-26).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 527771Time elapsed: 16 minute(s), 19 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) Farbar Service Scanner Version: 13-09-2013Ran by Jeff (administrator) on 19-09-2013 at 10:37:33Running from "C:\Users\Jeff\Downloads"Microsoft Windows 8 (X64)Boot Mode: Normal**************************************************************** Internet Services:============ Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo.com is accessible. Windows Firewall:============= Firewall Disabled Policy: ================== System Restore:============ System Restore Disabled Policy: ======================== Action Center:============ Windows Update:============wuauserv Service is not running. Checking service configuration:The start type of wuauserv service is OK.The ImagePath of wuauserv service is OK.The ServiceDll of wuauserv service is OK. Windows Autoupdate Disabled Policy: ============================ Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is set to Demand. The default start type is Auto.The ImagePath of WinDefend service is OK. Windows Defender Disabled Policy: ==========================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]"DisableAntiSpyware"=DWORD:1 Other Services:============== File Check:========C:\Windows\System32\nsisvc.dll => MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys => MD5 is legitC:\Windows\System32\dhcpcore.dll => MD5 is legitC:\Windows\System32\drivers\afd.sys => MD5 is legitC:\Windows\System32\drivers\tdx.sys => MD5 is legitC:\Windows\System32\Drivers\tcpip.sys => MD5 is legitC:\Windows\System32\dnsrslvr.dll => MD5 is legitC:\Windows\System32\mpssvc.dll => MD5 is legitC:\Windows\System32\bfe.dll[2013-09-10 22:13] - [2013-06-10 15:15] - 0723968 ____A (Microsoft Corporation) 73133A0C0CA63817BFF2CB9DE65B64E7 C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legitC:\Windows\System32\SDRSVC.dll => MD5 is legitC:\Windows\System32\vssvc.exe => MD5 is legitC:\Windows\System32\wscsvc.dll => MD5 is legitC:\Windows\System32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\System32\wuaueng.dll[2013-09-10 22:13] - [2013-08-16 01:21] - 3275776 ____A (Microsoft Corporation) 9DEC60D4783377097014DFCCA31E69F8 C:\Windows\System32\qmgr.dll => MD5 is legitC:\Windows\System32\es.dll => MD5 is legitC:\Windows\System32\cryptsvc.dll => MD5 is legitC:\Program Files\Windows Defender\MpSvc.dll => MD5 is legitC:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** ESET Online Scan did not find anything so there was no log file provided...
  20. Ah I see. I will leave 360 and disable the Windows Defender. However, if Malwarebytes is just an on-demand scanner, how come I was getting messages about access being blocked in the first place? Sorry for all these questions... Just thought the more I understand the more I learn for the future. Thanks.
  21. Thanks Maurice, I'm at work again but will do the removal as soon as I get home. I assume then that I should ONLY have the Malwarebytes program installed on my computer as my defence against viruses? I am just hesitant to delete Windows Defender as well just because it arrived as part of the Microsoft package or... in your opinion the Malwarebytes should be more than capable? Thanks once again.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.