Jump to content

heatherm

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by heatherm

  1. Mbar finished and all clear, couldn't find mbar-log.txt and system-log.txt files. Heather
  2. Fixlog attached. I think this has worked and am running MBAN now. Thank you so much. Heather Fixlog.txt
  3. here's the text file Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013Ran by SYSTEM on MININT-T4ECT7H on 17-10-2013 21:33:19Running from G:\Windows 7 Home Premium (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Recovery The current controlset is ControlSet001ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2011-01-05] (Acer Incorporated)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-06-26] (LeapFrog Enterprises, Inc.)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-24] (Apple Inc.)HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-10-17] (AVAST Software)HKU\Bethune\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-02] (Google Inc.)HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-14] ()HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-14] ()Startup: C:\Users\Bethune\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8tfrlcfr2.lnkShortcutTarget: 8tfrlcfr2.lnk -> C:\PROGRA~3\2rfclrft8.plz (Eggenberg Corporation)Startup: C:\Users\Bethune\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> (No File)Startup: C:\Users\Bethune\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JL Alpine Advent Calendar.lnkShortcutTarget: JL Alpine Advent Calendar.lnk -> C:\Program Files (x86)\JL Alpine Advent Calendar\JL Alpine Advent Calendar.exe () ==================== Services (Whitelisted) ================= S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-17] (AVAST Software)S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-05] (Symantec Corporation)S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-09-10] (Trusteer Ltd.)S2 SimpleHelpSimpleGatewayService; C:\Program Files\SimpleHelpService\SimpleService.exe [96416 2013-03-20] ()S2 Winmgmt; C:\PROGRA~3\7tlf0h2l.pzz [60512 2013-10-12] (Microsoft Corporation)S2 Winmgmt; C:\PROGRA~3\7tlf0h2l.pzz [60512 2013-10-12] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-17] (AVAST Software)S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-17] (AVAST Software)S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-17] (AVAST Software)S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-17] ()S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-17] (AVAST Software)S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-17] (AVAST Software)S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-17] (AVAST Software)S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-17] ()S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2008-04-01] (LeapFrog)S3 glavcam; C:\Windows\System32\DRIVERS\glavcam.sys [80000 2011-11-29] (Windows ® Codename Longhorn DDK provider)S1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-09-08] ()S1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-09-08] ()S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-09-10] (Trusteer Ltd.)S0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-09-10] (Trusteer Ltd.)S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-09-10] (Trusteer Ltd.)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-17 21:32 - 2013-10-17 21:32 - 00000000 ____D C:\FRST2013-10-17 09:09 - 2013-10-17 09:09 - 00000000 ____D C:\Users\Bethune\AppData\Roaming\AVAST Software2013-10-17 09:08 - 2013-10-17 12:16 - 00000448 _____ C:\Windows\setupact.log2013-10-17 09:08 - 2013-10-17 09:08 - 00021998 _____ C:\Windows\PFRO.log2013-10-17 09:08 - 2013-10-17 09:08 - 00000000 _____ C:\Windows\setuperr.log2013-10-17 08:51 - 2013-10-17 12:26 - 00036022 _____ C:\Windows\WindowsUpdate.log2013-10-16 15:06 - 2013-10-17 12:24 - 95025368 ____T C:\ProgramData\8tfrlcfr2.pff2013-10-16 15:06 - 2013-10-17 12:17 - 00000000 _____ C:\ProgramData\8tfrlcfr2.ctrl2013-10-16 15:06 - 2013-10-16 15:06 - 00229376 _____ (Eggenberg Corporation) C:\ProgramData\2rfclrft8.plz2013-10-16 15:06 - 2013-10-16 15:06 - 00060512 ____T (Microsoft Corporation) C:\ProgramData\8tfrlcfr2.pzz2013-10-12 01:58 - 2013-10-16 15:09 - 95025368 ____T C:\ProgramData\7tlf0h2l.pff2013-10-12 01:58 - 2013-10-16 15:08 - 00000000 _____ C:\ProgramData\7tlf0h2l.ctrl2013-10-12 01:58 - 2013-10-12 01:58 - 00060512 ____T (Microsoft Corporation) C:\ProgramData\7tlf0h2l.pzz2013-10-10 18:20 - 2013-09-22 15:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-10-10 18:20 - 2013-09-22 14:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-10-10 18:20 - 2013-09-20 19:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-10-10 18:20 - 2013-09-20 19:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-10-10 18:19 - 2013-09-22 15:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-10-10 18:19 - 2013-09-22 15:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-10-10 18:19 - 2013-09-22 15:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-10-10 18:19 - 2013-09-22 15:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-10-10 18:19 - 2013-09-22 15:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-10-10 18:19 - 2013-09-22 15:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-10-10 18:19 - 2013-09-22 15:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-10-10 18:19 - 2013-09-22 15:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-10-10 18:19 - 2013-09-22 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-10-10 18:19 - 2013-09-22 15:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-10-10 18:19 - 2013-09-22 15:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-10-10 18:19 - 2013-09-22 15:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-10-10 18:19 - 2013-09-22 14:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-10-10 18:19 - 2013-09-22 14:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-10-10 18:19 - 2013-09-22 14:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2013-10-10 18:19 - 2013-09-22 14:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-10-10 18:19 - 2013-09-22 14:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-10-10 18:19 - 2013-09-22 14:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-10-10 18:19 - 2013-09-22 14:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-10-10 18:19 - 2013-09-22 14:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-10-10 18:19 - 2013-09-22 14:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-10-10 18:19 - 2013-09-22 14:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2013-10-10 18:19 - 2013-09-22 14:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll2013-10-10 18:19 - 2013-09-22 14:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-10-10 18:19 - 2013-09-22 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll2013-10-10 18:19 - 2013-09-20 18:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2013-10-10 18:19 - 2013-09-20 18:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-10-09 06:57 - 2013-09-13 17:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys2013-10-09 06:57 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys2013-10-09 06:57 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\mswsock.dll2013-10-09 06:57 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll2013-10-09 06:57 - 2013-08-28 18:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe2013-10-09 06:57 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll2013-10-09 06:57 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll2013-10-09 06:57 - 2013-08-28 18:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll2013-10-09 06:57 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll2013-10-09 06:57 - 2013-08-28 17:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-10-09 06:57 - 2013-08-28 17:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-10-09 06:57 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-10-09 06:57 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2013-10-09 06:57 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2013-10-09 06:57 - 2013-08-27 17:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys2013-10-09 06:57 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys2013-10-09 06:57 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys2013-10-09 06:57 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll2013-10-09 06:57 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll2013-10-09 06:57 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll2013-10-09 06:57 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2013-10-09 06:57 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2013-10-09 06:57 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2013-10-09 06:57 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys2013-10-09 06:57 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys2013-10-09 06:57 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys2013-10-09 06:57 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys2013-10-09 06:57 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll2013-10-09 06:57 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll2013-10-09 06:57 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll2013-10-09 06:57 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll2013-10-09 06:57 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2013-10-09 06:57 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2013-10-09 06:57 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2013-10-09 06:57 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll2013-10-09 06:57 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2013-10-09 06:57 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2013-10-09 06:56 - 2013-09-04 04:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys2013-10-09 06:56 - 2013-09-04 04:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys2013-10-09 06:56 - 2013-09-04 04:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys2013-10-09 06:56 - 2013-09-04 04:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys2013-10-09 06:56 - 2013-09-04 04:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys2013-10-09 06:56 - 2013-09-04 04:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys2013-10-09 06:56 - 2013-09-04 04:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys2013-10-09 06:56 - 2013-08-28 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-10-09 06:56 - 2013-08-28 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-10-09 06:56 - 2013-08-28 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-10-09 06:56 - 2013-08-28 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-10-09 06:56 - 2013-08-28 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-10-09 06:56 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll2013-10-09 06:56 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys2013-10-09 06:56 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll2013-10-09 06:56 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2013-10-03 13:25 - 2013-10-03 13:25 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe2013-10-03 09:25 - 2013-10-17 08:48 - 00002455 _____ C:\Users\Public\Desktop\Norton Identity Safe.LNK2013-10-03 09:25 - 2013-10-17 08:48 - 00000000 ____D C:\Windows\System32\Drivers\NSTx642013-10-03 09:25 - 2013-10-03 09:25 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe2013-10-03 09:21 - 2013-10-17 09:06 - 01032416 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00409832 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00334648 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe2013-10-03 09:21 - 2013-10-17 09:06 - 00205320 _____ C:\Windows\System32\Drivers\aswVmm.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00092544 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00084328 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00065776 _____ C:\Windows\System32\Drivers\aswRvrt.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00065264 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00038984 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys2013-10-03 09:21 - 2013-10-17 09:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-10-03 09:21 - 2013-10-17 09:06 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk2013-10-03 09:21 - 2013-10-17 09:03 - 00000000 _____ C:\Windows\SysWOW64\config.nt2013-10-03 09:20 - 2013-10-17 09:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2013-10-03 09:20 - 2013-10-03 09:20 - 00000000 ____D C:\Program Files\AVAST Software2013-10-03 09:19 - 2013-10-17 09:03 - 00000000 ____D C:\ProgramData\AVAST Software2013-10-03 09:14 - 2013-10-03 09:17 - 131918888 _____ C:\Users\Bethune\Downloads\avast_free_antivirus_setup.exe2013-09-18 06:38 - 2013-09-28 03:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-10-17 21:32 - 2013-10-17 21:32 - 00000000 ____D C:\FRST2013-10-17 12:26 - 2013-10-17 08:51 - 00036022 _____ C:\Windows\WindowsUpdate.log2013-10-17 12:26 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-10-17 12:26 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-10-17 12:24 - 2013-10-16 15:06 - 95025368 ____T C:\ProgramData\8tfrlcfr2.pff2013-10-17 12:20 - 2013-01-24 13:08 - 00000000 ____D C:\Users\Bethune\AppData\Roaming\Dropbox2013-10-17 12:17 - 2013-10-16 15:06 - 00000000 _____ C:\ProgramData\8tfrlcfr2.ctrl2013-10-17 12:17 - 2013-01-24 13:11 - 00000000 ___RD C:\Users\Bethune\Dropbox2013-10-17 12:16 - 2013-10-17 09:08 - 00000448 _____ C:\Windows\setupact.log2013-10-17 12:16 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-10-17 11:10 - 2012-06-06 11:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-10-17 09:11 - 2013-03-20 08:59 - 00000000 ____D C:\Program Files\SimpleHelpService2013-10-17 09:09 - 2013-10-17 09:09 - 00000000 ____D C:\Users\Bethune\AppData\Roaming\AVAST Software2013-10-17 09:08 - 2013-10-17 09:08 - 00021998 _____ C:\Windows\PFRO.log2013-10-17 09:08 - 2013-10-17 09:08 - 00000000 _____ C:\Windows\setuperr.log2013-10-17 09:06 - 2013-10-03 09:21 - 01032416 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00409832 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00334648 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe2013-10-17 09:06 - 2013-10-03 09:21 - 00205320 _____ C:\Windows\System32\Drivers\aswVmm.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00092544 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00084328 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00065776 _____ C:\Windows\System32\Drivers\aswRvrt.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00065264 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00038984 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys2013-10-17 09:06 - 2013-10-03 09:21 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-10-17 09:06 - 2013-10-03 09:21 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk2013-10-17 09:06 - 2013-10-03 09:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2013-10-17 09:03 - 2013-10-03 09:21 - 00000000 _____ C:\Windows\SysWOW64\config.nt2013-10-17 09:03 - 2013-10-03 09:19 - 00000000 ____D C:\ProgramData\AVAST Software2013-10-17 08:48 - 2013-10-03 09:25 - 00002455 _____ C:\Users\Public\Desktop\Norton Identity Safe.LNK2013-10-17 08:48 - 2013-10-03 09:25 - 00000000 ____D C:\Windows\System32\Drivers\NSTx642013-10-16 15:09 - 2013-10-12 01:58 - 95025368 ____T C:\ProgramData\7tlf0h2l.pff2013-10-16 15:08 - 2013-10-12 01:58 - 00000000 _____ C:\ProgramData\7tlf0h2l.ctrl2013-10-16 15:06 - 2013-10-16 15:06 - 00229376 _____ (Eggenberg Corporation) C:\ProgramData\2rfclrft8.plz2013-10-16 15:06 - 2013-10-16 15:06 - 00060512 ____T (Microsoft Corporation) C:\ProgramData\8tfrlcfr2.pzz2013-10-16 14:52 - 2011-05-02 14:27 - 00000000 ____D C:\Users\Bethune\AppData\Roaming\Skype2013-10-14 09:58 - 2009-07-13 21:13 - 00727334 _____ C:\Windows\System32\PerfStringBackup.INI2013-10-12 02:09 - 2007-07-11 17:49 - 00000000 ____D C:\Windows\Panther2013-10-12 01:58 - 2013-10-12 01:58 - 00060512 ____T (Microsoft Corporation) C:\ProgramData\7tlf0h2l.pzz2013-10-10 19:31 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache2013-10-10 18:42 - 2009-07-13 20:45 - 00291344 _____ C:\Windows\System32\FNTCACHE.DAT2013-10-10 18:41 - 2013-03-13 16:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight2013-10-10 18:41 - 2011-03-10 09:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2013-10-10 18:10 - 2013-08-25 18:01 - 00000000 ____D C:\Windows\System32\MRT2013-10-10 18:06 - 2011-05-22 11:47 - 80541720 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe2013-10-10 11:00 - 2011-07-07 13:16 - 00000000 ____D C:\Users\Bethune\AppData\Roaming\SoftGrid Client2013-10-09 08:10 - 2012-06-06 11:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-10-09 08:10 - 2012-06-06 11:35 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-10-09 08:10 - 2011-05-14 01:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-10-08 09:41 - 2011-05-02 05:53 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-10-08 09:41 - 2011-05-02 05:53 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-10-07 09:40 - 2011-05-02 05:53 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-10-07 09:40 - 2011-05-02 05:53 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-10-06 14:18 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF2013-10-03 13:25 - 2013-10-03 13:25 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe2013-10-03 09:29 - 2011-05-02 05:00 - 00000000 ____D C:\ProgramData\Norton2013-10-03 09:25 - 2013-10-03 09:25 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe2013-10-03 09:20 - 2013-10-03 09:20 - 00000000 ____D C:\Program Files\AVAST Software2013-10-03 09:17 - 2013-10-03 09:14 - 131918888 _____ C:\Users\Bethune\Downloads\avast_free_antivirus_setup.exe2013-10-02 23:17 - 2013-01-04 12:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2013-09-28 03:50 - 2013-09-18 06:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-09-28 03:50 - 2013-01-04 12:12 - 00000000 ____D C:\Users\Bethune\AppData\Local\Mozilla2013-09-22 15:28 - 2013-10-10 18:19 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-09-22 15:28 - 2013-10-10 18:19 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-09-22 15:27 - 2013-10-10 18:20 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-09-22 15:27 - 2013-10-10 18:19 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-09-22 15:27 - 2013-10-10 18:19 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-09-22 15:27 - 2013-10-10 18:19 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-09-22 15:27 - 2013-10-10 18:19 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-09-22 15:27 - 2013-10-10 18:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-09-22 15:27 - 2013-10-10 18:19 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-09-22 15:27 - 2013-10-10 18:19 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-09-22 15:27 - 2013-10-10 18:19 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-09-22 15:27 - 2013-10-10 18:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-09-22 15:27 - 2013-10-10 18:19 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-09-22 14:55 - 2013-10-10 18:19 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-09-22 14:55 - 2013-10-10 18:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-09-22 14:55 - 2013-10-10 18:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2013-09-22 14:54 - 2013-10-10 18:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-09-22 14:54 - 2013-10-10 18:19 - 19252224 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-09-22 14:54 - 2013-10-10 18:19 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-09-22 14:54 - 2013-10-10 18:19 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-09-22 14:54 - 2013-10-10 18:19 - 02647552 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-09-22 14:54 - 2013-10-10 18:19 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-09-22 14:54 - 2013-10-10 18:19 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-09-22 14:54 - 2013-10-10 18:19 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2013-09-22 14:54 - 2013-10-10 18:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll2013-09-22 14:54 - 2013-10-10 18:19 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-09-22 14:54 - 2013-10-10 18:19 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll2013-09-20 19:38 - 2013-10-10 18:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-09-20 19:30 - 2013-10-10 18:20 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-09-20 18:48 - 2013-10-10 18:19 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2013-09-20 18:39 - 2013-10-10 18:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe Files to move or delete:====================C:\ProgramData\2rfclrft8.plzC:\ProgramData\7tlf0h2l.ctrlC:\ProgramData\7tlf0h2l.pffC:\ProgramData\8tfrlcfr2.ctrlC:\ProgramData\8tfrlcfr2.pff Some content of TEMP:====================C:\Users\Bethune\AppData\Local\Temp\~tmf5569474145523156768.dll ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= 6Restore point made on: 2013-10-03 09:20:26Restore point made on: 2013-10-04 04:12:40Restore point made on: 2013-10-07 23:40:10Restore point made on: 2013-10-10 18:00:41Restore point made on: 2013-10-15 04:59:55Restore point made on: 2013-10-17 09:04:29 ==================== Memory info =========================== Percentage of memory in use: 24%Total physical RAM: 2806.71 MBAvailable physical RAM: 2128.53 MBTotal Pagefile: 2804.86 MBAvailable Pagefile: 2122.56 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.88 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:283.7 GB) NTFSDrive e: (PQSERVICE) (Fixed) (Total:15 GB) (Free:2.6 GB) NTFSDrive g: () (Removable) (Total:0.49 GB) (Free:0.02 GB) FATDrive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFSDrive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A2A18DA8)Partition 1: (Not Active) - (Size=15 GB) - (Type=27)Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS) ========================================================Disk: 1 (Size: 497 MB) (Disk ID: E53F59C3)Partition 1: (Active) - (Size=497 MB) - (Type=06) LastRegBack: 2013-10-10 15:24 ==================== End Of Log ============================
  4. Searched for this on the forums and have tried to boot up in safe mode but as soon as I get the windows desk top the computer shuts down and restarts with the police page in front. Cntrl alt delete does not seem to work but this could be due to faulty keyboard (daughter and milk incident). Any help very gladly accepted. I'm not at all computer savvy so small steps will be needed. Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.