Jump to content

ZoeS

Members
  • Posts

    14
  • Joined

  • Last visited

Everything posted by ZoeS

  1. Results of screen317's Security Check version 0.99.74 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Kaspersky PURE 2.0 Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 15 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader XI Mozilla Firefox (24.0) ````````Process Check: objlist.exe by Laurent```````` AVG avgemc.exe Kaspersky Lab Kaspersky PURE 2.0 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  2. Oh wow --- it worked!!! Thanks so very much!
  3. The "fix" seemed instaneous, not sure if that is ok. ---- Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-10-2013 Ran by Zoe at 2013-10-25 14:01:37 Run:1 Running from C:\Users\Zoe\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [backgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Zoe\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION HKCU\...\Runonce: [Application Restart #4] - C:\Users\Zoe\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Zoe\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --enable-touch-events --flag-switches-begin --flag-switches-end --restore-last-session SearchScopes: HKCU - {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = SearchScopes: HKCU - {99CDA7A6-E331-4022-B8A1-1059F4A04A9D} URL = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291326&CUI=UN39390525004846724&UM=2 BHO: No Name - {11111111-1111-1111-1111-110311551178} - No File FF Extension: firefox - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\firefox@qualitink.net.xpi FF Extension: trtv3 - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\trtv3@trtv.com.xpi ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BackgroundContainer => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #4 => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} => Key deleted successfully. HKCR\CLSID\{4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{99CDA7A6-E331-4022-B8A1-1059F4A04A9D} => Key deleted successfully. HKCR\CLSID\{99CDA7A6-E331-4022-B8A1-1059F4A04A9D} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178} => Key deleted successfully. HKCR\CLSID\{11111111-1111-1111-1111-110311551178} => Key not found. C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\firefox@qualitink.net.xpi => Moved successfully. C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\trtv3@trtv.com.xpi => Moved successfully. ==== End of Fixlog ====
  4. See below. Also, I did not click 'Fix' on Farbar Recovery. Should I? --- Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013 Ran by Zoe (administrator) on V5-571 on 25-10-2013 12:17:25 Running from C:\Users\Zoe\Desktop Windows 8 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE (Dropbox, Inc.) C:\Users\Zoe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations)) HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit) HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKCU\...\Run: [backgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Zoe\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION HKCU\...\Runonce: [Application Restart #4] - C:\Users\Zoe\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Zoe\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --enable-touch-events --flag-switches-begin --flag-switches-end --restore-last-session HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [LManager] - [x] HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [iObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1549120 2013-08-16] (IObit) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.) HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated) HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated) Startup: C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Zoe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com SearchScopes: HKLM - DefaultScope {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM - {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKCU - DefaultScope {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = SearchScopes: HKCU - {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = SearchScopes: HKCU - {99CDA7A6-E331-4022-B8A1-1059F4A04A9D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291326&CUI=UN39390525004846724&UM=2 BHO: No Name - {11111111-1111-1111-1111-110311551178} - No File BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Zoe\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\ascsurfingprotection@iobit.com FF Extension: firefox - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\firefox@qualitink.net.xpi FF Extension: trtv3 - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\trtv3@trtv.com.xpi FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated) S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [8704 2012-07-25] (Microsoft Corporation) R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-09-17] (ELAN Microelectronics Corp.) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R3 msiserver; C:\Windows\SysWow64\msiexec.exe [62976 2012-07-25] (Microsoft Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-06] (Microsoft Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-11-25] (Dritek System INC.) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-09-29] (IObit) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation) R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [670208 2013-04-08] (Microsoft Corporation) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation) R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch) R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch) R0 KL1; C:\Windows\system32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO) R1 kl2; C:\Windows\system32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [636760 2013-03-05] (Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-25] (Dritek System Inc.) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-25 12:17 - 2013-10-25 12:17 - 00000000 ____D C:\FRST 2013-10-25 12:16 - 2013-10-25 12:16 - 01955412 _____ (Farbar) C:\Users\Zoe\Desktop\FRST64.exe 2013-10-25 11:31 - 2013-10-25 11:34 - 00000000 ____D C:\AdwCleaner 2013-10-25 11:31 - 2013-10-25 11:31 - 01060070 _____ C:\Users\Zoe\Desktop\AdwCleaner.exe 2013-10-25 11:04 - 2013-10-25 11:05 - 00000035 _____ C:\Users\Zoe\Desktop\Thierry Birthday.txt 2013-10-25 10:05 - 2013-10-25 10:06 - 00005136 _____ C:\Users\Zoe\Desktop\attach.txt 2013-10-25 10:05 - 2013-10-25 10:05 - 00032599 _____ C:\Users\Zoe\Desktop\dds.txt 2013-10-25 10:02 - 2013-10-25 10:02 - 00688992 ____R (Swearware) C:\Users\Zoe\Desktop\dds.scr 2013-10-24 14:33 - 2013-10-24 14:33 - 00001091 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-24 14:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-24 14:32 - 2013-10-24 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zoe\Desktop\mbam-setup-1.75.0.1300.exe 2013-10-24 12:12 - 2013-09-26 01:46 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\TuneUp Software 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\AVG2014 2013-10-24 10:03 - 2013-10-24 10:04 - 00000000 ____D C:\ProgramData\AVG2014 2013-10-24 10:03 - 2013-10-24 10:03 - 00000000 ___HD C:\$AVG 2013-10-24 10:02 - 2013-10-24 10:03 - 22205064 _____ (Microsoft Corporation) C:\Users\Zoe\Desktop\Windows-KB890830-x64-V5.5.exe 2013-10-24 10:02 - 2013-10-24 10:02 - 00000000 ____D C:\Program Files (x86)\AVG 2013-10-24 09:58 - 2013-10-25 09:10 - 00000000 ____D C:\ProgramData\MFAData 2013-10-24 09:58 - 2013-10-24 10:11 - 00000000 ____D C:\Users\Zoe\AppData\Local\Avg2014 2013-10-24 09:58 - 2013-10-24 09:58 - 00000000 ____D C:\Users\Zoe\AppData\Local\MFAData 2013-10-24 09:21 - 2013-10-24 09:21 - 00003156 _____ C:\Windows\System32\Tasks\StartMenuAutoupdate 2013-10-24 09:14 - 2013-10-24 16:11 - 00031746 _____ C:\Windows\PFRO.log 2013-10-23 16:59 - 2013-10-25 11:36 - 00000294 _____ C:\Windows\Tasks\Driver Booster Update.job 2013-10-23 16:59 - 2013-10-23 16:59 - 00003210 _____ C:\Windows\System32\Tasks\Driver Booster Scan 2013-10-23 16:59 - 2013-10-23 16:59 - 00002544 _____ C:\Windows\System32\Tasks\Driver Booster Update 2013-10-23 16:59 - 2013-05-22 18:49 - 00017720 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys 2013-10-22 09:56 - 2013-10-22 09:56 - 00003358 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task 2013-10-22 09:55 - 2013-10-25 11:36 - 00001278 _____ C:\Windows\Tasks\Torntv 2-updater.job 2013-10-22 09:55 - 2013-10-25 11:36 - 00001170 _____ C:\Windows\Tasks\Torntv 2-codedownloader.job 2013-10-22 09:55 - 2013-10-25 11:36 - 00001080 _____ C:\Windows\Tasks\Torntv 2-enabler.job 2013-10-22 09:55 - 2013-10-25 11:35 - 00000000 ____D C:\Program Files (x86)\qualitink 2013-10-22 09:55 - 2013-10-22 09:55 - 00004282 _____ C:\Windows\System32\Tasks\Torntv 2-updater 2013-10-22 09:55 - 2013-10-22 09:55 - 00004174 _____ C:\Windows\System32\Tasks\Torntv 2-codedownloader 2013-10-22 09:55 - 2013-10-22 09:55 - 00004084 _____ C:\Windows\System32\Tasks\Torntv 2-enabler 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-16 11:19 - 2013-10-16 11:20 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\ProgramData\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Brother 2013-10-16 11:13 - 2012-09-10 16:31 - 00245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll 2013-10-16 11:13 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll 2013-10-16 11:13 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\SysWOW64\BroSNMP.dll 2013-10-16 11:13 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll 2013-10-16 11:13 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll 2013-10-16 11:09 - 2013-10-16 11:09 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2013-10-15 14:57 - 2013-10-15 17:10 - 00019883 _____ C:\Users\Zoe\Desktop\Blank Eval Form.xlsx 2013-10-15 11:03 - 2013-08-10 01:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2013-10-15 11:03 - 2013-08-02 02:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-10-15 11:03 - 2013-08-02 02:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2013-10-15 11:03 - 2013-08-02 02:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-10-15 11:03 - 2013-08-02 02:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-10-15 11:03 - 2013-08-02 01:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-10-15 11:03 - 2013-08-02 01:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-10-15 11:03 - 2013-08-02 01:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-10-15 11:03 - 2013-08-01 06:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-15 11:03 - 2013-04-09 19:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2013-10-15 11:03 - 2013-04-09 18:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2013-10-15 11:02 - 2013-08-10 01:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll 2013-10-15 11:02 - 2013-08-09 23:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2013-10-15 11:02 - 2013-08-03 02:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2013-10-15 11:02 - 2013-08-03 02:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2013-10-15 11:02 - 2013-08-03 02:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2013-10-15 11:02 - 2013-08-03 01:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2013-10-15 11:02 - 2013-08-03 01:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2013-10-15 11:02 - 2013-08-03 01:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll 2013-10-15 11:02 - 2013-08-02 01:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-10-15 11:02 - 2013-07-30 19:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml 2013-10-15 11:02 - 2013-07-24 19:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2013-10-15 11:02 - 2013-07-24 19:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2013-10-15 08:57 - 2013-10-15 08:57 - 00456592 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-10 13:20 - 2013-10-10 13:21 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2013-10-10 12:03 - 2013-10-01 21:38 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-10 12:03 - 2013-10-01 21:38 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-09 09:18 - 2013-09-22 19:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-09 09:18 - 2013-09-22 19:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-09 09:18 - 2013-09-22 18:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-09 09:18 - 2013-09-22 18:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-09 09:18 - 2013-09-22 18:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-09 09:18 - 2013-09-22 18:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-09 09:18 - 2013-07-05 20:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 09:18 - 2013-07-03 22:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 09:18 - 2013-05-15 18:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-10-09 09:18 - 2013-05-15 18:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-10-09 09:18 - 2013-05-14 09:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-09 09:18 - 2013-05-14 05:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-09 09:18 - 2013-04-28 18:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-09 09:18 - 2013-02-21 06:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-09 09:18 - 2013-02-21 06:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-09 09:18 - 2013-02-19 05:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-10-09 09:18 - 2012-11-08 00:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-09 09:18 - 2012-11-08 00:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-09 09:17 - 2013-08-23 01:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 09:17 - 2013-07-19 18:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 09:17 - 2013-07-19 18:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 09:17 - 2013-07-05 18:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 09:17 - 2013-07-05 18:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-10-09 09:17 - 2013-07-01 21:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2013-10-09 09:17 - 2013-07-01 21:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2013-10-09 09:17 - 2013-07-01 21:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS 2013-10-09 09:17 - 2013-07-01 18:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-10-09 09:17 - 2013-07-01 18:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-09 09:17 - 2013-06-28 23:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 09:17 - 2013-06-28 23:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 09:17 - 2013-06-28 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-09 09:17 - 2013-06-28 23:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 09:17 - 2013-06-22 01:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 09:17 - 2013-06-22 01:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2013-10-09 09:17 - 2013-05-26 19:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 09:17 - 2013-05-26 18:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 09:17 - 2013-05-24 23:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 09:17 - 2013-05-24 22:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-03 11:59 - 2013-10-11 17:23 - 00000064 _____ C:\Users\Zoe\Desktop\onsite stuff.txt 2013-10-03 07:10 - 2013-10-25 09:20 - 00000412 _____ C:\Users\Zoe\Desktop\Winners - eval form.txt 2013-10-01 11:48 - 2013-10-01 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-01 10:44 - 2013-08-16 01:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2013-10-01 10:44 - 2013-08-16 01:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2013-10-01 10:44 - 2013-08-16 01:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-10-01 10:44 - 2013-08-16 01:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2013-10-01 10:44 - 2013-08-16 01:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-10-01 10:44 - 2013-08-16 01:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2013-10-01 10:44 - 2013-08-16 01:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2013-10-01 10:44 - 2013-08-16 01:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-10-01 10:44 - 2013-08-15 18:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2013-10-01 10:44 - 2013-08-15 18:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2013-10-01 10:44 - 2013-08-15 18:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll 2013-10-01 10:42 - 2013-08-07 01:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2013-10-01 10:41 - 2013-07-09 04:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-10-01 10:41 - 2013-07-09 02:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-10-01 10:41 - 2013-07-09 00:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-10-01 10:41 - 2013-07-08 23:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-10-01 10:41 - 2013-07-08 18:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-10-01 10:41 - 2013-07-08 18:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-10-01 10:41 - 2013-07-08 18:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-10-01 10:41 - 2013-07-08 18:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-10-01 10:41 - 2013-07-05 20:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-10-01 10:41 - 2013-07-02 20:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-10-01 10:41 - 2013-07-02 20:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-10-01 10:41 - 2013-07-02 20:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-10-01 10:41 - 2013-07-02 20:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-10-01 10:41 - 2013-07-02 20:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-10-01 10:41 - 2013-07-02 20:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-10-01 10:41 - 2013-07-02 20:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-10-01 10:41 - 2013-06-30 18:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-10-01 10:41 - 2013-06-30 18:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-10-01 10:41 - 2013-06-29 02:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-10-01 10:41 - 2013-06-29 02:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-10-01 10:41 - 2013-06-29 01:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-10-01 10:41 - 2013-06-28 21:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-10-01 10:41 - 2013-06-25 23:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-10-01 10:41 - 2013-06-25 22:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-10-01 10:41 - 2013-06-24 18:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-10-01 10:41 - 2013-06-24 18:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-10-01 10:41 - 2013-06-24 18:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-10-01 10:41 - 2013-06-19 01:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-10-01 10:41 - 2013-06-19 01:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-10-01 10:41 - 2013-06-18 18:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-10-01 10:41 - 2013-06-18 18:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-10-01 10:41 - 2013-06-11 19:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-10-01 10:41 - 2013-06-11 19:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-10-01 10:41 - 2013-06-10 17:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-10-01 10:41 - 2013-06-10 15:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-10-01 10:41 - 2013-06-10 15:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-10-01 10:41 - 2013-06-10 15:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-10-01 10:41 - 2013-06-10 15:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-10-01 10:41 - 2013-06-10 15:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-10-01 10:41 - 2013-06-10 15:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-10-01 10:41 - 2013-06-06 04:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-10-01 10:39 - 2013-10-16 09:25 - 00000000 ____D C:\ProgramData\Brother 2013-10-01 10:39 - 2013-10-05 06:53 - 00000334 _____ C:\Windows\BRCALIB.INI 2013-10-01 10:29 - 2013-10-01 10:29 - 00000000 _____ C:\asc_rdflag 2013-09-30 10:45 - 2013-04-17 20:20 - 00026432 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe 2013-09-25 21:07 - 2013-09-25 21:07 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys ==================== One Month Modified Files and Folders ======= 2013-10-25 12:17 - 2013-10-25 12:17 - 00000000 ____D C:\FRST 2013-10-25 12:16 - 2013-10-25 12:16 - 01955412 _____ (Farbar) C:\Users\Zoe\Desktop\FRST64.exe 2013-10-25 12:03 - 2013-03-15 15:54 - 02914816 ___SH C:\Users\Zoe\Desktop\Thumbs.db 2013-10-25 12:02 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\system32\sru 2013-10-25 11:50 - 2013-03-05 07:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-10-25 11:49 - 2013-03-14 19:57 - 00000000 ____D C:\Users\Zoe\AppData\Local\Deployment 2013-10-25 11:42 - 2013-03-05 01:12 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2291105322-700541216-3576249611-1001 2013-10-25 11:39 - 2013-03-15 15:40 - 00000000 ____D C:\Users\Zoe\Documents\Outlook Files 2013-10-25 11:38 - 2013-04-08 11:57 - 00000000 ___RD C:\Users\Zoe\Dropbox 2013-10-25 11:38 - 2013-04-08 11:54 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\Dropbox 2013-10-25 11:36 - 2013-10-23 16:59 - 00000294 _____ C:\Windows\Tasks\Driver Booster Update.job 2013-10-25 11:36 - 2013-10-22 09:55 - 00001278 _____ C:\Windows\Tasks\Torntv 2-updater.job 2013-10-25 11:36 - 2013-10-22 09:55 - 00001170 _____ C:\Windows\Tasks\Torntv 2-codedownloader.job 2013-10-25 11:36 - 2013-10-22 09:55 - 00001080 _____ C:\Windows\Tasks\Torntv 2-enabler.job 2013-10-25 11:35 - 2013-10-22 09:55 - 00000000 ____D C:\Program Files (x86)\qualitink 2013-10-25 11:35 - 2012-09-04 12:53 - 00053284 _____ C:\Windows\system32\wpbbin.exe 2013-10-25 11:35 - 2012-07-26 03:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-25 11:34 - 2013-10-25 11:31 - 00000000 ____D C:\AdwCleaner 2013-10-25 11:34 - 2012-11-25 07:44 - 01978120 _____ C:\Windows\WindowsUpdate.log 2013-10-25 11:31 - 2013-10-25 11:31 - 01060070 _____ C:\Users\Zoe\Desktop\AdwCleaner.exe 2013-10-25 11:30 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-10-25 11:19 - 2013-03-05 05:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-25 11:18 - 2013-03-14 19:58 - 00000000 ____D C:\Users\Zoe\AppData\Local\Pokki 2013-10-25 11:05 - 2013-10-25 11:04 - 00000035 _____ C:\Users\Zoe\Desktop\Thierry Birthday.txt 2013-10-25 10:06 - 2013-10-25 10:05 - 00005136 _____ C:\Users\Zoe\Desktop\attach.txt 2013-10-25 10:05 - 2013-10-25 10:05 - 00032599 _____ C:\Users\Zoe\Desktop\dds.txt 2013-10-25 10:02 - 2013-10-25 10:02 - 00688992 ____R (Swearware) C:\Users\Zoe\Desktop\dds.scr 2013-10-25 09:20 - 2013-10-03 07:10 - 00000412 _____ C:\Users\Zoe\Desktop\Winners - eval form.txt 2013-10-25 09:20 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\system32\FxsTmp 2013-10-25 09:10 - 2013-10-24 09:58 - 00000000 ____D C:\ProgramData\MFAData 2013-10-24 16:44 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-10-24 16:11 - 2013-10-24 09:14 - 00031746 _____ C:\Windows\PFRO.log 2013-10-24 15:19 - 2013-03-05 01:04 - 00000000 ____D C:\Users\Zoe\AppData\Local\Packages 2013-10-24 14:54 - 2013-03-05 05:28 - 00000000 ____D C:\Users\Zoe\AppData\Local\CrashDumps 2013-10-24 14:33 - 2013-10-24 14:33 - 00001091 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-24 14:32 - 2013-10-24 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zoe\Desktop\mbam-setup-1.75.0.1300.exe 2013-10-24 10:11 - 2013-10-24 09:58 - 00000000 ____D C:\Users\Zoe\AppData\Local\Avg2014 2013-10-24 10:10 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\TuneUp Software 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\AVG2014 2013-10-24 10:04 - 2013-10-24 10:03 - 00000000 ____D C:\ProgramData\AVG2014 2013-10-24 10:03 - 2013-10-24 10:03 - 00000000 ___HD C:\$AVG 2013-10-24 10:03 - 2013-10-24 10:02 - 22205064 _____ (Microsoft Corporation) C:\Users\Zoe\Desktop\Windows-KB890830-x64-V5.5.exe 2013-10-24 10:03 - 2012-07-26 04:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-10-24 10:02 - 2013-10-24 10:02 - 00000000 ____D C:\Program Files (x86)\AVG 2013-10-24 09:58 - 2013-10-24 09:58 - 00000000 ____D C:\Users\Zoe\AppData\Local\MFAData 2013-10-24 09:21 - 2013-10-24 09:21 - 00003156 _____ C:\Windows\System32\Tasks\StartMenuAutoupdate 2013-10-23 16:59 - 2013-10-23 16:59 - 00003210 _____ C:\Windows\System32\Tasks\Driver Booster Scan 2013-10-23 16:59 - 2013-10-23 16:59 - 00002544 _____ C:\Windows\System32\Tasks\Driver Booster Update 2013-10-23 16:59 - 2013-09-16 15:26 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\IObit 2013-10-23 16:59 - 2013-09-16 15:26 - 00000000 ____D C:\Program Files (x86)\IObit 2013-10-23 16:58 - 2013-09-16 15:26 - 00000000 ____D C:\ProgramData\IObit 2013-10-23 16:57 - 2013-04-05 15:59 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\FileZilla 2013-10-22 09:56 - 2013-10-22 09:56 - 00003358 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task 2013-10-22 09:55 - 2013-10-22 09:55 - 00004282 _____ C:\Windows\System32\Tasks\Torntv 2-updater 2013-10-22 09:55 - 2013-10-22 09:55 - 00004174 _____ C:\Windows\System32\Tasks\Torntv 2-codedownloader 2013-10-22 09:55 - 2013-10-22 09:55 - 00004084 _____ C:\Windows\System32\Tasks\Torntv 2-enabler 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-18 11:21 - 2013-04-02 09:19 - 00000000 ____D C:\Users\Zoe\Documents\Timesheets 2013-10-17 14:52 - 2012-07-26 03:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-16 11:20 - 2013-10-16 11:19 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\ProgramData\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Brother 2013-10-16 11:13 - 2013-04-18 12:46 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-16 11:12 - 2012-09-04 13:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-16 11:09 - 2013-10-16 11:09 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2013-10-16 09:25 - 2013-10-01 10:39 - 00000000 ____D C:\ProgramData\Brother 2013-10-16 08:57 - 2013-03-05 01:06 - 00000000 ___RD C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-16 08:57 - 2013-03-05 01:06 - 00000000 ___RD C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-16 07:41 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\rescache 2013-10-15 17:16 - 2012-07-26 04:12 - 00000000 ___RD C:\Windows\ToastData 2013-10-15 17:10 - 2013-10-15 14:57 - 00019883 _____ C:\Users\Zoe\Desktop\Blank Eval Form.xlsx 2013-10-15 08:57 - 2013-10-15 08:57 - 00456592 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-11 17:24 - 2013-03-28 14:41 - 00000000 ____D C:\Users\Zoe\Desktop\Zoe's stuff 2013-10-11 17:23 - 2013-10-03 11:59 - 00000064 _____ C:\Users\Zoe\Desktop\onsite stuff.txt 2013-10-11 08:11 - 2013-03-14 18:56 - 00000000 ____D C:\Program Files\Microsoft Office 15 2013-10-11 08:00 - 2013-03-05 05:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-11 08:00 - 2013-03-05 05:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 13:21 - 2013-10-10 13:20 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2013-10-09 16:22 - 2013-04-18 12:47 - 00000000 ____D C:\Users\Zoe\AppData\Roaming\Brother 2013-10-08 13:19 - 2013-03-05 05:06 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-05 06:53 - 2013-10-01 10:39 - 00000334 _____ C:\Windows\BRCALIB.INI 2013-10-01 21:38 - 2013-10-10 12:03 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-01 21:38 - 2013-10-10 12:03 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-01 15:00 - 2013-03-15 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-01 14:14 - 2013-03-15 14:19 - 00000000 ____D C:\Users\Zoe\AppData\Local\Mozilla 2013-10-01 12:39 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\WinStore 2013-10-01 12:39 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-10-01 12:39 - 2012-07-26 01:38 - 00000000 ____D C:\Windows\system32\oobe 2013-10-01 11:48 - 2013-10-01 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-01 10:29 - 2013-10-01 10:29 - 00000000 _____ C:\asc_rdflag 2013-10-01 10:29 - 2013-03-05 01:04 - 00000000 ____D C:\Users\Zoe 2013-09-26 01:46 - 2013-10-24 12:12 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-25 21:07 - 2013-09-25 21:07 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys Some content of TEMP: ==================== C:\Users\Zoe\AppData\Local\Temp\oct324B.tmp.exe C:\Users\Zoe\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-21 07:43 ==================== End Of Log ============================
  5. All of those programs, except Kaspersky (but including MB), I installed yesterday when I was trying to rid of the malware. Hoping that one would work where the others failed.
  6. FYI: I also re-ran the MB quick scan to make sure those 4 threats had been deleted, and indeed they had been. 0 threats turned up on the second scan.
  7. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013 Ran by Zoe (administrator) on V5-571 on 25-10-2013 12:17:25 Running from C:\Users\Zoe\Desktop Windows 8 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support \AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros \Bluetooth Suite\adminservice.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage \ProtectedObjectsSrv.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation \EPCP.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros \Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers \x64\3\E_YATIIUE.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers \x64\3\E_YATIIUE.EXE (Dropbox, Inc.) C:\Users\Zoe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager \EEventManager.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility \FUFAXRCV.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility \FUFAXSTM.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector \DeviceDetector.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader \RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root \office15\OUTLOOK.EXE (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash \FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash \FlashPlayerPlugin_11_9_900_117.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-31] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C: \Windows\System32\LogiLDA.dll,LogiFetch Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Qualcomm Atheros \Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations)) HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit) HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool \DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool \DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKCU\...\Run: [backgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C: \Users\Zoe\AppData\Local\Conduit\BackgroundContainer \BackgroundContainer.dll",DllRun <===== ATTENTION HKCU\...\Runonce: [Application Restart #4] - C:\Users\Zoe\AppData\Local\Pokki\Engine \pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection -- disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs -- disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools- frontend="C:\Users\Zoe\AppData\Local\Pokki\Engine\inspector" --no-first-run -- lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup- window --disable-translate --disable-logging --disable-desktop-notifications --enable- touch-events --flag-switches-begin --flag-switches-end --restore-last-session HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [LManager] - [x] HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility \FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility \FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM \1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] - C:\Program Files (x86)\Browny02\Brother \BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [iObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1549120 2013-08-16] (IObit) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.) HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media \RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated) HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated) Startup: C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs \Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Zoe\AppData\Roaming\Dropbox\bin \Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com SearchScopes: HKLM - DefaultScope {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = http://www.bing.com/search?q={searchTerms} &form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM - {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKCU - DefaultScope {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = SearchScopes: HKCU - {4D44A90A-67FF-46D6-B34D-0EF5A5FB7C57} URL = SearchScopes: HKCU - {99CDA7A6-E331-4022-B8A1-1059F4A04A9D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms} &SearchSource=4&ctid=CT3291326&CUI=UN39390525004846724&UM=2 BHO: No Name - {11111111-1111-1111-1111-110311551178} - No File BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office \Office15\OCHelper.dll (Microsoft Corporation) BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C: \Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office \Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA- ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS \ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C: \Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C: \Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C: \Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22- 42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2- 8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect \ASCPlugin_Protection.dll (IObit) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA- ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C: \Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files \Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles \9hl5nkwl.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash \NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows \system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin \plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight \5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash \NPSWF32_11_9_900_117.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows \SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java \jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR \nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Zoe\AppData\Local \Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Zoe\AppData \Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions \ascsurfingprotection@iobit.com FF Extension: firefox - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles \9hl5nkwl.default\Extensions\firefox@qualitink.net.xpi FF Extension: trtv3 - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles \9hl5nkwl.default\Extensions\trtv3@trtv.com.xpi FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files \McAfee\MSK ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite \adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated) S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [8704 2012-07-25] (Microsoft Corporation) R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage \ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-09-17] (ELAN Microelectronics Corp.) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components \DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R3 msiserver; C:\Windows\SysWow64\msiexec.exe [62976 2012-07-25] (Microsoft Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager \IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-06] (Microsoft Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-11-25] (Dritek System INC.) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-09-29] (IObit) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation) R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [670208 2013-04-08] (Microsoft Corporation) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09 -02] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation) R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch) R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch) R0 KL1; C:\Windows\system32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO) R1 kl2; C:\Windows\system32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [636760 2013-03-05] (Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-25] (Dritek System Inc.) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-25 12:17 - 2013-10-25 12:17 - 00000000 ____D C:\FRST 2013-10-25 12:16 - 2013-10-25 12:16 - 01955412 _____ (Farbar) C:\Users\Zoe \Desktop\FRST64.exe 2013-10-25 11:31 - 2013-10-25 11:34 - 00000000 ____D C:\AdwCleaner 2013-10-25 11:31 - 2013-10-25 11:31 - 01060070 _____ C:\Users\Zoe\Desktop \AdwCleaner.exe 2013-10-25 11:04 - 2013-10-25 11:05 - 00000035 _____ C:\Users\Zoe\Desktop\Thierry Birthday.txt 2013-10-25 10:05 - 2013-10-25 10:06 - 00005136 _____ C:\Users\Zoe\Desktop \attach.txt 2013-10-25 10:05 - 2013-10-25 10:05 - 00032599 _____ C:\Users\Zoe\Desktop\dds.txt 2013-10-25 10:02 - 2013-10-25 10:02 - 00688992 ____R (Swearware) C:\Users\Zoe \Desktop\dds.scr 2013-10-24 14:33 - 2013-10-24 14:33 - 00001091 _____ C:\Users\Public\Desktop \Malwarebytes Anti-Malware.lnk 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\ProgramData \Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-24 14:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-24 14:32 - 2013-10-24 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zoe\Desktop\mbam-setup-1.75.0.1300.exe 2013-10-24 12:12 - 2013-09-26 01:46 - 80541720 _____ (Microsoft Corporation) C: \Windows\system32\MRT.exe 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\TuneUp Software 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\AVG2014 2013-10-24 10:03 - 2013-10-24 10:04 - 00000000 ____D C:\ProgramData\AVG2014 2013-10-24 10:03 - 2013-10-24 10:03 - 00000000 ___HD C:\$AVG 2013-10-24 10:02 - 2013-10-24 10:03 - 22205064 _____ (Microsoft Corporation) C: \Users\Zoe\Desktop\Windows-KB890830-x64-V5.5.exe 2013-10-24 10:02 - 2013-10-24 10:02 - 00000000 ____D C:\Program Files (x86)\AVG 2013-10-24 09:58 - 2013-10-25 09:10 - 00000000 ____D C:\ProgramData\MFAData 2013-10-24 09:58 - 2013-10-24 10:11 - 00000000 ____D C:\Users\Zoe\AppData\Local \Avg2014 2013-10-24 09:58 - 2013-10-24 09:58 - 00000000 ____D C:\Users\Zoe\AppData\Local \MFAData 2013-10-24 09:21 - 2013-10-24 09:21 - 00003156 _____ C:\Windows\System32\Tasks \StartMenuAutoupdate 2013-10-24 09:14 - 2013-10-24 16:11 - 00031746 _____ C:\Windows\PFRO.log 2013-10-23 16:59 - 2013-10-25 11:36 - 00000294 _____ C:\Windows\Tasks\Driver Booster Update.job 2013-10-23 16:59 - 2013-10-23 16:59 - 00003210 _____ C:\Windows\System32\Tasks \Driver Booster Scan 2013-10-23 16:59 - 2013-10-23 16:59 - 00002544 _____ C:\Windows\System32\Tasks \Driver Booster Update 2013-10-23 16:59 - 2013-05-22 18:49 - 00017720 _____ C:\Windows \system32\Drivers\SmartDefragDriver.sys 2013-10-22 09:56 - 2013-10-22 09:56 - 00003358 _____ C:\Windows\System32\Tasks \BackgroundContainer Startup Task 2013-10-22 09:55 - 2013-10-25 11:36 - 00001278 _____ C:\Windows\Tasks\Torntv 2- updater.job 2013-10-22 09:55 - 2013-10-25 11:36 - 00001170 _____ C:\Windows\Tasks\Torntv 2- codedownloader.job 2013-10-22 09:55 - 2013-10-25 11:36 - 00001080 _____ C:\Windows\Tasks\Torntv 2- enabler.job 2013-10-22 09:55 - 2013-10-25 11:35 - 00000000 ____D C:\Program Files (x86)\qualitink 2013-10-22 09:55 - 2013-10-22 09:55 - 00004282 _____ C:\Windows\System32\Tasks \Torntv 2-updater 2013-10-22 09:55 - 2013-10-22 09:55 - 00004174 _____ C:\Windows\System32\Tasks \Torntv 2-codedownloader 2013-10-22 09:55 - 2013-10-22 09:55 - 00004084 _____ C:\Windows\System32\Tasks \Torntv 2-enabler 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-16 11:19 - 2013-10-16 11:20 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\ProgramData \ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Brother 2013-10-16 11:13 - 2012-09-10 16:31 - 00245760 ____N (brother) C:\Windows \SysWOW64\NSSearch.dll 2013-10-16 11:13 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C: \Windows\SysWOW64\BrDctF2S.dll 2013-10-16 11:13 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C: \Windows\SysWOW64\BroSNMP.dll 2013-10-16 11:13 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C: \Windows\SysWOW64\BrDctF2.dll 2013-10-16 11:13 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C: \Windows\SysWOW64\BrDctF2L.dll 2013-10-16 11:09 - 2013-10-16 11:09 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2013-10-15 14:57 - 2013-10-15 17:10 - 00019883 _____ C:\Users\Zoe\Desktop\Blank Eval Form.xlsx 2013-10-15 11:03 - 2013-08-10 01:21 - 00448512 _____ (Microsoft Corporation) C: \Windows\system32\SettingSync.dll 2013-10-15 11:03 - 2013-08-02 02:28 - 19758080 _____ (Microsoft Corporation) C: \Windows\system32\shell32.dll 2013-10-15 11:03 - 2013-08-02 02:28 - 10116608 _____ (Microsoft Corporation) C: \Windows\system32\twinui.dll 2013-10-15 11:03 - 2013-08-02 02:28 - 00222208 _____ (Microsoft Corporation) C: \Windows\system32\shdocvw.dll 2013-10-15 11:03 - 2013-08-02 02:26 - 02304512 _____ (Microsoft Corporation) C: \Windows\system32\authui.dll 2013-10-15 11:03 - 2013-08-02 01:08 - 17561088 _____ (Microsoft Corporation) C: \Windows\SysWOW64\shell32.dll 2013-10-15 11:03 - 2013-08-02 01:08 - 08858112 _____ (Microsoft Corporation) C: \Windows\SysWOW64\twinui.dll 2013-10-15 11:03 - 2013-08-02 01:06 - 02035712 _____ (Microsoft Corporation) C: \Windows\SysWOW64\authui.dll 2013-10-15 11:03 - 2013-08-01 06:41 - 02233688 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\tcpip.sys 2013-10-15 11:03 - 2013-04-09 19:17 - 01125888 _____ (Microsoft Corporation) C: \Windows\system32\msctf.dll 2013-10-15 11:03 - 2013-04-09 18:29 - 00893952 _____ (Microsoft Corporation) C: \Windows\SysWOW64\msctf.dll 2013-10-15 11:02 - 2013-08-10 01:21 - 00128512 _____ (Microsoft Corporation) C: \Windows\system32\SettingSyncInfo.dll 2013-10-15 11:02 - 2013-08-09 23:58 - 00356352 _____ (Microsoft Corporation) C: \Windows\SysWOW64\SettingSync.dll 2013-10-15 11:02 - 2013-08-03 02:40 - 01374208 _____ (Microsoft Corporation) C: \Windows\system32\wdc.dll 2013-10-15 11:02 - 2013-08-03 02:40 - 00566784 _____ (Microsoft Corporation) C: \Windows\system32\wvc.dll 2013-10-15 11:02 - 2013-08-03 02:40 - 00462336 _____ (Microsoft Corporation) C: \Windows\system32\sysmon.ocx 2013-10-15 11:02 - 2013-08-03 01:14 - 00399360 _____ (Microsoft Corporation) C: \Windows\SysWOW64\sysmon.ocx 2013-10-15 11:02 - 2013-08-03 01:13 - 01245696 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wdc.dll 2013-10-15 11:02 - 2013-08-03 01:13 - 00437248 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wvc.dll 2013-10-15 11:02 - 2013-08-02 01:08 - 00199168 _____ (Microsoft Corporation) C: \Windows\SysWOW64\shdocvw.dll 2013-10-15 11:02 - 2013-07-30 19:30 - 00386923 _____ C:\Windows \system32\ApnDatabase.xml 2013-10-15 11:02 - 2013-07-24 19:10 - 00158208 _____ (Microsoft Corporation) C: \Windows\SysWOW64\mbsmsapi.dll 2013-10-15 11:02 - 2013-07-24 19:06 - 00225280 _____ (Microsoft Corporation) C: \Windows\system32\mbsmsapi.dll 2013-10-15 08:57 - 2013-10-15 08:57 - 00456592 _____ C:\Windows \system32\FNTCACHE.DAT 2013-10-10 13:20 - 2013-10-10 13:21 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2013-10-10 12:03 - 2013-10-01 21:38 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-10 12:03 - 2013-10-01 21:38 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-09 09:18 - 2013-09-22 19:28 - 01767936 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wininet.dll 2013-10-09 09:18 - 2013-09-22 19:28 - 01141248 _____ (Microsoft Corporation) C: \Windows\SysWOW64\urlmon.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 14335488 _____ (Microsoft Corporation) C: \Windows\SysWOW64\mshtml.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 13761024 _____ (Microsoft Corporation) C: \Windows\SysWOW64\ieframe.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 02876928 _____ (Microsoft Corporation) C: \Windows\SysWOW64\jscript9.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 02048512 _____ (Microsoft Corporation) C: \Windows\SysWOW64\iertutil.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 00690688 _____ (Microsoft Corporation) C: \Windows\SysWOW64\jscript.dll 2013-10-09 09:18 - 2013-09-22 19:27 - 00493056 _____ (Microsoft Corporation) C: \Windows\SysWOW64\msfeeds.dll 2013-10-09 09:18 - 2013-09-22 18:55 - 02241024 _____ (Microsoft Corporation) C: \Windows\system32\wininet.dll 2013-10-09 09:18 - 2013-09-22 18:55 - 01365504 _____ (Microsoft Corporation) C: \Windows\system32\urlmon.dll 2013-10-09 09:18 - 2013-09-22 18:55 - 00051712 _____ (Microsoft Corporation) C: \Windows\system32\ie4uinit.exe 2013-10-09 09:18 - 2013-09-22 18:54 - 19252224 _____ (Microsoft Corporation) C: \Windows\system32\mshtml.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 15404544 _____ (Microsoft Corporation) C: \Windows\system32\ieframe.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 03959296 _____ (Microsoft Corporation) C: \Windows\system32\jscript9.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 02647552 _____ (Microsoft Corporation) C: \Windows\system32\iertutil.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 00855552 _____ (Microsoft Corporation) C: \Windows\system32\jscript.dll 2013-10-09 09:18 - 2013-09-22 18:54 - 00603136 _____ (Microsoft Corporation) C: \Windows\system32\msfeeds.dll 2013-10-09 09:18 - 2013-07-05 20:15 - 00652288 _____ (Microsoft Corporation) C: \Windows\system32\comctl32.dll 2013-10-09 09:18 - 2013-07-03 22:13 - 00541696 _____ (Microsoft Corporation) C: \Windows\SysWOW64\comctl32.dll 2013-10-09 09:18 - 2013-05-15 18:37 - 00044032 _____ (Microsoft Corporation) C: \Windows\SysWOW64\UXInit.dll 2013-10-09 09:18 - 2013-05-15 18:35 - 00053760 _____ (Microsoft Corporation) C: \Windows\system32\UXInit.dll 2013-10-09 09:18 - 2013-05-14 09:14 - 02706432 _____ (Microsoft Corporation) C: \Windows\system32\mshtml.tlb 2013-10-09 09:18 - 2013-05-14 05:23 - 02706432 _____ (Microsoft Corporation) C: \Windows\SysWOW64\mshtml.tlb 2013-10-09 09:18 - 2013-04-28 18:28 - 00915968 _____ (Microsoft Corporation) C: \Windows\system32\uxtheme.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00109056 _____ (Microsoft Corporation) C: \Windows\SysWOW64\iesysprep.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00061440 _____ (Microsoft Corporation) C: \Windows\SysWOW64\iesetup.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00039424 _____ (Microsoft Corporation) C: \Windows\SysWOW64\jsproxy.dll 2013-10-09 09:18 - 2013-02-21 06:29 - 00033280 _____ (Microsoft Corporation) C: \Windows\SysWOW64\iernonce.dll 2013-10-09 09:18 - 2013-02-21 06:14 - 00136704 _____ (Microsoft Corporation) C: \Windows\system32\iesysprep.dll 2013-10-09 09:18 - 2013-02-21 06:14 - 00053248 _____ (Microsoft Corporation) C: \Windows\system32\jsproxy.dll 2013-10-09 09:18 - 2013-02-19 05:53 - 00534528 _____ (Microsoft Corporation) C: \Windows\SysWOW64\uxtheme.dll 2013-10-09 09:18 - 2012-11-08 00:20 - 00067072 _____ (Microsoft Corporation) C: \Windows\system32\iesetup.dll 2013-10-09 09:18 - 2012-11-08 00:20 - 00039936 _____ (Microsoft Corporation) C: \Windows\system32\iernonce.dll 2013-10-09 09:17 - 2013-08-23 01:11 - 04040192 _____ (Microsoft Corporation) C: \Windows\system32\win32k.sys 2013-10-09 09:17 - 2013-07-19 18:13 - 00124112 _____ (Microsoft Corporation) C: \Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 09:17 - 2013-07-19 18:13 - 00102608 _____ (Microsoft Corporation) C: \Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 09:17 - 2013-07-05 18:02 - 00099328 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbcir.sys 2013-10-09 09:17 - 2013-07-05 18:01 - 00210560 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbvideo.sys 2013-10-09 09:17 - 2013-07-01 21:41 - 00447320 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\USBHUB3.SYS 2013-10-09 09:17 - 2013-07-01 21:41 - 00337752 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\USBXHCI.SYS 2013-10-09 09:17 - 2013-07-01 21:41 - 00213336 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\UCX01000.SYS 2013-10-09 09:17 - 2013-07-01 18:14 - 00043008 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbscan.sys 2013-10-09 09:17 - 2013-07-01 18:14 - 00025600 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbprint.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00623448 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbhub.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00498008 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbport.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00079192 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbehci.sys 2013-10-09 09:17 - 2013-06-30 21:42 - 00021848 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbd.sys 2013-10-09 09:17 - 2013-06-28 23:08 - 00032768 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\hidparse.sys 2013-10-09 09:17 - 2013-06-28 23:07 - 00083968 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\hidclass.sys 2013-10-09 09:17 - 2013-06-28 23:07 - 00032256 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbuhci.sys 2013-10-09 09:17 - 2013-06-28 23:06 - 00120832 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\usbccgp.sys 2013-10-09 09:17 - 2013-06-22 01:45 - 00785624 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\Wdf01000.sys 2013-10-09 09:17 - 2013-06-22 01:45 - 00054488 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\WdfLdr.sys 2013-10-09 09:17 - 2013-05-26 19:17 - 00035328 _____ (Adobe Systems) C:\Windows \SysWOW64\atmlib.dll 2013-10-09 09:17 - 2013-05-26 18:59 - 00046080 _____ (Adobe Systems) C:\Windows \system32\atmlib.dll 2013-10-09 09:17 - 2013-05-24 23:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 09:17 - 2013-05-24 22:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-03 11:59 - 2013-10-11 17:23 - 00000064 _____ C:\Users\Zoe\Desktop\onsite stuff.txt 2013-10-03 07:10 - 2013-10-25 09:20 - 00000412 _____ C:\Users\Zoe\Desktop \Winners - eval form.txt 2013-10-01 11:48 - 2013-10-01 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-01 10:44 - 2013-08-16 01:41 - 00058200 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\dam.sys 2013-10-01 10:44 - 2013-08-16 01:39 - 02371728 _____ (Microsoft Corporation) C: \Windows\system32\WSService.dll 2013-10-01 10:44 - 2013-08-16 01:39 - 00059416 _____ (Microsoft Corporation) C: \Windows\system32\wuauclt.exe 2013-10-01 10:44 - 2013-08-16 01:32 - 00209200 _____ (Microsoft Corporation) C: \Windows\system32\NotificationUI.exe 2013-10-01 10:44 - 2013-08-16 01:22 - 04917760 _____ (Microsoft Corporation) C: \Windows\system32\sppsvc.exe 2013-10-01 10:44 - 2013-08-16 01:22 - 00040448 _____ (Microsoft Corporation) C: \Windows\system32\wuapp.exe 2013-10-01 10:44 - 2013-08-16 01:21 - 03275776 _____ (Microsoft Corporation) C: \Windows\system32\wuaueng.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 01621504 _____ (Microsoft Corporation) C: \Windows\system32\wucltux.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 01164288 _____ (Microsoft Corporation) C: \Windows\system32\sppobjs.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00773120 _____ (Microsoft Corporation) C: \Windows\system32\wuapi.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00688640 _____ (Microsoft Corporation) C: \Windows\system32\WSShared.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00368640 _____ (Microsoft Corporation) C: \Windows\system32\sppwinob.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00252416 _____ (Microsoft Corporation) C: \Windows\system32\WUSettingsProvider.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00204800 _____ (Microsoft Corporation) C: \Windows\system32\WSClient.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00198656 _____ (Microsoft Corporation) C: \Windows\system32\Windows.ApplicationModel.Store.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00183808 _____ (Microsoft Corporation) C: \Windows\system32\WSSync.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00174592 _____ (Microsoft Corporation) C: \Windows\system32\storewuauth.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00163840 _____ (Microsoft Corporation) C: \Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00142848 _____ (Microsoft Corporation) C: \Windows\system32\wuwebv.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00120320 _____ (Microsoft Corporation) C: \Windows\system32\sppc.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00099328 _____ (Microsoft Corporation) C: \Windows\system32\wudriver.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00081408 _____ (Microsoft Corporation) C: \Windows\system32\setupcln.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00049664 _____ (Microsoft Corporation) C: \Windows\system32\wups.dll 2013-10-01 10:44 - 2013-08-16 01:21 - 00049152 _____ (Microsoft Corporation) C: \Windows\system32\wups2.dll 2013-10-01 10:44 - 2013-08-16 01:20 - 00105984 _____ (Microsoft Corporation) C: \Windows\system32\WinSetupUI.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00628736 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wuapi.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00562688 _____ (Microsoft Corporation) C: \Windows\SysWOW64\WSShared.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00167424 _____ (Microsoft Corporation) C: \Windows\SysWOW64\WSClient.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00159232 _____ (Microsoft Corporation) C: \Windows\SysWOW64\WSSync.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00143872 _____ (Microsoft Corporation) C: \Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00126976 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wuwebv.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00124928 _____ (Microsoft Corporation) C: \Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00084992 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wudriver.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00083968 _____ C:\Windows \SysWOW64\OEMLicense.dll 2013-10-01 10:44 - 2013-08-15 18:43 - 00035328 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wuapp.exe 2013-10-01 10:44 - 2013-08-15 18:43 - 00020992 _____ (Microsoft Corporation) C: \Windows\SysWOW64\wups.dll 2013-10-01 10:44 - 2013-08-15 18:42 - 00091648 _____ (Microsoft Corporation) C: \Windows\SysWOW64\sppc.dll 2013-10-01 10:44 - 2013-08-15 18:42 - 00076800 _____ (Microsoft Corporation) C: \Windows\SysWOW64\setupcln.dll 2013-10-01 10:42 - 2013-08-07 01:15 - 00144896 _____ (Microsoft Corporation) C: \Windows\system32\tssdisai.dll 2013-10-01 10:41 - 2013-07-09 04:04 - 00120144 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\msgpioclx.sys 2013-10-01 10:41 - 2013-07-09 02:18 - 00439488 _____ (Microsoft Corporation) C: \Windows\system32\WerFault.exe 2013-10-01 10:41 - 2013-07-09 00:25 - 00385768 _____ (Microsoft Corporation) C: \Windows\SysWOW64\WerFault.exe 2013-10-01 10:41 - 2013-07-08 23:57 - 00245760 _____ (Microsoft Corporation) C: \Windows\SysWOW64\LocationApi.dll 2013-10-01 10:41 - 2013-07-08 18:46 - 00543744 _____ (Microsoft Corporation) C: \Windows\system32\wwanmm.dll 2013-10-01 10:41 - 2013-07-08 18:46 - 00414208 _____ (Microsoft Corporation) C: \Windows\system32\wwanconn.dll 2013-10-01 10:41 - 2013-07-08 18:46 - 00370688 _____ (Microsoft Corporation) C: \Windows\system32\Wwanadvui.dll 2013-10-01 10:41 - 2013-07-08 18:45 - 00312832 _____ (Microsoft Corporation) C: \Windows\system32\LocationApi.dll 2013-10-01 10:41 - 2013-07-05 20:16 - 01025024 _____ (Microsoft Corporation) C: \Windows\system32\localspl.dll 2013-10-01 10:41 - 2013-07-02 20:23 - 00778752 _____ (Microsoft Corporation) C: \Windows\system32\oleaut32.dll 2013-10-01 10:41 - 2013-07-02 20:23 - 00391168 _____ (Microsoft Corporation) C: \Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-10-01 10:41 - 2013-07-02 20:22 - 02839552 _____ (Microsoft Corporation) C: \Windows\system32\msftedit.dll 2013-10-01 10:41 - 2013-07-02 20:22 - 01300480 _____ (Microsoft Corporation) C: \Windows\system32\gdi32.dll 2013-10-01 10:41 - 2013-07-02 20:11 - 00551424 _____ (Microsoft Corporation) C: \Windows\SysWOW64\oleaut32.dll 2013-10-01 10:41 - 2013-07-02 20:11 - 00268800 _____ (Microsoft Corporation) C: \Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-10-01 10:41 - 2013-07-02 20:10 - 02273792 _____ (Microsoft Corporation) C: \Windows\SysWOW64\msftedit.dll 2013-10-01 10:41 - 2013-06-30 18:30 - 00067072 _____ (Microsoft Corporation) C: \Windows\SysWOW64\openfiles.exe 2013-10-01 10:41 - 2013-06-30 18:29 - 00077312 _____ (Microsoft Corporation) C: \Windows\system32\openfiles.exe 2013-10-01 10:41 - 2013-06-29 02:15 - 00195416 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\sdbus.sys 2013-10-01 10:41 - 2013-06-29 02:15 - 00125784 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\dumpsd.sys 2013-10-01 10:41 - 2013-06-29 01:43 - 00327512 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\Classpnp.sys 2013-10-01 10:41 - 2013-06-28 21:12 - 01022464 _____ (Microsoft Corporation) C: \Windows\SysWOW64\gdi32.dll 2013-10-01 10:41 - 2013-06-25 23:01 - 00321536 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\udfs.sys 2013-10-01 10:41 - 2013-06-25 22:59 - 00341504 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\HdAudio.sys 2013-10-01 10:41 - 2013-06-24 18:54 - 00447488 _____ (Microsoft Corporation) C: \Windows\system32\wwansvc.dll 2013-10-01 10:41 - 2013-06-24 18:54 - 00263680 _____ (Microsoft Corporation) C: \Windows\system32\wcmsvc.dll 2013-10-01 10:41 - 2013-06-24 18:54 - 00074240 _____ (Microsoft Corporation) C: \Windows\system32\wcmcsp.dll 2013-10-01 10:41 - 2013-06-19 01:36 - 00183808 _____ (Microsoft Corporation) C: \Windows\system32\winmmbase.dll 2013-10-01 10:41 - 2013-06-19 01:36 - 00115712 _____ (Microsoft Corporation) C: \Windows\system32\winmm.dll 2013-10-01 10:41 - 2013-06-18 18:38 - 00160256 _____ (Microsoft Corporation) C: \Windows\SysWOW64\winmmbase.dll 2013-10-01 10:41 - 2013-06-18 18:38 - 00125440 _____ (Microsoft Corporation) C: \Windows\SysWOW64\winmm.dll 2013-10-01 10:41 - 2013-06-11 19:43 - 00154112 _____ (Microsoft Corporation) C: \Windows\SysWOW64\WinSCard.dll 2013-10-01 10:41 - 2013-06-11 19:26 - 00230912 _____ (Microsoft Corporation) C: \Windows\system32\WinSCard.dll 2013-10-01 10:41 - 2013-06-10 17:17 - 00096512 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\wfplwfs.sys 2013-10-01 10:41 - 2013-06-10 15:16 - 00888832 _____ (Microsoft Corporation) C: \Windows\system32\nshwfp.dll 2013-10-01 10:41 - 2013-06-10 15:15 - 01156096 _____ (Microsoft Corporation) C: \Windows\system32\IKEEXT.DLL 2013-10-01 10:41 - 2013-06-10 15:15 - 00723968 _____ (Microsoft Corporation) C: \Windows\system32\BFE.DLL 2013-10-01 10:41 - 2013-06-10 15:15 - 00381952 _____ (Microsoft Corporation) C: \Windows\system32\FWPUCLNT.DLL 2013-10-01 10:41 - 2013-06-10 15:10 - 00702464 _____ (Microsoft Corporation) C: \Windows\SysWOW64\nshwfp.dll 2013-10-01 10:41 - 2013-06-10 15:10 - 00245248 _____ (Microsoft Corporation) C: \Windows\SysWOW64\FWPUCLNT.DLL 2013-10-01 10:41 - 2013-06-06 04:03 - 00119040 _____ (Microsoft Corporation) C: \Windows\system32\Drivers\USBSTOR.SYS 2013-10-01 10:39 - 2013-10-16 09:25 - 00000000 ____D C:\ProgramData\Brother 2013-10-01 10:39 - 2013-10-05 06:53 - 00000334 _____ C:\Windows\BRCALIB.INI 2013-10-01 10:29 - 2013-10-01 10:29 - 00000000 _____ C:\asc_rdflag 2013-09-30 10:45 - 2013-04-17 20:20 - 00026432 _____ (IObit) C:\Windows \system32\RegistryDefragBootTime.exe 2013-09-25 21:07 - 2013-09-25 21:07 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys ==================== One Month Modified Files and Folders ======= 2013-10-25 12:17 - 2013-10-25 12:17 - 00000000 ____D C:\FRST 2013-10-25 12:16 - 2013-10-25 12:16 - 01955412 _____ (Farbar) C:\Users\Zoe \Desktop\FRST64.exe 2013-10-25 12:03 - 2013-03-15 15:54 - 02914816 ___SH C:\Users\Zoe\Desktop \Thumbs.db 2013-10-25 12:02 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\system32\sru 2013-10-25 11:50 - 2013-03-05 07:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-10-25 11:49 - 2013-03-14 19:57 - 00000000 ____D C:\Users\Zoe\AppData\Local \Deployment 2013-10-25 11:42 - 2013-03-05 01:12 - 00003596 _____ C:\Windows\System32\Tasks \Optimize Start Menu Cache Files-S-1-5-21-2291105322-700541216-3576249611- 1001 2013-10-25 11:39 - 2013-03-15 15:40 - 00000000 ____D C:\Users\Zoe\Documents \Outlook Files 2013-10-25 11:38 - 2013-04-08 11:57 - 00000000 ___RD C:\Users\Zoe\Dropbox 2013-10-25 11:38 - 2013-04-08 11:54 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\Dropbox 2013-10-25 11:36 - 2013-10-23 16:59 - 00000294 _____ C:\Windows\Tasks\Driver Booster Update.job 2013-10-25 11:36 - 2013-10-22 09:55 - 00001278 _____ C:\Windows\Tasks\Torntv 2- updater.job 2013-10-25 11:36 - 2013-10-22 09:55 - 00001170 _____ C:\Windows\Tasks\Torntv 2- codedownloader.job 2013-10-25 11:36 - 2013-10-22 09:55 - 00001080 _____ C:\Windows\Tasks\Torntv 2- enabler.job 2013-10-25 11:35 - 2013-10-22 09:55 - 00000000 ____D C:\Program Files (x86)\qualitink 2013-10-25 11:35 - 2012-09-04 12:53 - 00053284 _____ C:\Windows \system32\wpbbin.exe 2013-10-25 11:35 - 2012-07-26 03:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-25 11:34 - 2013-10-25 11:31 - 00000000 ____D C:\AdwCleaner 2013-10-25 11:34 - 2012-11-25 07:44 - 01978120 _____ C:\Windows \WindowsUpdate.log 2013-10-25 11:31 - 2013-10-25 11:31 - 01060070 _____ C:\Users\Zoe\Desktop \AdwCleaner.exe 2013-10-25 11:30 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-10-25 11:19 - 2013-03-05 05:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-25 11:18 - 2013-03-14 19:58 - 00000000 ____D C:\Users\Zoe\AppData\Local \Pokki 2013-10-25 11:05 - 2013-10-25 11:04 - 00000035 _____ C:\Users\Zoe\Desktop\Thierry Birthday.txt 2013-10-25 10:06 - 2013-10-25 10:05 - 00005136 _____ C:\Users\Zoe\Desktop \attach.txt 2013-10-25 10:05 - 2013-10-25 10:05 - 00032599 _____ C:\Users\Zoe\Desktop\dds.txt 2013-10-25 10:02 - 2013-10-25 10:02 - 00688992 ____R (Swearware) C:\Users\Zoe \Desktop\dds.scr 2013-10-25 09:20 - 2013-10-03 07:10 - 00000412 _____ C:\Users\Zoe\Desktop \Winners - eval form.txt 2013-10-25 09:20 - 2012-07-26 04:12 - 00000000 ____D C:\Windows \system32\FxsTmp 2013-10-25 09:10 - 2013-10-24 09:58 - 00000000 ____D C:\ProgramData\MFAData 2013-10-24 16:44 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config \BBI 2013-10-24 16:11 - 2013-10-24 09:14 - 00031746 _____ C:\Windows\PFRO.log 2013-10-24 15:19 - 2013-03-05 01:04 - 00000000 ____D C:\Users\Zoe\AppData\Local \Packages 2013-10-24 14:54 - 2013-03-05 05:28 - 00000000 ____D C:\Users\Zoe\AppData\Local \CrashDumps 2013-10-24 14:33 - 2013-10-24 14:33 - 00001091 _____ C:\Users\Public\Desktop \Malwarebytes Anti-Malware.lnk 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\ProgramData \Malwarebytes 2013-10-24 14:33 - 2013-10-24 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-24 14:32 - 2013-10-24 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Zoe\Desktop\mbam-setup-1.75.0.1300.exe 2013-10-24 10:11 - 2013-10-24 09:58 - 00000000 ____D C:\Users\Zoe\AppData\Local \Avg2014 2013-10-24 10:10 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config \ELAM 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\TuneUp Software 2013-10-24 10:04 - 2013-10-24 10:04 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\AVG2014 2013-10-24 10:04 - 2013-10-24 10:03 - 00000000 ____D C:\ProgramData\AVG2014 2013-10-24 10:03 - 2013-10-24 10:03 - 00000000 ___HD C:\$AVG 2013-10-24 10:03 - 2013-10-24 10:02 - 22205064 _____ (Microsoft Corporation) C: \Users\Zoe\Desktop\Windows-KB890830-x64-V5.5.exe 2013-10-24 10:03 - 2012-07-26 04:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-10-24 10:02 - 2013-10-24 10:02 - 00000000 ____D C:\Program Files (x86)\AVG 2013-10-24 09:58 - 2013-10-24 09:58 - 00000000 ____D C:\Users\Zoe\AppData\Local \MFAData 2013-10-24 09:21 - 2013-10-24 09:21 - 00003156 _____ C:\Windows\System32\Tasks \StartMenuAutoupdate 2013-10-23 16:59 - 2013-10-23 16:59 - 00003210 _____ C:\Windows\System32\Tasks \Driver Booster Scan 2013-10-23 16:59 - 2013-10-23 16:59 - 00002544 _____ C:\Windows\System32\Tasks \Driver Booster Update 2013-10-23 16:59 - 2013-09-16 15:26 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\IObit 2013-10-23 16:59 - 2013-09-16 15:26 - 00000000 ____D C:\Program Files (x86)\IObit 2013-10-23 16:58 - 2013-09-16 15:26 - 00000000 ____D C:\ProgramData\IObit 2013-10-23 16:57 - 2013-04-05 15:59 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\FileZilla 2013-10-22 09:56 - 2013-10-22 09:56 - 00003358 _____ C:\Windows\System32\Tasks \BackgroundContainer Startup Task 2013-10-22 09:55 - 2013-10-22 09:55 - 00004282 _____ C:\Windows\System32\Tasks \Torntv 2-updater 2013-10-22 09:55 - 2013-10-22 09:55 - 00004174 _____ C:\Windows\System32\Tasks \Torntv 2-codedownloader 2013-10-22 09:55 - 2013-10-22 09:55 - 00004084 _____ C:\Windows\System32\Tasks \Torntv 2-enabler 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\WinterSoft 2013-10-22 09:50 - 2013-10-22 09:50 - 00000000 ____D C:\ProgramData\InstallMate 2013-10-18 11:21 - 2013-04-02 09:19 - 00000000 ____D C:\Users\Zoe\Documents \Timesheets 2013-10-17 14:52 - 2012-07-26 03:28 - 00848230 _____ C:\Windows \system32\PerfStringBackup.INI 2013-10-16 11:20 - 2013-10-16 11:19 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\ProgramData \ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Program Files (x86)\Browny02 2013-10-16 11:13 - 2013-10-16 11:13 - 00000000 ____D C:\Brother 2013-10-16 11:13 - 2013-04-18 12:46 - 00000000 ____D C:\Program Files (x86)\Brother 2013-10-16 11:12 - 2012-09-04 13:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-16 11:09 - 2013-10-16 11:09 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2013-10-16 09:25 - 2013-10-01 10:39 - 00000000 ____D C:\ProgramData\Brother 2013-10-16 08:57 - 2013-03-05 01:06 - 00000000 ___RD C:\Users\Zoe\AppData \Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-16 08:57 - 2013-03-05 01:06 - 00000000 ___RD C:\Users\Zoe\AppData \Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-16 07:41 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\rescache 2013-10-15 17:16 - 2012-07-26 04:12 - 00000000 ___RD C:\Windows\ToastData 2013-10-15 17:10 - 2013-10-15 14:57 - 00019883 _____ C:\Users\Zoe\Desktop\Blank Eval Form.xlsx 2013-10-15 08:57 - 2013-10-15 08:57 - 00456592 _____ C:\Windows \system32\FNTCACHE.DAT 2013-10-11 17:24 - 2013-03-28 14:41 - 00000000 ____D C:\Users\Zoe\Desktop\Zoe's stuff 2013-10-11 17:23 - 2013-10-03 11:59 - 00000064 _____ C:\Users\Zoe\Desktop\onsite stuff.txt 2013-10-11 08:11 - 2013-03-14 18:56 - 00000000 ____D C:\Program Files\Microsoft Office 15 2013-10-11 08:00 - 2013-03-05 05:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-11 08:00 - 2013-03-05 05:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 13:21 - 2013-10-10 13:20 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2013-10-09 16:22 - 2013-04-18 12:47 - 00000000 ____D C:\Users\Zoe\AppData \Roaming\Brother 2013-10-08 13:19 - 2013-03-05 05:06 - 00003718 _____ C:\Windows\System32\Tasks \Adobe Flash Player Updater 2013-10-05 06:53 - 2013-10-01 10:39 - 00000334 _____ C:\Windows\BRCALIB.INI 2013-10-01 21:38 - 2013-10-10 12:03 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-01 21:38 - 2013-10-10 12:03 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-01 15:00 - 2013-03-15 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-01 14:14 - 2013-03-15 14:19 - 00000000 ____D C:\Users\Zoe\AppData\Local \Mozilla 2013-10-01 12:39 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\WinStore 2013-10-01 12:39 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-10-01 12:39 - 2012-07-26 01:38 - 00000000 ____D C:\Windows\system32\oobe 2013-10-01 11:48 - 2013-10-01 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-01 10:29 - 2013-10-01 10:29 - 00000000 _____ C:\asc_rdflag 2013-10-01 10:29 - 2013-03-05 01:04 - 00000000 ____D C:\Users\Zoe 2013-09-26 01:46 - 2013-10-24 12:12 - 80541720 _____ (Microsoft Corporation) C: \Windows\system32\MRT.exe 2013-09-25 21:07 - 2013-09-25 21:07 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys Some content of TEMP: ==================== C:\Users\Zoe\AppData\Local\Temp\oct324B.tmp.exe C:\Users\Zoe\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-21 07:43 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2013 Ran by Zoe at 2013-10-25 12:18:38 Running from C:\Users\Zoe\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky PURE 2.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky PURE 2.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D} AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== clear.fi SDK - Video 2 (x32 Version: 2.1.1925) clear.fi SDK- Movie 2 (x32 Version: 2.1.2008) Acer Backup Manager (x32 Version: 4.0.0.0059) Acer Instant Update Service (Version: 1.00.3013) Acer Power Management (Version: 7.00.3007) Acer Recovery Management (Version: 6.00.3011) AcerCloud (x32 Version: 2.01.3115) AcerCloud Docs (x32 Version: 1.00.3201) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Reader XI (11.0.05) (x32 Version: 11.0.05) Advanced SystemCare 6 (x32 Version: 6.4) Apple Application Support (x32 Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) AVG 2014 (Version: 14.0.3615) AVG 2014 (Version: 14.0.4158) AVG 2014 (Version: 2014.0.4158) Backup Manager v4 (x32 Version: 4.0.0.0059) Bonjour (Version: 3.0.0.10) Brother MFL-Pro Suite DCP-7065DN (x32 Version: 1.1.3.0) Brother P-touch Editor 5.0 (x32 Version: 5.0.2300) Citrix Online Launcher (x32 Version: 1.0.109) clear.fi Media (x32 Version: 2.01.3108) clear.fi Photo (x32 Version: 2.01.3108) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819) Dolby Advanced Audio v2 (x32 Version: 7.2.8000.13) Driver Booster (x32 Version: 1.0) Dropbox (HKCU Version: 2.0.22) Epson Connect Printer Setup (x32 Version: 1.1.1) EPSON Connect version 1.0 (x32 Version: 1.0) Epson Customer Participation (Version: 1.4.0.0) Epson Event Manager (x32 Version: 3.01.0003) Epson E-Web Print (x32 Version: 1.17.0000) Epson FAX Utility (x32 Version: 1.30.00) Epson PC-FAX Driver (x32) EPSON Printer Finder (x32 Version: 1.0.0) EPSON Scan (x32) EPSON WF-2540 Series Printer Uninstall EpsonNet Print (x32 Version: 2.5.00) ETDWare PS/2-X64 11.6.10.001_WHQL (Version: 11.6.10.001) FileZilla Client 3.7.3 (x32 Version: 3.7.3) GoToMeeting 5.7.0.1172 (HKCU Version: 5.7.0.1172) HID Monitor (x32 Version: 1.1.3) Identity Card (x32 Version: 2.00.3004) Intel® Management Engine Components (x32 Version: 8.1.0.1252) Intel® Processor Graphics (x32 Version: 9.17.10.2867) Intel® Rapid Storage Technology (x32 Version: 11.5.4.1001) Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.388.1) IObit Malware Fighter (x32 Version: 2.1) Java 7 Update 15 (64-bit) (Version: 7.0.150) Java 7 Update 15 (x32 Version: 7.0.150) Java Auto Updater (x32 Version: 2.1.9.0) Kaspersky PURE 2.0 (x32 Version: 12.0.2.733) Launch Manager (x32 Version: 7.0.6) Live Updater (x32 Version: 2.00.3004) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office Professional Plus 2013 - en-us (Version: 15.0.4535.1511) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308) Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0) Mozilla Maintenance Service (x32 Version: 24.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) MyWinLocker Suite (x32 Version: 4.0.14.24) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1511) Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1511) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1511) Office Addin (x32 Version: 2.01.3200) PollEv Presenter (x32 Version: 1.0.0) Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.41) Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6690) Realtek PCIE Card Reader (x32 Version: 6.2.8400.27028) Shared C Run-time for x64 (Version: 10.0.0) Shredder (x32 Version: 2.0.8.9) Smart Defrag 2 (x32 Version: 2.9) Software Updater (x32 Version: 4.1.4) Start Menu 8 (x32 Version: 1.3.0.0) Visual Studio 2005 Tools for Office Second Edition Runtime (x32) Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729) Visual Studio Tools for the Office system 3.0 Runtime (x32) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1) ==================== Restore Points ========================= 15-10-2013 20:29:28 Windows Update 23-10-2013 12:06:29 Scheduled Checkpoint 24-10-2013 14:02:04 Installed AVG 2014 24-10-2013 14:02:55 Installed AVG 2014 25-10-2013 15:29:25 Oct 25 ==================== Hosts content: ========================== 2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {03243AFC-8AF2-4BAB-89ED-6DA4AC48FA9B} - System32\Tasks\HIDMonitor => C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe [2012-08-23] () Task: {090D5A6F-5A6F-4998-AF66-DF4897DD2940} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-09-05] (Acer Incorporated) Task: {0B9A5D39-9450-47A8-8816-A7DD34FB0F8F} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Zoe\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun Task: {107BB7F7-F0DD-4B9D-A988-222C7B827E46} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe Task: {25F2879B-6748-49F4-8F0B-246032CC7256} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe Task: {3DEC5CBE-2AA5-49A4-93C6-BAB5CE8BA1B6} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] () Task: {46F88DCE-6757-4F16-8CF1-DB50CFECEEF0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-10-10] (Microsoft Corporation) Task: {50DDDFA7-4467-4F58-B183-27A13852F49F} - System32\Tasks\Torntv 2-updater => C:\Program Files (x86)\Torntv 2\Torntv 2-updater.exe Task: {79115465-85E8-4515-87A4-151F74C5EA0E} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-09-08] (IObit) Task: {7A399FAE-CC29-4EDC-AA2B-48BE579257F0} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-08-10] (IObit) Task: {8554B857-82AF-489E-897C-2B27EA7BFEDD} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink) Task: {A351DAA8-05CD-4D2B-8B4B-206693B8641D} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2013-09-29] (IObit) Task: {A959FA56-8033-4ADD-8AFB-F8B0D0D41DA7} - System32\Tasks\Torntv 2-codedownloader => C:\Program Files (x86)\Torntv 2\Torntv 2-codedownloader.exe Task: {A9C658B2-52E1-4571-BDD3-1F439AF75266} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-06] (Microsoft Corporation) Task: {B2A297DC-479C-44B9-8278-09D38EF92D03} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-09-08] (IObit) Task: {B5FBB6BE-07E0-4A27-B89D-398B53D32AE8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated) Task: {D0D88C2C-E3D0-4A46-965A-FE102195C290} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation) Task: {E89AA2BB-23AE-422F-953B-80C8685EA6FA} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] () Task: {F3B7DD4E-91FA-4EB0-BBE9-BB5801F0C093} - System32\Tasks\Torntv 2-enabler => C:\Program Files (x86)\Torntv 2\Torntv 2-enabler.exe Task: {F6AA6E72-E6B9-4801-8182-D3F357C0A0F4} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] () Task: {FB69A6C3-0685-4BE4-8E74-15FC0E826C8E} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] () Task: {FD0C4454-FA61-4EC4-8CDB-9DF8D8979131} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation) Task: {FE184E31-9EB8-4D50-BF2A-F37AADAFFAE3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-10-10] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe Task: C:\Windows\Tasks\Torntv 2-codedownloader.job => C:\Program Files (x86)\Torntv 2\Torntv 2-codedownloader.exe Task: C:\Windows\Tasks\Torntv 2-enabler.job => C:\Program Files (x86)\Torntv 2\Torntv 2-enabler.exe Task: C:\Windows\Tasks\Torntv 2-updater.job => C:\Program Files (x86)\Torntv 2\Torntv 2-updater.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-13 06:29 - 2013-09-13 06:29 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-09-16 15:26 - 2013-01-15 18:59 - 00161088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCExtMenu_64.dll 2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2012-11-25 08:18 - 2012-10-23 15:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-09-16 15:26 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll 2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-08-30 23:23 - 2012-08-30 23:23 - 00459192 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\dblite.dll 2012-08-23 02:26 - 2012-08-23 02:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2012-08-23 02:25 - 2012-08-23 02:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2012-08-23 02:26 - 2012-08-23 02:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll 2012-08-23 02:25 - 2012-08-23 02:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll 2012-08-23 02:25 - 2012-08-23 02:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2012-08-23 02:25 - 2012-08-23 02:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll 2012-08-23 02:26 - 2012-08-23 02:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll 2013-10-24 09:21 - 2013-09-29 19:05 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl 2013-10-24 09:21 - 2013-09-29 19:05 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl 2013-10-24 09:21 - 2013-09-29 19:05 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl 2013-09-16 15:26 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl 2013-09-16 15:26 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl 2013-09-16 15:26 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl 2013-09-16 15:26 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll 2012-08-23 18:02 - 2012-08-23 18:02 - 00034736 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\ElanTPAPI.dll 2013-03-13 16:48 - 2013-03-13 16:48 - 24978944 _____ () C:\Users\Zoe\AppData\Roaming\Dropbox\bin\libcef.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtCore4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtGui4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtDeclarative4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtScript4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtSql4.dll 2012-08-30 23:24 - 2012-08-30 23:24 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtNetwork4.dll 2011-09-05 20:36 - 2011-09-05 20:36 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qgif4.dll 2011-09-05 20:36 - 2011-09-05 20:36 - 00180224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qjpeg4.dll 2013-10-16 11:13 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2013-10-23 16:58 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl 2013-10-23 16:58 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl 2013-10-23 16:58 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl 2013-10-23 16:58 - 2013-05-29 13:15 - 06773056 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll 2013-10-23 16:58 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll 2013-10-23 16:58 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll 2012-11-25 07:59 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2013-10-10 09:12 - 2013-10-10 09:12 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2013-10-10 09:12 - 2013-10-10 09:12 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll 2013-10-10 09:13 - 2013-10-10 09:16 - 01027240 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll 2013-09-13 06:29 - 2013-09-13 06:29 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll 2013-10-24 09:21 - 2013-09-29 19:05 - 00040256 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll 2013-10-10 09:12 - 2013-10-10 09:12 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2013-10-10 09:12 - 2013-10-10 09:12 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll 2013-03-28 14:46 - 2013-03-28 14:46 - 00035984 _____ () C:\Users\Zoe\AppData\Local\assembly\dl3\VL2L8MW8.JZG\7QH0XV36.KQH\45a30b6b\001db878_b17ccd01\ExcelAddIn.DLL 2013-10-01 11:48 - 2013-10-01 11:48 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-03-14 18:57 - 2013-03-14 19:20 - 00121920 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll 2013-10-10 09:12 - 2013-10-10 09:12 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll 2013-10-10 09:12 - 2013-10-10 09:12 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\Office15\c2r32.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/25/2013 11:44:10 AM) (Source: Windows Search Service) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. 0xc0041801 (0xc0041801) Error: (10/25/2013 11:44:10 AM) (Source: Windows Search Service) (User: ) Description: The search service has detected corrupted data files in the index {id=4810 - enduser\mssearch2\search\ytrip\tripoli\inverted\decodinglayerpages.h (591)}. The service will attempt to automatically correct this problem by rebuilding the index. Details: The data is invalid. 0x8007000d (0x8007000d) Error: (10/25/2013 11:29:40 AM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service Util qualitink since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (10/25/2013 11:29:40 AM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service Update qualitink since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (10/25/2013 09:16:34 AM) (Source: IMFservice) (User: ) Description: The handle is invalid Error: (10/25/2013 09:16:34 AM) (Source: IMFservice) (User: ) Description: The handle is invalid Error: (10/24/2013 02:54:16 PM) (Source: Application Error) (User: ) Description: Faulting application name: plugin-container.exe, version: 24.0.0.5001, time stamp: 0x522fd228 Faulting module name: NPSWF32_11_9_900_117.dll, version: 11.9.900.117, time stamp: 0x5244d60c Exception code: 0x40000015 Fault offset: 0x0035358b Faulting process id: 0x2c5c Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Faulting package full name: plugin-container.exe4 Faulting package-relative application ID: plugin-container.exe5 Error: (10/24/2013 02:54:09 PM) (Source: Application Error) (User: ) Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00ce2e00 Faulting process id: 0x2ecc Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0 Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1 Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2 Report Id: FlashPlayerPlugin_11_9_900_117.exe3 Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4 Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5 Error: (10/24/2013 11:49:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: V5-571) Description: App microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos did not launch within its allotted time. Error: (10/23/2013 05:33:02 PM) (Source: IMFservice) (User: ) Description: The handle is invalid System errors: ============= Error: (10/25/2013 11:35:50 AM) (Source: Service Control Manager) (User: ) Description: The McAfee SiteAdvisor Service service failed to start due to the following error: %%2 Error: (10/25/2013 09:22:09 AM) (Source: Service Control Manager) (User: ) Description: The Intel® Management and Security Application User Notification Service service hung on starting. Error: (10/25/2013 09:17:37 AM) (Source: Service Control Manager) (User: ) Description: The McAfee SiteAdvisor Service service failed to start due to the following error: %%2 Error: (10/25/2013 09:09:36 AM) (Source: Service Control Manager) (User: ) Description: The Intel® Management and Security Application User Notification Service service hung on starting. Error: (10/25/2013 09:04:53 AM) (Source: Service Control Manager) (User: ) Description: The McAfee SiteAdvisor Service service failed to start due to the following error: %%2 Error: (10/24/2013 04:11:44 PM) (Source: Service Control Manager) (User: ) Description: The McAfee SiteAdvisor Service service failed to start due to the following error: %%2 Error: (10/24/2013 10:07:36 AM) (Source: DCOM) (User: V5-571) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}V5-571ZoeS-1-5-21-2291105322-700541216-3576249611-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (10/24/2013 10:06:49 AM) (Source: Service Control Manager) (User: ) Description: The McAfee SiteAdvisor Service service failed to start due to the following error: %%2 Error: (10/24/2013 09:21:13 AM) (Source: Service Control Manager) (User: ) Description: The StartMenu8 Service service terminated unexpectedly. It has done this 1 time(s). Error: (10/24/2013 09:15:15 AM) (Source: Service Control Manager) (User: ) Description: The McAfee SiteAdvisor Service service failed to start due to the following error: %%2 Microsoft Office Sessions: ========================= Error: (10/25/2013 11:44:10 AM) (Source: Windows Search Service)(User: ) Description: Details: The content index catalog is corrupt. 0xc0041801 (0xc0041801) The catalog is corrupt Error: (10/25/2013 11:44:10 AM) (Source: Windows Search Service)(User: ) Description: Details: The data is invalid. 0x8007000d (0x8007000d) 4810 - enduser\mssearch2\search\ytrip\tripoli\inverted\decodinglayerpages.h (591) Error: (10/25/2013 11:29:40 AM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service Util qualitink since QueryServiceConfig API failed System Error: The system cannot find the file specified. Error: (10/25/2013 11:29:40 AM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service Update qualitink since QueryServiceConfig API failed System Error: The system cannot find the file specified. Error: (10/25/2013 09:16:34 AM) (Source: IMFservice)(User: ) Description: The handle is invalid Error: (10/25/2013 09:16:34 AM) (Source: IMFservice)(User: ) Description: The handle is invalid Error: (10/24/2013 02:54:16 PM) (Source: Application Error)(User: ) Description: plugin-container.exe24.0.0.5001522fd228NPSWF32_11_9_900_117.dll11.9.900.1175244d60c400000150035358b2c5c01ced0c6da3a6963C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_11_9_900_117.dlladc7e6be-3cdd-11e3-bf1f-2016d8101560 Error: (10/24/2013 02:54:09 PM) (Source: Application Error)(User: ) Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6unknown0.0.0.000000000c000000500ce2e002ecc01ced0c6db107b9fC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeunknowna9ba5666-3cdd-11e3-bf1f-2016d8101560 Error: (10/24/2013 11:49:50 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: V5-571) Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos Error: (10/23/2013 05:33:02 PM) (Source: IMFservice)(User: ) Description: The handle is invalid ==================== Memory info =========================== Percentage of memory in use: 35% Total physical RAM: 7987.59 MB Available physical RAM: 5176.49 MB Total Pagefile: 9203.59 MB Available Pagefile: 6110.72 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:684.84 GB) (Free:601.05 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: 90013E6B) Partition: GPT Partition Type ==================== End Of Log ============================
  8. Yeah I deleted them. I think I pulled the log first though (as per the instructions, it says to post the log before deleting ) Firefox seems to be the only browser affected (of the two I've tried: FF and IE). I will do the next steps you recommend now. Thanks!
  9. Like so. Covered personal browsing stuff with red.
  10. I followed the instructions provided to the letter, but the same things are popping up
  11. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.24.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16721 Zoe :: V5-571 [administrator] 10/25/2013 11:40:25 AM MBAM-log-2013-10-25 (11-50-56).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 208348 Time elapsed: 9 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 4 HKCR\CLSID\{73ad5d47-66e5-4127-80ca-c0eedabafbcc} (Adware.Superweb) -> No action taken. HKCR\TypeLib\{94dc4aa7-8299-4d7d-8f4d-48acf05e08ba} (Adware.Superweb) -> No action taken. HKCR\Interface\{5A5776B9-C752-4AFE-81AF-2ABDD19E05A0} (Adware.Superweb) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73AD5D47-66E5-4127-80CA-C0EEDABAFBCC} (Adware.Superweb) -> No action taken. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  12. # AdwCleaner v3.010 - Report created 25/10/2013 at 11:34:01 # Updated 20/10/2013 by Xplode # Operating System : Windows 8 (64 bits) # Username : Zoe - V5-571 # Running from : C:\Users\Zoe\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Conduit Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\Searchprotect Folder Deleted : C:\Program Files (x86)\TornTV.com Folder Deleted : C:\Program Files (x86)\KeyBar_1.13 Folder Deleted : C:\Users\Zoe\AppData\Local\Conduit Folder Deleted : C:\Users\Zoe\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Zoe\AppData\LocalLow\KeyBar_1.13 Folder Deleted : C:\Users\Zoe\AppData\Roaming\Searchprotect Folder Deleted : C:\Users\Zoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com Folder Deleted : C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\CT3291326 Folder Deleted : C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\Extensions\{02edb56b-9b33-435b-b7df-b2843273a694} File Deleted : C:\END File Deleted : C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\searchplugins\Conduit.xml File Deleted : C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3291326 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02EDB56B-9B33-435B-B7DF-B2843273A694} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{21C9B2FE-791A-4A7B-9EEB-97B4E22D8B3E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02EDB56B-9B33-435B-B7DF-B2843273A694} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02EDB56B-9B33-435B-B7DF-B2843273A694} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{21C9B2FE-791A-4A7B-9EEB-97B4E22D8B3E} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0C6CDBF7-9E29-435E-928D-E844D032D9EF} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24BBC544-A5F6-465E-9A0A-754EB6CB7519} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{02EDB56B-9B33-435B-B7DF-B2843273A694}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{02EDB56B-9B33-435B-B7DF-B2843273A694}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{02EDB56B-9B33-435B-B7DF-B2843273A694}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\installedbrowserextensions Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKCU\Software\AppDataLow\Software\KeyBar_1.13 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\KeyBar_1.13 ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v24.0 (en-US) [ File : C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\prefs.js ] Line Deleted : user_pref("CT3291326.FF19Solved", "true"); Line Deleted : user_pref("CT3291326.UserID", "UN19613665078677311"); Line Deleted : user_pref("CT3291326.browser.search.defaultthis.engineName", "true"); Line Deleted : user_pref("CT3291326.fullUserID", "UN19613665078677311.IN.20131022095549"); Line Deleted : user_pref("CT3291326.installDate", "22/10/2013 09:55:50"); Line Deleted : user_pref("CT3291326.installSessionId", "{C761279B-3911-44F9-A19B-E92686BC66C4}"); Line Deleted : user_pref("CT3291326.installSp", "TRUE"); Line Deleted : user_pref("CT3291326.installerVersion", "1.7.1.7"); Line Deleted : user_pref("CT3291326.keyword", "true"); Line Deleted : user_pref("CT3291326.originalSearchAddressUrl", ""); Line Deleted : user_pref("CT3291326.originalSearchEngine", ""); Line Deleted : user_pref("CT3291326.originalSearchEngineName", ""); Line Deleted : user_pref("CT3291326.searchRevert", "false"); Line Deleted : user_pref("CT3291326.searchUserMode", "2"); Line Deleted : user_pref("CT3291326.smartbar.homepage", "true"); Line Deleted : user_pref("CT3291326.versionFromInstaller", "10.20.3.20"); Line Deleted : user_pref("CT3291326.xpeMode", "0"); Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); Line Deleted : user_pref("browser.search.defaultthis.engineName", "KeyBar 1.13 Customized Web Search"); Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3291326"); Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3291326"); Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3291326"); Line Deleted : user_pref("smartbar.machineId", "A/CNDOQT3VFHPQAT9DR9PSNROWLTD+FSNDYBFOVMZTKPW0JANKA5QK1DHK0DA5JJCRCYVNNJA/6OT0LB50S+HQ"); ************************* AdwCleaner[R0].txt - [7075 octets] - [25/10/2013 11:32:28] AdwCleaner[s0].txt - [6876 octets] - [25/10/2013 11:34:01] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6936 octets] ##########
  13. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.15.2 Run by Zoe at 10:05:08 on 2013-10-25 Microsoft Windows 8 6.2.9200.0.1252.2.1033.18.7988.5086 [GMT -4:00] . AV: Kaspersky PURE 2.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky PURE 2.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D} SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\dwm.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Windows\system32\dashost.exe C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe C:\Program Files\Elantech\ETDService.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe C:\Windows\RfBtnSvc64.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\qualitink\updatequalitink.exe C:\Program Files (x86)\qualitink\bin\utilqualitink.exe C:\Windows\system32\EscSvc64.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe C:\Windows\system32\taskhostex.exe C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Windows\SysWOW64\Rundll32.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\igfxext.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Acer\Acer Power Management\ePowerTray.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE C:\Users\Zoe\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Dolby PCEE4\pcee4.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Users\Zoe\AppData\Local\Pokki\Engine\pokki.exe C:\Users\Zoe\AppData\Local\Pokki\Engine\pokki.exe C:\Users\Zoe\AppData\Local\Pokki\Engine\pokki.exe C:\Users\Zoe\AppData\Local\Pokki\Engine\pokki.exe C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exe C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: KeyBar 1.13 Toolbar: {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Program Files (x86)\KeyBar_1.13\prxtbKeyB.dll mURLSearchHooks: KeyBar 1.13 Toolbar: {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Program Files (x86)\KeyBar_1.13\prxtbKeyB.dll mWinlogon: Userinit = userinit.exe, BHO: MRI_DISABLED - <orphaned> BHO: KeyBar 1.13 Toolbar: {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Program Files (x86)\KeyBar_1.13\prxtbKeyB.dll BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll BHO: qualitink: {73ad5d47-66e5-4127-80ca-c0eedabafbcc} - C:\Program Files (x86)\qualitink\qualitinkBHO.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll TB: KeyBar 1.13 Toolbar: {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Program Files (x86)\KeyBar_1.13\prxtbKeyB.dll EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll uRun: [Pokki] C:\Windows\System32\rundll32.exe "C:\Users\Zoe\AppData\Local\Pokki\Engine\Launcher.dll",RunLaunchPlatform uRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2540 Series" /EF "HKCU" uRun: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2540 Series" /EF "HKCU" uRun: [backgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Zoe\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun uRunOnce: [Application Restart #4] C:\Users\Zoe\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Zoe\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --enable-touch-events --flag-switches-begin --flag-switches-end --restore-last-session mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart mRun: [LManager] <no file> dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} mExplorerRun: [btvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" StartupFolder: C:\Users\Zoe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Zoe\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MRI_DI~1\ACERBA~1.LNK - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe mPolicies-System: DisableCAD = dword:1 IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: Interfaces\{7595F9EE-3572-46C0-B147-5C8F6A92F723} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7595F9EE-3572-46C0-B147-5C8F6A92F723}\343594D4 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7595F9EE-3572-46C0-B147-5C8F6A92F723}\35471627265736B6370275966496 : DHCPNameServer = 8.8.8.8 8.8.4.4 TCP: Interfaces\{7595F9EE-3572-46C0-B147-5C8F6A92F723}\74C6F62616C63557964756 : DHCPNameServer = 173.243.32.50 8.8.8.8 TCP: Interfaces\{7595F9EE-3572-46C0-B147-5C8F6A92F723}\74C6F62616C6D456564796E676 : DHCPNameServer = 173.243.32.50 8.8.8.8 TCP: Interfaces\{7595F9EE-3572-46C0-B147-5C8F6A92F723}\A5F65696071646 : DHCPNameServer = 206.47.201.246 207.231.231.254 TCP: Interfaces\{CD4F3FD0-9A9A-44D3-9962-C8E494CE9232} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{E5D3F8AD-61A0-41BA-8C9F-54D7ACC5B210} : DHCPNameServer = 206.47.201.246 207.231.231.254 Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL SSODL: WebCheck - <orphaned> mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings x64-BHO: {11111111-1111-1111-1111-110311551178} - <orphaned> x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-ExplorerRun: [btvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" x64-mPolicies-System: DisableCAD = dword:1 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: klogon - C:\Windows\System32\klogon.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll FF - plugin: C:\Users\Zoe\AppData\Local\Citrix\Plugins\104\npappdetector.dll FF - plugin: C:\Users\Zoe\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-09-16 15:26; ascsurfingprotection@iobit.com; C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\extensions\ascsurfingprotection@iobit.com FF - ExtSQL: 2013-10-04 21:01; firefox@qualitink.net; C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\extensions\firefox@qualitink.net.xpi FF - ExtSQL: 2013-10-22 09:55; {02edb56b-9b33-435b-b7df-b2843273a694}; C:\Users\Zoe\AppData\Roaming\Mozilla\Firefox\Profiles\9hl5nkwl.default\extensions\{02edb56b-9b33-435b-b7df-b2843273a694} . ---- FIREFOX POLICIES ---- FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: browser.turbo.enabled - true FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.chrome.favicons - false FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: content.notify.ontimer - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.switch.threshold - 750000 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2013-9-2 192824] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2013-9-2 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2013-8-20 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2013-9-8 31544] R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\Drivers\CSCrySec.sys [2013-3-5 85048] R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-25 645952] R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-10-23 17720] R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\Drivers\avgdiska.sys [2013-9-25 148792] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2013-9-2 241464] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2013-9-2 212280] R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2013-7-30 252728] R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys [2013-3-5 66104] R1 kl2;kl2;C:\Windows\System32\Drivers\kl2.sys [2011-10-20 13616] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\Drivers\klim6.sys [2011-3-10 29488] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-9-16 574272] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe [2013-1-28 227456] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [2012-8-30 202328] R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-8-24 2435728] R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-11-25 348784] R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2012-5-10 608864] R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-3-14 135824] R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2012-11-25 90992] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-25 2457232] R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-10-23 335168] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-25 166720] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-8-23 259136] R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-11 1907896] R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2012-11-25 93296] R2 StartMenuService;StartMenu8 Service;C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2013-10-24 75584] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-25 365376] R2 Update qualitink;Update qualitink;C:\Program Files (x86)\qualitink\updatequalitink.exe [2013-10-4 65312] R2 Util qualitink;Util qualitink;C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [2013-10-23 65312] R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-6-5 89168] R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-10-16 266240] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-6-5 346192] R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-6-5 115280] R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-6-5 34384] R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-6-5 179432] R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-6-5 77464] R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-6-5 136424] R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-6-5 581200] R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752] R3 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-9-5 658576] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-11-25 319856] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-25 342528] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\Drivers\klmouflt.sys [2009-11-2 22544] R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2012-11-25 26736] R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-11-25 288256] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-25 683664] R3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2013-3-5 23552] S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2013-9-4 20496] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\Drivers\netaapl64.sys [2012-9-10 22528] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656] . =============== Created Last 30 ================ . 2013-10-24 18:33:21 -------- d-----w- C:\Users\Zoe\AppData\Roaming\Malwarebytes 2013-10-24 18:33:10 -------- d-----w- C:\ProgramData\Malwarebytes 2013-10-24 18:33:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-10-24 18:33:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-24 14:04:48 -------- d-----w- C:\Users\Zoe\AppData\Roaming\AVG2014 2013-10-24 14:04:00 -------- d-----w- C:\Users\Zoe\AppData\Roaming\TuneUp Software 2013-10-24 14:03:31 -------- d--h--w- C:\$AVG 2013-10-24 14:03:31 -------- d-----w- C:\ProgramData\AVG2014 2013-10-24 14:02:46 -------- d-----w- C:\Program Files (x86)\AVG 2013-10-24 13:58:35 -------- d--h--w- C:\ProgramData\Common Files 2013-10-24 13:58:35 -------- d-----w- C:\Users\Zoe\AppData\Local\MFAData 2013-10-24 13:58:35 -------- d-----w- C:\Users\Zoe\AppData\Local\Avg2014 2013-10-24 13:58:35 -------- d-----w- C:\ProgramData\MFAData 2013-10-23 20:59:45 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys 2013-10-22 16:42:11 315568 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10222.bin 2013-10-22 13:56:21 -------- d-----w- C:\Program Files (x86)\Conduit 2013-10-22 13:56:17 -------- d-----w- C:\ProgramData\Conduit 2013-10-22 13:56:16 -------- d-----w- C:\Users\Zoe\AppData\Local\Conduit 2013-10-22 13:56:16 -------- d-----w- C:\Program Files (x86)\KeyBar_1.13 2013-10-22 13:56:00 -------- d-----w- C:\Program Files (x86)\SearchProtect 2013-10-22 13:55:52 -------- d-----w- C:\Users\Zoe\AppData\Roaming\SearchProtect 2013-10-22 13:55:20 -------- d-----w- C:\Program Files (x86)\qualitink 2013-10-22 13:54:46 -------- d-----w- C:\Program Files (x86)\TornTV.com 2013-10-22 13:50:53 -------- d-----w- C:\ProgramData\WinterSoft 2013-10-22 13:50:42 -------- d-----w- C:\Users\Zoe\AppData\Local\Programs 2013-10-22 13:50:06 -------- d-----w- C:\ProgramData\InstallMate 2013-10-16 15:19:36 -------- d-----w- C:\Users\Zoe\AppData\Roaming\ControlCenter4 2013-10-16 15:13:40 -------- d-----w- C:\Brother 2013-10-16 15:13:37 -------- d-----w- C:\ProgramData\ControlCenter4 2013-10-16 15:13:37 -------- d-----w- C:\Program Files (x86)\Browny02 2013-10-16 15:13:36 -------- d-----w- C:\Program Files (x86)\ControlCenter4 2013-10-16 15:13:11 73728 ------w- C:\Windows\SysWow64\BrDctF2.dll 2013-10-16 15:13:11 5120 ------w- C:\Windows\SysWow64\BrDctF2S.dll 2013-10-16 15:13:11 5120 ------w- C:\Windows\SysWow64\BrDctF2L.dll 2013-10-16 15:13:11 245760 ------w- C:\Windows\SysWow64\NSSearch.dll 2013-10-16 15:13:08 180224 ------w- C:\Windows\SysWow64\BroSNMP.dll 2013-10-16 15:09:57 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2013-10-15 15:02:59 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll 2013-10-15 15:02:59 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll 2013-10-15 15:02:59 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll 2013-10-15 15:02:59 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll 2013-10-15 15:02:47 566784 ----a-w- C:\Windows\System32\wvc.dll 2013-10-15 15:02:47 462336 ----a-w- C:\Windows\System32\sysmon.ocx 2013-10-15 15:02:47 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx 2013-10-15 15:02:47 1374208 ----a-w- C:\Windows\System32\wdc.dll 2013-10-15 15:02:47 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll 2013-10-15 15:02:46 437248 ----a-w- C:\Windows\SysWow64\wvc.dll 2013-10-10 16:03:22 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-10 16:03:22 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-09 13:17:49 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-10-01 15:48:50 91544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll 2013-10-01 14:44:15 4917760 ----a-w- C:\Windows\System32\sppsvc.exe 2013-10-01 14:42:28 144896 ----a-w- C:\Windows\System32\tssdisai.dll 2013-10-01 14:39:29 -------- d-----w- C:\ProgramData\Brother 2013-09-30 14:45:43 26432 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe 2013-09-26 01:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys . ==================== Find3M ==================== . 2013-10-25 13:17:06 53284 ----a-w- C:\Windows\System32\wpbbin.exe 2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-09 02:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2013-09-04 19:35:06 20496 ----a-w- C:\Windows\System32\drivers\avgboota.sys 2013-09-02 14:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-09-02 14:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-09-02 14:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2013-09-02 14:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-08-23 05:11:57 4040192 ----a-w- C:\Windows\System32\win32k.sys 2013-08-21 02:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys 2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll 2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe 2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe 2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll 2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll 2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll 2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll 2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll 2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll 2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll 2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll 2013-08-10 05:21:51 448512 ----a-w- C:\Windows\System32\SettingSync.dll 2013-08-02 06:28:29 10116608 ----a-w- C:\Windows\System32\twinui.dll 2013-08-02 06:26:53 2304512 ----a-w- C:\Windows\System32\authui.dll 2013-08-02 05:08:18 8858112 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-08-02 05:06:50 2035712 ----a-w- C:\Windows\SysWow64\authui.dll 2013-08-01 10:41:31 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-07-30 14:01:20 252728 ----a-w- C:\Windows\System32\drivers\avgwfpa.sys . ============= FINISH: 10:05:42.80 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Boot Device: \Device\HarddiskVolume2 Install Date: 3/5/2013 12:03:47 AM System Uptime: 10/25/2013 9:16:54 AM (1 hours ago) . Motherboard: Acer | | Aspire V5-571P Processor: Intel® Core i3-3217U CPU @ 1.80GHz | CPU Socket - U3E1 | 1801/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 685 GiB total, 598.966 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP30: 10/9/2013 9:02:38 AM - Installed Software Updater RP31: 10/15/2013 4:29:28 PM - Windows Update RP32: 10/23/2013 8:06:29 AM - Scheduled Checkpoint RP33: 10/24/2013 10:02:04 AM - Installed AVG 2014 RP34: 10/24/2013 10:02:55 AM - Installed AVG 2014 . ==== Installed Programs ====================== . clear.fi SDK- Movie 2 clear.fi SDK - Video 2 Acer Backup Manager Acer Instant Update Service Acer Power Management Acer Recovery Management AcerCloud AcerCloud Docs Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.05) Advanced SystemCare 6 Apple Application Support Apple Mobile Device Support Apple Software Update AVG 2014 Backup Manager v4 Bonjour Brother MFL-Pro Suite DCP-7065DN Brother P-touch Editor 5.0 Citrix Online Launcher clear.fi Media clear.fi Photo CyberLink MediaEspresso 6.5 Dolby Advanced Audio v2 Driver Booster Dropbox Epson Connect Printer Setup EPSON Connect version 1.0 Epson Customer Participation Epson E-Web Print Epson Event Manager Epson FAX Utility Epson PC-FAX Driver EPSON Printer Finder EPSON Scan EPSON WF-2540 Series Printer Uninstall EpsonNet Print ETDWare PS/2-X64 11.6.10.001_WHQL FileZilla Client 3.7.3 GoToMeeting 5.7.0.1172 HID Monitor Identity Card Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® Trusted Connect Service Client IObit Malware Fighter Java 7 Update 15 Java 7 Update 15 (64-bit) Java Auto Updater Kaspersky PURE 2.0 Launch Manager Live Updater Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Office Professional Plus 2013 - en-us Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Mozilla Firefox 24.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MyWinLocker Suite Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Office Addin Pokki Pokki Download Helper PollEv Presenter Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros WLAN and Bluetooth Client Installation Program qualitink 1.0.0 Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek PCIE Card Reader Shared C Run-time for x64 Shredder Smart Defrag 2 Software Updater Start Menu 8 Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) . ==== Event Viewer Messages From Past Week ======== . 10/25/2013 9:22:09 AM, Error: Service Control Manager [7022] - The Intel® Management and Security Application User Notification Service service hung on starting. 10/25/2013 9:17:37 AM, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified. 10/24/2013 9:21:13 AM, Error: Service Control Manager [7034] - The StartMenu8 Service service terminated unexpectedly. It has done this 1 time(s). 10/24/2013 10:07:36 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user V5-571\Zoe SID (S-1-5- 21-2291105322-700541216-3576249611-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
  14. I must have picked up some virus somewhere as stuff is popping up when I browse, and when I click on links other windows to advertisements will pop up. I ran AVG, SystemCare and finally Maleware Bytes, but I'm still infected. Any advice would be very appreciated!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.