Jump to content

Search the Community

Showing results for tags 'AVAST'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Sure would be nice to make helping MWB, an easier process. You'd like for us to go to 3 different places in order to "zip" 2 folders and an exe. Then email it to MWB. Doesnt the MWB program already know where those 3 places would be for the program that we think is a false positive? Why not make an option built into MWB to "report as false positive" and the program can automatically zip the 2 locations and exe? Then upload it to MWB. The program that I would report if it wasnt such a hassle - would be Avast! antivirus. I heard another post saying that Microsoft one drive had been effected... If MWB is so agressive that it is going after VERY well known programs, than it should offer an easier way of reporting the false positives .
  2. Avast anti-virus program update was quarantined by MBARW when I tried to update the program earlier today. After I rebooted my computer, I was unable to restore the file or add it to exclusion list. I am unable to attach the Avast update file (didn't find it) but I am attaching a PrintScreen of the MBARW error along with the other 2 zip files. I will reinstall Avast AV because now when I run Avast program update, it says an update is needed, but when it attempts to download the update, it says it is not needed. I did not install the MBARW update that came out earlier today. I will restart my computer again and expect to update it then. Thanks. logs.zip Malwarebytes Anti-Ransomware.zip Avast Update.doc
  3. Hello, I have a Malicious Website blocked issue. The pop-ups started about 4:00 pm yesterday (9/9/2015). I have read thru the posting instructions and have run a Malwarebites scan and a Farbar Recovery tool scan (gave me a "Line 9051 Error: Subscript used on non-accessible variable" message so I'm not sure if it actually did what it was supposed to do). The logs are below, although, I can't seem to find an addition.txt log. If I have forgotten something, or haven't supplied all the information, please let me know. This is the first time I've had to do any of this so I might have missed something. Thank you for your help in this matter. FRST.txt protection log 9-10.txt mbam scan log 9-10-15.txt
  4. Hello, Good day. My Avast installation is detecting (and blocking, thankfully) a malware infection from "ninthclub (dot) com" everytime I start internet explorer or chrome, which are the only two browsers I use. When I run Malwarebytes it does not detect it. Any ideas on how to remove would be appreciated, please. Hopefully you will update the malwarebytes database soon to take care of this specific malware infection. Here are the details from Avast, fwiw: Object: hxxp://ninthclub(dot)com/work/new/index(dot)php Infection: URL:Mal Process: c:\Program files...\iexplore.exe ( <--- or chrome.exe depending on the browser launched) Running Windows 7, 64-bit IE version 11 Chrome Version 46.0.2490.80 m Thanks. Alonso B.
  5. I downloaded Farber Recovery Scan Tool, and here are the two files resulting from the scan (attached) I am getting the popup "Malicious Website Blocked; su2.ff.avast.com; 92.242.140.21" in the righthand part of my screen every couple minutes. It disappears pretty quickly, and when I click on it, I can no longer see the information that was listed on the popup. I've seen this topic listed, but I can't seem to find the resolution. It looks like a lot of people started seeing this regardless of OS. I use Windows 7. Thanks in advance! Addition.txt FRST.txt
  6. I first received a notification from avast that it blocked a harmful webpage while browsing google chrome. After that I tried deleting and reinstalling google chrome, and I also deleted the appdata. It started showing up again in Firefox. It shows up no matter what browser I use. The notification contains the link to a harmful website, and the object states URL:MAL Here are the logs: can result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015Ran by selec_000 (administrator) on JOSH (01-08-2015 18:05:03)Running from C:\Users\selec_000\DownloadsLoaded Profiles: selec_000 (Available Profiles: selec_000)Platform: Windows 8.1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe(Valve Corporation) C:\Games\Steam\Steam.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Valve Corporation) C:\Games\Steam\bin\steamwebhelper.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe() C:\Games\Modding Tools\ModOrganizer\ModOrganizer.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\selec_000\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)HKU\S-1-5-21-2450985420-56091920-2760118653-1001\...\Run: [steam] => C:\Games\Steam\steam.exe [2895552 2015-07-23] (Valve Corporation)HKU\S-1-5-21-2450985420-56091920-2760118653-1001\...\Run: [Google Update] => C:\Users\selec_000\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-05-15] (Google Inc.)ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\selec_000\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.ProxyServer: [.DEFAULT] => http=127.0.0.1:59610;https=127.0.0.1:59610HKU\S-1-5-21-2450985420-56091920-2760118653-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-09] (Avast Software s.r.o.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-09] (Avast Software s.r.o.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254Tcpip\..\Interfaces\{FF92A986-E8ED-4B99-9729-DE754A90F58C}: [DhcpNameServer] 192.168.1.254 FireFox:========FF ProfilePath: C:\Users\selec_000\AppData\Roaming\Mozilla\Firefox\Profiles\hq45mnug.defaultFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)FF Plugin HKU\S-1-5-21-2450985420-56091920-2760118653-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\selec_000\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No FileFF Plugin HKU\S-1-5-21-2450985420-56091920-2760118653-1001: @talk.google.com/O1DPlugin -> C:\Users\selec_000\AppData\Roaming\Mozilla\plugins\npo1d.dll No FileFF Plugin HKU\S-1-5-21-2450985420-56091920-2760118653-1001: @tools.google.com/Google Update;version=3 -> C:\Users\selec_000\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin HKU\S-1-5-21-2450985420-56091920-2760118653-1001: @tools.google.com/Google Update;version=9 -> C:\Users\selec_000\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-09] Chrome: =======CHR Profile: C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-01]CHR Extension: (Google Docs) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-01]CHR Extension: (Google Drive) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-01]CHR Extension: (YouTube) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-01]CHR Extension: (Google Search) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-01]CHR Extension: (Avast SafePrice) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-08-01]CHR Extension: (Google Sheets) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-01]CHR Extension: (Avast Online Security) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-01]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-01]CHR Extension: (Chrome Web Store Payments) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]CHR Extension: (Gmail) - C:\Users\selec_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-01]CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-09]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-09] (Avast Software)S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-11] ()S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [838336 2015-07-23] (Valve Corporation) [File not signed]S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-09] (Avast Software)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  7. Avast keeps bleeping saying it has identified a threat about 14 times in a row. It shows as svchost.exe. but I am having no luck removing it even after following other forums advice. Any help would be greatly appreciated! Thanks!
  8. Hello lovely people at MBytes Not really sure if I am infected with a bit of Malware but I'll start at the beginning and let the experts decide Lately my computer has been running a bit slow when I start my browser (internet explorer) in sandboxie - Most of my browsing is done there, better safe than sorry, - however it usually sorts itself out (perhaps I have too many programs running for my computer to handle?). However in the last 24 hours a webcomic I like (schlock mercenary) has been redirecting me to a page saying that my explorer video player might be outdated and to select "OK". I have not clicked on anything with this page and a quick google has confirmed my worries that it is probably a virus. I think the page has been hijacked, I have emailed the guy who runs the page, just so he knows and just to be safe I've backed up files and run my virus protection program (Avast) as well as Malwarebytes, and both programs have given me the all-clear. Thing is i'm still a bit worried, I had a real problem with a stubborn redirect virus in my computer last year - could the system slowness be something caught in my sandbox? Can anyone recommend anything to check that I don't have anything nasty lurking on my system? Many thanks!
  9. Recently when I wake my computer or turn it on I get Avast consistently blocking web pages. The web pages aren't always the same, but the rest is. Infection: URL:Mal Process: C:\windows\system32\svchost.exe I have run a complete scan and boot scan with Avast. I have run CCleaner and Malwarebytes. Still I have the same issue. I saw on this forum to run Farbar and Rogue Killer. The FRST.txt is as follows: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015Ran by Lucy (administrator) on REEPICHEEP on 08-04-2015 23:10:55Running from C:\Users\Lucy\DownloadsLoaded Profiles: Lucy (Available profiles: Lucy & DefaultAppPool)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor)HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Dell Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-02] (Avast Software s.r.o.)HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [GoogleChromeAutoLaunch_E5CE13D32CFEE4857CA1D9203971B7D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-30] (Google Inc.)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [WorkForce 840(Network)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGMA.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [EPSONB90F0F (WorkForce 840)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGMA.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\MountPoints2: D - "D:\Setup.exe" HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\MountPoints2: {58d7111d-cb78-11e4-826b-303a64cf08b8} - "D:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [786432 2013-08-22] (Microsoft Corporation)Startup: C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnkShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Lucy\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\windows\system32\mscoree.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\windows\system32\mscoree.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-02] (Avast Software s.r.o.)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-02] (Avast Software s.r.o.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\ul0ucgp2.default-1399488515843FF DefaultSearchEngine: Yahoo! (Avast)FF DefaultSearchUrl: https://search.yahoo.com/yhs/searchFF SearchEngineOrder.1: Yahoo! (Avast)FF SelectedSearchEngine: Yahoo! (Avast)FF Homepage: www.google.comFF Keyword.URL: https://search.yahoo.com/yhs/searchFF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin HKU\S-1-5-21-2576653244-3294062963-2646520357-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lucy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)FF user.js: detected! => C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\ul0ucgp2.default-1399488515843\user.js [2015-03-12]FF SearchPlugin: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\ul0ucgp2.default-1399488515843\searchplugins\yahoo-avast.xml [2014-06-25]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-05]FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: =======CHR HomePage: Default -> hxxp://www.google.com/CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]CHR Extension: (Google Docs) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]CHR Extension: (Google Drive) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-05]CHR Extension: (YouTube) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-05]CHR Extension: (Add to Amazon Wish List) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-02-05]CHR Extension: (Google Search) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-05]CHR Extension: (Avast SafePrice) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-11]CHR Extension: (Google Sheets) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]CHR Extension: (Avast Online Security) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-05]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]CHR Extension: (Google Wallet) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-05]CHR Extension: (Gmail) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-05]CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-02]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-02] (Avast Software s.r.o.)R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-02] (Avast Software)S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink)R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-18] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (SoftThinks SAS)S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-02-12] (Microsoft Corporation)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2015-02-12] (Microsoft Corporation)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 amdiommu; C:\Windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc.)R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-02] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-02] (Avast Software s.r.o.)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-02] (Avast Software s.r.o.)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-02] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-02] (Avast Software s.r.o.)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-02] (Avast Software s.r.o.)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-02] (Avast Software s.r.o.)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-02] ()R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-19] (Intel Corporation)R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-08] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-18] (Intel Corporation)R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-04-09] (Synaptics Incorporated)R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-02] (Avast Software)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-08 23:10 - 2015-04-08 23:11 - 00021252 _____ () C:\Users\Lucy\Downloads\FRST.txt2015-04-08 23:10 - 2015-04-08 23:10 - 00000000 ____D () C:\FRST2015-04-08 23:09 - 2015-04-08 23:10 - 02095616 _____ (Farbar) C:\Users\Lucy\Downloads\FRST64.exe2015-04-08 23:05 - 2015-04-08 23:06 - 00009203 _____ () C:\windows\WindowsUpdate.log2015-04-08 22:56 - 2015-04-08 22:56 - 00000350 _____ () C:\windows\PFRO.log2015-04-08 22:56 - 2015-04-08 22:56 - 00000116 _____ () C:\windows\setupact.log2015-04-08 22:56 - 2015-04-08 22:56 - 00000000 _____ () C:\windows\setuperr.log2015-04-08 22:53 - 2015-04-08 22:54 - 00087342 _____ () C:\Users\Lucy\cc_20150408_225306.reg2015-04-08 22:48 - 2015-04-08 22:48 - 00002792 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC2015-04-08 22:48 - 2015-04-08 22:48 - 00000000 ____D () C:\Program Files\CCleaner2015-04-08 22:47 - 2015-04-08 22:47 - 05344528 _____ (Piriform Ltd) C:\Users\Lucy\Downloads\ccsetup504.exe2015-04-08 17:35 - 2015-04-08 22:57 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-04-08 17:34 - 2015-04-08 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools2015-04-08 17:34 - 2015-04-08 17:34 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-04-08 17:34 - 2015-04-08 17:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-04-08 17:34 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2015-04-08 17:34 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2015-04-08 17:34 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys2015-04-08 17:33 - 2015-04-08 17:33 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Lucy\Downloads\mbam-setup-2.1.4.1018.exe2015-04-07 16:33 - 2015-04-07 16:33 - 00000000 ____D () C:\Users\Public\Documents\CrashDump2015-04-07 15:33 - 2015-04-07 15:33 - 00000000 ___SD () C:\windows\SysWOW64\GWX2015-04-07 15:33 - 2015-04-07 15:33 - 00000000 ___SD () C:\windows\system32\GWX2015-04-04 17:51 - 2015-04-04 17:51 - 14403836 _____ () C:\Users\Lucy\Downloads\DecoratedEggs.themepack2015-04-03 15:44 - 2015-04-04 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird2015-04-02 21:30 - 2015-03-03 09:17 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe2015-04-02 21:27 - 2015-04-02 21:27 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe2015-04-02 21:26 - 2015-04-02 21:26 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr2015-04-01 20:59 - 2015-04-01 20:59 - 00001870 _____ () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk2015-03-27 21:48 - 2015-03-27 21:48 - 00000197 _____ () C:\windows\system32\2015-03-28-01-48-34.021-AvastVBoxSVC.exe-3076.log2015-03-27 16:01 - 2015-03-27 16:03 - 00000197 _____ () C:\windows\system32\2015-03-27-20-01-53.097-AvastVBoxSVC.exe-3216.log2015-03-25 16:11 - 2015-03-25 16:11 - 00000000 ____D () C:\Users\Lucy\Documents\FlashIntegro2015-03-25 16:11 - 2015-03-25 16:11 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\VideoEditor2015-03-25 16:11 - 2015-03-25 16:11 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\FlashIntegro2015-03-25 16:10 - 2015-03-27 16:03 - 00000000 ____D () C:\Program Files (x86)\3602015-03-25 16:10 - 2015-03-25 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video2015-03-25 16:10 - 2015-03-25 16:10 - 00000000 ____D () C:\Program Files (x86)\FlashIntegro2015-03-25 16:10 - 2014-12-09 13:21 - 00081792 _____ (Flash-Integro LLC) C:\windows\SysWOW64\mslvddsfilter2.ax2015-03-25 16:10 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\windows\SysWOW64\Lagarith.dll2015-03-25 16:10 - 2005-08-01 19:43 - 00245760 _____ () C:\windows\SysWOW64\lame.ax2015-03-25 16:10 - 2004-12-10 10:03 - 00438272 _____ (On2.com) C:\windows\SysWOW64\vp6vfw.dll2015-03-25 16:10 - 2004-09-06 16:06 - 00053248 _____ () C:\windows\SysWOW64\xvid.ax2015-03-25 16:10 - 2004-07-03 21:08 - 00139264 _____ () C:\windows\SysWOW64\xvidvfw.dll2015-03-25 16:10 - 2004-07-03 20:59 - 00524288 _____ () C:\windows\SysWOW64\xvidcore.dll2015-03-25 16:10 - 2004-02-04 21:11 - 00081920 _____ (fccHandler) C:\windows\SysWOW64\AC3ACM.acm2015-03-25 16:10 - 2003-05-22 12:26 - 00638976 _____ (DivXNetworks, Inc.) C:\windows\SysWOW64\divx.dll2015-03-25 16:10 - 2003-05-22 12:26 - 00221215 _____ (DivXNetworks, Inc.) C:\windows\SysWOW64\divxdec.ax2015-03-25 16:10 - 2003-05-21 23:50 - 00261632 _____ (MainConcept) C:\windows\SysWOW64\mcdvd_32.dll2015-03-25 16:10 - 2003-05-21 23:50 - 00156910 _____ () C:\windows\WMSysPr8.prx2015-03-25 16:10 - 2003-05-21 23:50 - 00082944 _____ (Voxware, Inc.) C:\windows\SysWOW64\vct3216.acm2015-03-25 16:10 - 2003-05-21 23:50 - 00038912 _____ (NCT Company) C:\windows\SysWOW64\alf2cd.acm2015-03-25 16:10 - 2003-05-21 23:50 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3a.dll2015-03-25 16:10 - 2003-03-25 05:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\windows\SysWOW64\L3CODECX.AX2015-03-25 16:10 - 2003-03-18 23:14 - 00499712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp71.dll2015-03-25 16:10 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll2015-03-25 16:10 - 2002-08-20 00:41 - 00413760 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg4c32.dll2015-03-25 16:10 - 2000-03-14 20:55 - 00013239 _____ (SHARP Corporation) C:\windows\SysWOW64\Scg726.acm2015-03-25 16:08 - 2015-03-25 16:08 - 30724288 _____ (Flash-Integro LLC ) C:\Users\Lucy\Downloads\video_editor_download.exe2015-03-24 20:48 - 2015-03-10 22:38 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll2015-03-24 20:48 - 2015-03-10 18:08 - 01107456 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00943104 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll2015-03-21 16:27 - 2015-03-21 16:27 - 00000000 ____D () C:\Program Files (x86)\Samsung2015-03-21 16:25 - 2015-04-03 20:52 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon2015-03-21 16:24 - 2015-03-21 16:24 - 00000000 ____D () C:\Program Files\SAMSUNG2015-03-21 16:24 - 2014-06-16 02:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudmdm.sys2015-03-21 16:24 - 2014-06-16 02:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudbus.sys2015-03-21 16:23 - 2015-04-03 20:52 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\VERIZON2015-03-21 16:23 - 2015-03-21 16:27 - 00000000 ____D () C:\ProgramData\Samsung2015-03-21 16:23 - 2015-03-21 16:23 - 00000000 ____D () C:\Users\Public\Documents\Verizon2.0_Log2015-03-21 16:18 - 2015-03-21 16:18 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf2015-03-15 21:07 - 2015-03-15 21:08 - 00000197 _____ () C:\windows\system32\2015-03-16-01-07-15.030-AvastVBoxSVC.exe-3280.log2015-03-13 23:25 - 2015-03-13 23:27 - 00000197 _____ () C:\windows\system32\2015-03-14-03-25-33.002-AvastVBoxSVC.exe-3192.log2015-03-13 22:45 - 2015-03-13 22:45 - 00495863 _____ () C:\Users\Lucy\Downloads\col95.zip2015-03-13 22:34 - 2015-03-13 22:35 - 00000000 ____D () C:\Users\Lucy\Desktop\Colonization2015-03-13 22:30 - 2015-03-13 22:30 - 00000000 ____D () C:\Users\Lucy\AppData\Local\DOSBox2015-03-13 22:29 - 2015-03-13 22:29 - 00001896 _____ () C:\Users\Public\Desktop\DOSBox 0.74.lnk2015-03-13 22:29 - 2015-03-13 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.742015-03-13 22:29 - 2015-03-13 22:29 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.742015-03-13 22:28 - 2015-03-13 22:28 - 01448809 _____ (DOSBox Team) C:\Users\Lucy\Downloads\DOSBox0.74-win32-installer.exe2015-03-13 21:12 - 2015-03-13 21:12 - 00000197 _____ () C:\windows\system32\2015-03-14-01-12-03.008-AvastVBoxSVC.exe-1944.log2015-03-13 14:13 - 2015-03-13 14:13 - 00628688 _____ (CMI Limited) C:\Users\Lucy\AppData\Local\nsnE2FE.tmp2015-03-13 14:09 - 2015-03-13 14:10 - 00003280 _____ () C:\windows\System32\Tasks\avastBCLRestartS-1-5-21-2576653244-3294062963-2646520357-10012015-03-12 21:24 - 2015-04-08 18:36 - 00000000 ____D () C:\ProgramData\8830ce68000064252015-03-12 21:16 - 2015-03-12 21:16 - 00000000 ____D () C:\Users\Lucy\Documents\Optimizer Pro2015-03-11 17:23 - 2015-04-07 18:54 - 00000000 ____D () C:\Users\DefaultAppPool2015-03-11 17:23 - 2015-03-11 17:23 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini2015-03-11 17:23 - 2015-02-08 00:19 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2015-03-11 17:23 - 2015-02-07 14:21 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-11 17:23 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk2015-03-11 17:23 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk2015-03-11 17:23 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2015-03-11 17:23 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2015-03-10 20:57 - 2015-02-03 19:58 - 00264000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys2015-03-10 20:57 - 2015-02-03 19:58 - 00114496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys2015-03-10 20:57 - 2015-02-03 19:58 - 00044024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys2015-03-10 20:57 - 2015-02-02 19:53 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\winshfhc.dll2015-03-10 20:57 - 2015-02-02 19:53 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\winshfhc.dll2015-03-10 20:57 - 2015-01-26 23:44 - 00933888 _____ (Microsoft Corporation) C:\windows\system32\calc.exe2015-03-10 20:57 - 2015-01-23 21:51 - 00816128 _____ (Microsoft Corporation) C:\windows\SysWOW64\calc.exe2015-03-10 20:56 - 2015-03-05 22:53 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll2015-03-10 20:56 - 2015-03-05 22:33 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll2015-03-10 20:56 - 2015-02-25 19:26 - 04178944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys2015-03-10 20:56 - 2015-02-19 23:03 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll2015-03-10 20:56 - 2015-02-19 22:58 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll2015-03-10 20:56 - 2015-02-19 22:20 - 00301056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll2015-03-10 20:56 - 2015-02-19 22:15 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll2015-03-10 20:56 - 2015-02-06 19:09 - 00396419 _____ () C:\windows\system32\ApnDatabase.xml2015-03-10 20:56 - 2015-02-05 21:28 - 02257408 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll2015-03-10 20:56 - 2015-02-05 21:08 - 01943040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll2015-03-10 20:56 - 2015-02-05 16:24 - 01113920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys2015-03-10 20:56 - 2015-02-02 20:03 - 03551744 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll2015-03-10 20:56 - 2015-02-02 20:02 - 04298240 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll2015-03-10 20:56 - 2015-01-30 19:42 - 03097600 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll2015-03-10 20:56 - 2015-01-30 19:29 - 02484224 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll2015-03-10 20:56 - 2015-01-30 19:20 - 00203264 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll2015-03-10 20:56 - 2015-01-29 23:01 - 00097792 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys2015-03-10 20:56 - 2015-01-29 23:00 - 00167424 ____C (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys2015-03-10 20:56 - 2015-01-29 22:03 - 01488896 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll2015-03-10 20:56 - 2015-01-29 22:03 - 01464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll2015-03-10 20:56 - 2015-01-29 22:02 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\eappgnui.dll2015-03-10 20:56 - 2015-01-29 21:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll2015-03-10 20:56 - 2015-01-29 21:42 - 01204224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll2015-03-10 20:56 - 2015-01-29 21:40 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappgnui.dll2015-03-10 20:56 - 2015-01-29 21:37 - 00331776 _____ (Microsoft Corporation) C:\windows\system32\eapp3hst.dll2015-03-10 20:56 - 2015-01-29 21:29 - 00035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\atlthunk.dll2015-03-10 20:56 - 2015-01-29 21:24 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\eapphost.dll2015-03-10 20:56 - 2015-01-29 21:24 - 00250880 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapp3hst.dll2015-03-10 20:56 - 2015-01-29 21:16 - 00266752 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapphost.dll2015-03-10 20:56 - 2015-01-29 21:08 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\eappcfg.dll2015-03-10 20:56 - 2015-01-29 21:06 - 00278016 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappcfg.dll2015-03-10 20:56 - 2015-01-28 21:58 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\photowiz.dll2015-03-10 20:56 - 2015-01-28 21:29 - 00290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\photowiz.dll2015-03-10 20:56 - 2015-01-28 21:11 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2015-03-10 20:56 - 2015-01-28 21:04 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll2015-03-10 20:56 - 2015-01-28 21:04 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll2015-03-10 20:56 - 2015-01-28 21:00 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2015-03-10 20:56 - 2015-01-28 20:59 - 02773504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll2015-03-10 20:56 - 2015-01-28 20:55 - 00971776 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll2015-03-10 20:56 - 2015-01-28 20:50 - 00811008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll2015-03-10 20:56 - 2015-01-28 20:49 - 02459136 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll2015-03-10 20:56 - 2015-01-28 11:41 - 07472960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2015-03-10 20:56 - 2015-01-28 11:41 - 01733440 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll2015-03-10 20:56 - 2015-01-28 11:41 - 01498360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll2015-03-10 20:56 - 2015-01-27 22:24 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\StorageContextHandler.dll2015-03-10 20:56 - 2015-01-27 21:47 - 00060928 _____ (Microsoft Corporation) C:\windows\SysWOW64\StorageContextHandler.dll2015-03-10 20:56 - 2015-01-27 00:22 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll2015-03-10 20:56 - 2015-01-26 22:11 - 03547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll2015-03-10 20:56 - 2015-01-23 03:17 - 00723072 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll2015-03-10 20:56 - 2015-01-23 01:02 - 00560392 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll2015-03-10 20:56 - 2014-10-28 23:56 - 00027456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys2015-03-10 20:56 - 2014-10-28 22:49 - 00003072 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll2015-03-10 20:56 - 2014-10-28 22:46 - 00081920 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS2015-03-10 20:56 - 2014-10-28 22:46 - 00053248 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys2015-03-10 20:56 - 2014-10-28 22:45 - 01198080 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys2015-03-10 20:56 - 2014-10-28 22:44 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll2015-03-10 20:56 - 2014-10-28 22:44 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll2015-03-10 20:56 - 2014-10-28 22:43 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\printui.exe2015-03-10 20:56 - 2014-10-28 22:37 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\rfxvmt.dll2015-03-10 20:56 - 2014-10-28 22:34 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll2015-03-10 20:56 - 2014-10-28 22:34 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WSCollect.exe2015-03-10 20:56 - 2014-10-28 22:34 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\WSReset.exe2015-03-10 20:56 - 2014-10-28 22:04 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\findnetprinters.dll2015-03-10 20:56 - 2014-10-28 22:04 - 00003072 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll2015-03-10 20:56 - 2014-10-28 22:03 - 00241152 ____C (Microsoft Corporation) C:\windows\system32\fsquirt.exe2015-03-10 20:56 - 2014-10-28 22:00 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll2015-03-10 20:56 - 2014-10-28 22:00 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll2015-03-10 20:56 - 2014-10-28 21:58 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.exe2015-03-10 20:56 - 2014-10-28 21:52 - 00289280 _____ (Microsoft Corporation) C:\windows\SysWOW64\compstui.dll2015-03-10 20:56 - 2014-10-28 21:51 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll2015-03-10 20:56 - 2014-10-28 21:45 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\prnntfy.dll2015-03-10 20:56 - 2014-10-28 21:28 - 00055808 _____ (Microsoft Corporation) C:\windows\SysWOW64\findnetprinters.dll2015-03-10 20:56 - 2014-10-28 21:28 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\atlthunk.dll2015-03-10 20:56 - 2014-10-28 21:20 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll2015-03-10 20:56 - 2014-10-28 21:19 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\eappprxy.dll2015-03-10 20:56 - 2014-10-28 21:15 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnntfy.dll2015-03-10 20:56 - 2014-10-28 21:13 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll2015-03-10 20:56 - 2014-10-28 20:59 - 00056320 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappprxy.dll2015-03-10 20:56 - 2014-10-28 20:55 - 00223744 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll2015-03-10 20:56 - 2014-10-28 20:55 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll2015-03-10 20:56 - 2014-10-28 20:44 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll2015-03-10 20:56 - 2014-10-28 20:41 - 00269312 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll2015-03-10 20:56 - 2014-10-28 20:35 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll2015-03-10 20:55 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2015-03-10 20:55 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2015-03-10 20:55 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2015-03-10 20:55 - 2015-02-20 20:27 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll2015-03-10 20:55 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2015-03-10 20:55 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2015-03-10 20:55 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2015-03-10 20:55 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2015-03-10 20:55 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2015-03-10 20:55 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2015-03-10 20:55 - 2015-02-19 22:35 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll2015-03-10 20:55 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2015-03-10 20:55 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2015-03-10 20:55 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2015-03-10 20:55 - 2015-02-19 22:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll2015-03-10 20:55 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2015-03-10 20:55 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2015-03-10 20:55 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2015-03-10 20:55 - 2015-02-19 21:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll2015-03-10 20:55 - 2015-02-19 21:56 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll2015-03-10 20:55 - 2015-02-19 21:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll2015-03-10 20:55 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2015-03-10 20:55 - 2015-02-19 21:49 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2015-03-10 20:55 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2015-03-10 20:55 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2015-03-10 20:55 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2015-03-10 20:55 - 2015-02-19 21:30 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll2015-03-10 20:55 - 2015-02-19 21:29 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll2015-03-10 20:55 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2015-03-10 20:55 - 2015-02-19 21:26 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll2015-03-10 20:55 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2015-03-10 20:55 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2015-03-10 20:55 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2015-03-10 20:55 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2015-03-10 20:55 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2015-03-10 20:55 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2015-03-10 20:55 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2015-03-10 20:55 - 2015-02-12 13:40 - 22291584 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll2015-03-10 20:55 - 2015-02-12 13:34 - 19731824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll2015-03-10 20:55 - 2015-02-07 19:57 - 01090048 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll2015-03-10 20:55 - 2015-02-07 19:49 - 00791040 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll2015-03-10 20:55 - 2015-01-29 14:45 - 01763352 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll2015-03-10 20:55 - 2015-01-29 14:34 - 01488040 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll2015-03-10 20:55 - 2015-01-27 21:31 - 00402432 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll2015-03-10 20:55 - 2015-01-27 21:11 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll2015-03-10 20:55 - 2015-01-27 19:47 - 02501368 _____ (Microsoft Corporation) C:\windows\explorer.exe2015-03-10 20:55 - 2015-01-27 19:41 - 02207488 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe2015-03-10 20:55 - 2015-01-21 01:54 - 01384712 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll2015-03-10 20:55 - 2015-01-21 01:15 - 01123848 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll2015-03-10 20:55 - 2014-12-11 01:36 - 00046456 _____ (Microsoft Corporation) C:\windows\system32\LockScreenContentServer.exe2015-03-10 20:44 - 2015-03-10 20:45 - 00000197 _____ () C:\windows\system32\2015-03-11-00-44-47.063-AvastVBoxSVC.exe-3708.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-08 23:01 - 2015-02-05 21:30 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update2015-04-08 23:00 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\sru2015-04-08 22:59 - 2015-01-26 23:12 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery2015-04-08 22:58 - 2015-02-06 22:22 - 00000000 __RDO () C:\Users\Lucy\OneDrive2015-04-08 22:57 - 2015-02-05 21:14 - 00000924 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-04-08 22:56 - 2013-08-22 10:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-04-08 22:56 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\BBI2015-04-08 22:53 - 2015-02-05 20:08 - 00000000 ____D () C:\Users\Lucy2015-04-08 22:49 - 2015-02-05 22:49 - 00000000 ___DC () C:\Users\Lucy\AppData\Local\MigWiz2015-04-08 22:49 - 2015-01-26 22:21 - 00000000 ____D () C:\windows\Panther2015-04-08 22:24 - 2015-02-05 21:14 - 00000928 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-04-08 18:21 - 2013-08-22 15:12 - 00000000 ____D () C:\windows\ShellNew2015-04-08 17:51 - 2014-05-12 13:36 - 00000000 ____D () C:\Users\Lucy\AppData\Local\TB2015-04-08 17:51 - 2013-03-08 18:23 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\SearchProtect2015-04-08 17:51 - 2013-02-25 16:58 - 00000000 ____D () C:\Users\Lucy\AppData\Local\CRE2015-04-08 17:48 - 2015-02-05 20:14 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2576653244-3294062963-2646520357-10012015-04-07 15:33 - 2013-08-22 11:20 - 00000000 ____D () C:\windows\CbsTemp2015-04-05 21:19 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppReadiness2015-04-05 21:14 - 2015-02-05 21:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-04-03 20:28 - 2015-01-26 22:40 - 00994404 _____ () C:\windows\system32\PerfStringBackup.INI2015-04-03 14:31 - 2015-02-05 21:15 - 00002165 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-04-02 21:30 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\ELAM2015-04-02 21:27 - 2015-02-05 21:29 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00271200 _____ () C:\windows\system32\Drivers\aswVmm.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00136752 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00088408 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys2015-04-02 21:26 - 2015-02-05 21:29 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys2015-04-01 18:11 - 2015-02-06 17:11 - 00110592 ___SH () C:\Users\Lucy\Desktop\Thumbs.db2015-03-31 17:02 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\rescache2015-03-27 16:51 - 2009-09-12 17:14 - 00000000 ____D () C:\Users\Lucy\Documents\Email2015-03-26 21:54 - 2012-06-08 14:35 - 00000421 _____ () C:\Users\Lucy\Desktop\Movie List.txt2015-03-25 14:02 - 2015-02-07 14:21 - 00000000 ___SD () C:\windows\system32\CompatTel2015-03-25 14:02 - 2015-02-07 14:21 - 00000000 ____D () C:\windows\system32\appraiser2015-03-21 16:27 - 2015-01-26 23:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-03-17 14:50 - 2007-10-22 16:22 - 00000000 ____D () C:\Users\Lucy\Documents\ChurchLibrary2015-03-15 21:05 - 2013-08-22 10:44 - 00400296 _____ () C:\windows\system32\FNTCACHE.DAT2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\windows\ToastData2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\WinStore2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2015-03-13 23:21 - 2015-02-05 22:50 - 00000000 ____D () C:\windows\system32\MRT2015-03-13 23:18 - 2015-02-05 22:50 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2015-03-10 22:05 - 2010-03-02 17:02 - 00000000 ____D () C:\Users\Lucy\Documents\AudioStories ==================== Files in the root of some directories ======= 2011-03-28 16:22 - 2005-01-12 17:53 - 1233920 ____R (Microsoft Corporation) C:\Users\Lucy\AppData\Roaming\msxml4.dll2011-03-28 16:22 - 2005-01-12 17:53 - 0044544 ____R (Microsoft Corporation) C:\Users\Lucy\AppData\Roaming\msxml4a.dll2005-01-12 17:53 - 2005-01-12 17:53 - 0082432 ____R (Microsoft Corporation) C:\Users\Lucy\AppData\Roaming\msxml4r.dll2009-09-20 22:00 - 2014-05-07 17:53 - 0006151 _____ () C:\Users\Lucy\AppData\Roaming\PrimoPDFSet.xml2011-08-24 09:48 - 2015-02-05 16:35 - 0001330 _____ () C:\Users\Lucy\AppData\Roaming\wklnhst.dat2013-06-07 14:08 - 2014-07-05 15:30 - 0006144 _____ () C:\Users\Lucy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2015-03-13 14:13 - 2015-03-13 14:13 - 0628688 _____ (CMI Limited) C:\Users\Lucy\AppData\Local\nsnE2FE.tmp2014-06-19 21:55 - 2014-06-19 21:55 - 0007606 _____ () C:\Users\Lucy\AppData\Local\Resmon.ResmonCfg2012-12-19 00:14 - 2012-12-19 09:53 - 0002217 _____ () C:\Users\Lucy\AppData\Local\Win7_tmp1.htm2012-12-19 09:55 - 2012-12-19 09:55 - 0000419 _____ () C:\Users\Lucy\AppData\Local\Win7_Upgrade.bat2015-01-27 00:29 - 2015-01-27 00:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl2015-01-26 23:11 - 2015-01-26 23:12 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log2015-01-26 23:06 - 2015-01-26 23:07 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log2015-01-26 23:07 - 2015-01-26 23:09 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log2015-01-26 23:09 - 2015-01-26 23:11 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log2015-01-26 23:05 - 2015-01-26 23:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Files to move or delete:====================C:\Users\Lucy\cc_20150408_225306.reg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-07 19:21 ==================== End Of Log ============================...............................................................................................................................
  10. My PC started running slow yesterday so I ran MWB multiple times and it only removed things the first go. I was running MSE which removed some things, then I switched to AVG and it removed even more. I did a boot scan with AVG and quarantined all those items, but I still get the warning "Avast Web Shield has blocked a harmful webpage or file" C:\windows\syswow64\dllhost.exe. MWB cleaned some, rebooted, then I ran it again and found nothing. I still get the AVG Web Shield warnings. Any advice is appreciated. - Brian
  11. Hi, recently I have encountered this problem, when I connect my PC to the net Avast starts popping up with message (), and after a while it appears once again. Can anyone help me out?
  12. Hi, I know this has been covered, but I must be a bit dense here. I just upgraded from Win7 32 bit to Win7 64 bit (yay, finally have access to the additional 4 gigs of memory!) I have MBAM pro, and re-installed Avast free. I did a custom install and de-selected ALL of the optional software choices. Now, I have three things running: File System Shield, Web Shield, and Mail Shield. I'm using Outlook 2007 for my mail. Do any of these interfere with MBAM, as in having two malware protection programs running at once? If so, is there a way to shut off the malware part of Avast? Finally, do I need the Mail protection running? Thanks! - Russ
  13. Hello everyone, just created an account to try to solve some problems on my PC. I have been always paranoic about virus, malware, etc. And I think there's something strange on my PC. Security prograns on my PC: - Malwarebytes (trial version) - Avast (free version) - Spybot (free version) Before having the Avast antivirus, I had the ESET Internet Security trial. The trial is now over and I searched for a good (and free) antivirus. But, since the day that I installed the Avast antivirus, Malwarebytes stopped the real time protection (even if I turn it on Settings). Looks like that Avast caused some problens here, or is a problem with malware? (Will try now the clean install to see if it works now)
  14. I have followed with interest the topic "MBAE won't run" by JS Hill as I have the same issue though obviously not the same as the previous thread has been fixed and closed. I have 32bit Windows XP Professional (I need it for programs that are unsupported on other OS). But the set-up differs in that I use "Avast" anti-virus and "Privatefirewall 7.0" I have run Chkdsk etc. etc. and everything appears clean of disk errors and malware but when starting: mbae-svc.exe -install I get the message: ......... CmdInstallService(600): Malwarebytes Anti-Exploit Service failed to start. Trying to start the service via services.msc momentarily starts the service (it is seen in the task list) but then stops almost immediately. I have two Windows 7 64bit PCs and an old Vista 32bit PC with the same Avast & Privatefirewall 7.0 set-up and MBAE runs with no problems. The only other unusual feature (of all these PCs) is that the OS & Programs are on SSDs with most everything else running on spinners using NTFS junctions. The same set-up is used across all OS; XP, W7, WVista. Any ideas about the XP failure would be gratefully received. Thanks
  15. Hello thank you for looking a this post Im running windows 7 at the moment and i have AVAST! as my antivirus (please look at attached pictures) this happened after i shutdown my laptop (vaio btw) i tried clean uninstall and reinstalling but it doesnt help it just keeps saying avast is turned off even tho avast says everything is all good an running. i should also mention that this happens a lot but reinstaling worked before bit now not anymore (i rarely shut down my pc after the first few times but i share it with family and they shut down) is this caused by a virus? im running Superantispyware and malwarebytes right now together with avast with a full system scan to see if that finds anything but right now nothing. please help im really troubled by this any help would be appreciated
  16. Running IE 10 and Avast. the following appears from Avast:avast Web Shield has blocked a harmful webpage or file. Infection URL:Mal any help is appreciated. kdk
  17. Hi I run Malwarebytes with Avast. Automatic update for Malwarebytes is not working. I have it set to update hourly. Can anyone help?
  18. Hello, this is my first post at malwarebytes forum. So, avast has been popping up with some virus called "GoogleUpdate.exe" the virus is in C/username/programfiles/google/update/Googleupdate.exe and i don't know if this is a legit google thing a.k.a a false positive or if it is a real virus. Can you help me figuring that out? Oh, and if it is indeed a false positive how do i make avast to stop popping up with that? - Guilherme
  19. Malwarebytes continues to warn and block AvastSvc.exe from connecting to the internet. The file is part of the Avast free virus software. Is is safe to post the file in the Malwarebytes ignore list?
  20. Being a Walking Dead Fan, I was looking for a livestream via the wikia chatroom that gets filled up each week when an episode comes on. During that, I got some blocks from MBAM relating to Avastsvc.exe. I was wondering, what do they mean? The two of them were 193.107.16.12 and 31.220.0.47. Why does it do that, and is that alright? I've run scans and nothings come up.
  21. Malwarebytes Pro, Avast Antivirus Free. When I enter this site: http://mevduat-faiz-getirisi.hesaplama.net/ I get the attached error, a blocked IP. Why? Is this good - or Avast's protection is also blocked and should I put Avast into exclusion of Malwarebytes? Attached image:
  22. I ran Chameleon as per the FAQ instructions and it showed no probs on my system. I then ran my regular av scan with Avast. Avast detected Chameleon as a hidden rootkit threat and quarentined it in the chest. Is this a false positive? To be honest, I have been having a really bad time with my laptop, starting with a lot of lag, then a BSOD. I ended up at the Avast forum trying to figure out what was going on, but nothing was really resolved. I still believe there is something on my sstem. Whenever I try searching for certain things related to virus or moceooft errors, I usually get the same search results and the pages are none that I have ever heard of. Vefry frustrating. I also saw some personal info pop up in a forum, as if someone had access to private info. Sooo...still ned to find out what is going on there. Any help would be appreciated . Thanks!
  23. This must be common to every user of MBAM, because it happens to me occasionally. I have experienced IP blocks when browsing through Google Images, and I cannot figure out the why or source of it. The tooltip can appear in a couple different instances; search results, image upload search results, or after opening up a preview. Even more confusing, I am still on the Google's Images website when the tooltip appears, no potentially malicious websites of any sort have been accessed yet. I use a Google Chrome extension called ScriptSafe (very similar addon to NoScript for Firefox), which allows me to disable/enable certain Javascript. I've allowed Javascript all across the Google domain, but every other outside source is blocked. Regardless, I can still receive an MBAM tooltip regarding an 'IP block' of a malicious website, even though the javascript from the foreign domain is blocked entirely. I'm running Avast antivirus alongside MBAM, using Google Chrome. Here is a log from yesterday. I've replaced (potentially) sensitive areas with x's: 2013/10/18 02:42:44 -0600 FONTAINE Double MESSAGE Executing scheduled update: Daily2013/10/18 02:42:55 -0600 FONTAINE Double MESSAGE Scheduled update executed successfully: database updated from version v2013.10.17.03 to version v2013.10.18.042013/10/18 02:42:55 -0600 FONTAINE Double MESSAGE Starting database refresh2013/10/18 02:42:55 -0600 FONTAINE Double MESSAGE Stopping IP protection2013/10/18 02:42:55 -0600 FONTAINE Double MESSAGE IP Protection stopped successfully2013/10/18 02:42:58 -0600 FONTAINE Double MESSAGE Database refreshed successfully2013/10/18 02:42:58 -0600 FONTAINE Double MESSAGE Starting IP protection2013/10/18 02:43:01 -0600 FONTAINE Double MESSAGE IP Protection started successfully2013/10/18 12:12:34 -0600 FONTAINE Double IP-BLOCK xx.xx.xx.xx (Type: outgoing, Port: xxxxx, Process: chrome.exe)2013/10/18 12:12:35 -0600 FONTAINE Double IP-BLOCK xx.xx.xx.xx (Type: outgoing, Port: xxxxx, Process: avastsvc.exe)2013/10/18 12:12:35 -0600 FONTAINE Double IP-BLOCK xx.xx.xx.xx (Type: outgoing, Port: xxxxx, Process: avastsvc.exe)2013/10/18 12:12:35 -0600 FONTAINE Double IP-BLOCK xx.xx.xx.xx (Type: outgoing, Port: xxxxx, Process: avastsvc.exe)2013/10/18 12:12:35 -0600 FONTAINE Double IP-BLOCK xx.xx.xx.xx (Type: outgoing, Port: xxxxx, Process: avastsvc.exe)2013/10/18 12:12:35 -0600 FONTAINE Double IP-BLOCK xx.xx.xx.xx (Type: outgoing, Port: xxxxx, Process: avastsvc.exe)2013/10/18 12:12:35 -0600 FONTAINE Double IP-BLOCK xx.xx.xx.xx (Type: outgoing, Port: xxxxx, Process: avastsvc.exe) If you need more information, please let me know.
  24. I just upgraded from my free MBAM to the PRO version. I am, and also have been, running the free Avast AV software. What is happeneing is that when I boot my WIN7 64bit laptop and Avast begins to d/l the latest definition files MBAM PRO starts quaranteeing all the Avast definition files ??? I tried to "add" Avast to the MBAM ignore List from the drop-down menu, but that makes no difference. My understanding is that MBAM PRO is "suppose" to be compatible with all Anti-Virus programs. Apparently not Any help and advice is truly appreciated. Richard
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.