Jump to content

Search the Community

Showing results for tags 'network'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. We are trying to do a network deploy of the .MSI Installation Package that I created within the Policy section of the Management Console and we are running into some problems. We are able to successfully deploy through the actual management console, which is fine. But we'd like to be able to use the generated .msi files and deploy them with Lansweeper. All of our other applications/software are done this way and it makes a nice one step process for new workstations. I don't know if it's having a problem with the .msi not installing as admin, or what is happening. All of the other .msi's we use simply get pushed and install silently, except for this one. Has anyone else had this problem with Lansweeper or other deployment suites? Thanks! Adam
  2. Thanks for taking the time to help if you can. I have odd behavior going on with laptop. I just ran a scan with rootkit enabled from Malwarebytes Premium - clean. Unknown USB Device - uninstalled then after reboot it reinstalled to an uknown device again. After I submit post, I will do a clean boot. New device Microsoft Virtual Wifi miniport - not sure how this became enabled, I didn't do it manually. Virus scans always come back clean. Odd behavior with MSE. - possible conflict with Comodo - uninstalled Comodo today to elminate potential conflict. Downloads always fail and it sometimes gives me an error, says to possibly download to a different folder. Network - The virtual device is alarming - I have too much network traffic to understand what to look for exactly. I tried with various types of network viewers I downloaded. There are more, too many little things to list. Thanks again. Here are the FRST logs- one attached Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Robyn (administrator) on MURPHYSLAW on 26-03-2015 13:54:05 Running from C:\Users\Robyn\Desktop Loaded Profiles: Robyn (Available profiles: Robyn) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Secure Backup\mbsbscan.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRA.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\GROOVE.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.) HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] () HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [sOSUAUI] => C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe [55704 2014-03-19] (Malwarebytes Secure Backup) HKLM-x32\...\Run: [sMessaging] => C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe [65432 2014-03-19] (Malwarebytes Secure Backup) HKLM-x32\...\Run: [AccountCreatorRunner] => C:\Program Files (x86)\Malwarebytes Secure Backup\AccountCreatorRunner.exe [22424 2014-03-19] (Malwarebytes Secure Backup) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2015-03-23] (Malwarebytes Corporation) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.) HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] () HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company) HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\...\Run: [iSUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation) HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRA.EXE [283232 2015-03-16] (SEIKO EPSON CORPORATION) HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-05] (Microsoft Corporation) Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\Users\Robyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office\Office15\GROOVE.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1 HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-3842994564-1242609139-1069319864-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM -> {5733D657-0093-4CC2-9116-CA425A3B9D1A} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM -> {B5248551-79D9-4A21-8BE9-FFD70CA7C9DD} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {C21E569B-CF91-447C-9258-A00FCC83693C} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {5733D657-0093-4CC2-9116-CA425A3B9D1A} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 -> {B5248551-79D9-4A21-8BE9-FFD70CA7C9DD} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {C21E569B-CF91-447C-9258-A00FCC83693C} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3842994564-1242609139-1069319864-1000 -> {5733D657-0093-4CC2-9116-CA425A3B9D1A} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKU\S-1-5-21-3842994564-1242609139-1069319864-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-3842994564-1242609139-1069319864-1000 -> {B5248551-79D9-4A21-8BE9-FFD70CA7C9DD} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-3842994564-1242609139-1069319864-1000 -> {C21E569B-CF91-447C-9258-A00FCC83693C} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-06] (Oracle Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-06] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-3842994564-1242609139-1069319864-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{44AAF06D-6740-4FC0-9854-950C5C644A8F}: [NameServer] 208.67.220.220,208.67.222.222 FireFox: ======== FF ProfilePath: C:\Users\Robyn\AppData\Roaming\Mozilla\Firefox\Profiles\eo9lte4i.default-1426013463365 FF DefaultSearchEngine.US: Google FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-18] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-18] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-06] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2014-02-06] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-14] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR Profile: C:\Users\Robyn\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Robyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-25] CHR Extension: (Google Wallet) - C:\Users\Robyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [Not Found] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-30] (CyberLink) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed] R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2015-03-23] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-25] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-25] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed] R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed] R2 sagentservice; C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe [41880 2014-03-19] (Malwarebytes Secure Backup) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-03-23] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-25] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-25] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R4 RapportCerberus_80128; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [844440 2015-02-24] (IBM Corp.) R4 RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-26 13:54 - 2015-03-26 13:55 - 00022688 _____ () C:\Users\Robyn\Desktop\FRST.txt 2015-03-26 13:53 - 2015-03-26 13:53 - 02095616 _____ (Farbar) C:\Users\Robyn\Downloads\FRST64.exe 2015-03-26 13:53 - 2015-03-26 13:53 - 02095616 _____ (Farbar) C:\Users\Robyn\Desktop\FRST64.exe 2015-03-26 13:25 - 2015-03-26 13:25 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll 2015-03-26 13:14 - 2015-03-26 13:54 - 00000000 ____D () C:\FRST 2015-03-26 13:01 - 2015-03-26 13:01 - 00027809 _____ () C:\Users\Robyn\Desktop\dds.txt 2015-03-26 12:57 - 2015-03-26 12:57 - 00688992 ____R (Swearware) C:\Users\Robyn\Downloads\dds.com 2015-03-25 12:01 - 2015-03-25 12:01 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-03-25 12:00 - 2015-03-25 12:00 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-03-25 12:00 - 2015-03-25 12:00 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-03-25 12:00 - 2015-03-25 12:00 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-03-25 12:00 - 2015-03-25 12:00 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-03-25 12:00 - 2015-03-25 12:00 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-03-25 12:00 - 2015-03-25 12:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-03-25 11:59 - 2015-03-25 11:59 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-03-25 11:59 - 2015-03-25 11:59 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-03-24 15:52 - 2015-03-24 15:52 - 00102708 _____ () C:\Users\Robyn\Downloads\radWin.aspx 2015-03-24 12:10 - 2015-03-24 12:11 - 07549218 _____ () C:\Users\Robyn\Downloads\DocDisplay(10).aspx 2015-03-24 12:05 - 2015-03-24 12:05 - 00239871 _____ () C:\Users\Robyn\Downloads\DocDisplay(9).aspx 2015-03-24 11:53 - 2015-03-24 11:53 - 04178293 _____ () C:\Users\Robyn\Downloads\DocDisplay(8).aspx 2015-03-24 11:51 - 2015-03-24 11:51 - 00022270 _____ () C:\Users\Robyn\Downloads\DocDisplay(7).aspx 2015-03-24 11:50 - 2015-03-24 11:50 - 01389518 _____ () C:\Users\Robyn\Downloads\DocDisplay(6).aspx 2015-03-24 11:49 - 2015-03-24 11:49 - 01508116 _____ () C:\Users\Robyn\Downloads\DocDisplay(5).aspx 2015-03-24 11:37 - 2015-03-24 11:37 - 02749951 _____ () C:\Users\Robyn\Downloads\DocDisplay(4).aspx 2015-03-23 13:22 - 2015-03-23 13:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-23 13:05 - 2015-03-23 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2015-03-23 13:05 - 2015-03-23 13:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit 2015-03-23 13:04 - 2015-03-23 13:04 - 02967032 _____ (Malwarebytes ) C:\Users\Robyn\Downloads\mbae-setup-1.05.1.1016(2).exe 2015-03-22 14:34 - 2015-03-22 14:34 - 00000000 ____D () C:\Users\Robyn\AppData\OICE_15_974FA576_32C1D314_1E79 2015-03-17 13:09 - 2015-03-17 13:10 - 00000000 ____D () C:\Users\Robyn\Documents\SAMSUNG MARK's FILES 2015-03-11 15:56 - 2015-03-11 15:56 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 15:56 - 2015-03-11 15:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 15:56 - 2015-03-11 15:56 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 15:56 - 2015-03-11 15:56 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 15:56 - 2015-03-11 15:56 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 15:56 - 2015-03-11 15:56 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 15:56 - 2015-03-11 15:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 15:56 - 2015-03-11 15:56 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 15:56 - 2015-03-11 15:56 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 15:56 - 2015-03-11 15:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 15:56 - 2015-03-11 15:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 15:56 - 2015-03-11 15:56 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 15:55 - 2015-03-11 15:55 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 15:55 - 2015-03-11 15:55 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-11 15:55 - 2015-03-11 15:55 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 15:55 - 2015-03-11 15:55 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 15:55 - 2015-03-11 15:55 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 15:54 - 2015-03-11 15:54 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 15:54 - 2015-03-11 15:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 15:54 - 2015-03-11 15:54 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 15:54 - 2015-03-11 15:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-11 15:54 - 2015-03-11 15:54 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 15:54 - 2015-03-11 15:54 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 15:54 - 2015-03-11 15:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-11 15:53 - 2015-03-11 15:54 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 15:53 - 2015-03-11 15:53 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 15:53 - 2015-03-11 15:53 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 15:53 - 2015-03-11 15:53 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 15:53 - 2015-03-11 15:53 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 15:53 - 2015-03-11 15:53 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 15:53 - 2015-03-11 15:53 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 15:53 - 2015-03-11 15:53 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 15:53 - 2015-03-11 15:53 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-11 15:53 - 2015-03-11 15:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 15:53 - 2015-02-19 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 15:53 - 2015-02-19 22:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 15:52 - 2015-03-11 15:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 15:52 - 2015-03-11 15:52 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-10 14:51 - 2015-03-10 14:51 - 00000000 ____D () C:\Users\Robyn\Desktop\Old Firefox Data 2015-03-10 12:25 - 2015-03-10 12:25 - 00027851 _____ () C:\Users\Robyn\Downloads\BenefitVerificationLetter(1).do 2015-03-10 12:24 - 2015-03-10 12:24 - 00028202 _____ () C:\Users\Robyn\Downloads\BenefitVerificationLetter.do 2015-03-05 20:36 - 2015-03-05 20:36 - 00083453 _____ () C:\Users\Robyn\Downloads\session(10).cgi 2015-03-05 14:11 - 2015-03-05 14:11 - 03206189 _____ () C:\Users\Robyn\Downloads\Full Comprehensive plan.pdf.part 2015-03-05 14:09 - 2015-03-05 14:10 - 02944373 _____ () C:\Users\Robyn\Downloads\Land Use.pdf.part 2015-03-04 20:39 - 2015-03-04 20:39 - 02967032 _____ (Malwarebytes ) C:\Users\Robyn\Downloads\mbae-setup-1.05.1.1016(1).exe 2015-03-04 20:38 - 2015-03-04 20:38 - 00000000 _____ () C:\Users\Robyn\Downloads\mbae-setup-1.05.1.1016.exe 2015-03-03 17:44 - 2015-03-03 17:44 - 00025762 _____ () C:\Users\Robyn\Downloads\W-2Print.aspx 2015-02-28 21:28 - 2015-02-28 21:28 - 00002380 _____ () C:\DelFix.txt 2015-02-26 12:07 - 2015-02-26 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2015-02-25 13:07 - 2015-02-25 13:07 - 00880208 _____ (Google Inc.) C:\Users\Robyn\Downloads\ChromeSetup(1).exe 2015-02-25 13:05 - 2015-02-25 13:05 - 00880208 _____ (Google Inc.) C:\Users\Robyn\Downloads\ChromeSetup.exe 2015-02-25 00:40 - 2015-02-25 00:40 - 04572466 _____ () C:\Users\Robyn\Downloads\DocDisplay(1).aspx 2015-02-25 00:40 - 2015-02-25 00:40 - 01508116 _____ () C:\Users\Robyn\Downloads\DocDisplay(2).aspx 2015-02-25 00:40 - 2015-02-25 00:40 - 00210837 _____ () C:\Users\Robyn\Downloads\DocDisplay(3).aspx 2015-02-25 00:39 - 2015-02-25 00:39 - 00000000 _____ () C:\Users\Robyn\Downloads\DocDisplay.aspx 2015-02-24 16:54 - 2015-01-08 19:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-24 16:54 - 2015-01-08 19:43 - 00419936 _____ () C:\Windows\system32\locale.nls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-26 13:52 - 2010-12-03 15:22 - 01229468 _____ () C:\Windows\WindowsUpdate.log 2015-03-26 13:50 - 2014-06-19 10:48 - 00000490 _____ () C:\Windows\Tasks\Online Backup Update Notifier.job 2015-03-26 13:46 - 2014-02-04 01:49 - 00129184 _____ () C:\Users\Robyn\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-26 13:46 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-26 13:46 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-26 13:45 - 2014-09-22 12:32 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-26 13:45 - 2014-09-18 14:05 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit 2015-03-26 13:41 - 2015-01-17 17:18 - 00000000 ____D () C:\ProgramData\Comodo 2015-03-26 13:41 - 2014-11-30 17:27 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS 2015-03-26 13:41 - 2014-09-27 13:18 - 00004966 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MurphysLaw-Robyn MurphysLaw 2015-03-26 13:38 - 2010-12-03 15:25 - 01588008 _____ () C:\Windows\PFRO.log 2015-03-26 13:38 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-26 13:38 - 2009-07-14 00:51 - 00080170 _____ () C:\Windows\setupact.log 2015-03-26 13:09 - 2014-02-04 17:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-26 13:01 - 2014-12-06 16:21 - 00014865 _____ () C:\Users\Robyn\Desktop\attach.txt 2015-03-26 11:42 - 2014-02-05 17:23 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-03-26 11:22 - 2014-05-07 10:17 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-26 11:21 - 2014-12-10 15:38 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-26 11:18 - 2014-06-19 10:55 - 00000520 _____ () C:\Windows\Tasks\Malwarebytes Secure Backup - robyn@questsci.net.job 2015-03-25 12:01 - 2014-11-05 16:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-25 12:00 - 2014-09-22 12:18 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-25 12:00 - 2014-09-22 12:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-25 12:00 - 2014-09-21 13:11 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-24 18:11 - 2014-02-04 16:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-24 14:30 - 2014-12-27 18:31 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRobyn 2015-03-24 14:30 - 2014-12-27 18:31 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForRobyn.job 2015-03-24 11:08 - 2009-07-14 01:13 - 00917008 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-23 13:15 - 2014-02-05 22:57 - 00000000 ____D () C:\Program Files (x86)\Google 2015-03-23 13:15 - 2014-02-05 18:10 - 00000000 ____D () C:\Users\Robyn\AppData\Local\CrashDumps 2015-03-23 12:53 - 2014-09-27 14:21 - 00000000 ___RD () C:\Users\Robyn\OneDrive for Business 2015-03-20 18:13 - 2015-01-09 10:45 - 00342528 ___SH () C:\Users\Robyn\Documents\Thumbs.db 2015-03-18 21:45 - 2014-08-18 11:12 - 00000000 ____D () C:\Users\Robyn\AppData\Local\Adobe 2015-03-18 21:42 - 2014-02-04 17:07 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-18 21:42 - 2014-02-04 17:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-18 21:42 - 2014-02-04 17:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-16 16:19 - 2014-09-12 13:44 - 00000000 ____D () C:\Users\Robyn\Documents\2013 Taxes 2015-03-12 16:27 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache 2015-03-12 15:38 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-12 15:31 - 2009-07-14 00:45 - 00472368 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 15:27 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 15:27 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-12 14:05 - 2014-02-12 18:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-03-12 14:04 - 2014-02-12 18:49 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 16:03 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini 2015-03-11 16:01 - 2014-02-04 15:37 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-11 15:53 - 2014-02-04 15:37 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-03 16:57 - 2014-02-04 17:19 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-02-28 21:28 - 2014-12-07 17:49 - 00000000 ____D () C:\Windows\ERUNT 2015-02-28 21:28 - 2014-12-07 17:42 - 00000000 ____D () C:\Program Files (x86)\Trend Micro 2015-02-26 12:42 - 2014-03-01 19:06 - 00000000 ____D () C:\Users\Robyn\Documents\MARY KAY 2015-02-25 13:43 - 2014-02-13 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-02-25 13:43 - 2014-02-06 15:51 - 00000000 ____D () C:\Program Files (x86)\Canon ==================== Files in the root of some directories ======= 2014-02-04 16:09 - 2015-01-16 18:38 - 0007652 _____ () C:\Users\Robyn\AppData\Local\Resmon.ResmonCfg 2014-11-07 23:56 - 2014-11-07 23:56 - 0000000 _____ () C:\Users\Robyn\AppData\Local\{CD682129-C04F-490F-AE37-6B8907523FAF} 2010-12-03 15:36 - 2010-12-03 15:36 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2010-07-15 08:06 - 2010-07-15 08:06 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2010-12-03 15:36 - 2010-12-03 15:36 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2010-07-15 08:02 - 2010-07-15 08:03 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2010-12-03 15:35 - 2010-12-03 15:35 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2010-12-03 15:36 - 2010-12-03 15:36 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2010-07-15 08:02 - 2010-07-15 08:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2010-07-15 08:03 - 2010-07-15 08:06 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2010-12-03 15:36 - 2010-12-03 15:36 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log Some content of TEMP: ==================== C:\Users\Robyn\AppData\Local\Temp\FRST64.exe C:\Users\Robyn\AppData\Local\Temp\mbae-setup-1.05.1.1016.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-25 12:58 ==================== End Of Log ============================ Addition.txt
  3. Hello, I've been having problems connecting to hotmail.com for my emails last few days on both of the computers (Windows 7 Pro) in my house. When I try to connect Chrome(39.0.2171.95 m) gives ERR_CONNECTION_RESET, so does Firefox(34.0.5) and IE(11.0.9600.17501). I've tried: Incognito, disabling all plug ins, clearing temporary files, deleting cache, clearing live.com cookies -> no work Accessing hotmail.com when connected to a VPN to the USA -> no work Uninstalling openvpn connect + restart -> no work New router IP for my computer -> no work Accessing hotmail.com via a VM (Oracle) using old IE -> DOES work, but I don't want to fire up an Win XP VM each time I want to check my email. This is my hosts file; # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost # BEGIN section for OpenVPN Client SSL sites 127.94.0.1 client.openvpn.net # END section for OpenVPN Client SSL sites I can access hotmail.com on my android phone, but not on both my Windows 7 Pro computers. There was no major update/install that I did before this event. When I ping hotmail.com, my computer gives 157.55.152.112 and my android phone gives 157.56.172.28, which both check out on http://cqcounter.com/whois/to be Microsoft Corp's server. Ran a scan with Bitdefender and Malwarebytes, nothing comes up. Any ideas why this is happening?
  4. Good evening, I've been having a problem for the passed two days and was hoping that someone else has experienced this and solved it. I have malwarebytes installed but it hasn't fixed the problem. The internet on my desktop does not work. The network centre simply says "Connected with limited access" - I am sure the password is right My desktop has a wireless network adapter (D-Link DWA-125 Wireless N 150 USB) The computer can see all the available networks but does not connect to any, not even my mobile hotspot. I tried using a completely different network adapter and that one does not even show any wireless networks. I have basically come to the conclusion that the is some for of malware blocking access. Can someone help me with this problem? - Thank You
  5. I recently went back to college for a second bachelors and used my school's network. At first, I thought that the school's network was just overloaded and that was the reason I couldn't access the web. However, I found that it was something about the IPv6 that would not work. This is the information of the network I pulled from ipconfig. Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : pdx.edu Link-local IPv6 Address . . . . . : fe80::6d6b:a072:88b0:1505%21 IPv4 Address. . . . . . . . . . . : 10.200.189.86 Subnet Mask . . . . . . . . . . . : 255.255.240.0 Default Gateway . . . . . . . . . : 10.200.176.1 As soon as I added the IPv6 in exceptions it started working again. I would like to have this fixed on your end so I can still have website protection. I appreciate any assistance you can give me.
  6. Hello -- about a week ago my win7 system started to sorta freeze -- I could move the mouse and even start some programs – the issue seems to be connected to the network adaptor in some way I had a browser open and tried to open a new tab and it would not open I then was able to open a cmd window and I issued ipconfig and I got back info but when I issued ipconfig /all the command never returned to the cmd prompt I tried to shutdown the computer but it would not shutdown -- I had to power it down the pc. I then restarted and I responded to boot prompt to start normally and it started ok I am not sure if this started about the same time I installed MalwareBytes (premium, v2) – If I were to deactivate and uninstall (to rule out malwarebytes) – will my license still be ok and will the objects in quarantine still stay on the disk? Any suggestion on how to figure out what is going on would be appreciated thanks fpe
  7. I just found out we'd exceeded our (very high) Internet data cap. I started installing Internet usage checkers on our computers, and found that one was using far more data than it should (it's unused most of the day.) I Googled and found Malwarebytes, ran Process Explorer, and found that the computer's having two running instances of csrss.exe wasn't good. Herewith the logs: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014 Ran by Elizabeth (administrator) on ELIZABETH-PC on 15-06-2014 19:21:44Running from C:\Users\Elizabeth\DownloadsPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSync.exe(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\PlayOn.exe(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe(PFU LIMITED) C:\Windows\SSDriver\fi5110\SsWiaChecker.exe() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe( ) C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe(Sysinternals - www.sysinternals.com) C:\Program Files (x86)\Procexp\procexp.exe(Sysinternals - www.sysinternals.com) C:\Users\Elizabeth\AppData\Local\Temp\procexp64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(OldTimer Tools) C:\Users\Elizabeth\Downloads\OTL.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [scanSnap WIA Service Checker] => C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED)HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-06-06] (Comodo Security Solutions, Inc.)Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-21] (Microsoft Corporation)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\Elizabeth\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=f94c2ef0443247d3a0c0d16f6bccd0f4-8ef3814ccf598f88d202c4ef86d692c3e0fa97ec /CMPID=1113aHKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [sugarSync] => C:\Program Files (x86)\SugarSync\SugarSync.exe [13119328 2014-05-06] (SugarSync, Inc.)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [PlayOn] => C:\Program Files (x86)\MediaMall\PlayOn.exe [67904 2014-03-05] (MediaMall Technologies, Inc.)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [GoogleChromeAutoLaunch_BC42A7D22EA4C9EEEC843EF2870E3FB5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [62CF4B14FAA12E534B4ED8B0C8F7755415803ECD._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnkShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe ( )Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnkShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnkShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnkShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation)BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:TabsHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6822DBB640E6CE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USSearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={9F6D5DA2-67A9-49B9-A5FE-CAC77D8A26DA}&mid=f94c2ef0443247d3a0c0d16f6bccd0f4-8ef3814ccf598f88d202c4ef86d692c3e0fa97ec〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-11-22 09:21:04&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms} BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No FileToolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileTcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox:========FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @playon.tv/PlayOnToolbar - C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: =======CHR HomePage: hxxp://my.yahoo.com/CHR StartupUrls: "hxxp://mail.google.com/"CHR Extension: (Google Translate) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-11-22]CHR Extension: (Text URL Linker) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd [2013-11-22]CHR Extension: (Duolingo) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2013-11-22]CHR Extension: (Angry Birds) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-22]CHR Extension: (Google Docs) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-22]CHR Extension: (Google Drive) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-22]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]CHR Extension: (YouTube) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-22]CHR Extension: (Webmail Ad Blocker) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2013-11-22]CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2014-04-28]CHR Extension: (Remember The Milk) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2013-11-22]CHR Extension: (Google Search) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-22]CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-04-04]CHR Extension: (Timer) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2013-11-22]CHR Extension: (Chromebleed) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-13]CHR Extension: (Camera) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabandfpdnfaojfnelmcgcplhbecchpn [2014-04-13]CHR Extension: (XKit) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-04-02]CHR Extension: (MagicScroll eBook Reader) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2013-11-22]CHR Extension: (AdBlock) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-22]CHR Extension: (Hola Better Internet) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-11-22]CHR Extension: (Pin It Button) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-03-26]CHR Extension: (TinEye Reverse Image Search) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-01-11]CHR Extension: (Don't Starve) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2013-11-22]CHR Extension: (Kindle Cloud Reader) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-02-28]CHR Extension: (PlayOn) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ienaefcpghbmccojmklhdffdobkbencj [2014-02-12]CHR Extension: (Evernote Web) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-11-22]CHR Extension: (Google Maps) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-11-22]CHR Extension: (Window Close Protector) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnpifgapnmpninomacbhdlconlpikdai [2013-11-22]CHR Extension: (Ghostery) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-11-22]CHR Extension: (Google Play Books) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-11-22]CHR Extension: (Extensions Update Notifier) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlldbplhbaopldicmcoogopmkonpebjm [2014-01-17]CHR Extension: (Google Wallet) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-22]CHR Extension: (Tumblr Savior) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2013-12-15]CHR Extension: (Modern New Tab Page) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogllliimbhgmclkgjldeffhjbhaenapo [2014-04-13]CHR Extension: (Twitter Preview URLs) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijgblonhcagdhfbgjilnpjipmijimmn [2014-01-21]CHR Extension: (Send from Gmail (by Google)) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2013-11-22]CHR Extension: (Gmail) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-22]CHR HKLM-x32\...\Chrome\Extension: [ienaefcpghbmccojmklhdffdobkbencj] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-01-03] ==================== Services (Whitelisted) ================= R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-06-10] (Comodo Security Solutions, Inc.)R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-06-06] (Comodo Security Solutions, Inc.)S2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5425968 2014-03-05] (MediaMall Technologies, Inc.)R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== R3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [114176 2013-07-22] (ASIX Electronics Corp.)R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2013-05-07] (Windows ® Win 7 DDK provider) [File not signed]R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2013-10-06] ()R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 SSCBFS3; C:\Windows\System32\DRIVERS\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-15 19:21 - 2014-06-15 19:22 - 00017204 _____ () C:\Users\Elizabeth\Downloads\FRST.txt2014-06-15 19:21 - 2014-06-15 19:21 - 02081280 _____ (Farbar) C:\Users\Elizabeth\Downloads\FRST64.exe2014-06-15 19:21 - 2014-06-15 19:21 - 00000000 ____D () C:\FRST2014-06-15 19:05 - 2014-06-15 19:05 - 00052736 _____ () C:\Users\Elizabeth\Downloads\Extras.Txt2014-06-15 19:04 - 2014-06-15 19:04 - 00095254 _____ () C:\Users\Elizabeth\Downloads\OTL.Txt2014-06-15 18:54 - 2014-06-15 18:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-15 18:54 - 2014-06-15 18:54 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-15 18:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-15 18:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-15 18:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-15 18:53 - 2014-06-15 18:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elizabeth\Downloads\mbam-setup-2.0.2.1012.exe2014-06-15 18:50 - 2014-06-15 18:50 - 00380416 _____ () C:\Users\Elizabeth\Downloads\8frw3bx8.exe2014-06-15 18:49 - 2014-06-15 18:49 - 00602112 _____ (OldTimer Tools) C:\Users\Elizabeth\Downloads\OTL.exe2014-06-15 18:34 - 2014-06-15 19:21 - 00000000 ____D () C:\ProgramData\Bitmeter22014-06-15 18:34 - 2014-06-15 18:52 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\Bitmeter22014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMeter2014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\Program Files (x86)\Codebox2014-06-15 18:33 - 2014-06-15 18:33 - 01360256 _____ () C:\Users\Elizabeth\Downloads\BitMeter2.zip2014-06-15 18:25 - 2014-06-15 18:25 - 00372376 _____ (AddGadgets.com) C:\Users\Elizabeth\Downloads\NetworkMeterVersion96.exe2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e08.hannibal.torrent2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e07.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e06.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019327 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e05.hannibal.torrent2014-06-13 21:09 - 2014-06-13 21:09 - 00020930 _____ () C:\Users\Elizabeth\Downloads\Mock the Week s13e01.hannibal.torrent2014-06-11 01:37 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-06-11 01:37 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-06-11 01:37 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-06-11 01:37 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-06-11 01:37 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-06-11 01:37 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-06-11 01:37 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-06-11 01:37 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-06-11 01:37 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-06-11 01:37 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-06-11 01:37 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-06-11 01:37 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-06-11 01:37 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-06-11 01:37 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-06-11 01:37 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-06-11 01:37 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-06-11 01:37 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-06-11 01:37 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-06-11 01:37 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-06-11 01:37 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-06-11 01:37 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-06-11 01:37 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-06-11 01:37 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-06-11 01:37 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-06-11 01:37 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2014-06-11 01:37 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2014-06-11 01:37 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2014-06-11 01:37 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-06-11 01:37 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-06-11 01:37 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2014-06-11 01:37 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-06-11 01:37 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2014-06-11 01:37 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-06-11 01:37 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2014-06-11 01:37 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-06-11 01:37 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2014-06-11 01:37 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-06-11 01:36 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-06-11 01:36 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-06-11 01:36 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-06-11 01:36 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-06-11 01:36 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-06-11 01:36 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-06-11 01:36 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-06-11 01:36 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-06-11 01:36 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-06-11 01:36 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-06-11 01:36 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-06-11 01:36 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-06-11 01:36 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-06-11 01:36 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-06-11 01:36 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-06-11 01:36 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-06-11 01:36 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-06-11 01:36 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-06-11 01:36 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-06-11 01:36 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-06-11 01:36 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-06-11 01:36 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-06-11 01:36 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-06-11 01:36 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-06-11 01:36 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-06-11 01:36 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-06-11 01:36 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-06-11 01:36 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-06-11 01:36 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-06-11 01:34 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-11 01:34 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-10 21:05 - 2014-06-10 21:05 - 00000373 _____ () C:\Users\Elizabeth\Documents\googleprob.txt2014-06-08 20:10 - 2014-06-08 20:10 - 00019487 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e04.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal (1).torrent2014-06-08 13:03 - 2014-06-08 13:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-06-08 13:03 - 2014-06-08 13:03 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-06-08 13:03 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe2014-06-08 13:02 - 2014-06-08 13:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-06-08 13:01 - 2014-06-08 13:02 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Elizabeth\Downloads\spybot-2.3.exe2014-06-07 17:17 - 2014-06-07 17:17 - 00000000 ____D () C:\Program Files (x86)\Comodo2014-06-01 13:02 - 2014-06-01 13:02 - 00019720 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e09.hannibal.torrent2014-06-01 13:01 - 2014-06-01 13:01 - 00019600 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e08.hannibal.torrent2014-05-30 22:03 - 2014-05-30 22:03 - 00031638 _____ () C:\Users\Elizabeth\Downloads\A Very British Murder with Lucy Worsley - Series 1 (2013) [PDTV (XviD)][sUBS].torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00021007 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e01.hannibal.torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e02.hannibal.torrent2014-05-30 20:36 - 2014-05-30 20:36 - 00021642 _____ () C:\Users\Elizabeth\Downloads\Only Connect - series 7 (2013) [PDTV(XviD)].torrent2014-05-28 19:58 - 2014-05-28 19:58 - 00020252 _____ () C:\Users\Elizabeth\Downloads\The Duchess of Malfi.HD.hannibal.torrent2014-05-28 19:55 - 2014-05-28 19:59 - 243283968 _____ () C:\Users\Elizabeth\Downloads\IC219.avi2014-05-28 19:54 - 2014-05-28 19:58 - 243746816 _____ () C:\Users\Elizabeth\Downloads\IC217.avi2014-05-27 20:43 - 2014-05-27 20:45 - 329862086 _____ () C:\Users\Elizabeth\Downloads\IC215.avi2014-05-27 20:38 - 2014-05-27 20:40 - 243292160 _____ () C:\Users\Elizabeth\Downloads\IC216.avi2014-05-27 20:37 - 2014-05-27 20:39 - 244226048 _____ () C:\Users\Elizabeth\Downloads\IC110.avi2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e05.hannibal.torrent2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e04.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e03.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e02.hannibal.torrent2014-05-23 20:15 - 2014-05-23 20:15 - 00019727 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e01.hannibal.torrent2014-05-21 19:59 - 2014-05-21 19:59 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\NVIDIA2014-05-21 19:51 - 2014-05-26 20:19 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\avidemux2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64bits)2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\Program Files\Avidemux 2.6 - 64bits2014-05-21 19:41 - 2014-05-21 19:43 - 16456460 _____ () C:\Users\Elizabeth\Downloads\avidemux_2.6.8_win64_v2.exe2014-05-21 19:40 - 2014-05-21 19:42 - 242352128 _____ () C:\Users\Elizabeth\Downloads\IC308.avi2014-05-21 19:36 - 2014-05-21 19:39 - 243767296 _____ () C:\Users\Elizabeth\Downloads\IC618.avi2014-05-21 19:33 - 2014-05-21 19:33 - 00001621 _____ () C:\Users\Elizabeth\Desktop\DivX Movies.lnk2014-05-21 19:33 - 2014-05-21 19:33 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk2014-05-21 19:32 - 2014-05-21 19:33 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\DivX2014-05-21 19:32 - 2014-05-21 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX2014-05-21 19:32 - 2014-05-21 19:32 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk2014-05-21 19:32 - 2014-05-21 19:32 - 00000000 ____D () C:\Program Files\DivX2014-05-21 19:31 - 2014-05-21 19:33 - 00000000 ____D () C:\ProgramData\DivX2014-05-21 19:31 - 2014-05-21 19:33 - 00000000 ____D () C:\Program Files (x86)\DivX2014-05-21 19:31 - 2014-05-21 19:31 - 01001280 _____ (DivX, LLC) C:\Users\Elizabeth\Downloads\DivXWebPlayerInstaller.exe2014-05-21 19:30 - 2014-05-21 19:37 - 243724288 _____ () C:\Users\Elizabeth\Downloads\IC329.avi2014-05-19 10:14 - 2014-05-19 10:14 - 00015521 _____ () C:\Users\Elizabeth\Downloads\Peaky Blinders s01e01.hannibal.mkv.torrent2014-05-16 20:42 - 2014-05-16 20:42 - 00019840 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e07.hannibal.torrent2014-05-16 01:32 - 2014-05-16 01:32 - 00289728 _____ () C:\Windows\Minidump\051614-21044-01.dmp2014-05-16 01:29 - 2014-05-16 01:29 - 00289728 _____ () C:\Windows\Minidump\051614-22994-01.dmp2014-05-16 01:28 - 2014-05-16 01:28 - 00000000 _____ () C:\Users\Elizabeth\AppData\Local\{0696DE3E-19AF-4D80-8B57-CEB9D467074D}2014-05-16 01:27 - 2014-05-16 01:27 - 00291792 _____ () C:\Windows\Minidump\051614-27003-01.dmp ==================== One Month Modified Files and Folders ======= 2014-06-15 19:22 - 2014-06-15 19:21 - 00017204 _____ () C:\Users\Elizabeth\Downloads\FRST.txt2014-06-15 19:22 - 2013-11-20 12:23 - 00000000 ____D () C:\Users\Elizabeth\AppData\Local\Temp2014-06-15 19:21 - 2014-06-15 19:21 - 02081280 _____ (Farbar) C:\Users\Elizabeth\Downloads\FRST64.exe2014-06-15 19:21 - 2014-06-15 19:21 - 00000000 ____D () C:\FRST2014-06-15 19:21 - 2014-06-15 18:34 - 00000000 ____D () C:\ProgramData\Bitmeter22014-06-15 19:18 - 2014-05-04 20:14 - 01442529 _____ () C:\Windows\system32\Drivers\sfi.dat2014-06-15 19:06 - 2013-11-22 13:33 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-15 19:05 - 2014-06-15 19:05 - 00052736 _____ () C:\Users\Elizabeth\Downloads\Extras.Txt2014-06-15 19:04 - 2014-06-15 19:04 - 00095254 _____ () C:\Users\Elizabeth\Downloads\OTL.Txt2014-06-15 18:54 - 2014-06-15 18:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-15 18:54 - 2014-06-15 18:54 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-15 18:53 - 2014-06-15 18:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elizabeth\Downloads\mbam-setup-2.0.2.1012.exe2014-06-15 18:52 - 2014-06-15 18:34 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\Bitmeter22014-06-15 18:50 - 2014-06-15 18:50 - 00380416 _____ () C:\Users\Elizabeth\Downloads\8frw3bx8.exe2014-06-15 18:49 - 2014-06-15 18:49 - 00602112 _____ (OldTimer Tools) C:\Users\Elizabeth\Downloads\OTL.exe2014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMeter2014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\Program Files (x86)\Codebox2014-06-15 18:34 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup2014-06-15 18:33 - 2014-06-15 18:33 - 01360256 _____ () C:\Users\Elizabeth\Downloads\BitMeter2.zip2014-06-15 18:33 - 2010-08-28 13:59 - 01378637 _____ () C:\Users\Elizabeth\Downloads\BitMeterInstaller.exe2014-06-15 18:25 - 2014-06-15 18:25 - 00372376 _____ (AddGadgets.com) C:\Users\Elizabeth\Downloads\NetworkMeterVersion96.exe2014-06-15 17:35 - 2013-11-20 11:06 - 01595351 _____ () C:\Windows\WindowsUpdate.log2014-06-15 17:29 - 2013-11-22 13:40 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\Azureus2014-06-15 17:10 - 2009-07-13 21:45 - 00019136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-06-15 17:10 - 2009-07-13 21:45 - 00019136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-06-15 17:06 - 2013-11-22 13:33 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-15 16:58 - 2013-11-21 15:49 - 00000000 ____D () C:\ProgramData\NVIDIA2014-06-15 16:58 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-15 16:58 - 2009-07-13 21:51 - 00021837 _____ () C:\Windows\setupact.log2014-06-15 16:57 - 2013-11-29 13:00 - 00000000 ____D () C:\ProgramData\MediaMall2014-06-15 16:49 - 2013-11-20 14:56 - 00237152 _____ () C:\Windows\PFRO.log2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e08.hannibal.torrent2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e07.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e06.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019327 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e05.hannibal.torrent2014-06-13 21:09 - 2014-06-13 21:09 - 00020930 _____ () C:\Users\Elizabeth\Downloads\Mock the Week s13e01.hannibal.torrent2014-06-12 21:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache2014-06-12 20:29 - 2013-11-22 19:51 - 00000000 ____D () C:\Users\Elizabeth\AppData\Local\SugarSync2014-06-12 02:36 - 2014-05-04 20:12 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk2014-06-12 02:36 - 2014-05-04 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo2014-06-11 09:09 - 2013-11-22 13:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-11 03:05 - 2013-11-20 13:04 - 00000000 ____D () C:\Windows\system32\MRT2014-06-11 03:03 - 2013-11-20 13:04 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-06-11 03:00 - 2014-05-06 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-06-10 21:05 - 2014-06-10 21:05 - 00000373 _____ () C:\Users\Elizabeth\Documents\googleprob.txt2014-06-08 20:10 - 2014-06-08 20:10 - 00019487 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e04.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal (1).torrent2014-06-08 13:08 - 2014-06-08 13:03 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-06-08 13:05 - 2014-06-08 13:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-06-08 13:03 - 2014-06-08 13:03 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-06-08 13:02 - 2014-06-08 13:01 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Elizabeth\Downloads\spybot-2.3.exe2014-06-08 02:13 - 2014-06-11 01:34 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-08 02:08 - 2014-06-11 01:34 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-07 17:19 - 2014-05-04 20:14 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll2014-06-07 17:19 - 2014-05-04 20:11 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll2014-06-07 17:17 - 2014-06-07 17:17 - 00000000 ____D () C:\Program Files (x86)\Comodo2014-06-01 13:02 - 2014-06-01 13:02 - 00019720 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e09.hannibal.torrent2014-06-01 13:01 - 2014-06-01 13:01 - 00019600 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e08.hannibal.torrent2014-05-30 22:03 - 2014-05-30 22:03 - 00031638 _____ () C:\Users\Elizabeth\Downloads\A Very British Murder with Lucy Worsley - Series 1 (2013) [PDTV (XviD)][sUBS].torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00021007 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e01.hannibal.torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e02.hannibal.torrent2014-05-30 20:36 - 2014-05-30 20:36 - 00021642 _____ () C:\Users\Elizabeth\Downloads\Only Connect - series 7 (2013) [PDTV(XviD)].torrent2014-05-30 03:21 - 2014-06-11 01:36 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-30 03:02 - 2014-06-11 01:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-30 03:02 - 2014-06-11 01:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-05-30 02:45 - 2014-06-11 01:36 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-05-30 02:39 - 2014-06-11 01:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-05-30 02:39 - 2014-06-11 01:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-05-30 02:38 - 2014-06-11 01:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-05-30 02:28 - 2014-06-11 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-05-30 02:27 - 2014-06-11 01:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-05-30 02:24 - 2014-06-11 01:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-05-30 02:21 - 2014-06-11 01:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-05-30 02:21 - 2014-06-11 01:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-05-30 02:20 - 2014-06-11 01:36 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-05-30 02:18 - 2014-06-11 01:37 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-30 02:11 - 2014-06-11 01:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-05-30 02:08 - 2014-06-11 01:36 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-05-30 02:06 - 2014-06-11 01:37 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-05-30 02:02 - 2014-06-11 01:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-30 01:55 - 2014-06-11 01:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-05-30 01:49 - 2014-06-11 01:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-05-30 01:46 - 2014-06-11 01:36 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-30 01:44 - 2014-06-11 01:36 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-05-30 01:44 - 2014-06-11 01:36 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-05-30 01:43 - 2014-06-11 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-05-30 01:42 - 2014-06-11 01:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-05-30 01:38 - 2014-06-11 01:37 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-05-30 01:35 - 2014-06-11 01:36 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-05-30 01:34 - 2014-06-11 01:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-05-30 01:33 - 2014-06-11 01:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-05-30 01:30 - 2014-06-11 01:37 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-05-30 01:29 - 2014-06-11 01:37 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-05-30 01:28 - 2014-06-11 01:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-05-30 01:27 - 2014-06-11 01:37 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-05-30 01:24 - 2014-06-11 01:36 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-05-30 01:23 - 2014-06-11 01:36 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-05-30 01:16 - 2014-06-11 01:37 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-05-30 01:10 - 2014-06-11 01:37 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-05-30 01:06 - 2014-06-11 01:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-05-30 01:04 - 2014-06-11 01:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-30 01:02 - 2014-06-11 01:37 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-05-30 00:56 - 2014-06-11 01:36 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-05-30 00:56 - 2014-06-11 01:36 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-05-30 00:54 - 2014-06-11 01:37 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-05-30 00:50 - 2014-06-11 01:36 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-05-30 00:49 - 2014-06-11 01:37 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-05-30 00:43 - 2014-06-11 01:36 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-05-30 00:40 - 2014-06-11 01:36 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-05-30 00:30 - 2014-06-11 01:37 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-05-30 00:21 - 2014-06-11 01:36 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-05-30 00:15 - 2014-06-11 01:37 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-05-30 00:13 - 2014-06-11 01:36 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-05-30 00:13 - 2014-06-11 01:36 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-05-28 19:59 - 2014-05-28 19:55 - 243283968 _____ () C:\Users\Elizabeth\Downloads\IC219.avi2014-05-28 19:58 - 2014-05-28 19:58 - 00020252 _____ () C:\Users\Elizabeth\Downloads\The Duchess of Malfi.HD.hannibal.torrent2014-05-28 19:58 - 2014-05-28 19:54 - 243746816 _____ () C:\Users\Elizabeth\Downloads\IC217.avi2014-05-27 20:45 - 2014-05-27 20:43 - 329862086 _____ () C:\Users\Elizabeth\Downloads\IC215.avi2014-05-27 20:40 - 2014-05-27 20:38 - 243292160 _____ () C:\Users\Elizabeth\Downloads\IC216.avi2014-05-27 20:39 - 2014-05-27 20:37 - 244226048 _____ () C:\Users\Elizabeth\Downloads\IC110.avi2014-05-26 20:19 - 2014-05-21 19:51 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\avidemux2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e05.hannibal.torrent2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e04.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e03.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e02.hannibal.torrent2014-05-23 20:15 - 2014-05-23 20:15 - 00019727 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e01.hannibal.torrent2014-05-21 19:59 - 2014-05-21 19:59 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\NVIDIA2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64bits)2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\Program Files\Avidemux 2.6 - 64bits2014-05-21 19:43 - 2014-05-21 19:41 - 16456460 _____ () C:\Users\Elizabeth\Downloads\avidemux_2.6.8_win64_v2.exe2014-05-21 19:42 - 2014-05-21 19:40 - 242352128 _____ () C:\Users\Elizabeth\Downloads\IC308.avi2014-05-21 19:39 - 2014-05-21 19:36 - 243767296 _____ () C:\Users\Elizabeth\Downloads\IC618.avi2014-05-21 19:37 - 2014-05-21 19:30 - 243724288 _____ () C:\Users\Elizabeth\Downloads\IC329.avi2014-05-21 19:33 - 2014-05-21 19:33 - 00001621 _____ () C:\Users\Elizabeth\Desktop\DivX Movies.lnk2014-05-21 19:33 - 2014-05-21 19:33 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk2014-05-21 19:33 - 2014-05-21 19:32 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\DivX2014-05-21 19:33 - 2014-05-21 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX2014-05-21 19:33 - 2014-05-21 19:31 - 00000000 ____D () C:\ProgramData\DivX2014-05-21 19:33 - 2014-05-21 19:31 - 00000000 ____D () C:\Program Files (x86)\DivX2014-05-21 19:32 - 2014-05-21 19:32 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk2014-05-21 19:32 - 2014-05-21 19:32 - 00000000 ____D () C:\Program Files\DivX2014-05-21 19:31 - 2014-05-21 19:31 - 01001280 _____ (DivX, LLC) C:\Users\Elizabeth\Downloads\DivXWebPlayerInstaller.exe2014-05-19 10:14 - 2014-05-19 10:14 - 00015521 _____ () C:\Users\Elizabeth\Downloads\Peaky Blinders s01e01.hannibal.mkv.torrent2014-05-16 20:42 - 2014-05-16 20:42 - 00019840 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e07.hannibal.torrent2014-05-16 01:32 - 2014-05-16 01:32 - 00289728 _____ () C:\Windows\Minidump\051614-21044-01.dmp2014-05-16 01:32 - 2013-11-20 11:03 - 457800814 _____ () C:\Windows\MEMORY.DMP2014-05-16 01:32 - 2013-11-20 11:03 - 00000000 ____D () C:\Windows\Minidump2014-05-16 01:29 - 2014-05-16 01:29 - 00289728 _____ () C:\Windows\Minidump\051614-22994-01.dmp2014-05-16 01:28 - 2014-05-16 01:28 - 00000000 _____ () C:\Users\Elizabeth\AppData\Local\{0696DE3E-19AF-4D80-8B57-CEB9D467074D}2014-05-16 01:27 - 2014-05-16 01:27 - 00291792 _____ () C:\Windows\Minidump\051614-27003-01.dmp Some content of TEMP:====================C:\Users\Elizabeth\AppData\Local\Temp\i4jdel0.exeC:\Users\Elizabeth\AppData\Local\Temp\procexp64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-08 00:40 ==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2014Ran by Elizabeth at 2014-06-15 19:22:32Running from C:\Users\Elizabeth\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.7 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )BitMeter (HKLM-x32\...\BitMeter) (Version: - )Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )COMODO Antivirus (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)GeekBuddy (HKLM\...\{3FFD7EE1-7D2D-4F57-ADF7-914CE0CAC616}) (Version: 4.13.104 - Comodo Security Solutions Inc)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) HiddenMalwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) HiddenNVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) HiddenNVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) HiddenPlayLater (HKLM-x32\...\{5ABDB125-7725-40B6-A1E3-B7D8BFFAA303}) (Version: 1.4.15 - MediaMall Technologies, Inc.)PlayOn (HKLM-x32\...\{9489257A-CED5-45E7-8D16-7B20A2E48744}) (Version: 3.8.14 - MediaMall Technologies, Inc.)ScanSnap (x32 Version: 5.1.30.19 - PFU Limited) HiddenScanSnap Manager (HKLM-x32\...\{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}) (Version: V5.1L30 - PFU)Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)SugarSync (HKLM-x32\...\SugarSync) (Version: 2.0.46.127183 - SugarSync, Inc.)TP-LINK TL-WDN3200 Driver (HKLM-x32\...\{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}) (Version: 1.1.0 - TP-LINK)TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.1.0 - TP-LINK)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenVisual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.) ==================== Restore Points ========================= Could not list Restore Points. Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== 2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {10BAFF3E-ADA7-43E9-887F-1E01814BECAE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {16B1E1E2-F6E5-4D63-B77D-F2477BF7CA4E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {1CAC9922-FA1A-41EC-BD5C-74AF661B3A58} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exeTask: {6978169E-B576-442D-AC70-E8E29EB148F3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exeTask: {85240FD8-3568-418A-A29F-B04ED39BFFC7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeTask: {9E01E993-01F3-455E-89B9-2C1922DD028E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22] (Google Inc.)Task: {A7D96285-F4C3-4DD0-8CE3-D40A2B81BEAD} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {B4853E33-2F02-4CB8-BFD4-14578B5FBF43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22] (Google Inc.)Task: {DFD6C514-934E-4B91-8E50-31F5272B9061} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-15 19:07 - 2014-05-06 11:03 - 00301920 _____ () C:\Program Files (x86)\SugarSync\x64\SugarSyncVFSNamespace64.dll2013-12-30 14:45 - 2012-02-23 12:09 - 00838656 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe2014-01-09 22:26 - 2014-01-09 22:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Elizabeth\Downloads\avg_remover_stf_x64_2014_4116.exe:BDUAlternateDataStreams: C:\Users\Elizabeth\Downloads\cav_installer.exe:BDU ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors:==================Error: (06/04/2014 02:34:47 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: The volume SugarSync Drive was not defragmented because an error was encountered: Incorrect function. (0x80070001) Error: (06/01/2014 05:12:40 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x000223e0Faulting process id: 0x1950Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/28/2014 08:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: dragon_updater.exe, version: 0.0.0.0, time stamp: 0x535051ddFaulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96fException code: 0xc0000005Fault offset: 0x00039342Faulting process id: 0x71cFaulting application start time: 0xdragon_updater.exe0Faulting application path: dragon_updater.exe1Faulting module path: dragon_updater.exe2Report Id: dragon_updater.exe3 Error: (05/28/2014 02:58:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: The volume SugarSync Drive was not defragmented because an error was encountered: Incorrect function. (0x80070001) Error: (05/26/2014 05:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x000223e0Faulting process id: 0x3310Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/23/2014 05:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x000223e0Faulting process id: 0x2d28Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/22/2014 05:12:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x0002ff47Faulting process id: 0x1618Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/21/2014 07:33:08 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (05/21/2014 07:32:44 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (05/21/2014 03:29:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: The volume SugarSync Drive was not defragmented because an error was encountered: Incorrect function. (0x80070001) System errors:=============Error: (06/15/2014 04:59:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (06/15/2014 04:59:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the MediaMall Server service to connect. Error: (06/15/2014 04:50:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (06/15/2014 04:50:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Error: (06/15/2014 04:50:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. Error: (06/11/2014 03:26:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (06/11/2014 03:25:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1053 Error: (06/11/2014 03:25:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error: (06/11/2014 03:25:49 AM) (Source: DCOM) (EventID: 10005) (User: )Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (06/10/2014 09:09:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions:=========================Error: (06/04/2014 02:34:47 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: SugarSync DriveIncorrect function. (0x80070001) Error: (06/01/2014 05:12:40 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e0195001cf7df66fa1b850C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dll9be8c830-e9ea-11e3-a3d9-0000000000a9 Error: (05/28/2014 08:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )Description: dragon_updater.exe0.0.0.0535051ddole32.dll6.1.7601.175144ce7b96fc00000050003934271c01cf70e1628fb760C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeC:\Windows\syswow64\ole32.dll2a2075c0-e6e0-11e3-a3d9-0000000000a9 Error: (05/28/2014 02:58:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: SugarSync DriveIncorrect function. (0x80070001) Error: (05/26/2014 05:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e0331001cf793f7124ee60C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dll9f533f60-e534-11e3-a3d9-0000000000a9 Error: (05/23/2014 05:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e02d2801cf76e3f1c643b0C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dll6400bc70-e2d8-11e3-a3d9-0000000000a9 Error: (05/22/2014 05:12:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c00000050002ff47161801cf761ac75e5870C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dlldf728250-e20e-11e3-a3d9-0000000000a9 Error: (05/21/2014 07:33:08 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\DivX\DivX Player\DPXIconHandler.dll Error: (05/21/2014 07:32:44 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll Error: (05/21/2014 03:29:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: SugarSync DriveIncorrect function. (0x80070001) ==================== Memory info =========================== Percentage of memory in use: 56%Total physical RAM: 3838.55 MBAvailable physical RAM: 1663.7 MBTotal Pagefile: 7675.28 MBAvailable Pagefile: 4617.52 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:501.46 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6FE17F47)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Note: I uninstalled Vuze after I got to the end of the instructions and saw the warning. There are now no (or should be no) peer-to-peer apps running.
  8. The details are the following: 1) PC possibly fully compromised 2) noticing entries in msconfig like: a) ;msconfig EGA80WOA.FON=EGA80WOA.FON ;msconfig EGA40WOA.FON=EGA40WOA.FON ;msconfig CGA80WOA.FON=CGA80WOA.FON ;msconfig CGA40WOA.FON=CGA40WOA.FON b) ;msconfig ; for 16-bit app support c) ;msconfig [driver32] d) CMCDLLNAME32=mapi32.dll e) [zktrpliAorkjhkW2] f) ;msconfig oweddpnnhgh87hjhkj17=1319105957 3) office routers have had UPD ports installed and routed back to various PC's including this one but we run no services like that. 4) cordless phones w/bluetooth have had ports assigned to them pointing back to UDP ports on this machine which I've closed 5) Android phone has VPN ports open that cannot be closed to servers in Russia and Sweden. 6) consistent emails being received with hidden HTML in white and 1pt which is revealed by "view source" giving death threats, etc., and threats to release private information publically. all malware bytes, AVG, etc., scans show no infections or malware running. Adobe 8 keeps trying to launch and ZoneAlarm blocked all but non essential programs. called friends who are ex-google hackathon winners who can't seem to find anything but keep seing live real time links being created between android phone and external servers in russia and sweden. need the following help: 1) instructions on how to produce full system dump of running programs, etc., to determine if there are any malicious programs currently running on this particular PC - I've been able to isolate all the others 2) instrucitons on how to do the same for the Android phone I'm running. Currenly using System monitor which only shows basic programs running on phone Any help greatly apprecaited!
  9. I need some help to figure out what's going on with my computer. I keep losing internet connection. I work in a network with 5 computers more and my computer is the only one in which internet doesn't work. The router works fine, my phone is internet based and works fine, so I believe there is something wrong with my computer . The troubleshooting is not able to detect any internet problem. Finally I restored the system two days ago and now internet works perfectly. Can anyone give me a hand with this problem? Thanks!
  10. After running a scan and using removing a threat, I restarted my computer and then noticed web pages weren't loading many elements. My connection was fine then as far as other applications go, but the web broswer was refusing to load things other than text and very basic elements of the page. I tried 3 different web broswers and had the same problem with all. I lowered my browser security and it didn't help. I also flushed my DNS and checked router settings. This problem is specific to my computer, other computers on the network are fine. So I then decided to do a selective startup and disabled almost everything, same problem. Then I booted in safe mode w/ networking, and by then I my network drivers were just not loading at all. Same with sound, video card, etc. Now I'm configuring startup to load EVERYTHING with hopes of my sound, video, and networking drivers to load on start up but I'm not having any luck at all. Does anyone know a simple fix for this? I cannot run system restore.
  11. I was testing malware pro for a friend in a network environment (xp machines, 2003 server, roaming profiles). The users could never install applications due to right restrictions. The malware did not ever seem to update. He removed and went to test other solutions. To malware staff and the group was there a way to make this work. Also what could be done when a full program update was needed? Thank You
  12. Hi All, I have a paid copy of malware bytes on my main pc and a free copy of malwarebytes on my laptop. I have a shared folder on one of my storage servers which has all of my application setup files etc stored on it. I can scan that share (as a mapped network drive) from my laptop with the free malwarebytes version. I cannot scan the share (as a mapped network drive) from my main pc with the paid version. Both systems are running win7-64. Any ideas?
  13. Hi, I started to get Identical IP in Network warning from Eset nod32 V5 (trial edition with firewall), and it shows up all the time, almost every single time I go to a new webpage, any idea what it could be? I have searched my computer for Virus with both nod32 and malwarebytes Anti-malware, nothing came up. I dont have the logs, because after I was done seearching with malwarebytes, I go this a message with something like this: Windows security center has been deactivated, click on this message to reactivate it. and seconds after that it restarted... and I started up to safemode, and searched... still nothing? so I am in normal mode here now, and nothing is different, the popup from nod32 still showing... cant watch any movie without being disturbed by it if this is the wrong sub-forum, please guide me to the right sub-forum however, I can still post logs from dds: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by Anders at 9:00:25 on 2012-06-07 Microsoft Windows 7 Professional 6.1.7600.0.1252.46.1033.18.5996.3692 [GMT 2:00] . AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\BOINC\boinctray.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\LOLReplay\LOLRecorder.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe D:\Program Files (x86)\Mozilla Firefox\firefox.exe D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.google.se/ uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED uRun: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun uRun: [Process Hacker 2] "C:\Program Files\Process Hacker 2\ProcessHacker.exe" -hide uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\Users\Anders\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTELT~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOLREC~1.LNK - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab TCP: DhcpNameServer = 192.168.10.5 192.168.0.5 192.168.0.9 195.67.199.24 TCP: Interfaces\{67FDD585-ED13-4036-9B1F-EC56D0809821} : DhcpNameServer = 192.168.42.129 TCP: Interfaces\{71EA3849-A863-42CE-B5C2-CFD82C8FE44F} : DhcpNameServer = 192.168.10.5 192.168.0.5 192.168.0.9 195.67.199.24 TCP: Interfaces\{71EA3849-A863-42CE-B5C2-CFD82C8FE44F}\3334F6D6 : DhcpNameServer = 192.168.10.5 TCP: Interfaces\{71EA3849-A863-42CE-B5C2-CFD82C8FE44F}\458656027616D656 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{71EA3849-A863-42CE-B5C2-CFD82C8FE44F}\94E6475627E61647F5F40756E6 : DhcpNameServer = 192.168.0.9 192.168.10.5 195.67.199.24 TCP: Interfaces\{71EA3849-A863-42CE-B5C2-CFD82C8FE44F}\E45787A754 : DhcpNameServer = 192.168.43.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll IFEO: taskmgr.exe - "C:\Program Files\Process Hacker 2\ProcessHacker.exe" BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll IFEO-X64: taskmgr.exe - "C:\Program Files\Process Hacker 2\ProcessHacker.exe" . ============= SERVICES / DRIVERS =============== . R0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys --> C:\Windows\system32\DRIVERS\EpfwLWF.sys [?] R1 KProcessHacker2;KProcessHacker2;C:\Program Files\Process Hacker 2\kprocesshacker.sys [2012-6-5 36424] R1 VWiFiFlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-8-9 974944] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-9 13336] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-6 654408] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-27 1262400] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-9-7 79872] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-6-6 1153368] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-5-9 2656280] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-5-3 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-9 257696] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-6 113120] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992] S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-5-12 736104] S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-5-15 14544] . =============== Created Last 30 ================ . 2012-06-06 21:52:27 -------- d-----w- C:\ProgramData\Battle.net 2012-06-06 21:41:58 -------- d-----w- C:\Program Files (x86)\NT Registry Optimizer 2012-06-06 19:59:13 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2012-06-06 19:56:47 -------- d-----w- C:\Program Files\Microsoft Games 2012-06-06 19:34:40 -------- d-----w- C:\Users\Anders\AppData\Roaming\Malwarebytes 2012-06-06 19:34:35 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-06 19:34:34 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-06 19:34:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-06 19:31:20 -------- d-----w- C:\Users\Anders\AppData\Local\ElevatedDiagnostics 2012-06-06 12:16:30 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2012-06-06 01:14:18 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-06-06 01:14:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-06-05 13:32:30 -------- d-----w- C:\Users\Anders\AppData\Roaming\Process Hacker 2 2012-06-05 13:24:18 -------- d-----w- C:\Program Files\Process Hacker 2 2012-06-05 11:34:14 -------- d-----w- C:\games 2012-06-04 21:22:39 -------- d-----w- C:\Users\Anders\AppData\Roaming\Mount&Blade Warband 2012-06-04 19:41:11 -------- d-----w- C:\Users\Anders\AppData\Roaming\xarp-Anders 2012-06-04 19:41:07 -------- d-----w- C:\Program Files (x86)\WinPcap 2012-06-04 19:40:38 -------- d-----w- C:\Program Files (x86)\XArp 2012-06-04 17:57:53 -------- d-----w- C:\ProgramData\Steam 2012-06-04 17:57:52 -------- d-----w- C:\ProgramData\PopCap Games 2012-06-03 21:40:06 -------- d-----w- C:\Users\Anders\AppData\Local\Chromium 2012-06-02 08:17:11 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2012-06-02 08:17:11 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2012-06-02 07:33:39 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe 2012-06-02 07:33:39 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe 2012-06-02 07:33:39 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll 2012-06-02 07:31:40 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll 2012-06-02 07:26:15 9728 ----a-w- C:\Windows\SysWow64\sscore.dll 2012-06-02 07:26:15 463360 ----a-w- C:\Windows\System32\drivers\srv.sys 2012-06-02 07:26:15 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys 2012-06-02 07:26:15 236032 ----a-w- C:\Windows\System32\srvsvc.dll 2012-06-02 07:26:15 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2012-06-02 07:26:13 77312 ----a-w- C:\Windows\System32\packager.dll 2012-06-02 07:26:13 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-06-01 19:22:03 -------- d-----w- C:\Program Files\MAXON 2012-06-01 19:21:19 -------- d-----w- C:\Users\Anders\AppData\Roaming\MAXON 2012-06-01 18:58:27 -------- d-sh--w- C:\Users\Anders\wc 2012-06-01 18:58:13 -------- d-----w- C:\Users\Anders\AppData\Local\Universe Sandbox 2012-06-01 18:58:10 -------- d-sh--w- C:\Users\Anders\AppData\Roaming\wyUpdate AU 2012-06-01 18:57:48 -------- d-----w- C:\Program Files (x86)\Universe Sandbox 2012-05-31 16:23:04 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-05-31 16:23:04 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-05-31 16:23:04 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-05-31 16:23:04 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2012-05-31 16:23:04 -------- d-----w- C:\Program Files (x86)\OpenAL 2012-05-31 11:33:39 -------- d-----w- C:\ProgramData\Solidshield 2012-05-31 11:32:20 -------- d-----w- C:\Users\Anders\AppData\Roaming\Ubisoft 2012-05-29 20:17:32 -------- d-----w- C:\Users\Anders\AppData\Local\HotheadGames 2012-05-29 17:30:09 -------- d-----w- C:\Users\Anders\.matplotlib 2012-05-29 17:30:08 -------- d-----w- C:\ProgramData\FAForever 2012-05-29 17:27:54 -------- d-----w- C:\Users\Anders\AppData\Local\Electronic Arts 2012-05-28 11:31:42 -------- d-----w- C:\Users\Anders\AppData\Local\Gas Powered Games 2012-05-28 08:30:33 -------- d-----w- C:\Program Files (x86)\MW2CU 2012-05-27 12:44:38 -------- d-----w- C:\Windows\SysWow64\NV 2012-05-27 12:44:38 -------- d-----w- C:\Windows\System32\NV 2012-05-27 12:42:36 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-05-27 12:42:36 858944 ----a-w- C:\Windows\System32\nv3dappshext.dll 2012-05-27 12:42:36 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-05-27 12:42:36 6151488 ----a-w- C:\Windows\System32\nvcpl.dll 2012-05-27 12:42:36 55616 ----a-w- C:\Windows\System32\nv3dappshextr.dll 2012-05-27 12:42:36 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-05-27 12:42:36 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-05-27 12:42:36 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-05-27 12:42:36 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-05-27 12:42:10 68928 ----a-w- C:\Windows\System32\OpenCL.dll 2012-05-27 12:42:10 61248 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2012-05-27 12:42:03 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2012-05-25 00:20:29 -------- d-----w- C:\Users\Anders\AppData\Roaming\LolClient2 2012-05-20 02:08:11 -------- d-----w- C:\Windows\SysWow64\RTCOM a 2012-05-20 01:52:46 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll 2012-05-20 01:52:46 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll 2012-05-20 01:52:46 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll 2012-05-20 01:52:46 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll 2012-05-20 01:52:45 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll 2012-05-20 01:52:45 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll 2012-05-17 18:58:07 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-05-17 18:57:50 -------- d-----w- C:\Program Files\DivX 2012-05-17 18:57:26 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared 2012-05-17 18:53:44 -------- d-----w- C:\Program Files (x86)\DivX 2012-05-17 18:52:30 -------- d-----w- C:\ProgramData\DivX 2012-05-17 18:36:35 -------- d-----w- C:\Program Files\PlayReady 2012-05-15 11:11:22 85504 ----a-w- C:\Windows\SysWow64\ff_vfw.dll 2012-05-15 11:11:22 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll 2012-05-15 11:11:22 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll 2012-05-15 11:11:22 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll 2012-05-15 11:11:22 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll 2012-05-15 11:11:20 -------- d-----w- C:\ProgramData\IObit 2012-05-15 11:11:20 -------- d-----w- C:\Program Files (x86)\IObit 2012-05-15 11:11:20 -------- d-----w- C:\Program Files (x86)\ffdshow 2012-05-15 08:32:19 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll 2012-05-15 08:32:19 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll 2012-05-15 08:32:19 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll 2012-05-15 08:32:19 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll 2012-05-15 08:32:06 -------- d-----w- C:\Program Files (x86)\Microsoft XNA 2012-05-14 10:26:22 -------- d-----w- C:\Program Files (x86)\LOLReplay 2012-05-14 07:51:39 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll 2012-05-14 07:51:39 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll 2012-05-14 07:51:39 48960 ----a-w- C:\Windows\System32\netfxperf.dll 2012-05-14 07:51:39 444752 ----a-w- C:\Windows\System32\mscoree.dll 2012-05-14 07:51:39 320352 ----a-w- C:\Windows\System32\PresentationHost.exe 2012-05-14 07:51:39 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll 2012-05-14 07:51:39 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe 2012-05-14 07:51:39 1942856 ----a-w- C:\Windows\System32\dfshim.dll 2012-05-14 07:51:39 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll 2012-05-14 07:51:39 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll 2012-05-12 12:44:11 -------- d-----w- C:\Users\Anders\AppData\Roaming\Tunngle 2012-05-12 12:44:11 -------- d-----w- C:\ProgramData\Tunngle 2012-05-12 12:44:07 31232 ----a-w- C:\Windows\System32\drivers\tap0901t.sys 2012-05-12 12:44:05 -------- d-----w- C:\Program Files (x86)\Tunngle 2012-05-12 09:29:32 -------- d-----w- C:\Users\Anders\VirtualBox VMs 2012-05-12 09:28:33 -------- d-----w- C:\Users\Anders\.VirtualBox 2012-05-12 09:27:58 224048 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys 2012-05-12 09:27:50 130864 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys 2012-05-12 09:27:48 -------- d-----w- C:\Program Files\Oracle 2012-05-11 16:44:40 -------- d-----w- C:\Users\Anders\AppData\Roaming\com.aspiro.wimp.se.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 2012-05-11 16:44:37 -------- d-----w- C:\Program Files (x86)\WiMP 2012-05-11 16:18:40 -------- d-----w- C:\Users\Anders\AppData\Roaming\LolClient 2012-05-11 12:37:07 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2012-05-11 12:37:06 -------- d-----w- C:\Program Files (x86)\Steam 2012-05-11 12:10:49 -------- d-----w- C:\sdasdasdasd 2012-05-11 09:35:13 -------- d--h--w- C:\KMSEMUTEMP 2012-05-11 09:32:29 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-05-11 09:32:18 -------- d-----w- C:\Windows\PCHEALTH 2012-05-11 09:32:18 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-05-11 09:31:38 -------- d-----w- C:\Users\Anders\AppData\Local\Microsoft Help 2012-05-11 09:29:54 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2012-05-11 09:29:51 -------- d-----w- C:\Users\Anders\AppData\Roaming\DAEMON Tools Lite 2012-05-11 09:29:48 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2012-05-11 09:29:12 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2012-05-10 22:13:01 -------- d-----w- C:\Users\Anders\AppData\Local\GameSpy 2012-05-10 22:12:28 -------- d-----w- C:\Users\Anders\AppData\Local\ApplicationHistory 2012-05-10 18:34:34 -------- d-----w- C:\Users\Anders\AppData\Local\Ubisoft Game Launcher 2012-05-10 17:08:53 89360 ----a-r- C:\Windows\SysWow64\VB5DB.DLL 2012-05-10 17:08:53 69632 ----a-r- C:\Windows\SysWow64\xmltok.dll 2012-05-10 17:08:53 505104 ----a-r- C:\Windows\SysWow64\msxml.dll 2012-05-10 17:08:53 36864 ----a-r- C:\Windows\SysWow64\xmlparse.dll 2012-05-10 17:08:53 35840 ----a-r- C:\Windows\SysWow64\comdlg32.oca 2012-05-10 17:08:53 29184 ----a-r- C:\Windows\SysWow64\MSINET.oca 2012-05-10 17:08:53 28432 ----a-r- C:\Windows\SysWow64\msxmlr.dll 2012-05-10 17:08:53 26096 ----a-r- C:\Windows\SysWow64\xmlinst.exe 2012-05-10 17:08:53 24576 ----a-r- C:\Windows\SysWow64\msxml3a.dll 2012-05-10 17:08:53 140488 ----a-r- C:\Windows\SysWow64\comdlg32.ocx 2012-05-10 17:08:53 115016 ----a-r- C:\Windows\SysWow64\MSINET.OCX 2012-05-10 17:04:32 -------- d-----w- C:\Program Files (x86)\Ubi Soft 2012-05-10 17:04:18 696320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2012-05-10 17:04:18 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2012-05-10 17:04:18 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2012-05-10 17:04:18 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2012-05-10 17:04:18 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2012-05-10 17:03:47 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2012-05-10 17:03:47 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2012-05-10 15:48:45 -------- d-----w- C:\Windows\SysWow64\URTTEMP 2012-05-10 15:47:43 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-05-10 15:47:37 66872 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-05-10 15:47:36 669184 ----a-w- C:\Windows\SysWow64\pbsvc.exe 2012-05-09 22:40:20 -------- d-----w- C:\Users\Anders\AppData\Roaming\ESET 2012-05-09 22:40:20 -------- d-----w- C:\Users\Anders\AppData\Local\ESET 2012-05-09 22:39:21 -------- d-----w- C:\Program Files\ESET 2012-05-09 22:37:21 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-05-09 22:34:10 63648 ----a-w- C:\Windows\System32\athihvui.dll 2012-05-09 22:34:10 443040 ----a-w- C:\Windows\System32\athihvs.dll 2012-05-09 22:34:10 2380448 ----a-w- C:\Windows\System32\drivers\athrx.sys 2012-05-09 22:34:10 -------- d-----w- C:\Windows\System32\nn-NO 2012-05-09 22:34:10 -------- d-----w- C:\Program Files (x86)\Atheros 2012-05-09 22:33:42 -------- d-----w- C:\ProgramData\Atheros 2012-05-09 22:18:49 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2012-05-09 21:54:02 -------- d-----w- C:\Users\Anders\AppData\Roaming\NVIDIA 2012-05-09 18:37:00 949696 ----a-w- C:\Windows\System32\npDeployJava1.dll 2012-05-09 18:37:00 833472 ----a-w- C:\Windows\System32\deployJava1.dll 2012-05-09 18:35:58 -------- d-----w- C:\ProgramData\BOINC 2012-05-09 18:35:58 -------- d-----w- C:\Program Files\BOINC 2012-05-09 18:35:04 -------- d-----w- C:\Windows\Downloaded Installations 2012-05-09 18:34:36 -------- d-----w- C:\Users\Anders\AppData\Local\NVIDIA Corporation 2012-05-09 18:21:43 -------- d-----w- C:\Users\Anders\AppData\Roaming\TeraCopy 2012-05-09 18:21:40 -------- d-----w- C:\Program Files\TeraCopy 2012-05-09 18:14:51 -------- d-----w- C:\Users\Anders\AppData\Local\CAPCOM 2012-05-09 17:53:38 -------- d-----w- C:\Windows\SysWow64\directx 2012-05-09 17:51:44 -------- d-----w- C:\Users\Anders\AppData\Local\Google 2012-05-09 17:51:43 -------- d-----w- C:\Users\Anders\AppData\Local\CRE 2012-05-09 17:51:42 -------- d-----w- C:\Program Files (x86)\Conduit 2012-05-09 17:51:41 -------- d-----w- C:\Users\Anders\AppData\Local\Conduit 2012-05-09 17:50:53 -------- d-----w- C:\Program Files (x86)\uTorrent 2012-05-09 17:49:38 -------- d-----w- C:\Users\Anders\AppData\Roaming\uTorrent 2012-05-09 17:35:16 -------- d-----w- C:\Program Files (x86)\Video Web Camera 2012-05-09 17:31:30 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll 2012-05-09 17:31:26 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2012-05-09 17:10:38 -------- d-----r- C:\Program Files (x86)\Skype 2012-05-09 16:53:30 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-09 16:53:30 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-09 16:36:34 -------- d-----w- C:\Windows\Panther 2012-05-09 15:55:43 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2012-05-09 15:53:23 -------- d-----w- C:\Program Files\NVIDIA Corporation 2012-05-09 15:49:01 121344 ----a-w- C:\Windows\System32\IntelOpenCL64.dll 2012-05-09 15:48:58 86528 ----a-w- C:\Windows\SysWow64\IntelOpenCL32.dll 2012-05-09 15:48:52 -------- d-----w- C:\Program Files (x86)\Common Files\Intel 2012-05-09 15:02:56 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5ED7F0FF-26CD-4B47-B3AA-B1FC87315C1F}\mpengine.dll 2012-05-09 15:00:48 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2012-05-09 14:55:59 -------- d-----w- C:\Users\Anders\AppData\Local\Mozilla 2012-05-09 14:48:26 -------- d-----w- C:\Users\Anders\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-05-09 14:47:50 -------- d-----w- C:\Users\Anders\AppData\Roaming\HTC 2012-05-09 14:46:54 -------- d-----w- C:\Users\Anders\AppData\Local\Downloaded Installations 2012-05-09 14:46:47 -------- d-----w- C:\Program Files (x86)\Spirent Communications 2012-05-09 14:46:39 -------- d-----w- C:\Program Files (x86)\HTC 2012-05-09 14:46:36 -------- d-----w- C:\Users\Anders\AppData\Local\Adobe 2012-05-09 14:46:27 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2012-05-09 14:26:46 -------- d-----w- C:\Program Files (x86)\Realtek 2012-05-09 14:26:45 -------- d--h--w- C:\Program Files (x86)\Temp 2012-05-09 14:26:43 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2012-05-09 14:25:40 -------- d-----w- C:\Program Files (x86)\Renesas Electronics 2012-05-09 14:22:21 -------- d-----w- C:\Users\Anders\AppData\Roaming\Intel 2012-05-09 14:22:17 -------- d-----w- C:\Users\Anders\Roaming 2012-05-09 14:22:17 -------- d-----w- C:\ProgramData\Roaming 2012-05-09 14:21:20 -------- d-----w- C:\Program Files\Common Files\Intel 2012-05-09 14:20:22 -------- d-sh--w- C:\Windows\Installer 2012-05-09 14:18:14 -------- d-----w- C:\Users\Anders\AppData\Roaming\Intel Corporation 2012-05-09 14:14:35 439320 ----a-w- C:\Windows\System32\drivers\iaStor.sys 2012-05-09 14:13:29 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2012-05-09 14:13:21 -------- d-----w- C:\Intel 2012-05-09 10:45:03 -------- d-----w- C:\Users\Anders\AppData\Local\Diagnostics 2012-05-09 10:40:49 -------- d-----w- C:\NVIDIA . ==================== Find3M ==================== . 2012-05-20 01:22:57 475752 ----a-w- C:\Windows\System32\DTSVoiceClarityDLL64.dll 2012-05-15 10:48:00 949056 ----a-w- C:\Windows\System32\nvumdshimx.dll 2012-05-02 00:46:28 4472832 ----a-w- C:\Windows\SysWow64\GPhotos.scr 2012-04-12 16:12:56 147248 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys 2012-03-19 14:44:20 5888792 ----a-w- C:\Windows\System32\GfxUI.exe 2012-03-19 14:44:20 509720 ----a-w- C:\Windows\System32\igfxsrvc.exe 2012-03-19 14:44:20 439064 ----a-w- C:\Windows\System32\igfxpers.exe 2012-03-19 14:44:20 398616 ----a-w- C:\Windows\System32\hkcmd.exe 2012-03-19 14:44:20 276248 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe 2012-03-19 14:44:20 250136 ----a-w- C:\Windows\System32\igfxext.exe 2012-03-19 14:44:20 184600 ----a-w- C:\Windows\System32\difx64.exe 2012-03-19 14:44:20 170264 ----a-w- C:\Windows\System32\igfxtray.exe 2012-03-19 14:42:08 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2696.dll 2012-03-19 14:32:04 14745600 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys 2012-03-19 14:31:56 8087040 ----a-w- C:\Windows\System32\igdumd64.dll 2012-03-19 14:31:16 963912 ----a-w- C:\Windows\SysWow64\igkrng600.bin 2012-03-19 14:31:16 963912 ----a-w- C:\Windows\System32\igkrng600.bin 2012-03-19 14:31:16 261208 ----a-w- C:\Windows\SysWow64\igfcg600m.bin 2012-03-19 14:31:16 261208 ----a-w- C:\Windows\System32\igfcg600m.bin 2012-03-19 14:31:16 145804 ----a-w- C:\Windows\SysWow64\igcompkrng600.bin 2012-03-19 14:31:16 145804 ----a-w- C:\Windows\System32\igcompkrng600.bin 2012-03-19 14:31:14 79360 ----a-w- C:\Windows\System32\igdde64.dll 2012-03-19 14:26:56 6120960 ----a-w- C:\Windows\SysWow64\igdumd32.dll 2012-03-19 14:25:58 58880 ----a-w- C:\Windows\SysWow64\igdde32.dll 2012-03-19 14:22:10 9605632 ----a-w- C:\Windows\System32\igd10umd64.dll 2012-03-19 14:11:38 7795200 ----a-w- C:\Windows\SysWow64\igd10umd32.dll 2012-03-19 13:31:14 18137088 ----a-w- C:\Windows\System32\ig4icd64.dll 2012-03-19 13:21:14 13212672 ----a-w- C:\Windows\SysWow64\ig4icd32.dll 2012-03-19 13:17:56 28672 ----a-w- C:\Windows\System32\igfxexps.dll 2012-03-19 13:17:46 63488 ----a-w- C:\Windows\System32\igfxsrvc.dll 2012-03-19 13:17:22 110592 ----a-w- C:\Windows\System32\hccutils.dll 2012-03-19 13:17:14 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll 2012-03-19 13:17:14 434688 ----a-w- C:\Windows\System32\igfxdev.dll 2012-03-19 13:17:14 172032 ----a-w- C:\Windows\System32\gfxSrvc.dll 2012-03-19 13:16:40 286208 ----a-w- C:\Windows\System32\igfxrenu.lrc 2012-03-19 13:16:38 142336 ----a-w- C:\Windows\System32\igfxdo.dll 2012-03-19 13:16:36 9007616 ----a-w- C:\Windows\System32\igfxress.dll 2012-03-19 13:12:06 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll 2012-03-19 13:11:22 325120 ----a-w- C:\Windows\SysWow64\igfxdv32.dll 2012-03-19 13:09:08 94208 ----a-w- C:\Windows\System32\IccLibDll_x64.dll 2012-03-19 13:09:08 524800 ----a-w- C:\Windows\System32\iglhsip64.dll 2012-03-19 13:09:08 519680 ----a-w- C:\Windows\SysWow64\iglhsip32.dll 2012-03-19 13:09:08 2967040 ----a-w- C:\Windows\System32\igfxcmjit64.dll 2012-03-19 13:09:08 237056 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll 2012-03-19 13:09:08 2321408 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll 2012-03-19 13:09:08 213504 ----a-w- C:\Windows\System32\iglhcp64.dll 2012-03-19 13:09:08 193024 ----a-w- C:\Windows\System32\igfxcmrt64.dll 2012-03-19 13:09:08 177152 ----a-w- C:\Windows\SysWow64\iglhcp32.dll . ============= FINISH: 9:01:36,65 =============== that was all I can do from this end right now, I really need help with this one... thank you for taking your time and have a good day -Anders
  14. I am running Windows XP, connecting to a server running Windows 7. When I try to connect to certain programs on the network, my computer freezes for 11 minutes. It's happened so many times that I know the exact time of freezing. I have Malarebytes version 1.61.0.1400. When I remove Malwarebytes from my computer, the freezing does not occur. Please advise. Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.