Jump to content

Search the Community

Showing results for tags 'URL:Mal'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 6 results

  1. I keep getting a URL:Mal threat secured notification from my Avast antivirus software. When I run I scan using Avast, it picks up no virus, malware or suspicious threat. When I run a scan in malware bytes it also picks up no malware, viruses or threats. How do i remove this? I am running mac. The threat keeps coming up as being from the following links i have i have never been on before: upd-pct.info/ or pctupd.info/ . I did some research on this, and found out it is coming from PopcornTime which is a P2P app for watching movies. I immediately deleted the app and all its contents but the pop still comes every 5 hours or so. I still have not been able to find any solid information on how to remove this threat. I fear this may be a new malware or virus that neither Avast or Malwarebytes is aware of, and it constantly trying to connect to the internet in the background, which is when avast blocks the attempt. I cannot fins any information on how to remove this threat, please help me.
  2. for about a week or so, upon startup or coming out of sleep, my avast always pops up with an alert saying an infection was blocked from svchost.exe where the object was listed as reddie.net or blacklight or some other website url/dll. I'm not entirely sure what caused this but i have read up about it and have gotten rid of my java which seems to be the problem here. any help would be appreciated! Addition.txt FRST.txt
  3. Recently when I wake my computer or turn it on I get Avast consistently blocking web pages. The web pages aren't always the same, but the rest is. Infection: URL:Mal Process: C:\windows\system32\svchost.exe I have run a complete scan and boot scan with Avast. I have run CCleaner and Malwarebytes. Still I have the same issue. I saw on this forum to run Farbar and Rogue Killer. The FRST.txt is as follows: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015Ran by Lucy (administrator) on REEPICHEEP on 08-04-2015 23:10:55Running from C:\Users\Lucy\DownloadsLoaded Profiles: Lucy (Available profiles: Lucy & DefaultAppPool)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-27] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-09] (Realtek Semiconductor)HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-15] (Dell Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-02] (Avast Software s.r.o.)HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [GoogleChromeAutoLaunch_E5CE13D32CFEE4857CA1D9203971B7D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-30] (Google Inc.)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [WorkForce 840(Network)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGMA.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [EPSONB90F0F (WorkForce 840)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGMA.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\MountPoints2: D - "D:\Setup.exe" HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\...\MountPoints2: {58d7111d-cb78-11e4-826b-303a64cf08b8} - "D:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [786432 2013-08-22] (Microsoft Corporation)Startup: C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnkShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Lucy\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\windows\system32\mscoree.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\windows\system32\mscoree.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006HKU\S-1-5-21-2576653244-3294062963-2646520357-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = SearchScopes: HKU\S-1-5-21-2576653244-3294062963-2646520357-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-02] (Avast Software s.r.o.)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-02] (Avast Software s.r.o.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\ul0ucgp2.default-1399488515843FF DefaultSearchEngine: Yahoo! (Avast)FF DefaultSearchUrl: https://search.yahoo.com/yhs/searchFF SearchEngineOrder.1: Yahoo! (Avast)FF SelectedSearchEngine: Yahoo! (Avast)FF Homepage: www.google.comFF Keyword.URL: https://search.yahoo.com/yhs/searchFF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)FF Plugin HKU\S-1-5-21-2576653244-3294062963-2646520357-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lucy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)FF user.js: detected! => C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\ul0ucgp2.default-1399488515843\user.js [2015-03-12]FF SearchPlugin: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\ul0ucgp2.default-1399488515843\searchplugins\yahoo-avast.xml [2014-06-25]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-05]FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: =======CHR HomePage: Default -> hxxp://www.google.com/CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]CHR Extension: (Google Docs) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]CHR Extension: (Google Drive) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-05]CHR Extension: (YouTube) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-05]CHR Extension: (Add to Amazon Wish List) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-02-05]CHR Extension: (Google Search) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-05]CHR Extension: (Avast SafePrice) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-11]CHR Extension: (Google Sheets) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]CHR Extension: (Avast Online Security) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-05]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]CHR Extension: (Google Wallet) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-05]CHR Extension: (Gmail) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-05]CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-02]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-02] (Avast Software s.r.o.)R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-02] (Avast Software)S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink)R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-18] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915408 2013-10-17] (SoftThinks SAS)S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-02-12] (Microsoft Corporation)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2015-02-12] (Microsoft Corporation)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 amdiommu; C:\Windows\System32\drivers\amdkiomd.sys [76800 2014-01-10] (Advanced Micro Devices, Inc.)R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-02] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-02] (Avast Software s.r.o.)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-02] (Avast Software s.r.o.)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-02] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-02] (Avast Software s.r.o.)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-02] (Avast Software s.r.o.)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-02] (Avast Software s.r.o.)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-02] ()R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-19] (Intel Corporation)R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-08] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-18] (Intel Corporation)R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-04-09] (Synaptics Incorporated)R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-02] (Avast Software)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-08 23:10 - 2015-04-08 23:11 - 00021252 _____ () C:\Users\Lucy\Downloads\FRST.txt2015-04-08 23:10 - 2015-04-08 23:10 - 00000000 ____D () C:\FRST2015-04-08 23:09 - 2015-04-08 23:10 - 02095616 _____ (Farbar) C:\Users\Lucy\Downloads\FRST64.exe2015-04-08 23:05 - 2015-04-08 23:06 - 00009203 _____ () C:\windows\WindowsUpdate.log2015-04-08 22:56 - 2015-04-08 22:56 - 00000350 _____ () C:\windows\PFRO.log2015-04-08 22:56 - 2015-04-08 22:56 - 00000116 _____ () C:\windows\setupact.log2015-04-08 22:56 - 2015-04-08 22:56 - 00000000 _____ () C:\windows\setuperr.log2015-04-08 22:53 - 2015-04-08 22:54 - 00087342 _____ () C:\Users\Lucy\cc_20150408_225306.reg2015-04-08 22:48 - 2015-04-08 22:48 - 00002792 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC2015-04-08 22:48 - 2015-04-08 22:48 - 00000000 ____D () C:\Program Files\CCleaner2015-04-08 22:47 - 2015-04-08 22:47 - 05344528 _____ (Piriform Ltd) C:\Users\Lucy\Downloads\ccsetup504.exe2015-04-08 17:35 - 2015-04-08 22:57 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-04-08 17:34 - 2015-04-08 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools2015-04-08 17:34 - 2015-04-08 17:34 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-04-08 17:34 - 2015-04-08 17:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-04-08 17:34 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2015-04-08 17:34 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2015-04-08 17:34 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys2015-04-08 17:33 - 2015-04-08 17:33 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Lucy\Downloads\mbam-setup-2.1.4.1018.exe2015-04-07 16:33 - 2015-04-07 16:33 - 00000000 ____D () C:\Users\Public\Documents\CrashDump2015-04-07 15:33 - 2015-04-07 15:33 - 00000000 ___SD () C:\windows\SysWOW64\GWX2015-04-07 15:33 - 2015-04-07 15:33 - 00000000 ___SD () C:\windows\system32\GWX2015-04-04 17:51 - 2015-04-04 17:51 - 14403836 _____ () C:\Users\Lucy\Downloads\DecoratedEggs.themepack2015-04-03 15:44 - 2015-04-04 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird2015-04-02 21:30 - 2015-03-03 09:17 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe2015-04-02 21:27 - 2015-04-02 21:27 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe2015-04-02 21:26 - 2015-04-02 21:26 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr2015-04-01 20:59 - 2015-04-01 20:59 - 00001870 _____ () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk2015-03-27 21:48 - 2015-03-27 21:48 - 00000197 _____ () C:\windows\system32\2015-03-28-01-48-34.021-AvastVBoxSVC.exe-3076.log2015-03-27 16:01 - 2015-03-27 16:03 - 00000197 _____ () C:\windows\system32\2015-03-27-20-01-53.097-AvastVBoxSVC.exe-3216.log2015-03-25 16:11 - 2015-03-25 16:11 - 00000000 ____D () C:\Users\Lucy\Documents\FlashIntegro2015-03-25 16:11 - 2015-03-25 16:11 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\VideoEditor2015-03-25 16:11 - 2015-03-25 16:11 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\FlashIntegro2015-03-25 16:10 - 2015-03-27 16:03 - 00000000 ____D () C:\Program Files (x86)\3602015-03-25 16:10 - 2015-03-25 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video2015-03-25 16:10 - 2015-03-25 16:10 - 00000000 ____D () C:\Program Files (x86)\FlashIntegro2015-03-25 16:10 - 2014-12-09 13:21 - 00081792 _____ (Flash-Integro LLC) C:\windows\SysWOW64\mslvddsfilter2.ax2015-03-25 16:10 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\windows\SysWOW64\Lagarith.dll2015-03-25 16:10 - 2005-08-01 19:43 - 00245760 _____ () C:\windows\SysWOW64\lame.ax2015-03-25 16:10 - 2004-12-10 10:03 - 00438272 _____ (On2.com) C:\windows\SysWOW64\vp6vfw.dll2015-03-25 16:10 - 2004-09-06 16:06 - 00053248 _____ () C:\windows\SysWOW64\xvid.ax2015-03-25 16:10 - 2004-07-03 21:08 - 00139264 _____ () C:\windows\SysWOW64\xvidvfw.dll2015-03-25 16:10 - 2004-07-03 20:59 - 00524288 _____ () C:\windows\SysWOW64\xvidcore.dll2015-03-25 16:10 - 2004-02-04 21:11 - 00081920 _____ (fccHandler) C:\windows\SysWOW64\AC3ACM.acm2015-03-25 16:10 - 2003-05-22 12:26 - 00638976 _____ (DivXNetworks, Inc.) C:\windows\SysWOW64\divx.dll2015-03-25 16:10 - 2003-05-22 12:26 - 00221215 _____ (DivXNetworks, Inc.) C:\windows\SysWOW64\divxdec.ax2015-03-25 16:10 - 2003-05-21 23:50 - 00261632 _____ (MainConcept) C:\windows\SysWOW64\mcdvd_32.dll2015-03-25 16:10 - 2003-05-21 23:50 - 00156910 _____ () C:\windows\WMSysPr8.prx2015-03-25 16:10 - 2003-05-21 23:50 - 00082944 _____ (Voxware, Inc.) C:\windows\SysWOW64\vct3216.acm2015-03-25 16:10 - 2003-05-21 23:50 - 00038912 _____ (NCT Company) C:\windows\SysWOW64\alf2cd.acm2015-03-25 16:10 - 2003-05-21 23:50 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3a.dll2015-03-25 16:10 - 2003-03-25 05:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\windows\SysWOW64\L3CODECX.AX2015-03-25 16:10 - 2003-03-18 23:14 - 00499712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp71.dll2015-03-25 16:10 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll2015-03-25 16:10 - 2002-08-20 00:41 - 00413760 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg4c32.dll2015-03-25 16:10 - 2000-03-14 20:55 - 00013239 _____ (SHARP Corporation) C:\windows\SysWOW64\Scg726.acm2015-03-25 16:08 - 2015-03-25 16:08 - 30724288 _____ (Flash-Integro LLC ) C:\Users\Lucy\Downloads\video_editor_download.exe2015-03-24 20:48 - 2015-03-10 22:38 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll2015-03-24 20:48 - 2015-03-10 18:08 - 01107456 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00943104 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll2015-03-24 20:48 - 2015-03-10 18:08 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll2015-03-21 16:27 - 2015-03-21 16:27 - 00000000 ____D () C:\Program Files (x86)\Samsung2015-03-21 16:25 - 2015-04-03 20:52 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon2015-03-21 16:24 - 2015-03-21 16:24 - 00000000 ____D () C:\Program Files\SAMSUNG2015-03-21 16:24 - 2014-06-16 02:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudmdm.sys2015-03-21 16:24 - 2014-06-16 02:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudbus.sys2015-03-21 16:23 - 2015-04-03 20:52 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\VERIZON2015-03-21 16:23 - 2015-03-21 16:27 - 00000000 ____D () C:\ProgramData\Samsung2015-03-21 16:23 - 2015-03-21 16:23 - 00000000 ____D () C:\Users\Public\Documents\Verizon2.0_Log2015-03-21 16:18 - 2015-03-21 16:18 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf2015-03-15 21:07 - 2015-03-15 21:08 - 00000197 _____ () C:\windows\system32\2015-03-16-01-07-15.030-AvastVBoxSVC.exe-3280.log2015-03-13 23:25 - 2015-03-13 23:27 - 00000197 _____ () C:\windows\system32\2015-03-14-03-25-33.002-AvastVBoxSVC.exe-3192.log2015-03-13 22:45 - 2015-03-13 22:45 - 00495863 _____ () C:\Users\Lucy\Downloads\col95.zip2015-03-13 22:34 - 2015-03-13 22:35 - 00000000 ____D () C:\Users\Lucy\Desktop\Colonization2015-03-13 22:30 - 2015-03-13 22:30 - 00000000 ____D () C:\Users\Lucy\AppData\Local\DOSBox2015-03-13 22:29 - 2015-03-13 22:29 - 00001896 _____ () C:\Users\Public\Desktop\DOSBox 0.74.lnk2015-03-13 22:29 - 2015-03-13 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.742015-03-13 22:29 - 2015-03-13 22:29 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.742015-03-13 22:28 - 2015-03-13 22:28 - 01448809 _____ (DOSBox Team) C:\Users\Lucy\Downloads\DOSBox0.74-win32-installer.exe2015-03-13 21:12 - 2015-03-13 21:12 - 00000197 _____ () C:\windows\system32\2015-03-14-01-12-03.008-AvastVBoxSVC.exe-1944.log2015-03-13 14:13 - 2015-03-13 14:13 - 00628688 _____ (CMI Limited) C:\Users\Lucy\AppData\Local\nsnE2FE.tmp2015-03-13 14:09 - 2015-03-13 14:10 - 00003280 _____ () C:\windows\System32\Tasks\avastBCLRestartS-1-5-21-2576653244-3294062963-2646520357-10012015-03-12 21:24 - 2015-04-08 18:36 - 00000000 ____D () C:\ProgramData\8830ce68000064252015-03-12 21:16 - 2015-03-12 21:16 - 00000000 ____D () C:\Users\Lucy\Documents\Optimizer Pro2015-03-11 17:23 - 2015-04-07 18:54 - 00000000 ____D () C:\Users\DefaultAppPool2015-03-11 17:23 - 2015-03-11 17:23 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini2015-03-11 17:23 - 2015-02-08 00:19 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2015-03-11 17:23 - 2015-02-07 14:21 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-11 17:23 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk2015-03-11 17:23 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk2015-03-11 17:23 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2015-03-11 17:23 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2015-03-10 20:57 - 2015-02-03 19:58 - 00264000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys2015-03-10 20:57 - 2015-02-03 19:58 - 00114496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys2015-03-10 20:57 - 2015-02-03 19:58 - 00044024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys2015-03-10 20:57 - 2015-02-02 19:53 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\winshfhc.dll2015-03-10 20:57 - 2015-02-02 19:53 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\winshfhc.dll2015-03-10 20:57 - 2015-01-26 23:44 - 00933888 _____ (Microsoft Corporation) C:\windows\system32\calc.exe2015-03-10 20:57 - 2015-01-23 21:51 - 00816128 _____ (Microsoft Corporation) C:\windows\SysWOW64\calc.exe2015-03-10 20:56 - 2015-03-05 22:53 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll2015-03-10 20:56 - 2015-03-05 22:33 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll2015-03-10 20:56 - 2015-02-25 19:26 - 04178944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys2015-03-10 20:56 - 2015-02-19 23:03 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll2015-03-10 20:56 - 2015-02-19 22:58 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll2015-03-10 20:56 - 2015-02-19 22:20 - 00301056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll2015-03-10 20:56 - 2015-02-19 22:15 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll2015-03-10 20:56 - 2015-02-06 19:09 - 00396419 _____ () C:\windows\system32\ApnDatabase.xml2015-03-10 20:56 - 2015-02-05 21:28 - 02257408 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll2015-03-10 20:56 - 2015-02-05 21:08 - 01943040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll2015-03-10 20:56 - 2015-02-05 16:24 - 01113920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys2015-03-10 20:56 - 2015-02-02 20:03 - 03551744 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll2015-03-10 20:56 - 2015-02-02 20:02 - 04298240 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll2015-03-10 20:56 - 2015-01-30 19:42 - 03097600 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll2015-03-10 20:56 - 2015-01-30 19:29 - 02484224 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll2015-03-10 20:56 - 2015-01-30 19:20 - 00203264 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll2015-03-10 20:56 - 2015-01-29 23:01 - 00097792 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys2015-03-10 20:56 - 2015-01-29 23:00 - 00167424 ____C (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys2015-03-10 20:56 - 2015-01-29 22:03 - 01488896 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll2015-03-10 20:56 - 2015-01-29 22:03 - 01464832 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll2015-03-10 20:56 - 2015-01-29 22:02 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\eappgnui.dll2015-03-10 20:56 - 2015-01-29 21:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42u.dll2015-03-10 20:56 - 2015-01-29 21:42 - 01204224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc42.dll2015-03-10 20:56 - 2015-01-29 21:40 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappgnui.dll2015-03-10 20:56 - 2015-01-29 21:37 - 00331776 _____ (Microsoft Corporation) C:\windows\system32\eapp3hst.dll2015-03-10 20:56 - 2015-01-29 21:29 - 00035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\atlthunk.dll2015-03-10 20:56 - 2015-01-29 21:24 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\eapphost.dll2015-03-10 20:56 - 2015-01-29 21:24 - 00250880 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapp3hst.dll2015-03-10 20:56 - 2015-01-29 21:16 - 00266752 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapphost.dll2015-03-10 20:56 - 2015-01-29 21:08 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\eappcfg.dll2015-03-10 20:56 - 2015-01-29 21:06 - 00278016 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappcfg.dll2015-03-10 20:56 - 2015-01-28 21:58 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\photowiz.dll2015-03-10 20:56 - 2015-01-28 21:29 - 00290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\photowiz.dll2015-03-10 20:56 - 2015-01-28 21:11 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2015-03-10 20:56 - 2015-01-28 21:04 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll2015-03-10 20:56 - 2015-01-28 21:04 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll2015-03-10 20:56 - 2015-01-28 21:00 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2015-03-10 20:56 - 2015-01-28 20:59 - 02773504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll2015-03-10 20:56 - 2015-01-28 20:55 - 00971776 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll2015-03-10 20:56 - 2015-01-28 20:50 - 00811008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll2015-03-10 20:56 - 2015-01-28 20:49 - 02459136 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll2015-03-10 20:56 - 2015-01-28 11:41 - 07472960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2015-03-10 20:56 - 2015-01-28 11:41 - 01733440 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll2015-03-10 20:56 - 2015-01-28 11:41 - 01498360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll2015-03-10 20:56 - 2015-01-27 22:24 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\StorageContextHandler.dll2015-03-10 20:56 - 2015-01-27 21:47 - 00060928 _____ (Microsoft Corporation) C:\windows\SysWOW64\StorageContextHandler.dll2015-03-10 20:56 - 2015-01-27 00:22 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll2015-03-10 20:56 - 2015-01-26 22:11 - 03547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll2015-03-10 20:56 - 2015-01-23 03:17 - 00723072 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll2015-03-10 20:56 - 2015-01-23 01:02 - 00560392 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll2015-03-10 20:56 - 2014-10-28 23:56 - 00027456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys2015-03-10 20:56 - 2014-10-28 22:49 - 00003072 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll2015-03-10 20:56 - 2014-10-28 22:46 - 00081920 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS2015-03-10 20:56 - 2014-10-28 22:46 - 00053248 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys2015-03-10 20:56 - 2014-10-28 22:45 - 01198080 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys2015-03-10 20:56 - 2014-10-28 22:44 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll2015-03-10 20:56 - 2014-10-28 22:44 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll2015-03-10 20:56 - 2014-10-28 22:43 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\printui.exe2015-03-10 20:56 - 2014-10-28 22:37 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\rfxvmt.dll2015-03-10 20:56 - 2014-10-28 22:34 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll2015-03-10 20:56 - 2014-10-28 22:34 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WSCollect.exe2015-03-10 20:56 - 2014-10-28 22:34 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\WSReset.exe2015-03-10 20:56 - 2014-10-28 22:04 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\findnetprinters.dll2015-03-10 20:56 - 2014-10-28 22:04 - 00003072 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll2015-03-10 20:56 - 2014-10-28 22:03 - 00241152 ____C (Microsoft Corporation) C:\windows\system32\fsquirt.exe2015-03-10 20:56 - 2014-10-28 22:00 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll2015-03-10 20:56 - 2014-10-28 22:00 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll2015-03-10 20:56 - 2014-10-28 21:58 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.exe2015-03-10 20:56 - 2014-10-28 21:52 - 00289280 _____ (Microsoft Corporation) C:\windows\SysWOW64\compstui.dll2015-03-10 20:56 - 2014-10-28 21:51 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll2015-03-10 20:56 - 2014-10-28 21:45 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\prnntfy.dll2015-03-10 20:56 - 2014-10-28 21:28 - 00055808 _____ (Microsoft Corporation) C:\windows\SysWOW64\findnetprinters.dll2015-03-10 20:56 - 2014-10-28 21:28 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\atlthunk.dll2015-03-10 20:56 - 2014-10-28 21:20 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll2015-03-10 20:56 - 2014-10-28 21:19 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\eappprxy.dll2015-03-10 20:56 - 2014-10-28 21:15 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnntfy.dll2015-03-10 20:56 - 2014-10-28 21:13 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll2015-03-10 20:56 - 2014-10-28 20:59 - 00056320 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappprxy.dll2015-03-10 20:56 - 2014-10-28 20:55 - 00223744 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll2015-03-10 20:56 - 2014-10-28 20:55 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll2015-03-10 20:56 - 2014-10-28 20:44 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll2015-03-10 20:56 - 2014-10-28 20:41 - 00269312 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll2015-03-10 20:56 - 2014-10-28 20:35 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll2015-03-10 20:55 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2015-03-10 20:55 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2015-03-10 20:55 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2015-03-10 20:55 - 2015-02-20 20:27 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll2015-03-10 20:55 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2015-03-10 20:55 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2015-03-10 20:55 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2015-03-10 20:55 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2015-03-10 20:55 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2015-03-10 20:55 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2015-03-10 20:55 - 2015-02-19 22:35 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll2015-03-10 20:55 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2015-03-10 20:55 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2015-03-10 20:55 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2015-03-10 20:55 - 2015-02-19 22:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll2015-03-10 20:55 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2015-03-10 20:55 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2015-03-10 20:55 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2015-03-10 20:55 - 2015-02-19 21:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll2015-03-10 20:55 - 2015-02-19 21:56 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll2015-03-10 20:55 - 2015-02-19 21:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll2015-03-10 20:55 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2015-03-10 20:55 - 2015-02-19 21:49 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2015-03-10 20:55 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2015-03-10 20:55 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2015-03-10 20:55 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2015-03-10 20:55 - 2015-02-19 21:30 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll2015-03-10 20:55 - 2015-02-19 21:29 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll2015-03-10 20:55 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2015-03-10 20:55 - 2015-02-19 21:26 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll2015-03-10 20:55 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2015-03-10 20:55 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2015-03-10 20:55 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2015-03-10 20:55 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2015-03-10 20:55 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2015-03-10 20:55 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2015-03-10 20:55 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2015-03-10 20:55 - 2015-02-12 13:40 - 22291584 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll2015-03-10 20:55 - 2015-02-12 13:34 - 19731824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll2015-03-10 20:55 - 2015-02-07 19:57 - 01090048 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll2015-03-10 20:55 - 2015-02-07 19:49 - 00791040 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll2015-03-10 20:55 - 2015-01-29 14:45 - 01763352 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll2015-03-10 20:55 - 2015-01-29 14:34 - 01488040 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll2015-03-10 20:55 - 2015-01-27 21:31 - 00402432 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll2015-03-10 20:55 - 2015-01-27 21:11 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll2015-03-10 20:55 - 2015-01-27 19:47 - 02501368 _____ (Microsoft Corporation) C:\windows\explorer.exe2015-03-10 20:55 - 2015-01-27 19:41 - 02207488 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe2015-03-10 20:55 - 2015-01-21 01:54 - 01384712 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll2015-03-10 20:55 - 2015-01-21 01:15 - 01123848 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll2015-03-10 20:55 - 2014-12-11 01:36 - 00046456 _____ (Microsoft Corporation) C:\windows\system32\LockScreenContentServer.exe2015-03-10 20:44 - 2015-03-10 20:45 - 00000197 _____ () C:\windows\system32\2015-03-11-00-44-47.063-AvastVBoxSVC.exe-3708.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-08 23:01 - 2015-02-05 21:30 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update2015-04-08 23:00 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\sru2015-04-08 22:59 - 2015-01-26 23:12 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery2015-04-08 22:58 - 2015-02-06 22:22 - 00000000 __RDO () C:\Users\Lucy\OneDrive2015-04-08 22:57 - 2015-02-05 21:14 - 00000924 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-04-08 22:56 - 2013-08-22 10:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-04-08 22:56 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\BBI2015-04-08 22:53 - 2015-02-05 20:08 - 00000000 ____D () C:\Users\Lucy2015-04-08 22:49 - 2015-02-05 22:49 - 00000000 ___DC () C:\Users\Lucy\AppData\Local\MigWiz2015-04-08 22:49 - 2015-01-26 22:21 - 00000000 ____D () C:\windows\Panther2015-04-08 22:24 - 2015-02-05 21:14 - 00000928 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-04-08 18:21 - 2013-08-22 15:12 - 00000000 ____D () C:\windows\ShellNew2015-04-08 17:51 - 2014-05-12 13:36 - 00000000 ____D () C:\Users\Lucy\AppData\Local\TB2015-04-08 17:51 - 2013-03-08 18:23 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\SearchProtect2015-04-08 17:51 - 2013-02-25 16:58 - 00000000 ____D () C:\Users\Lucy\AppData\Local\CRE2015-04-08 17:48 - 2015-02-05 20:14 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2576653244-3294062963-2646520357-10012015-04-07 15:33 - 2013-08-22 11:20 - 00000000 ____D () C:\windows\CbsTemp2015-04-05 21:19 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppReadiness2015-04-05 21:14 - 2015-02-05 21:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-04-03 20:28 - 2015-01-26 22:40 - 00994404 _____ () C:\windows\system32\PerfStringBackup.INI2015-04-03 14:31 - 2015-02-05 21:15 - 00002165 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-04-02 21:30 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\ELAM2015-04-02 21:27 - 2015-02-05 21:29 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00271200 _____ () C:\windows\system32\Drivers\aswVmm.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00136752 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00088408 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys2015-04-02 21:27 - 2015-02-05 21:29 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys2015-04-02 21:26 - 2015-02-05 21:29 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys2015-04-01 18:11 - 2015-02-06 17:11 - 00110592 ___SH () C:\Users\Lucy\Desktop\Thumbs.db2015-03-31 17:02 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\rescache2015-03-27 16:51 - 2009-09-12 17:14 - 00000000 ____D () C:\Users\Lucy\Documents\Email2015-03-26 21:54 - 2012-06-08 14:35 - 00000421 _____ () C:\Users\Lucy\Desktop\Movie List.txt2015-03-25 14:02 - 2015-02-07 14:21 - 00000000 ___SD () C:\windows\system32\CompatTel2015-03-25 14:02 - 2015-02-07 14:21 - 00000000 ____D () C:\windows\system32\appraiser2015-03-21 16:27 - 2015-01-26 23:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-03-17 14:50 - 2007-10-22 16:22 - 00000000 ____D () C:\Users\Lucy\Documents\ChurchLibrary2015-03-15 21:05 - 2013-08-22 10:44 - 00400296 _____ () C:\windows\system32\FNTCACHE.DAT2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\windows\ToastData2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\WinStore2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender2015-03-14 22:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2015-03-13 23:21 - 2015-02-05 22:50 - 00000000 ____D () C:\windows\system32\MRT2015-03-13 23:18 - 2015-02-05 22:50 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2015-03-10 22:05 - 2010-03-02 17:02 - 00000000 ____D () C:\Users\Lucy\Documents\AudioStories ==================== Files in the root of some directories ======= 2011-03-28 16:22 - 2005-01-12 17:53 - 1233920 ____R (Microsoft Corporation) C:\Users\Lucy\AppData\Roaming\msxml4.dll2011-03-28 16:22 - 2005-01-12 17:53 - 0044544 ____R (Microsoft Corporation) C:\Users\Lucy\AppData\Roaming\msxml4a.dll2005-01-12 17:53 - 2005-01-12 17:53 - 0082432 ____R (Microsoft Corporation) C:\Users\Lucy\AppData\Roaming\msxml4r.dll2009-09-20 22:00 - 2014-05-07 17:53 - 0006151 _____ () C:\Users\Lucy\AppData\Roaming\PrimoPDFSet.xml2011-08-24 09:48 - 2015-02-05 16:35 - 0001330 _____ () C:\Users\Lucy\AppData\Roaming\wklnhst.dat2013-06-07 14:08 - 2014-07-05 15:30 - 0006144 _____ () C:\Users\Lucy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2015-03-13 14:13 - 2015-03-13 14:13 - 0628688 _____ (CMI Limited) C:\Users\Lucy\AppData\Local\nsnE2FE.tmp2014-06-19 21:55 - 2014-06-19 21:55 - 0007606 _____ () C:\Users\Lucy\AppData\Local\Resmon.ResmonCfg2012-12-19 00:14 - 2012-12-19 09:53 - 0002217 _____ () C:\Users\Lucy\AppData\Local\Win7_tmp1.htm2012-12-19 09:55 - 2012-12-19 09:55 - 0000419 _____ () C:\Users\Lucy\AppData\Local\Win7_Upgrade.bat2015-01-27 00:29 - 2015-01-27 00:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl2015-01-26 23:11 - 2015-01-26 23:12 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log2015-01-26 23:06 - 2015-01-26 23:07 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log2015-01-26 23:07 - 2015-01-26 23:09 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log2015-01-26 23:09 - 2015-01-26 23:11 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log2015-01-26 23:05 - 2015-01-26 23:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Files to move or delete:====================C:\Users\Lucy\cc_20150408_225306.reg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-07 19:21 ==================== End Of Log ============================...............................................................................................................................
  4. I received a notification Avast for this. A full scan with Malwarebytes did not find anything. I wasn't doing anything in particular at the time, I had just turned on this laptop and had signed on to Skype. My Firefox opened up all of a sudden and sent me to a weird link, though it never connected. I quickly closed out of it. Then the Avast notification came. I wasn't exactly sure if I was infected or not, because I couldn't find anything specfic. I asked in another section of this forum and something suspicious was found by a admin. DDS.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2 Run by Brandon at 13:14:20 on 2014-01-31 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2812.1624 [GMT -8:00] . AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes ================ . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\atiesrxx.exe C:\windows\system32\atieclxx.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\windows\Explorer.EXE C:\windows\system32\Dwm.exe C:\windows\System32\spoolsv.exe C:\windows\system32\taskhost.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\SafeConnect\scManager.sys C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ltmoh\ltmoh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\Program Files\TOSHIBA\TECO\TEco.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Logitech\G930\G930.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\SafeConnect\scClient.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\windows\system32\taskeng.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\windows\system32\conhost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - c:\program files\alwil software\avast5\aswWebRepIE.dll uRun: [Google Update] "c:\users\brandon\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [steam] "c:\program files\steam\steam.exe" -silent mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE mRun: [smoothView] c:\program files\toshiba\smoothview\SmoothView.exe mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe mRun: [TosWaitSrv] c:\program files\toshiba\tphm\TosWaitSrv.exe mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun mRun: [smartFaceVWatcher] c:\program files\toshiba\smartfacev\SmartFaceVWatcher.exe mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [Logitech G930] c:\program files\logitech\g930\G930.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files\amd avt\bin\kdbsync.exe" aml mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start StartupFolder: c:\users\brandon\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\safeco~1.lnk - c:\program files\safeconnect\scClient.exe mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{39BB13CB-6A22-4B48-A8F9-233FEC078B5C} : DHCPNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{39BB13CB-6A22-4B48-A8F9-233FEC078B5C}\144545434303 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{39BB13CB-6A22-4B48-A8F9-233FEC078B5C}\2656C6B696E6E233163646 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{39BB13CB-6A22-4B48-A8F9-233FEC078B5C}\351636C496E6B6 : DHCPNameServer = 130.86.251.251 130.86.249.249 TCP: Interfaces\{39BB13CB-6A22-4B48-A8F9-233FEC078B5C}\645627E616E64656A7 : DHCPNameServer = 192.168.2.1 192.168.2.1 TCP: Interfaces\{74CC988E-1FB8-436E-906D-FC34EA20A600} : DHCPNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP . ================= FIREFOX =================== . FF - ProfilePath - c:\users\brandon\appdata\roaming\mozilla\firefox\profiles\osrnedtv.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\brandon\appdata\local\google\update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-15 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-15 180248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-8 775952] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-12-2 410528] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-4-29 217088] R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2013-4-29 291840] R2 AODDriver4.1;AODDriver4.1;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-3-5 45184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-12-2 67824] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2014-1-21 50344] R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712] R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2014-1-23 1677136] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein hamachi\LMIGuardianSvc.exe [2013-12-13 375056] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-19 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-28 701512] R2 RSELSVC;TOSHIBA Modem region select service;c:\program files\toshiba\rselect\RSelSvc.exe [2009-7-7 62832] R2 SCManager;SafeConnect Manager;c:\program files\safeconnect\scManager.sys [2011-2-23 176520] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-11 185712] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920] R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2013-10-27 37944] R3 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-1-21 64168] R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-10-8 7680] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-28 22856] R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-10-8 24064] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-10-8 187392] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-9-17 111960] R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-12-13 108032] S3 LADF_BakerCOnly;BakerC Filter Driver;c:\windows\system32\drivers\ladfBakerCi386.sys [2011-3-18 378568] S3 LADF_BakerROnly;BakerR Filter Driver;c:\windows\system32\drivers\ladfBakerRi386.sys [2011-3-18 312136] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-10-8 171520] S3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-10-8 54136] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-13 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-25 1343400] . =============== Created Last 30 ================ . 2014-01-31 11:03:59 -------- d-----w- c:\users\brandon\appdata\local\CrashDumps 2014-01-31 07:09:47 7760024 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c76549b8-a6c2-4ebb-9646-7e300ec38e3a}\mpengine.dll 2014-01-28 19:07:00 -------- d-----w- c:\program files\LogMeIn Hamachi 2014-01-25 07:15:27 -------- d-----w- C:\AdwCleaner 2014-01-25 07:04:39 -------- d-----w- c:\windows\ERUNT 2014-01-25 06:45:17 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-01-25 06:42:58 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-01-22 07:14:12 64168 ----a-w- c:\windows\system32\drivers\aswstm.sys 2014-01-22 07:12:29 2349056 ----a-w- c:\windows\system32\win32k.sys 2014-01-22 07:12:23 240576 ----a-w- c:\windows\system32\drivers\netio.sys 2014-01-22 07:12:20 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2014-01-22 07:12:20 6016 ----a-w- c:\windows\system32\drivers\usbd.sys 2014-01-22 07:12:20 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys 2014-01-22 07:12:20 284672 ----a-w- c:\windows\system32\drivers\usbport.sys 2014-01-22 07:12:20 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys 2014-01-22 07:12:19 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2014-01-22 07:12:19 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys 2014-01-22 07:11:41 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . ==================== Find3M ==================== . 2014-01-28 18:56:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-01-28 18:56:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-01-22 07:13:21 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-01-22 07:13:21 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-01-22 07:13:19 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-01-22 07:13:16 43152 ----a-w- c:\windows\avastSS.scr 2013-12-18 14:13:56 231584 ------w- c:\windows\system32\MpSigStub.exe 2013-11-26 09:23:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2013-11-26 09:22:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2013-11-26 08:53:56 61952 ----a-w- c:\windows\system32\iesetup.dll 2013-11-26 08:52:26 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll 2013-11-26 08:29:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe 2013-11-26 08:29:52 108032 ----a-w- c:\windows\system32\ieetwcollector.exe 2013-11-26 08:28:16 553472 ----a-w- c:\windows\system32\jscript9diag.dll 2013-11-26 08:16:12 4243968 ----a-w- c:\windows\system32\jscript9.dll 2013-11-26 07:32:06 1928192 ----a-w- c:\windows\system32\inetcpl.cpl 2013-11-26 06:33:33 1820160 ----a-w- c:\windows\system32\wininet.dll 2013-11-25 06:47:59 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-11-25 06:47:59 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-11-23 18:26:20 417792 ----a-w- c:\windows\system32\WMPhoto.dll 2013-11-12 02:07:29 2048 ----a-w- c:\windows\system32\tzres.dll . ============= FINISH: 13:15:03.01 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 11/29/2009 12:53:41 AM System Uptime: 1/31/2014 1:02:14 PM (0 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: AMD Turion™ II Dual-Core Mobile M500 | Socket S1G3 | 2200/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 289 GiB total, 194.504 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP268: 1/28/2014 7:48:47 PM - 2014-01-24 . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 10 ActiveX Adobe Flash Player 12 Plugin Adobe Reader 9.1 Age of Empires II: HD Edition AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD VISION Engine Control Center avast! Free Antivirus Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Combined Community Codec Pack 2011-07-30 Compatibility Pack for the 2007 Office system Google Chrome Google Toolbar for Internet Explorer Google Update Helper Java 7 Update 51 Java Auto Updater Junk Mail filter update Katawa Shoujo Label@Once 1.0 League of Legends Left 4 Dead 2 Logitech G930 LogMeIn Hamachi LSI V92 MOH Application Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft Works Microsoft XNA Framework Redistributable 3.1 Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyToshiba Norton Internet Security OGA Notifier 2.0.0048.0 PlayReady PC Runtime x86 Quickbooks Financial Center Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver SafeConnect Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition Sid Meier's Civilization V Skype Launcher Skype™ 6.11 Steam Synaptics Pointing Device Driver Toshiba Application and Driver Installer TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Internal Modem Region Select Utility Toshiba Online Backup TOSHIBA PC Health Monitor Toshiba Quality Application TOSHIBA Recovery Media Creator TOSHIBA Service Station TOSHIBA Software Modem TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Ventrilo Client War Thunder WildTangent Games Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer WinRAR 4.00 (32-bit) . ==== Event Viewer Messages From Past Week ======== . 1/31/2014 3:10:03 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 1/31/2014 3:09:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 1/31/2014 3:09:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 1/31/2014 3:09:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 1/31/2014 3:09:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 1/31/2014 3:09:27 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 1/31/2014 3:09:19 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 1/31/2014 3:09:13 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswRvrt aswSnx aswSP aswVmm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 1/31/2014 3:09:11 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 1/31/2014 1:03:03 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{39BB13CB-6A22-4B48-A8F9-233FEC078B5C} because another computer on the network has the same name. The server could not start. 1/31/2014 1:03:03 PM, Error: NetBT [4321] - The name "BRANDON-PC :20" could not be registered on the interface with IP address 10.0.0.23. The computer with the IP address 10.0.0.22 did not allow the name to be claimed by this computer. 1/31/2014 1:02:40 PM, Error: NetBT [4321] - The name "BRANDON-PC :0" could not be registered on the interface with IP address 10.0.0.23. The computer with the IP address 10.0.0.22 did not allow the name to be claimed by this computer. 1/30/2014 2:15:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 1/30/2014 2:15:45 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/28/2014 7:32:26 PM, Error: Service Control Manager [7022] - The AMD FUEL Service service hung on starting. 1/28/2014 11:07:32 AM, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 1/28/2014 10:59:54 AM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================
  5. Hi I have 20 websites on this IP address, on goDaddy and since some time they are blocked Avast tells me it is not Avast It says that there are maybe 1000 websites hosted , and the whole IP is blocked so looks like I cannot do anything, since it is NOT my webpages that are blocking thanx for any solutions
  6. Esta é a mensagem que tenho recebido constantemente do AVAST. Sempre que abro o browser ...sempre abre uma segunda janela que foi direcionada para outros dominios. como exemplo: o ultimo foi este: http://newsalert.timehares.com/?sov=62570201&hid=fpnprltlhjhjhvnj&ctrl1=nodl&id=XNSX.nodl O avast entra em ação e mostra essa mensagem URL: http://newsalert.timehares.com/?sov Process: C:\Users\Sandro Zanini\AppData\Local\Map... Infection: URL:Mal Tenho instalado também o Malwarebytes mas mesmo fazendo scan completo não consegui me livrar dessa praga. Seguindo as instruções, segue os log do DDS: Agradeço antecipadamente. Sandro Zanini attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.