Xalchs Posted January 7, 2013 ID:631472 Share Posted January 7, 2013 DDS:DDS (Ver_2012-11-20.01).Microsoft Windows 8Boot Device: \Device\HarddiskVolume3Install Date: 28/11/2012 18:12:13System Uptime: 07/01/2013 20:33:23 (2 hours ago).Motherboard: Acer | | VA50_HC_CRProcessor: Intel® Core i7-3630QM CPU @ 2.40GHz | U3E1 | 1200/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 675 GiB total, 308.448 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}Description: Bluetooth USB ModuleDevice ID: USB\VID_0489&PID_E04E\6&226C637B&0&1Manufacturer: Qualcomm Atheros CommunicationsName: Bluetooth USB ModulePNP Device ID: USB\VID_0489&PID_E04E\6&226C637B&0&1Service: BTHUSB.==== System Restore Points ===================.RP2: 06/01/2013 01:12:40 - Scheduled Checkpoint.==== Installed Programs ======================. clear.fi SDK- Movie 2 clear.fi SDK - Video 2Acer Backup ManagerAcer Device Fast-laneAcer Instant Update ServiceAcer Power ManagementAcer Recovery ManagementAcerCloudAcerCloud DocsAdobe AIRAdobe Download AssistantAdobe Photoshop CS6Agatha Christie - Death on the NileAkamai NetSession InterfaceAloha TriPeaksAudacity 2.0.2Autodesk 3ds Max Design 2013 64-bitAutodesk Backburner 2013.0.0Autodesk Civil View for 3ds Max Design 2013Autodesk DirectConnect 2013 64-bitAutodesk Download ManagerAutodesk Essential Skills Movies for 3ds Max Design 2013 64-bitAutodesk FBX Plug-in 2013.1 - 3ds Max Design 2013 64-bitAutodesk Inventor Server Engine for 3ds Max Design 2013 64-bitAutodesk Material Library 2013Autodesk Material Library Base Resolution Image Library 2013Autodesk Material Library Medium Resolution Image Library 2013Autodesk Network License ManagerAutodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bitavast! Free AntivirusBackup Manager v4Bejeweled 3Broadcom Card Reader Driver InstallerCamtasia Studio 8Cave Story+CCleanerclear.fi Mediaclear.fi PhotoComposite 2013 64-bitCyberLink MediaEspresso 6.5D3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDelicious: Emily's True Love Premium EditionDolby Home Theater v4DropboxeBay WorldwideETDWare PS/2-X64 11.6.4.001_WHQLFar Cry® 3FileZilla Client 3.6.0.2Final Drive: NitroFraps (remove only)Garry's ModGoogle ChromeGoogle Update HelperGovernor of Poker 2 Premium EditionHyperCam 2Identity CardIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® Rapid Storage TechnologyIntel® SDK for OpenCL - CPU Only Runtime PackageIntel® Trusted Connect Service ClientIsland TribeJava 7 Update 9Java Auto UpdaterJewel Match 3John Deere Drive GreenLaunch ManagerLeague of LegendsLive UpdaterMagic AcademyMalwarebytes Anti-Malware version 1.70.0.1100Metro 2033Microsoft Application Error ReportingMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Home and Student 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual Studio 2005 Tools for Office RuntimeMicrosoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Movie MakerMSVCRTMSVCRT RedistsMSVCRT110MSVCRT110_amd64MyWinLockerMyWinLocker 4MyWinLocker SuiteNorton Online BackupNorton Online Backup ARANTI Media Maker 9NVIDIA Control Panel 306.97NVIDIA Graphics Driver 306.97NVIDIA Install ApplicationNVIDIA Optimus 1.10.8NVIDIA PhysXNVIDIA PhysX System Software 9.12.0613NVIDIA Update 1.10.8NVIDIA Update ComponentsOffice AddinOrcs Must Die!Orcs Must Die! 2Pando Media BoosterPDF Settings CS6Penguins!Photo CommonPhoto GalleryPlanetSide 2Plants vs. Zombies - Game of the YearPolar BowlerPortalPortal 2PunkBuster ServicespuushQualcomm Atheros Bluetooth Suite (64)Qualcomm Atheros WiFi Driver InstallationRealtek High Definition Audio DriverSandboxie 3.76 (64-bit)Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589337) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2597986) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687501) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit EditionSecurity Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760410) 32-Bit EditionShared C Run-time for x64ShredderSid Meier's Civilization VSkype Click to CallSkype™ 6.0Sony Vegas Pro 8.0SpotifySteamSystem Requirements Lab CYRITales of LagoonaUpdate for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687509) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2687277) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUpdate Installer for WildTangent Games AppUplayVegas Pro 12.0 (64-bit)Visual Studio Tools for the Office system 3.0 RuntimeVisual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)WildTangent GamesWildTangent Games AppWindows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWinRAR 4.20 (32-bit)World of WarcraftXiph.Org Open Codecs 0.85.17777Zuma's Revenge.==== Event Viewer Messages From Past Week ========.07/01/2013 20:36:14, Error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The system cannot find the file specified.07/01/2013 20:36:14, Error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The system cannot find the file specified.07/01/2013 20:34:56, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.07/01/2013 20:34:56, Error: Service Control Manager [7024] - 07/01/2013 20:34:07, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The system cannot find the file specified.07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9000000024417. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x8000000027dce. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x60000000471df. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x4000000033aeb. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000033649. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000024f5f. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000024e86. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x30000000224dd. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x30000000224c4. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2e000000033a80. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003a8cc. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000336f9. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003356b. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003353e. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000025255. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000024d4c. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000002403a. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000002267d. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000224cd. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000001d3fa. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1b000000027a6f. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000003cb01. The name of the file is "<unable to determine file name>".07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x10000000224bd. The name of the file is "<unable to determine file name>"..==== End Of File =========================== Link to post Share on other sites More sharing options...
Xalchs Posted January 7, 2013 Author ID:631473 Share Posted January 7, 2013 DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.9.2Run by jordan at 22:49:11 on 2013-01-07Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.8007.4683 [GMT 0:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\dwm.exeC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\Sandboxie\SbieSvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Bluetooth Suite\adminservice.exeC:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exeC:\Program Files (x86)\Launch Manager\dsiwmis.exeC:\Windows\system32\dashost.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\system32\mfevtps.exeC:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\RfBtnSvc64.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\taskhostex.exeC:\Program Files (x86)\Launch Manager\LMutilps32.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\Acer\Acer Power Management\ePowerTray.exeC:\Program Files\Acer\Acer Power Management\ePowerSvc.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\igfxext.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files (x86)\Launch Manager\MMDx64Fx.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Acer\Acer Power Management\ePowerEvent.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Program Files\Elantech\ETDCtrl.exec:\Program Files (x86)\Bluetooth Suite\BtTray.exec:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\puush\puush.exeC:\Users\jordan\AppData\Local\Akamai\netsession_win.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files\Sandboxie\SbieCtrl.exeC:\Users\jordan\AppData\Local\Akamai\netsession_win.exeC:\Users\jordan\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exeC:\Dolby PCEE4\pcee4.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\EgisTec IPS\PMMUpdate.exeC:\Program Files\EgisTec IPS\EgisUpdate.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://acer13.msn.comuDefault_Page_URL = hxxp://acer13.msn.commStart Page = hxxp://acer13.msn.comuProxyOverride = <local>mWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silentuRun: [AdobeBridge] <no file>mRun: [bakupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -hmRun: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostartmRun: [LManager] <no file>dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}StartupFolder: C:\Users\jordan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\jordan\AppData\Roaming\Dropbox\bin\Dropbox.exemPolicies-System: DisableCAD = dword:1IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllTrusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comTCP: NameServer = 194.168.4.100 194.168.8.100TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B} : DHCPNameServer = 194.168.4.100 194.168.8.100TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\35B4951353434373 : DHCPNameServer = 192.168.0.1TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\56465727F616D6 : DHCPNameServer = 152.105.250.79 152.105.250.80TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\6796277696E6D65646961633634333230343 : DHCPNameServer = 194.168.4.100 194.168.8.100TCP: Interfaces\{A10F49CF-5495-47E9-9E07-DCA82E339E8D} : DHCPNameServer = 150.200.3.2Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= C:\Windows\SysWOW64\nvinit.dllSSODL: WebCheck - <orphaned>x64-mStart Page = hxxp://acer13.msn.comx64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [btPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-mPolicies-System: DisableCAD = dword:1x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-8-28 645952]R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-11-28 752672]R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-11-28 335784]R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2012-10-8 30056]R1 aswnet;avast! AG Firewall Core Driver;C:\Windows\System32\Drivers\aswnet.sys [2012-11-28 468144]R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2012-11-28 984144]R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2012-11-28 370288]R1 ccSet_NARA;NARA Settings Manager;C:\Windows\System32\Drivers\NARAx64\0401000.00A\ccSetx64.sys [2012-8-28 168608]R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\Drivers\mwlPSDFilter.sys [2012-8-3 22648]R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\Drivers\mwlPSDNserv.sys [2012-8-3 20520]R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\Drivers\mwlPSDVDisk.sys [2012-8-3 62776]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2012-11-28 25232]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2012-11-28 71600]R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-7-31 207488]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-28 44808]R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-7-27 2415760]R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-8-21 348784]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-28 165760]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-3 398184]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-3 682344]R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-11-28 237920]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-28 218320]R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-28 177144]R2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-9-15 86016]R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-7-11 3939008]R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2012-8-28 93296]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-28 364416]R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [2012-8-28 81536]R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\Drivers\b57xdbd.sys [2012-6-15 72280]R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\Drivers\b57xdmp.sys [2012-6-15 21080]R3 bScsiMSa;bScsiMSa;C:\Windows\System32\Drivers\bScsiMSa.sys [2012-6-18 55384]R3 bScsiSDa;bScsiSDa;C:\Windows\System32\Drivers\bScsiSDa.sys [2012-6-19 70744]R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2012-8-28 33944]R3 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-7-31 659600]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-8-11 315280]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-10 342528]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\Drivers\k57nd60a.sys [2012-6-2 425472]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-1-3 24176]R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-11-28 300392]R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-11-28 513456]R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2012-8-28 26736]R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-11-28 66720]S2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [?]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2012-8-28 88728]S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2012-8-28 344216]S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2012-8-28 114840]S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2012-8-28 178840]S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2012-8-28 76952]S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2012-8-28 135832]S3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2012-8-28 574616]S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-11-28 69672]S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-7-31 466064]S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-7-12 174160]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-20 1432400]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\Drivers\mferkdet.sys [2012-11-28 106112]S3 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-7-30 259136]S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656].=============== Created Last 30 ================.2013-01-04 00:01:31 -------- d-----r- C:\Sandbox2013-01-03 23:59:13 -------- d-----w- C:\Program Files\Sandboxie2013-01-03 23:37:19 -------- d-----w- C:\Program Files\CCleaner2013-01-03 22:59:54 -------- d-----w- C:\Users\jordan\AppData\Roaming\Malwarebytes2013-01-03 22:59:45 -------- d-----w- C:\ProgramData\Malwarebytes2013-01-03 22:59:42 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-01-03 22:59:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-01-03 22:59:34 -------- d-----w- C:\Users\jordan\AppData\Local\Programs2013-01-03 22:32:04 -------- d-----w- C:\Fraps2012-12-30 20:35:35 -------- d-----w- C:\Program Files\HyperCam 22012-12-30 18:47:44 -------- d-----w- C:\Windows\en2012-12-30 18:47:24 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition2012-12-30 18:45:58 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\DSETUP.dll2012-12-30 18:45:58 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\DXSETUP.exe2012-12-30 18:45:58 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\dsetup32.dll2012-12-30 18:45:56 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\DSETUP.dll2012-12-30 18:45:56 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\DXSETUP.exe2012-12-30 18:45:56 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\dsetup32.dll2012-12-30 18:45:52 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\DSETUP.dll2012-12-30 18:45:52 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\DXSETUP.exe2012-12-30 18:45:52 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\dsetup32.dll2012-12-30 18:45:48 -------- d-----w- C:\Users\jordan\AppData\Local\Windows Live2012-12-30 18:45:00 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live2012-12-30 18:19:38 -------- d-----w- C:\Program Files (x86)\Sony Setup2012-12-30 17:45:38 -------- d-----w- C:\Users\jordan\AppData\Roaming\TechSmith2012-12-30 17:45:34 -------- d-----w- C:\Users\jordan\AppData\Local\TechSmith2012-12-30 17:37:17 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared2012-12-30 17:34:18 -------- d-----w- C:\Users\jordan\AppData\Local\Sony2012-12-30 17:34:18 -------- d-----w- C:\Program Files\Sony2012-12-30 17:34:18 -------- d-----w- C:\Program Files (x86)\Sony2012-12-30 17:28:39 -------- d-----w- C:\Program Files (x86)\Audacity2012-12-21 15:12:20 362496 ----a-w- C:\Windows\System32\atmfd.dll2012-12-21 15:12:20 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll2012-12-21 15:12:19 46080 ----a-w- C:\Windows\System32\atmlib.dll2012-12-21 15:12:19 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll2012-12-20 22:22:12 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr2012-12-20 22:22:05 -------- d-----w- C:\Users\jordan\AppData\Local\PunkBuster2012-12-20 22:15:35 -------- d-----w- C:\Users\jordan\AppData\Local\Ubisoft Game Launcher2012-12-20 22:15:20 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe2012-12-20 22:15:20 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex02012-12-20 22:15:17 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe2012-12-20 20:10:36 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared2012-12-20 20:02:51 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared2012-12-20 17:05:46 -------- d-----w- C:\Program Files (x86)\Autodesk2012-12-20 16:14:46 -------- d-----w- C:\Program Files\Autodesk2012-12-20 16:14:27 -------- d-----w- C:\Users\jordan\AppData\Roaming\Autodesk2012-12-20 16:14:11 -------- d-----w- C:\Autodesk2012-12-20 16:13:54 -------- d-----w- C:\Users\jordan\AppData\Local\Autodesk2012-12-20 16:13:50 -------- d-----w- C:\Program Files (x86)\Common Files\Autodesk Shared2012-12-20 16:12:38 -------- d-----w- C:\Users\jordan\AppData\Local\Akamai2012-12-20 16:12:26 -------- d-----w- C:\ProgramData\Applications2012-12-20 10:39:14 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab2012-12-20 10:39:09 -------- d-----w- C:\Users\jordan\SystemRequirementsLab2012-12-16 17:55:02 890880 ----a-w- C:\Windows\SysWow64\msctf.dll2012-12-16 17:55:02 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll2012-12-16 17:55:02 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll2012-12-16 17:55:02 1120768 ----a-w- C:\Windows\System32\msctf.dll2012-12-16 17:55:00 641536 ----a-w- C:\Windows\System32\WSShared.dll2012-12-16 17:54:59 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll2012-12-16 17:54:59 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll2012-12-16 17:54:59 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll2012-12-16 17:54:59 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll2012-12-16 17:54:59 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll2012-12-16 00:24:13 -------- d-----w- C:\ProgramData\Blizzard Entertainment2012-12-16 00:24:13 -------- d-----w- C:\Program Files (x86)\World of Warcraft2012-12-16 00:24:13 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment2012-12-16 00:23:31 -------- d-----w- C:\ProgramData\Battle.net2012-12-15 22:47:46 -------- d-----w- C:\Users\jordan\AppData\Roaming\puush2012-12-15 22:47:37 -------- d-----w- C:\Program Files (x86)\puush2012-12-15 17:09:03 -------- d-----w- C:\Users\jordan\AppData\Local\clear.fi2012-12-15 16:51:08 -------- d-----w- C:\Users\jordan\AppData\Local\assembly2012-12-15 16:39:21 -------- d-----w- C:\Windows\PCHEALTH2012-12-15 16:36:59 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services2012-12-15 16:36:47 -------- d-----w- C:\Users\jordan\AppData\Local\Microsoft Help2012-12-15 16:34:12 -------- d-----w- C:\Users\jordan\AppData\Local\MicrosoftStore2012-12-13 21:05:45 213696 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10187.bin2012-12-13 18:24:10 -------- d-----r- C:\Users\jordan\Dropbox2012-12-13 18:20:07 -------- d-----w- C:\Users\jordan\AppData\Roaming\Dropbox2012-12-13 15:00:24 144384 ----a-w- C:\Windows\System32\tssdisai.dll2012-12-13 15:00:24 135680 ----a-w- C:\Windows\System32\appserverai.dll2012-12-13 15:00:24 126976 ----a-w- C:\Windows\System32\RDWebAI.dll2012-12-13 15:00:24 122880 ----a-w- C:\Windows\System32\VmHostAI.dll2012-12-13 15:00:21 148480 ----a-w- C:\Windows\System32\poqexec.exe2012-12-13 15:00:21 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe2012-12-12 22:53:11 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll2012-12-12 22:53:11 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll2012-12-12 21:48:45 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2012-12-12 21:48:45 2048 ----a-w- C:\Windows\System32\tzres.dll2012-12-12 21:48:41 945152 ----a-w- C:\Windows\System32\resetengmig.dll2012-12-12 21:48:41 443392 ----a-w- C:\Windows\System32\ReAgent.dll2012-12-12 21:48:41 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll2012-12-12 21:48:41 132096 ----a-w- C:\Windows\System32\sysreset.exe2012-12-12 21:48:41 1009664 ----a-w- C:\Windows\System32\reseteng.dll2012-12-12 20:54:56 4056576 ----a-w- C:\Windows\System32\win32k.sys2012-12-12 14:02:42 -------- d-----w- C:\Users\jordan\AppData\Local\My Games2012-12-11 18:50:14 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll2012-12-11 18:50:14 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll2012-12-11 18:50:13 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll2012-12-11 18:46:02 -------- d-----w- C:\Riot Games2012-12-11 18:02:24 -------- d-----w- C:\Users\jordan\AppData\Local\PMB Files2012-12-11 18:02:23 -------- d-----w- C:\ProgramData\PMB Files2012-12-11 18:01:17 -------- d-----w- C:\Users\jordan\.swt2012-12-09 19:30:40 -------- d-----w- C:\Users\jordan\AppData\Local\Red 5 Studios2012-12-09 17:46:18 -------- d-----w- C:\Program Files (x86)\Xiph.Org2012-12-09 17:46:12 -------- d--h--w- C:\Windows\msdownld.tmp2012-12-09 17:46:11 -------- d-----w- C:\Windows\SysWow64\directx2012-12-09 17:45:27 -------- d-----w- C:\Program Files (x86)\Red 5 Studios.==================== Find3M ====================.2012-11-29 23:06:06 80736 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-11-29 23:06:06 695648 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-11-29 20:11:19 468144 ----a-w- C:\Windows\System32\drivers\aswnet.sys2012-11-28 22:54:33 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2012-11-28 22:54:30 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2012-11-28 22:54:30 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll2012-11-27 08:52:58 595456 ----a-w- C:\Windows\SysWow64\tsccvid64.dll2012-11-27 08:52:58 571392 ----a-w- C:\Windows\SysWow64\tsccvid.dll2012-11-26 18:20:50 270848 ----a-w- C:\Windows\SysWow64\tsc2_codec64.dll2012-11-26 18:20:50 234496 ----a-w- C:\Windows\SysWow64\tsc2_codec32.dll2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll2012-11-06 07:52:07 445160 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS2012-11-06 07:52:04 277736 ----a-w- C:\Windows\System32\drivers\msiscsi.sys2012-11-06 07:36:23 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys2012-11-06 07:36:14 96488 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys2012-11-06 07:35:34 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys2012-11-06 07:35:31 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys2012-11-06 07:33:46 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll2012-11-06 07:33:46 253512 ----a-w- C:\Windows\System32\audiodg.exe2012-11-06 07:33:45 490064 ----a-w- C:\Windows\System32\AudioEng.dll2012-11-06 07:33:45 447792 ----a-w- C:\Windows\System32\AudioSes.dll2012-11-06 07:33:30 1566432 ----a-w- C:\Windows\System32\ole32.dll2012-11-06 05:00:06 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll2012-11-06 05:00:06 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll2012-11-06 05:00:06 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll2012-11-06 04:54:13 2205696 ----a-w- C:\Windows\SysWow64\PrintConfig.dll2012-11-06 04:48:27 1150160 ----a-w- C:\Windows\SysWow64\ole32.dll2012-11-06 04:19:59 470016 ----a-w- C:\Windows\System32\wlanmsm.dll2012-11-06 04:18:58 84992 ----a-w- C:\Windows\SysWow64\fdWCN.dll2012-11-06 04:17:58 110080 ----a-w- C:\Windows\System32\dafWCN.dll2012-11-06 04:17:44 718848 ----a-w- C:\Windows\System32\BFE.DLL2012-11-06 04:17:43 2302464 ----a-w- C:\Windows\System32\authui.dll2012-11-06 04:17:42 785920 ----a-w- C:\Windows\System32\audiosrv.dll2012-11-06 04:17:41 169472 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll2012-11-06 04:17:35 2146816 ----a-w- C:\Windows\System32\actxprxy.dll2012-11-06 04:17:33 322560 ----a-w- C:\Windows\System32\aaclient.dll2012-11-06 04:17:32 212992 ----a-w- C:\Windows\System32\bthprops.cpl2012-11-06 04:00:44 99328 ----a-w- C:\Windows\System32\wushareduxresources.dll2012-11-06 04:00:17 16384 ----a-w- C:\Windows\System32\iscsilog.dll2012-11-06 03:58:53 9728 ----a-w- C:\Windows\System32\wlanhlp.dll2012-11-06 03:56:35 9728 ----a-w- C:\Windows\SysWow64\wlanhlp.dll2012-11-06 03:55:44 22528 ----a-w- C:\Windows\System32\drivers\fxppm.sys2012-11-06 03:55:09 212992 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys2012-11-06 03:55:02 90624 ----a-w- C:\Windows\System32\drivers\amdk8.sys2012-11-06 03:55:02 89088 ----a-w- C:\Windows\System32\drivers\intelppm.sys2012-11-06 03:55:02 88064 ----a-w- C:\Windows\System32\drivers\amdppm.sys2012-11-06 03:55:02 87552 ----a-w- C:\Windows\System32\drivers\processr.sys2012-11-06 03:54:40 74752 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS2012-11-06 03:54:09 859136 ----a-w- C:\Windows\System32\drivers\http.sys2012-11-06 03:53:56 51712 ----a-w- C:\Windows\System32\drivers\bthenum.sys2012-11-06 03:53:44 560640 ----a-w- C:\Windows\System32\drivers\afd.sys2012-11-06 03:53:12 1171968 ----a-w- C:\Windows\System32\drivers\bthport.sys2012-11-06 03:52:49 366080 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys2012-11-06 03:51:47 665600 ----a-w- C:\Windows\SysWow64\KernelBase.dll2012-11-03 05:26:40 34816 ----a-w- C:\Windows\System32\dpnsvr.exe2012-11-03 05:26:12 32256 ----a-w- C:\Windows\SysWow64\dpnsvr.exe2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhupnp.dll2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhpast.dll2012-11-03 05:24:34 58880 ----a-w- C:\Windows\SysWow64\dpnathlp.dll2012-11-03 05:24:34 375808 ----a-w- C:\Windows\SysWow64\dpnet.dll2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhupnp.dll2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhpast.dll2012-11-03 05:24:11 67584 ----a-w- C:\Windows\System32\dpnathlp.dll2012-11-03 05:24:11 463872 ----a-w- C:\Windows\System32\dpnet.dll2012-11-03 05:04:21 4096 ----a-w- C:\Windows\System32\dpnlobby.dll2012-11-03 05:04:19 3584 ----a-w- C:\Windows\System32\dpnaddr.dll2012-11-03 05:00:54 3072 ----a-w- C:\Windows\SysWow64\dpnlobby.dll2012-11-03 05:00:53 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr.============= FINISH: 22:49:52.19 =============== Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631591 Share Posted January 8, 2013 Welcome to the forum....What issues are you having???Please remove any usb or external drives from the computer before you run this scan!Please download and run RogueKiller to your desktop.Quit all running programs.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.Click Scan to scan the system.When the scan completes > Close out the program > Don't Fix anything!Don't run any other options, they're not all bad!!!!!!!Post back the report which should be located on your desktop.MrCPlease don't run any other scans, download, install or uninstall any programs while I'm working with you.Please stick with me until I give you the "all clear".------->Your topic will be closed if you haven't replied within 3 days!<--------(If I don't respond within 24 hours, please send me a PM) Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631615 Share Posted January 8, 2013 RogueKiller V8.4.2 [Jan 6 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 8 (6.2.9200 ) 64 bits versionStarted in : Normal modeUser : jordan [Admin rights]Mode : Scan -- Date : 01/08/2013 15:16:18¤¤¤ Bad processes : 2 ¤¤¤[sUSP PATH] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe -> KILLED [TermProc][RESIDUE] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe -> KILLED [TermProc]¤¤¤ Registry Entries : 3 ¤¤¤[TASK][sUSP PATH] Funmoods : C:\Users\jordan\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE /Check -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: WDC WD7500BPVT-22HXZT3 +++++--- User ---[MBR] a28acfdbbcabbc589d67099ef5b3cfce[bSP] 646baac4cfb0869c0929879fc315b231 : MBR Code unknownPartition table:0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 715404 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_01082013_02d1516.txt >>RKreport[1]_S_01082013_02d1516.txt Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631616 Share Posted January 8, 2013 The issue i'm having is the fact while on youtube Malwarebytes keep's blocking suspicious websites from opening ranging from multiple IPs. Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631623 Share Posted January 8, 2013 The issue i'm having is the fact while on youtube Malwarebytes keep's blocking suspicious websites from opening ranging from multiple IPs.Sounds like MB is doing its job.Lets run some scans.....Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.MBAR tutorialDownload Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txtTo attach a log if needed:Bottom right corner of this page.New window that comes up.~~~~~~~~~~~~~~~~~~~~~~~Note:If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:Internet accessWindows UpdateWindows FirewallIf there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot.Verify that your system is now functioning normally.MrC Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631628 Share Posted January 8, 2013 The first test came up clear, Now moving onto second one.But before i do i keep getting a popup box when starting MBAR saying'Registry value "Applnit_Dlls" has been found, which may be caused by rootkit activity.Note: Press "No" button if you're not sure (Did that the first time i ran MBAR). If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.' Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631633 Share Posted January 8, 2013 Just follow the instructions that come up, MrC Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631638 Share Posted January 8, 2013 Heres the Logs.mbar-log-2013-01-08 (15-52-01).txtmbar-log-2013-01-08 (16-23-49).txtsystem-log.txt Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631645 Share Posted January 8, 2013 Next..............Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Give it at least 30-45 minutes to finish if needed.Please include the C:\ComboFix.txt in your next reply for further review.---------->NOTE<----------If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631648 Share Posted January 8, 2013 Next..............Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Give it at least 30-45 minutes to finish if needed.Please include the C:\ComboFix.txt in your next reply for further review.---------->NOTE<----------If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrCWhen i tried to run it i couldn't as its currently not compatible with windows 8. Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631656 Share Posted January 8, 2013 OK, I forgot you're running W8.............Please download AdwCleaner from here and save it on your Desktop.AdwCleaner is a reliable removal tool for adware, toolbar and potentially unwanted programs.AdwCleaner is a tool that deletes :· Adwares (software ads)· PUP/LPI (Potentially Undesirable Program)· Toolbars· Hijacker (Hijack of the browser's homepage)It works with a Search and Deletion methode. It can be easily uninstalled using the "Uninstall" mode. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.Now click on the Search tab.Please post the contents of the log-file created in your next post.Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.Please look over what was found, we're going to delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.MrC Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631657 Share Posted January 8, 2013 # AdwCleaner v2.105 - Logfile created 01/08/2013 at 17:12:07# Updated 08/01/2013 by Xplode# Operating system : Windows 8 (64 bits)# User : jordan - JORDS-LAPTOP# Boot Mode : Normal# Running from : C:\Users\jordan\Desktop\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****File Found : C:\Users\Public\Desktop\eBay.lnkFolder Found : C:\ProgramData\boost_interprocess***** [Registry] *****Key Found : HKCU\Software\InstallCoreKey Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXEKey Found : HKLM\Software\InstallCoreKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}***** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16453[OK] Registry is clean.-\\ Google Chrome v23.0.1271.97File : C:\Users\jordan\AppData\Local\Google\Chrome\User Data\Default\PreferencesFound [l.12] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtCtB0D0EyByE0FzztBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1667708790" ]Found [l.2130] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtCtB0D0EyByE0FzztBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1667708790" ]*************************AdwCleaner[R1].txt - [1542 octets] - [08/01/2013 17:12:07]########## EOF - C:\AdwCleaner[R1].txt - [1602 octets] ########## Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631660 Share Posted January 8, 2013 Adware found (funmoods)....lets clear it out.....Please re-run AdwCleanerClick on Delete button.Confirm each time with OK if asked.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.MrC Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631664 Share Posted January 8, 2013 # AdwCleaner v2.105 - Logfile created 01/08/2013 at 17:17:32# Updated 08/01/2013 by Xplode# Operating system : Windows 8 (64 bits)# User : jordan - JORDS-LAPTOP# Boot Mode : Normal# Running from : C:\Users\jordan\Desktop\adwcleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] *****Deleted on reboot : C:\ProgramData\boost_interprocessFile Deleted : C:\Users\Public\Desktop\eBay.lnk***** [Registry] *****Key Deleted : HKCU\Software\InstallCoreKey Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXEKey Deleted : HKLM\Software\InstallCoreKey Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}***** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16453[OK] Registry is clean.-\\ Google Chrome v23.0.1271.97File : C:\Users\jordan\AppData\Local\Google\Chrome\User Data\Default\PreferencesDeleted [l.12] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd[...]Deleted [l.2130] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2X[...]*************************AdwCleaner[R1].txt - [1669 octets] - [08/01/2013 17:12:07]AdwCleaner[R2].txt - [1729 octets] - [08/01/2013 17:14:54]AdwCleaner[R3].txt - [1789 octets] - [08/01/2013 17:17:20]AdwCleaner[s2].txt - [1542 octets] - [08/01/2013 17:17:32]########## EOF - C:\AdwCleaner[s2].txt - [1602 octets] ########## Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631669 Share Posted January 8, 2013 Any improvement?? MrC Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631670 Share Posted January 8, 2013 I've had no new 'suspicious attacks so far' so i'd assume it worked!Thanks alot Charlie i really appreciate your effort Link to post Share on other sites More sharing options...
Xalchs Posted January 8, 2013 Author ID:631672 Share Posted January 8, 2013 Ah speak of the devil.2013/01/08 17:38:50 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50145, Process: skype.exe)2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50146, Process: skype.exe)2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50147, Process: skype.exe)2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50149, Process: avastsvc.exe) Link to post Share on other sites More sharing options...
MrCharlie Posted January 8, 2013 ID:631683 Share Posted January 8, 2013 Like I said, it sounds like MB is doing it's job. There was an article about this on the forum:http://helpdesk.malw...ng-my-antivirusI don't see any malware on the system, If you would like to run some other scans.....Here's two:http://www.microsoft...us/default.aspx <---------Microsoft Safety Scannerhttp://security.syma...m/nbrt/npe.aspx <---Norton Power EraserLet me know.....MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 13, 2013 ID:633649 Share Posted January 13, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts