Jump to content

I'm Infected


Recommended Posts

DDS:

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8

Boot Device: \Device\HarddiskVolume3

Install Date: 28/11/2012 18:12:13

System Uptime: 07/01/2013 20:33:23 (2 hours ago)

.

Motherboard: Acer | | VA50_HC_CR

Processor: Intel® Core i7-3630QM CPU @ 2.40GHz | U3E1 | 1200/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 675 GiB total, 308.448 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Bluetooth USB Module

Device ID: USB\VID_0489&PID_E04E\6&226C637B&0&1

Manufacturer: Qualcomm Atheros Communications

Name: Bluetooth USB Module

PNP Device ID: USB\VID_0489&PID_E04E\6&226C637B&0&1

Service: BTHUSB

.

==== System Restore Points ===================

.

RP2: 06/01/2013 01:12:40 - Scheduled Checkpoint

.

==== Installed Programs ======================

.

clear.fi SDK- Movie 2

clear.fi SDK - Video 2

Acer Backup Manager

Acer Device Fast-lane

Acer Instant Update Service

Acer Power Management

Acer Recovery Management

AcerCloud

AcerCloud Docs

Adobe AIR

Adobe Download Assistant

Adobe Photoshop CS6

Agatha Christie - Death on the Nile

Akamai NetSession Interface

Aloha TriPeaks

Audacity 2.0.2

Autodesk 3ds Max Design 2013 64-bit

Autodesk Backburner 2013.0.0

Autodesk Civil View for 3ds Max Design 2013

Autodesk DirectConnect 2013 64-bit

Autodesk Download Manager

Autodesk Essential Skills Movies for 3ds Max Design 2013 64-bit

Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013 64-bit

Autodesk Inventor Server Engine for 3ds Max Design 2013 64-bit

Autodesk Material Library 2013

Autodesk Material Library Base Resolution Image Library 2013

Autodesk Material Library Medium Resolution Image Library 2013

Autodesk Network License Manager

Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit

avast! Free Antivirus

Backup Manager v4

Bejeweled 3

Broadcom Card Reader Driver Installer

Camtasia Studio 8

Cave Story+

CCleaner

clear.fi Media

clear.fi Photo

Composite 2013 64-bit

CyberLink MediaEspresso 6.5

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Delicious: Emily's True Love Premium Edition

Dolby Home Theater v4

Dropbox

eBay Worldwide

ETDWare PS/2-X64 11.6.4.001_WHQL

Far Cry® 3

FileZilla Client 3.6.0.2

Final Drive: Nitro

Fraps (remove only)

Garry's Mod

Google Chrome

Google Update Helper

Governor of Poker 2 Premium Edition

HyperCam 2

Identity Card

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel® Trusted Connect Service Client

Island Tribe

Java 7 Update 9

Java Auto Updater

Jewel Match 3

John Deere Drive Green

Launch Manager

League of Legends

Live Updater

Magic Academy

Malwarebytes Anti-Malware version 1.70.0.1100

Metro 2033

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Movie Maker

MSVCRT

MSVCRT Redists

MSVCRT110

MSVCRT110_amd64

MyWinLocker

MyWinLocker 4

MyWinLocker Suite

Norton Online Backup

Norton Online Backup ARA

NTI Media Maker 9

NVIDIA Control Panel 306.97

NVIDIA Graphics Driver 306.97

NVIDIA Install Application

NVIDIA Optimus 1.10.8

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.0613

NVIDIA Update 1.10.8

NVIDIA Update Components

Office Addin

Orcs Must Die!

Orcs Must Die! 2

Pando Media Booster

PDF Settings CS6

Penguins!

Photo Common

Photo Gallery

PlanetSide 2

Plants vs. Zombies - Game of the Year

Polar Bowler

Portal

Portal 2

PunkBuster Services

puush

Qualcomm Atheros Bluetooth Suite (64)

Qualcomm Atheros WiFi Driver Installation

Realtek High Definition Audio Driver

Sandboxie 3.76 (64-bit)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Shared C Run-time for x64

Shredder

Sid Meier's Civilization V

Skype Click to Call

Skype™ 6.0

Sony Vegas Pro 8.0

Spotify

Steam

System Requirements Lab CYRI

Tales of Lagoona

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update Installer for WildTangent Games App

Uplay

Vegas Pro 12.0 (64-bit)

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)

WildTangent Games

WildTangent Games App

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinRAR 4.20 (32-bit)

World of Warcraft

Xiph.Org Open Codecs 0.85.17777

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

07/01/2013 20:36:14, Error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The system cannot find the file specified.

07/01/2013 20:36:14, Error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The system cannot find the file specified.

07/01/2013 20:34:56, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

07/01/2013 20:34:56, Error: Service Control Manager [7024] -

07/01/2013 20:34:07, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The system cannot find the file specified.

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9000000024417. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x8000000027dce. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x60000000471df. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x4000000033aeb. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000033649. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000024f5f. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000024e86. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x30000000224dd. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x30000000224c4. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2e000000033a80. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003a8cc. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000336f9. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003356b. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000003353e. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000025255. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000024d4c. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000002403a. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000002267d. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x20000000224cd. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x200000001d3fa. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1b000000027a6f. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000003cb01. The name of the file is "<unable to determine file name>".

07/01/2013 19:47:25, Error: Ntfs [55] - A corruption was discovered in the file system structure on volume Acer. The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x10000000224bd. The name of the file is "<unable to determine file name>".

.

==== End Of File ===========================

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.9.2

Run by jordan at 22:49:11 on 2013-01-07

Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.8007.4683 [GMT 0:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\dwm.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Windows\system32\dashost.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\RfBtnSvc64.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskhostex.exe

C:\Program Files (x86)\Launch Manager\LMutilps32.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Acer\Acer Power Management\ePowerTray.exe

C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\igfxext.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Elantech\ETDCtrl.exe

c:\Program Files (x86)\Bluetooth Suite\BtTray.exe

c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\puush\puush.exe

C:\Users\jordan\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Users\jordan\AppData\Local\Akamai\netsession_win.exe

C:\Users\jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Dolby PCEE4\pcee4.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\EgisTec IPS\PMMUpdate.exe

C:\Program Files\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://acer13.msn.com

uDefault_Page_URL = hxxp://acer13.msn.com

mStart Page = hxxp://acer13.msn.com

uProxyOverride = <local>

mWinlogon: Userinit = userinit.exe,

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [AdobeBridge] <no file>

mRun: [bakupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h

mRun: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart

mRun: [LManager] <no file>

dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}

StartupFolder: C:\Users\jordan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe

mPolicies-System: DisableCAD = dword:1

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: NameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B} : DHCPNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\35B4951353434373 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\56465727F616D6 : DHCPNameServer = 152.105.250.79 152.105.250.80

TCP: Interfaces\{896013B9-04EB-4F11-A3EE-1B14DE6E816B}\6796277696E6D65646961633634333230343 : DHCPNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{A10F49CF-5495-47E9-9E07-DCA82E339E8D} : DHCPNameServer = 150.200.3.2

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = hxxp://acer13.msn.com

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [btPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-mPolicies-System: DisableCAD = dword:1

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-8-28 645952]

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-11-28 752672]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-11-28 335784]

R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2012-10-8 30056]

R1 aswnet;avast! AG Firewall Core Driver;C:\Windows\System32\Drivers\aswnet.sys [2012-11-28 468144]

R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2012-11-28 984144]

R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2012-11-28 370288]

R1 ccSet_NARA;NARA Settings Manager;C:\Windows\System32\Drivers\NARAx64\0401000.00A\ccSetx64.sys [2012-8-28 168608]

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\Drivers\mwlPSDFilter.sys [2012-8-3 22648]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\Drivers\mwlPSDNserv.sys [2012-8-3 20520]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\Drivers\mwlPSDVDisk.sys [2012-8-3 62776]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2012-11-28 25232]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2012-11-28 71600]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-7-31 207488]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-28 44808]

R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-7-27 2415760]

R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-8-21 348784]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-28 165760]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-3 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-3 682344]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-11-28 237920]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-28 218320]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-28 177144]

R2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-9-15 86016]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-7-11 3939008]

R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2012-8-28 93296]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-28 364416]

R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [2012-8-28 81536]

R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\Drivers\b57xdbd.sys [2012-6-15 72280]

R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\Drivers\b57xdmp.sys [2012-6-15 21080]

R3 bScsiMSa;bScsiMSa;C:\Windows\System32\Drivers\bScsiMSa.sys [2012-6-18 55384]

R3 bScsiSDa;bScsiSDa;C:\Windows\System32\Drivers\bScsiSDa.sys [2012-6-19 70744]

R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2012-8-28 33944]

R3 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-7-31 659600]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-8-11 315280]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-10 342528]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\Drivers\k57nd60a.sys [2012-6-2 425472]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-1-3 24176]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-11-28 300392]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-11-28 513456]

R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2012-8-28 26736]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]

S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-11-28 66720]

S2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2012-8-28 88728]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2012-8-28 344216]

S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2012-8-28 114840]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2012-8-28 178840]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2012-8-28 76952]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2012-8-28 135832]

S3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2012-8-28 574616]

S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]

S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-11-28 69672]

S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-7-31 466064]

S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-7-12 174160]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-20 1432400]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\Drivers\mferkdet.sys [2012-11-28 106112]

S3 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-7-30 259136]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]

.

=============== Created Last 30 ================

.

2013-01-04 00:01:31 -------- d-----r- C:\Sandbox

2013-01-03 23:59:13 -------- d-----w- C:\Program Files\Sandboxie

2013-01-03 23:37:19 -------- d-----w- C:\Program Files\CCleaner

2013-01-03 22:59:54 -------- d-----w- C:\Users\jordan\AppData\Roaming\Malwarebytes

2013-01-03 22:59:45 -------- d-----w- C:\ProgramData\Malwarebytes

2013-01-03 22:59:42 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-01-03 22:59:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-01-03 22:59:34 -------- d-----w- C:\Users\jordan\AppData\Local\Programs

2013-01-03 22:32:04 -------- d-----w- C:\Fraps

2012-12-30 20:35:35 -------- d-----w- C:\Program Files\HyperCam 2

2012-12-30 18:47:44 -------- d-----w- C:\Windows\en

2012-12-30 18:47:24 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2012-12-30 18:45:58 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\DSETUP.dll

2012-12-30 18:45:58 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\DXSETUP.exe

2012-12-30 18:45:58 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7363f441cde6bd03\dsetup32.dll

2012-12-30 18:45:56 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\DSETUP.dll

2012-12-30 18:45:56 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\DXSETUP.exe

2012-12-30 18:45:56 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4c785491cde6bd02\dsetup32.dll

2012-12-30 18:45:52 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\DSETUP.dll

2012-12-30 18:45:52 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\DXSETUP.exe

2012-12-30 18:45:52 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e3db77571cde6bd01\dsetup32.dll

2012-12-30 18:45:48 -------- d-----w- C:\Users\jordan\AppData\Local\Windows Live

2012-12-30 18:45:00 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2012-12-30 18:19:38 -------- d-----w- C:\Program Files (x86)\Sony Setup

2012-12-30 17:45:38 -------- d-----w- C:\Users\jordan\AppData\Roaming\TechSmith

2012-12-30 17:45:34 -------- d-----w- C:\Users\jordan\AppData\Local\TechSmith

2012-12-30 17:37:17 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared

2012-12-30 17:34:18 -------- d-----w- C:\Users\jordan\AppData\Local\Sony

2012-12-30 17:34:18 -------- d-----w- C:\Program Files\Sony

2012-12-30 17:34:18 -------- d-----w- C:\Program Files (x86)\Sony

2012-12-30 17:28:39 -------- d-----w- C:\Program Files (x86)\Audacity

2012-12-21 15:12:20 362496 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-21 15:12:20 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-21 15:12:19 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-21 15:12:19 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-20 22:22:12 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-12-20 22:22:05 -------- d-----w- C:\Users\jordan\AppData\Local\PunkBuster

2012-12-20 22:15:35 -------- d-----w- C:\Users\jordan\AppData\Local\Ubisoft Game Launcher

2012-12-20 22:15:20 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-12-20 22:15:20 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-12-20 22:15:17 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2012-12-20 20:10:36 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared

2012-12-20 20:02:51 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared

2012-12-20 17:05:46 -------- d-----w- C:\Program Files (x86)\Autodesk

2012-12-20 16:14:46 -------- d-----w- C:\Program Files\Autodesk

2012-12-20 16:14:27 -------- d-----w- C:\Users\jordan\AppData\Roaming\Autodesk

2012-12-20 16:14:11 -------- d-----w- C:\Autodesk

2012-12-20 16:13:54 -------- d-----w- C:\Users\jordan\AppData\Local\Autodesk

2012-12-20 16:13:50 -------- d-----w- C:\Program Files (x86)\Common Files\Autodesk Shared

2012-12-20 16:12:38 -------- d-----w- C:\Users\jordan\AppData\Local\Akamai

2012-12-20 16:12:26 -------- d-----w- C:\ProgramData\Applications

2012-12-20 10:39:14 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab

2012-12-20 10:39:09 -------- d-----w- C:\Users\jordan\SystemRequirementsLab

2012-12-16 17:55:02 890880 ----a-w- C:\Windows\SysWow64\msctf.dll

2012-12-16 17:55:02 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll

2012-12-16 17:55:02 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll

2012-12-16 17:55:02 1120768 ----a-w- C:\Windows\System32\msctf.dll

2012-12-16 17:55:00 641536 ----a-w- C:\Windows\System32\WSShared.dll

2012-12-16 17:54:59 523776 ----a-w- C:\Windows\SysWow64\WSShared.dll

2012-12-16 17:54:59 198656 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll

2012-12-16 17:54:59 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll

2012-12-16 17:54:59 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll

2012-12-16 17:54:59 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

2012-12-16 00:24:13 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2012-12-16 00:24:13 -------- d-----w- C:\Program Files (x86)\World of Warcraft

2012-12-16 00:24:13 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2012-12-16 00:23:31 -------- d-----w- C:\ProgramData\Battle.net

2012-12-15 22:47:46 -------- d-----w- C:\Users\jordan\AppData\Roaming\puush

2012-12-15 22:47:37 -------- d-----w- C:\Program Files (x86)\puush

2012-12-15 17:09:03 -------- d-----w- C:\Users\jordan\AppData\Local\clear.fi

2012-12-15 16:51:08 -------- d-----w- C:\Users\jordan\AppData\Local\assembly

2012-12-15 16:39:21 -------- d-----w- C:\Windows\PCHEALTH

2012-12-15 16:36:59 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2012-12-15 16:36:47 -------- d-----w- C:\Users\jordan\AppData\Local\Microsoft Help

2012-12-15 16:34:12 -------- d-----w- C:\Users\jordan\AppData\Local\MicrosoftStore

2012-12-13 21:05:45 213696 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10187.bin

2012-12-13 18:24:10 -------- d-----r- C:\Users\jordan\Dropbox

2012-12-13 18:20:07 -------- d-----w- C:\Users\jordan\AppData\Roaming\Dropbox

2012-12-13 15:00:24 144384 ----a-w- C:\Windows\System32\tssdisai.dll

2012-12-13 15:00:24 135680 ----a-w- C:\Windows\System32\appserverai.dll

2012-12-13 15:00:24 126976 ----a-w- C:\Windows\System32\RDWebAI.dll

2012-12-13 15:00:24 122880 ----a-w- C:\Windows\System32\VmHostAI.dll

2012-12-13 15:00:21 148480 ----a-w- C:\Windows\System32\poqexec.exe

2012-12-13 15:00:21 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe

2012-12-12 22:53:11 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2012-12-12 22:53:11 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2012-12-12 21:48:45 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-12-12 21:48:45 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-12-12 21:48:41 945152 ----a-w- C:\Windows\System32\resetengmig.dll

2012-12-12 21:48:41 443392 ----a-w- C:\Windows\System32\ReAgent.dll

2012-12-12 21:48:41 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll

2012-12-12 21:48:41 132096 ----a-w- C:\Windows\System32\sysreset.exe

2012-12-12 21:48:41 1009664 ----a-w- C:\Windows\System32\reseteng.dll

2012-12-12 20:54:56 4056576 ----a-w- C:\Windows\System32\win32k.sys

2012-12-12 14:02:42 -------- d-----w- C:\Users\jordan\AppData\Local\My Games

2012-12-11 18:50:14 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll

2012-12-11 18:50:14 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll

2012-12-11 18:50:13 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll

2012-12-11 18:46:02 -------- d-----w- C:\Riot Games

2012-12-11 18:02:24 -------- d-----w- C:\Users\jordan\AppData\Local\PMB Files

2012-12-11 18:02:23 -------- d-----w- C:\ProgramData\PMB Files

2012-12-11 18:01:17 -------- d-----w- C:\Users\jordan\.swt

2012-12-09 19:30:40 -------- d-----w- C:\Users\jordan\AppData\Local\Red 5 Studios

2012-12-09 17:46:18 -------- d-----w- C:\Program Files (x86)\Xiph.Org

2012-12-09 17:46:12 -------- d--h--w- C:\Windows\msdownld.tmp

2012-12-09 17:46:11 -------- d-----w- C:\Windows\SysWow64\directx

2012-12-09 17:45:27 -------- d-----w- C:\Program Files (x86)\Red 5 Studios

.

==================== Find3M ====================

.

2012-11-29 23:06:06 80736 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-11-29 23:06:06 695648 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-11-29 20:11:19 468144 ----a-w- C:\Windows\System32\drivers\aswnet.sys

2012-11-28 22:54:33 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-28 22:54:30 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-11-28 22:54:30 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-11-28 04:21:17 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

2012-11-28 04:20:59 53760 ----a-w- C:\Windows\System32\UXInit.dll

2012-11-27 08:52:58 595456 ----a-w- C:\Windows\SysWow64\tsccvid64.dll

2012-11-27 08:52:58 571392 ----a-w- C:\Windows\SysWow64\tsccvid.dll

2012-11-26 18:20:50 270848 ----a-w- C:\Windows\SysWow64\tsc2_codec64.dll

2012-11-26 18:20:50 234496 ----a-w- C:\Windows\SysWow64\tsc2_codec32.dll

2012-11-20 08:00:23 6971624 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-11-20 05:24:19 1164800 ----a-w- C:\Windows\SysWow64\Display.dll

2012-11-20 05:24:17 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll

2012-11-20 05:17:23 1184256 ----a-w- C:\Windows\System32\Display.dll

2012-11-20 05:17:20 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll

2012-11-20 05:02:46 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL

2012-11-20 04:59:26 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL

2012-11-20 04:56:27 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2012-11-20 04:56:11 83456 ----a-w- C:\Windows\System32\drivers\hidclass.sys

2012-11-20 04:54:31 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys

2012-11-15 06:08:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-15 06:06:34 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-08 04:25:35 1775104 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-08 04:24:27 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-08 04:24:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2012-11-08 04:24:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2012-11-08 04:24:19 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll

2012-11-08 04:24:06 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll

2012-11-08 04:22:19 2246656 ----a-w- C:\Windows\System32\wininet.dll

2012-11-08 04:22:12 907776 ----a-w- C:\Windows\System32\uxtheme.dll

2012-11-08 04:21:00 3966464 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-08 04:20:56 67072 ----a-w- C:\Windows\System32\iesetup.dll

2012-11-08 04:20:56 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2012-11-08 04:20:50 96256 ----a-w- C:\Windows\System32\fontsub.dll

2012-11-08 04:20:37 14336 ----a-w- C:\Windows\System32\dciman32.dll

2012-11-08 04:02:16 3072 ----a-w- C:\Windows\System32\lpk.dll

2012-11-08 04:01:40 3072 ----a-w- C:\Windows\SysWow64\lpk.dll

2012-11-08 01:56:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

2012-11-06 07:52:07 445160 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS

2012-11-06 07:52:04 277736 ----a-w- C:\Windows\System32\drivers\msiscsi.sys

2012-11-06 07:36:23 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys

2012-11-06 07:36:14 96488 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys

2012-11-06 07:35:34 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys

2012-11-06 07:35:31 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

2012-11-06 07:33:46 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll

2012-11-06 07:33:46 253512 ----a-w- C:\Windows\System32\audiodg.exe

2012-11-06 07:33:45 490064 ----a-w- C:\Windows\System32\AudioEng.dll

2012-11-06 07:33:45 447792 ----a-w- C:\Windows\System32\AudioSes.dll

2012-11-06 07:33:30 1566432 ----a-w- C:\Windows\System32\ole32.dll

2012-11-06 05:00:06 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll

2012-11-06 05:00:06 427568 ----a-w- C:\Windows\SysWow64\AudioEng.dll

2012-11-06 05:00:06 324344 ----a-w- C:\Windows\SysWow64\AudioSes.dll

2012-11-06 04:54:13 2205696 ----a-w- C:\Windows\SysWow64\PrintConfig.dll

2012-11-06 04:48:27 1150160 ----a-w- C:\Windows\SysWow64\ole32.dll

2012-11-06 04:19:59 470016 ----a-w- C:\Windows\System32\wlanmsm.dll

2012-11-06 04:18:58 84992 ----a-w- C:\Windows\SysWow64\fdWCN.dll

2012-11-06 04:17:58 110080 ----a-w- C:\Windows\System32\dafWCN.dll

2012-11-06 04:17:44 718848 ----a-w- C:\Windows\System32\BFE.DLL

2012-11-06 04:17:43 2302464 ----a-w- C:\Windows\System32\authui.dll

2012-11-06 04:17:42 785920 ----a-w- C:\Windows\System32\audiosrv.dll

2012-11-06 04:17:41 169472 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll

2012-11-06 04:17:35 2146816 ----a-w- C:\Windows\System32\actxprxy.dll

2012-11-06 04:17:33 322560 ----a-w- C:\Windows\System32\aaclient.dll

2012-11-06 04:17:32 212992 ----a-w- C:\Windows\System32\bthprops.cpl

2012-11-06 04:00:44 99328 ----a-w- C:\Windows\System32\wushareduxresources.dll

2012-11-06 04:00:17 16384 ----a-w- C:\Windows\System32\iscsilog.dll

2012-11-06 03:58:53 9728 ----a-w- C:\Windows\System32\wlanhlp.dll

2012-11-06 03:56:35 9728 ----a-w- C:\Windows\SysWow64\wlanhlp.dll

2012-11-06 03:55:44 22528 ----a-w- C:\Windows\System32\drivers\fxppm.sys

2012-11-06 03:55:09 212992 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2012-11-06 03:55:02 90624 ----a-w- C:\Windows\System32\drivers\amdk8.sys

2012-11-06 03:55:02 89088 ----a-w- C:\Windows\System32\drivers\intelppm.sys

2012-11-06 03:55:02 88064 ----a-w- C:\Windows\System32\drivers\amdppm.sys

2012-11-06 03:55:02 87552 ----a-w- C:\Windows\System32\drivers\processr.sys

2012-11-06 03:54:40 74752 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS

2012-11-06 03:54:09 859136 ----a-w- C:\Windows\System32\drivers\http.sys

2012-11-06 03:53:56 51712 ----a-w- C:\Windows\System32\drivers\bthenum.sys

2012-11-06 03:53:44 560640 ----a-w- C:\Windows\System32\drivers\afd.sys

2012-11-06 03:53:12 1171968 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-11-06 03:52:49 366080 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2012-11-06 03:51:47 665600 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-11-03 05:26:40 34816 ----a-w- C:\Windows\System32\dpnsvr.exe

2012-11-03 05:26:12 32256 ----a-w- C:\Windows\SysWow64\dpnsvr.exe

2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhupnp.dll

2012-11-03 05:24:34 8192 ----a-w- C:\Windows\SysWow64\dpnhpast.dll

2012-11-03 05:24:34 58880 ----a-w- C:\Windows\SysWow64\dpnathlp.dll

2012-11-03 05:24:34 375808 ----a-w- C:\Windows\SysWow64\dpnet.dll

2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhupnp.dll

2012-11-03 05:24:11 9216 ----a-w- C:\Windows\System32\dpnhpast.dll

2012-11-03 05:24:11 67584 ----a-w- C:\Windows\System32\dpnathlp.dll

2012-11-03 05:24:11 463872 ----a-w- C:\Windows\System32\dpnet.dll

2012-11-03 05:04:21 4096 ----a-w- C:\Windows\System32\dpnlobby.dll

2012-11-03 05:04:19 3584 ----a-w- C:\Windows\System32\dpnaddr.dll

2012-11-03 05:00:54 3072 ----a-w- C:\Windows\SysWow64\dpnlobby.dll

2012-11-03 05:00:53 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll

2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr

.

============= FINISH: 22:49:52.19 ===============

Link to post
Share on other sites

Welcome to the forum....What issues are you having???

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

RogueKiller V8.4.2 [Jan 6 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version

Started in : Normal mode

User : jordan [Admin rights]

Mode : Scan -- Date : 01/08/2013 15:16:18

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe -> KILLED [TermProc]

[RESIDUE] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤

[TASK][sUSP PATH] Funmoods : C:\Users\jordan\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE /Check -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD7500BPVT-22HXZT3 +++++

--- User ---

[MBR] a28acfdbbcabbc589d67099ef5b3cfce

[bSP] 646baac4cfb0869c0929879fc315b231 : MBR Code unknown

Partition table:

0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 715404 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_01082013_02d1516.txt >>

RKreport[1]_S_01082013_02d1516.txt

Link to post
Share on other sites

The issue i'm having is the fact while on youtube Malwarebytes keep's blocking suspicious websites from opening ranging from multiple IPs.

Sounds like MB is doing its job.

Lets run some scans.....

Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.

MBAR tutorial

Download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

To attach a log if needed:

Bottom right corner of this page.

more-reply-options.jpg

New window that comes up.

choose-files1.jpg

~~~~~~~~~~~~~~~~~~~~~~~

Note:

If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:

Internet access

Windows Update

Windows Firewall

If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot.

Verify that your system is now functioning normally.

MrC

Link to post
Share on other sites

The first test came up clear, Now moving onto second one.

But before i do i keep getting a popup box when starting MBAR saying

'Registry value "Applnit_Dlls" has been found, which may be caused by rootkit activity.

Note: Press "No" button if you're not sure (Did that the first time i ran MBAR). If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.'

Link to post
Share on other sites

Next..............

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Next..............

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

When i tried to run it i couldn't as its currently not compatible with windows 8.

Link to post
Share on other sites

OK, I forgot you're running W8.............

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for adware, toolbar and potentially unwanted programs.

AdwCleaner is a tool that deletes :

· Adwares (software ads)

· PUP/LPI (Potentially Undesirable Program)

· Toolbars

· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion methode. It can be easily uninstalled using the "Uninstall" mode.

  1. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Please look over what was found, we're going to delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

MrC

Link to post
Share on other sites

# AdwCleaner v2.105 - Logfile created 01/08/2013 at 17:12:07

# Updated 08/01/2013 by Xplode

# Operating system : Windows 8 (64 bits)

# User : jordan - JORDS-LAPTOP

# Boot Mode : Normal

# Running from : C:\Users\jordan\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Users\Public\Desktop\eBay.lnk

Folder Found : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Found : HKCU\Software\InstallCore

Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Found : HKLM\Software\InstallCore

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16453

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\jordan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.12] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtCtB0D0EyByE0FzztBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1667708790" ]

Found [l.2130] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AtCtB0D0EyByE0FzztBtN0D0Tzu0CtAyCyDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1667708790" ]

*************************

AdwCleaner[R1].txt - [1542 octets] - [08/01/2013 17:12:07]

########## EOF - C:\AdwCleaner[R1].txt - [1602 octets] ##########

Link to post
Share on other sites

Adware found (funmoods)....lets clear it out.....

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK if asked.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

MrC

Link to post
Share on other sites

# AdwCleaner v2.105 - Logfile created 01/08/2013 at 17:17:32

# Updated 08/01/2013 by Xplode

# Operating system : Windows 8 (64 bits)

# User : jordan - JORDS-LAPTOP

# Boot Mode : Normal

# Running from : C:\Users\jordan\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\boost_interprocess

File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\Software\InstallCore

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16453

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\jordan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd[...]

Deleted [l.2130] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2X[...]

*************************

AdwCleaner[R1].txt - [1669 octets] - [08/01/2013 17:12:07]

AdwCleaner[R2].txt - [1729 octets] - [08/01/2013 17:14:54]

AdwCleaner[R3].txt - [1789 octets] - [08/01/2013 17:17:20]

AdwCleaner[s2].txt - [1542 octets] - [08/01/2013 17:17:32]

########## EOF - C:\AdwCleaner[s2].txt - [1602 octets] ##########

Link to post
Share on other sites

Ah speak of the devil.

2013/01/08 17:38:50 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50145, Process: skype.exe)

2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50146, Process: skype.exe)

2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50147, Process: skype.exe)

2013/01/08 17:38:51 GMT JORDS-LAPTOP jordan IP-BLOCK 89.28.86.174 (Type: outgoing, Port: 50149, Process: avastsvc.exe)

Link to post
Share on other sites

Like I said, it sounds like MB is doing it's job. There was an article about this on the forum:

http://helpdesk.malw...ng-my-antivirus

I don't see any malware on the system, If you would like to run some other scans.....

Here's two:

http://www.microsoft...us/default.aspx <---------Microsoft Safety Scanner

http://security.syma...m/nbrt/npe.aspx <---Norton Power Eraser

Let me know.....MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.