Jump to content

Malwarebytes "has successfully blocked access to a potentially malicious website"


Recommended Posts

Hello,

 

I've been researching into this problem and have seen various solutions but did not want to take my chances. I constantly get this message "Malwarebytes has successfully blocked access to a potentially malicious website with various IP address and either outgoing or incoming. I've done scans with Malwarebytes itself and found nothing suspicious. Following are the DDS and Attach texts. Please advise. Thank you.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16688
Run by Jeff at 23:06:05 on 2013-09-16
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8078.5479 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Internet Security 2013 *Enabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
SP: 360 Internet Security 2013 *Enabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Classic Shell\ClassicShellService.exe
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Program Files\360\360 Internet Security\360rps.exe
C:\Program Files\360\360 Internet Security\deepscan\zhudongfangyu.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe
C:\Windows\system32\AdminService.exe
C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Elantech\ETDService.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\ArcGIS\License10.1\bin\ARCGIS.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\360\360 Internet Security\360sd.exe
C:\Program Files\360\360 Internet Security\360rp.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\360\360 Internet Security\safemon\360tray.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [DellSystemDetect] C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
uRun: [DAEMON Tools Ultra Agent] "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
uRun: [AdobeBridge] <no file>
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRun: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: dell.com
TCP: NameServer = 167.206.254.1 167.206.254.2 192.168.1.1
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D} : DHCPNameServer = 167.206.254.1 167.206.254.2 192.168.1.1
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\05271647470294E637479647574756 : DHCPNameServer = 10.0.16.1
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\0527164747355636572756 : DHCPNameServer = 172.16.4.67 172.16.4.68 172.16.32.7
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\052796D627F63756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\23332334146454 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\44657533230313240343 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{6A67E9E7-698D-44EF-A0F3-72DE7C13397D}\84A50234F6D60757475627 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7515AD1C-116A-41FE-9665-AC7AD702E858} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - ExtSQL: 2013-08-31 17:45; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-8-31 644968]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-8-31 30496]
R1 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\System32\Drivers\360AntiHacker64.sys [2013-9-15 64712]
R1 360Box64;360Box mini-filter driver;C:\Windows\System32\Drivers\360Box64.sys [2013-9-15 304832]
R1 360Camera;360Safe Camera Filter Service;C:\Windows\System32\Drivers\360Camera64.sys [2013-9-15 40640]
R1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\System32\Drivers\360FsFlt.sys [2013-9-15 213184]
R1 BAPIDRV;BAPIDRV;C:\Windows\System32\Drivers\BAPIDRV64.SYS [2013-9-15 190808]
R1 nvkflt;nvkflt;C:\Windows\System32\Drivers\nvkflt.sys [2013-8-31 300320]
R2 360rp;360 Internet Security 2013 Real-time Protection Loading Service;C:\Program Files\360\360 Internet Security\360rps.exe [2013-9-15 750264]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-11-13 755240]
R2 ArcGIS License Manager;ArcGIS License Manager;C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [2012-1-5 1408904]
R2 AtherosSvc;AtherosSvc;C:\Windows\System32\AdminService.exe [2013-6-25 208384]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-5-27 99632]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-16 701512]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-1 14997280]
R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2013-9-15 5790064]
R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2013-9-15 487280]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-8-14 1042808]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-8-14 270704]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-11-15 1153840]
R2 ZhuDongFangYu;Proactive Defence;C:\Program Files\360\360 Internet Security\deepscan\ZhuDongFangYu.exe [2013-9-15 288192]
R3 360AvFlt;360AvFlt mini-filter driver;C:\Windows\System32\Drivers\360AvFlt.sys [2013-9-15 67272]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-11-13 156160]
R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-6-25 565760]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;C:\Windows\System32\Drivers\dtscsibus.sys [2013-8-31 29696]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2013-7-11 380680]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2013-9-13 21152]
R3 i8042HDR;Keyboard Filter Driver;C:\Windows\System32\Drivers\i8042HDR.sys [2013-8-31 15920]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-8-31 169752]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2013-8-31 119528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-9-16 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\Drivers\nvvad64v.sys [2013-9-1 39200]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-8-31 34544]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-11-13 156160]
S3 Disc Soft Bus Service;Disc Soft Bus Service;C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-6-25 632352]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-8-31 1471792]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-11-15 272176]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\Drivers\wacmoumonitor.sys [2013-9-15 18288]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-09-16 16:37:22 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-09-16 16:37:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-16 14:15:38 -------- d-----w- C:\Program Files (x86)\ESET
2013-09-16 14:13:00 -------- d-----w- C:\AdwCleaner
2013-09-16 05:52:11 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Malwarebytes
2013-09-16 05:51:54 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-16 04:22:18 -------- d-----w- C:\Program Files\VideoLAN
2013-09-16 04:20:43 -------- d-----w- C:\Program Files (x86)\FileHippo.com
2013-09-16 02:02:02 67272 ----a-w- C:\Windows\System32\drivers\360AvFlt.sys
2013-09-16 02:02:02 -------- d-----w- C:\Users\Jeff\AppData\Roaming\360SD
2013-09-16 02:02:01 -------- d-----w- C:\Users\Jeff\AppData\Roaming\360safe
2013-09-16 02:02:01 -------- d-----w- C:\ProgramData\360SD
2013-09-16 02:01:56 64712 ----a-w- C:\Windows\System32\drivers\360AntiHacker64.sys
2013-09-16 02:01:56 40640 ----a-w- C:\Windows\System32\drivers\360Camera64.sys
2013-09-16 02:01:56 304832 ----a-w- C:\Windows\System32\drivers\360Box64.sys
2013-09-16 02:01:56 213184 ----a-w- C:\Windows\System32\drivers\360FsFlt.sys
2013-09-16 02:01:56 190808 ----a-w- C:\Windows\System32\drivers\BAPIDRV64.SYS
2013-09-16 02:01:56 -------- d-sh--r- C:\360SANDBOX
2013-09-16 01:57:15 -------- d-----w- C:\Program Files\360
2013-09-15 15:55:28 749936 ----a-w- C:\Windows\System32\Pen_Touch_Tablet.dll
2013-09-15 15:55:28 642928 ----a-w- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
2013-09-15 15:55:28 -------- d-----w- C:\Users\Jeff\AppData\Roaming\WTablet
2013-09-15 15:55:23 -------- d-----w- C:\Program Files (x86)\TabletPlugins
2013-09-15 15:55:22 18288 ----a-w- C:\Windows\System32\drivers\wacmoumonitor.sys
2013-09-15 15:55:20 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys
2013-09-15 15:55:14 16168 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys
2013-09-15 15:55:13 756592 ----a-w- C:\Windows\System32\Pen_Tablet.dll
2013-09-15 15:55:13 650096 ----a-w- C:\Windows\SysWow64\Pen_Tablet.dll
2013-09-15 15:55:13 600432 ----a-w- C:\Windows\System32\Wintab32.dll
2013-09-15 15:55:13 506736 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2013-09-15 15:55:11 -------- d-----w- C:\Program Files\Tablet
2013-09-13 20:31:43 21152 ----a-w- C:\Windows\System32\drivers\AsHIDSwitch64.sys
2013-09-13 02:17:04 265392 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-12 20:16:44 144896 ----a-w- C:\Windows\System32\tssdisai.dll
2013-09-11 02:12:52 4038144 ----a-w- C:\Windows\System32\win32k.sys
2013-09-03 18:32:00 -------- d-----w- C:\Users\Jeff\AppData\Roaming\SketchUp
2013-09-03 18:30:17 -------- d-----w- C:\ProgramData\SketchUp
2013-09-03 18:30:17 -------- d-----w- C:\Program Files (x86)\SketchUp
2013-09-03 17:32:19 -------- d-----w- C:\Users\Jeff\AppData\Local\Macromedia
2013-09-02 02:39:25 -------- d-----w- C:\Users\Jeff\AppData\Roaming\ESRI
2013-09-02 02:39:25 -------- d-----w- C:\Users\Jeff\AppData\Local\ESRI
2013-09-02 02:29:31 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2013-09-02 02:27:14 -------- d-----w- C:\Program Files (x86)\Common Files\AnswerWorks 4.0
2013-09-02 02:26:53 -------- d-----w- C:\Python27
2013-09-02 02:26:52 -------- d-----w- C:\Program Files (x86)\Common Files\Data Dynamics
2013-09-02 02:26:51 -------- d-----w- C:\Program Files (x86)\Common Files\Tom Sawyer Software
2013-09-01 21:50:54 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-09-01 21:50:54 196384 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-09-01 21:41:22 -------- d-----w- C:\Users\Jeff\AppData\Roaming\NVIDIA
2013-09-01 17:29:03 -------- d-----w- C:\Program Files\Western Digital
2013-09-01 17:29:03 -------- d-----w- C:\Program Files\Common Files\Western Digital
2013-09-01 17:28:42 -------- d-----w- C:\ProgramData\Package Cache
2013-09-01 17:21:28 -------- d-----w- C:\Program Files (x86)\Western Digital
2013-09-01 17:21:28 -------- d-----w- C:\Program Files (x86)\Common Files\Western Digital
2013-09-01 15:34:44 -------- d-----w- C:\Users\Jeff\AppData\Local\Western Digital
2013-09-01 15:34:43 -------- d-----w- C:\Users\Jeff\AppData\Local\Western_Digital_Technolog
2013-09-01 15:17:27 -------- d-----w- C:\Users\Jeff\AppData\Local\Western_Digital
2013-09-01 15:16:25 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-09-01 15:16:25 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-09-01 15:16:25 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-09-01 15:15:36 -------- d-----w- C:\ProgramData\Western Digital
2013-09-01 15:10:09 587768 ----a-w- C:\Windows\SysWow64\Codejock.SkinFramework.Unicode.v15.2.1.ocx
2013-09-01 15:10:09 1931256 ----a-w- C:\Windows\SysWow64\Codejock.Controls.Unicode.v15.2.1.ocx
2013-09-01 15:09:57 -------- d-----w- C:\Users\Jeff\AppData\Local\Programs
2013-09-01 06:09:26 -------- d-----w- C:\Program Files\Classic Shell
2013-09-01 06:07:07 -------- d-----w- C:\Users\Jeff\AppData\Local\Mozilla
2013-09-01 06:07:01 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-01 06:04:38 -------- d-----w- C:\Users\Jeff\AppData\Local\Google
2013-09-01 05:46:57 976384 ----a-w- C:\Windows\System32\KernelBase.dll
2013-09-01 02:54:48 -------- d-----w- C:\Users\Jeff\AppData\Roaming\LolClient
2013-09-01 01:53:38 -------- d-----r- C:\Program Files (x86)\Skype
2013-09-01 01:52:25 -------- d-----w- C:\Windows\Panther
2013-09-01 01:15:44 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{61BCEC84-FFE3-454E-8390-CFEF0044C548}\mpengine.dll
2013-09-01 01:15:27 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-09-01 01:12:26 -------- d-----w- C:\Windows\System32\MRT
2013-09-01 01:08:04 -------- d-----w- C:\Intel
2013-09-01 01:06:53 1933312 ----a-w- C:\Windows\System32\wbem\cimwin32.dll
2013-09-01 01:05:59 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-09-01 01:04:59 911032 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-09-01 01:02:03 2361344 ----a-w- C:\Windows\System32\msxml6.dll
2013-09-01 01:02:03 1836032 ----a-w- C:\Windows\System32\msxml3.dll
2013-09-01 01:02:02 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2013-09-01 01:02:02 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-09-01 01:02:02 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2013-09-01 01:02:02 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-09-01 01:02:02 1802240 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-09-01 01:02:02 1438720 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-09-01 00:55:08 -------- d-----r- C:\Users\Jeff\Searches
2013-09-01 00:55:08 -------- d-----r- C:\Users\Jeff\Contacts
2013-08-31 22:32:41 -------- d-----w- C:\Users\Jeff\AppData\Local\cache
2013-08-31 22:23:07 -------- d-----w- C:\ProgramData\FARO
2013-08-31 22:20:17 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared
2013-08-31 22:20:07 -------- d-----w- C:\Users\Jeff\AppData\Local\Autodesk
2013-08-31 22:20:01 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared
2013-08-31 22:20:01 -------- d-----w- C:\Program Files\Autodesk
2013-08-31 22:18:06 -------- d-----w- C:\Program Files (x86)\Autodesk
2013-08-31 22:15:39 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Autodesk
2013-08-31 22:12:47 234544 ----a-w- C:\Windows\RegBootClean64.exe
2013-08-31 22:12:37 -------- d-----w- C:\Users\Jeff\AppData\Local\Akamai
2013-08-31 22:12:29 -------- d-----w- C:\Autodesk
2013-08-31 22:06:50 -------- d-----w- C:\Users\Jeff\AppData\Local\Facebook
2013-08-31 22:05:24 -------- d-----w- C:\ProgramData\FNP
2013-08-31 21:59:21 -------- d-----w- C:\Program Files (x86)\Common Files\ArcGIS
2013-08-31 21:59:18 -------- d-----w- C:\Program Files (x86)\ArcGIS
2013-08-31 21:50:01 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2013-08-31 21:50:01 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2013-08-31 21:50:01 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2013-08-31 21:50:01 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2013-08-31 21:50:00 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2013-08-31 21:49:51 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-08-31 21:48:08 -------- d-----w- C:\Users\Jeff\AppData\Local\PMB Files
2013-08-31 21:48:08 -------- d-----w- C:\ProgramData\PMB Files
2013-08-31 21:48:05 -------- d-----w- C:\Program Files (x86)\Pando Networks
2013-08-31 21:47:15 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Riot Games
2013-08-31 21:38:31 -------- d-----w- C:\Users\Jeff\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-08-31 21:32:49 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-08-31 21:30:36 -------- d-----w- C:\ProgramData\ALM
2013-08-31 21:20:50 -------- d-----w- C:\Users\Jeff\AppData\Local\Adobe
2013-08-31 20:57:32 -------- d-----w- C:\Windows\PCHEALTH
2013-08-31 20:55:40 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-08-31 20:55:35 -------- d-----w- C:\Users\Jeff\AppData\Local\Microsoft Help
2013-08-31 20:53:23 29696 ----a-w- C:\Windows\System32\drivers\dtscsibus.sys
2013-08-31 20:53:17 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Ultra
2013-08-31 20:45:39 -------- d-----w- C:\Users\Jeff\AppData\Roaming\DAEMON Tools Ultra
2013-08-31 20:45:03 -------- d-----w- C:\ProgramData\DAEMON Tools Ultra
2013-08-31 20:44:19 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-08-31 20:34:02 -------- d--h--w- C:\Windows\System32\WLANProfiles
2013-08-31 20:33:47 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Intel
2013-08-31 20:33:41 -------- d-----w- C:\Users\Jeff\Roaming
2013-08-31 20:33:41 -------- d-----w- C:\ProgramData\Roaming
2013-08-31 20:33:11 -------- d-----w- C:\Program Files\Common Files\Intel
2013-08-31 20:33:11 -------- d-----w- C:\Program Files (x86)\Cisco
2013-08-31 20:31:42 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros
2013-08-31 20:31:21 3747840 ----a-w- C:\Windows\System32\drivers\athw8x.sys
2013-08-31 20:31:21 3747840 ------w- C:\Windows\System32\athw8x.sys
2013-08-31 20:31:21 -------- d-----w- C:\Windows\Options
2013-08-31 20:31:03 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2013-08-31 20:19:06 -------- d-----w- C:\Program Files\Synaptics
2013-08-31 20:19:01 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2013-08-31 20:18:59 34544 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys
2013-08-31 20:16:51 15920 ----a-w- C:\Windows\System32\drivers\i8042HDR.sys
2013-08-31 20:11:39 644968 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2013-08-31 15:19:02 -------- d-----w- C:\Windows\SysWow64\NV
2013-08-31 15:19:02 -------- d-----w- C:\Windows\System32\NV
2013-08-31 15:12:00 -------- d-----w- C:\Users\Jeff\AppData\Local\NVIDIA
2013-08-31 15:04:52 1832224 ----a-w- C:\Windows\System32\nvdispco6432049.dll
2013-08-31 15:04:52 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432049.dll
2013-08-31 15:04:52 1510176 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2013-08-31 15:03:49 -------- d-----w- C:\NVIDIA
2013-08-31 14:38:40 89600 ----a-w- C:\Windows\System32\igfxCoIn_v3186.dll
2013-08-31 14:38:40 165848 ----a-w- C:\Windows\System32\SETAB4C.tmp
2013-08-31 14:38:39 444376 ----a-w- C:\Windows\System32\SETACA8.tmp
2013-08-31 14:38:39 288768 ----a-w- C:\Windows\System32\SETB1BF.tmp
2013-08-31 14:38:37 407512 ----a-w- C:\Windows\System32\SETABAB.tmp
2013-08-31 14:30:18 -------- d-----w- C:\Users\Jeff\AppData\Roaming\BitTorrent
2013-08-31 07:07:22 -------- d-----w- C:\ProgramData\Uniblue
2013-08-31 07:07:20 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Uniblue
2013-08-31 07:07:18 -------- d-----w- C:\Program Files (x86)\Uniblue
2013-08-31 07:04:59 -------- d-----w- C:\Users\Jeff\AppData\Local\Deployment
2013-08-31 07:04:59 -------- d-----w- C:\Users\Jeff\AppData\Local\Apps
2013-08-31 07:03:35 778856 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2013-08-31 07:03:35 35400 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2013-08-31 07:03:35 102528 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-08-31 07:03:34 35400 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2013-08-31 07:03:34 124040 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-08-31 07:03:34 1166440 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2013-08-31 06:56:22 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-08-31 06:55:04 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-08-31 06:55:04 -------- d-----w- C:\Program Files\Realtek
2013-08-31 06:50:08 -------- d-----w- C:\Program Files\Elantech
2013-08-31 06:47:42 37616 ----a-w- C:\Windows\System32\kd_02_1969.dll
2013-08-31 06:47:16 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e
2013-08-31 06:46:59 119528 ----a-w- C:\Windows\System32\drivers\L1C63x64.sys
2013-08-31 06:46:30 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-08-31 06:46:22 -------- d-----w- C:\Users\Jeff\AppData\Local\SlimWare Utilities Inc
2013-08-31 06:46:19 -------- d--h--w- C:\ProgramData\Common Files
2013-08-31 06:46:15 -------- d-----w- C:\Program Files (x86)\SlimDrivers
2013-08-31 06:37:46 -------- d-----w- C:\Users\Jeff\AppData\Local\Trend Micro
2013-08-31 06:36:54 -------- d-----w- C:\ProgramData\Trend Micro
2013-08-31 06:29:38 -------- d-----w- C:\Users\Jeff\AppData\Roaming\360Login
2013-08-31 06:29:38 -------- d-----w- C:\ProgramData\360safe
2013-08-31 06:29:18 23624 ----a-w- C:\Windows\System32\drivers\efimon.sys
2013-08-31 06:29:01 -------- d-----w- C:\Program Files (x86)\360
.
==================== Find3M  ====================
.
2013-09-05 20:09:17 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-05 20:09:17 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-31 15:13:23 15900936 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2013-08-31 14:54:51 4058624 ----a-w- C:\Windows\System32\MetroIntelGenericUIFramework.dll
2013-08-31 06:49:48 380680 ----a-w- C:\Windows\System32\drivers\ETD.sys
2013-08-21 18:50:34 6599968 ----a-w- C:\Windows\System32\nvcpl.dll
2013-08-21 18:50:33 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-08-21 18:50:30 920864 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-08-21 18:50:30 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-08-21 18:50:30 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-08-21 18:50:29 67072 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2013-08-21 18:50:29 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-08-21 18:50:29 1042208 ----a-w- C:\Windows\System32\nv3dappshext.dll
2013-08-21 04:12:06 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-21 04:11:59 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-08-21 04:11:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-08-21 04:11:07 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-21 04:11:04 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-21 04:11:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-21 02:34:51 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-21 02:06:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-21 02:06:06 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-08-21 02:05:28 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-21 02:05:25 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-21 02:05:25 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-21 01:43:54 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-20 23:52:56 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-08-20 13:59:42 3319709 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys
2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll
2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe
2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe
2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe
2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll
2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll
2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll
2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll
2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll
2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll
2013-07-22 05:26:52 17736 ----a-w- C:\Windows\System32\AcSignExtRes.dll
2013-07-22 05:26:48 2313544 ----a-w- C:\Windows\System32\styleman.cpl
2013-07-22 05:26:47 2313544 ----a-w- C:\Windows\System32\plotman.cpl
2013-07-22 05:25:32 436552 ----a-w- C:\Windows\System32\AcSignOpt.exe
2013-07-22 05:25:31 47944 ----a-w- C:\Windows\System32\AcSignIcon.dll
2013-07-22 05:25:31 36168 ----a-w- C:\Windows\System32\AcSignExt.dll
2013-07-13 06:18:21 337408 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-13 06:16:06 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-13 06:16:06 1889280 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-13 06:15:53 98304 ----a-w- C:\Windows\System32\apprepsync.dll
2013-07-13 06:15:53 124416 ----a-w- C:\Windows\System32\apprepapi.dll
2013-07-13 04:24:58 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-13 04:23:11 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-13 04:23:03 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll
2013-07-13 04:23:03 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll
2013-07-09 08:04:07 120144 ----a-w- C:\Windows\System32\drivers\msgpioclx.sys
2013-07-09 06:18:21 439488 ----a-w- C:\Windows\System32\WerFault.exe
2013-07-09 06:07:17 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-09 04:25:45 385768 ----a-w- C:\Windows\SysWow64\WerFault.exe
2013-07-09 03:57:19 245760 ----a-w- C:\Windows\SysWow64\LocationApi.dll
2013-07-08 22:46:00 543744 ----a-w- C:\Windows\System32\wwanmm.dll
2013-07-08 22:46:00 414208 ----a-w- C:\Windows\System32\wwanconn.dll
2013-07-08 22:46:00 370688 ----a-w- C:\Windows\System32\Wwanadvui.dll
2013-07-08 22:45:16 312832 ----a-w- C:\Windows\System32\LocationApi.dll
2013-07-06 00:16:17 1025024 ----a-w- C:\Windows\System32\localspl.dll
2013-07-03 00:23:43 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:23:12 778752 ----a-w- C:\Windows\System32\oleaut32.dll
2013-07-03 00:22:26 1300480 ----a-w- C:\Windows\System32\gdi32.dll
2013-07-03 00:11:23 268800 ----a-w- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:11:02 551424 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys
2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys
2013-06-30 22:30:14 67072 ----a-w- C:\Windows\SysWow64\openfiles.exe
2013-06-30 22:29:22 77312 ----a-w- C:\Windows\System32\openfiles.exe
2013-06-29 06:15:54 195416 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2013-06-29 06:15:47 125784 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2013-06-29 05:43:16 327512 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
2013-06-29 01:12:01 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-06-26 03:01:38 321536 ----a-w- C:\Windows\System32\drivers\udfs.sys
2013-06-26 02:59:34 341504 ----a-w- C:\Windows\System32\drivers\HdAudio.sys
2013-06-25 11:12:08 69760 ----a-w- C:\Windows\System32\RadioSupport.dll
2013-06-25 11:12:08 565760 ----a-w- C:\Windows\System32\drivers\btfilter.sys
2013-06-25 11:12:08 208384 ----a-w- C:\Windows\System32\AdminService.exe
2013-06-24 22:54:52 447488 ----a-w- C:\Windows\System32\wwansvc.dll
2013-06-24 22:54:45 74240 ----a-w- C:\Windows\System32\wcmcsp.dll
2013-06-24 22:54:45 263680 ----a-w- C:\Windows\System32\wcmsvc.dll
2013-06-19 05:36:21 183808 ----a-w- C:\Windows\System32\winmmbase.dll
2013-06-19 05:36:21 115712 ----a-w- C:\Windows\System32\winmm.dll
.
============= FINISH: 23:06:17.58 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 8/31/2013 8:54:51 PM
System Uptime: 9/16/2013 1:24:44 PM (10 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. |  | N56VJ
Processor: Intel® Core i7-3630QM CPU @ 2.40GHz | SOCKET 0 | 2401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 245 GiB total, 148.063 GiB free.
D: is FIXED (NTFS) - 231 GiB total, 225.279 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP18: 9/10/2013 11:30:07 PM - Windows Update
RP19: 9/12/2013 8:54:17 PM - Installed QuickTime
RP20: 9/15/2013 9:47:39 PM - Removed Facebook Messenger 2.1.4814.0
RP21: 9/15/2013 10:34:44 PM - Before_Scan
.
==== Installed Programs ======================
.
360 Internet Security 2013
7-Zip 9.22beta
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Widget Browser
Akamai NetSession Interface
Apple Application Support
Apple Software Update
ArcGIS 10.1 for Desktop
ArcGIS 10.1 License Manager
AutoCAD 2014 - English
AutoCAD 2014 Language Pack - English
Autodesk 360
Autodesk App Manager
Autodesk AutoCAD 2014 - English
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Featured Apps
Autodesk Material Library 2014
Autodesk Material Library Base Resolution Image Library 2014
Autodesk Material Library Low Resolution Image Library 2014
Autodesk Material Library Medium Resolution Image Library 2014
Autodesk ReCap
Autodesk ReCap Language Pack-English
Autodesk Revit 2014
Autodesk Workflows 2014
Bamboo
BitTorrent
Classic Shell
DAEMON Tools Ultra
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ETDWare PS/2-X64 11.5.11.3_WHQL
FARO LS 1.1.501.0 (64bit)
FileHippo.com Update Checker
GeForce Experience NvStream Client Components
Google Chrome
Intel PROSet Wireless
Intel® Processor Graphics
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® PROSet/Wireless WiFi Software
League of Legends
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
NVIDIA Control Panel 326.84
NVIDIA GeForce Experience 1.6.1
NVIDIA Install Application
NVIDIA Optimus 4.11.9
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0604
NVIDIA Update 8.3.14
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.5
Pando Media Booster
PDF Settings CS6
Qualcomm Atheros Client Installation Program
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
QuickTime
Realtek High Definition Audio Driver
Revit 2014
Revit 2014 Language Pack - English
Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition
SHIELD Streaming
SketchUp 2013
SketchUp Import for AutoCAD 2014
Skype™ 6.7
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
VLC media player 2.0.6
VLC media player 2.0.8
WD Drive Utilities
WD Quick View
WD Security
WD SmartWare
WD SmartWare Installer
WebTablet IE Plugin
WebTablet Netscape Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
9/16/2013 9:45:44 PM, Error: Microsoft-Windows-DNS-Client [1012]  - There was an error while attempting to read the local hosts file.
9/15/2013 9:56:02 PM, Error: Service Control Manager [7034]  - The Proactive Defence service terminated unexpectedly.  It has done this 1 time(s).
9/15/2013 9:55:59 PM, Error: Service Control Manager [7034]  - The 360 Internet Security 2013 Real-time Protection Loading Service service terminated unexpectedly.  It has done this 1 time(s).
9/15/2013 11:57:30 AM, Error: Win32k [253]  - A pointer device does not have a mandatory coordinate property.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Link to post
Share on other sites

Hi Marius, 

 

Thank you for helping me out. Here is the scan log. My initial try somehow froze up the program so windows had to terminate it. Second try however, I was able to run the scan. Also I did the "quick scan" option which was the default.

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-17 07:15:10
-----------------------------
07:15:10.771    OS Version: Windows x64 6.2.9200 
07:15:10.771    Number of processors: 8 586 0x3A09
07:15:10.771    ComputerName: PO-PC  UserName: Jeff
07:15:10.773    Initialze error 1 
07:15:23.108    AVAST engine defs: 13091700
07:15:29.142    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000042
07:15:29.144    Disk 0 Vendor: Samsung_SSD_840_PRO_Series DXM04B0Q Size: 488386MB BusType: 11
07:15:29.145    Disk 0 MBR read successfully
07:15:29.146    Disk 0 MBR scan
07:15:29.150    Disk 0 unknown MBR code
07:15:29.152    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
07:15:29.156    Disk 0 scanning C:\Windows\system32\drivers
07:15:29.157    Service scanning
07:15:29.716    Modules scanning
07:15:29.718    Disk 0 trace - called modules:
07:15:29.723    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys 
07:15:29.725    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80081f6060]
07:15:29.728    3 CLASSPNP.SYS[fffff88001a10e0a] -> nt!IofCallDriver -> [0xfffffa8006ef2780]
07:15:29.731    5 ACPI.sys[fffff88001001a91] -> nt!IofCallDriver -> \Device\00000042[0xfffffa8006ef07f0]
07:15:29.734    AVAST engine scan C:\Windows
07:15:29.736    AVAST engine scan C:\Windows\system32
07:15:29.739    AVAST engine scan C:\Windows\system32\drivers
07:15:29.742    AVAST engine scan C:\Users\Jeff
07:15:29.744    AVAST engine scan C:\ProgramData
07:15:29.747    Scan finished successfully
07:15:44.140    Disk 0 MBR has been saved successfully to "C:\Users\Jeff\Desktop\MBR.dat"
07:15:44.144    The log file has been saved successfully to "C:\Users\Jeff\Desktop\aswMBR.txt"
Link to post
Share on other sites

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites

Here is the combo fix log. In addition, it deleted this "start menu button" I had installed from a third party (I use Windows 8 but wanted the traditional "start" button)... Not sure if that was an intended fix from Combofix...

 

ComboFix 13-09-17.01 - Jeff 09/17/2013  17:59:43.1.8 - x64
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8078.5944 [GMT -4:00]
Running from: c:\users\Jeff\Desktop\ComboFix.exe
AV: 360 Internet Security 2013 *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: 360 Internet Security 2013 *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-17 to 2013-09-17  )))))))))))))))))))))))))))))))
.
.
2013-09-17 22:02 . 2013-09-17 22:02    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-09-16 16:37 . 2013-09-16 16:37    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-16 16:37 . 2013-04-04 18:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-09-16 14:15 . 2013-09-16 14:15    --------    d-----w-    c:\program files (x86)\ESET
2013-09-16 14:13 . 2013-09-16 14:14    --------    d-----w-    C:\AdwCleaner
2013-09-16 05:51 . 2013-09-16 05:51    --------    d-----w-    c:\programdata\Malwarebytes
2013-09-16 04:22 . 2013-09-16 04:22    --------    d-----w-    c:\program files\VideoLAN
2013-09-16 04:20 . 2013-09-16 04:20    --------    d-----w-    c:\program files (x86)\FileHippo.com
2013-09-16 02:02 . 2013-03-28 02:11    67272    ----a-w-    c:\windows\system32\drivers\360AvFlt.sys
2013-09-16 02:02 . 2013-09-16 02:02    --------    d-----w-    c:\programdata\360SD
2013-09-16 02:01 . 2013-09-16 02:01    --------    d-----r-    C:\360SANDBOX
2013-09-16 02:01 . 2013-06-13 07:10    304832    ----a-w-    c:\windows\system32\drivers\360Box64.sys
2013-09-16 02:01 . 2013-05-08 12:33    190808    ----a-w-    c:\windows\system32\drivers\BAPIDRV64.SYS
2013-09-16 02:01 . 2013-04-10 02:45    64712    ----a-w-    c:\windows\system32\drivers\360AntiHacker64.sys
2013-09-16 02:01 . 2013-03-27 07:19    40640    ----a-w-    c:\windows\system32\drivers\360Camera64.sys
2013-09-16 02:01 . 2013-03-27 06:11    213184    ----a-w-    c:\windows\system32\drivers\360FsFlt.sys
2013-09-16 01:57 . 2013-09-16 01:57    --------    d-----w-    c:\program files\360
2013-09-15 15:55 . 2010-10-21 13:38    749936    ----a-w-    c:\windows\system32\Pen_Touch_Tablet.dll
2013-09-15 15:55 . 2010-10-21 13:38    642928    ----a-w-    c:\windows\SysWow64\Pen_Touch_Tablet.dll
2013-09-15 15:55 . 2013-09-15 15:55    --------    d-----w-    c:\program files (x86)\TabletPlugins
2013-09-15 15:55 . 2010-10-05 17:26    18288    ----a-w-    c:\windows\system32\drivers\wacmoumonitor.sys
2013-09-15 15:55 . 2010-10-05 17:26    12848    ----a-w-    c:\windows\system32\drivers\wacommousefilter.sys
2013-09-15 15:55 . 2010-10-05 17:26    16168    ----a-w-    c:\windows\system32\drivers\wacomvhid.sys
2013-09-15 15:55 . 2010-10-21 13:38    756592    ----a-w-    c:\windows\system32\Pen_Tablet.dll
2013-09-15 15:55 . 2010-10-21 13:38    600432    ----a-w-    c:\windows\system32\Wintab32.dll
2013-09-15 15:55 . 2010-10-21 13:38    506736    ----a-w-    c:\windows\SysWow64\Wintab32.dll
2013-09-15 15:55 . 2010-10-21 13:38    650096    ----a-w-    c:\windows\SysWow64\Pen_Tablet.dll
2013-09-15 15:55 . 2013-09-15 15:55    --------    d-----w-    c:\program files\Tablet
2013-09-13 20:31 . 2012-05-31 15:47    21152    ----a-w-    c:\windows\system32\drivers\AsHIDSwitch64.sys
2013-09-13 02:17 . 2013-09-13 02:17    265392    ----a-w-    c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-13 00:54 . 2013-09-13 00:54    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-09-13 00:54 . 2013-09-13 00:54    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-09-13 00:54 . 2013-09-13 00:54    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-09-13 00:54 . 2013-09-13 00:54    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-09-13 00:54 . 2013-09-13 00:54    159744    ----a-w-    c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-09-13 00:54 . 2013-09-13 00:54    --------    d-----w-    c:\program files (x86)\QuickTime
2013-09-13 00:54 . 2013-09-13 00:54    --------    d-----w-    c:\programdata\Apple Computer
2013-09-13 00:54 . 2013-09-13 00:54    --------    d-----w-    c:\program files (x86)\Common Files\Apple
2013-09-13 00:54 . 2013-09-13 00:54    --------    d-----w-    c:\programdata\Apple
2013-09-13 00:54 . 2013-09-13 00:54    --------    d-----w-    c:\program files (x86)\Apple Software Update
2013-09-12 20:16 . 2013-08-07 05:15    144896    ----a-w-    c:\windows\system32\tssdisai.dll
2013-09-11 02:12 . 2013-08-03 04:30    4038144    ----a-w-    c:\windows\system32\win32k.sys
2013-09-03 18:30 . 2013-09-03 18:30    --------    d-----w-    c:\programdata\SketchUp
2013-09-03 18:30 . 2013-09-03 18:30    --------    d-----w-    c:\program files (x86)\SketchUp
2013-09-02 21:05 . 2013-09-02 21:05    --------    d-----w-    c:\program files\Microsoft Silverlight
2013-09-02 21:05 . 2013-09-02 21:05    --------    d-----w-    c:\program files (x86)\Microsoft Silverlight
2013-09-02 02:29 . 2013-09-02 02:29    --------    d-----w-    c:\program files (x86)\Common Files\Macrovision Shared
2013-09-02 02:27 . 2013-09-02 02:27    --------    d-----w-    c:\program files (x86)\Common Files\AnswerWorks 4.0
2013-09-02 02:26 . 2013-09-02 02:26    --------    d-----w-    C:\Python27
2013-09-02 02:26 . 2013-09-02 02:26    --------    d-----w-    c:\program files (x86)\Common Files\Data Dynamics
2013-09-02 02:26 . 2013-09-02 02:26    --------    d-----w-    c:\program files (x86)\Common Files\Tom Sawyer Software
2013-09-01 21:50 . 2013-09-01 21:50    31520    ----a-w-    c:\windows\system32\nvhdap64.dll
2013-09-01 21:50 . 2013-09-01 21:50    196384    ----a-w-    c:\windows\system32\drivers\nvhda64v.sys
2013-09-01 17:29 . 2013-09-01 17:29    --------    d-----w-    c:\program files\Western Digital
2013-09-01 17:29 . 2013-09-01 17:29    --------    d-----w-    c:\program files\Common Files\Western Digital
2013-09-01 17:28 . 2013-09-01 17:28    --------    d-----w-    c:\programdata\Package Cache
2013-09-01 17:21 . 2013-09-01 17:29    --------    d-----w-    c:\program files (x86)\Common Files\Western Digital
2013-09-01 17:21 . 2013-09-01 17:29    --------    d-----w-    c:\program files (x86)\Western Digital
2013-09-01 15:16 . 2013-08-20 13:33    39200    ----a-w-    c:\windows\system32\drivers\nvvad64v.sys
2013-09-01 15:16 . 2013-08-20 13:32    29984    ----a-w-    c:\windows\system32\nvaudcap64v.dll
2013-09-01 15:16 . 2013-08-20 13:32    28448    ----a-w-    c:\windows\SysWow64\nvaudcap32v.dll
2013-09-01 15:15 . 2013-09-01 17:28    --------    d-----w-    c:\programdata\Western Digital
2013-09-01 15:10 . 2011-12-09 12:56    587768    ----a-w-    c:\windows\SysWow64\Codejock.SkinFramework.Unicode.v15.2.1.ocx
2013-09-01 15:10 . 2011-12-09 12:56    1931256    ----a-w-    c:\windows\SysWow64\Codejock.Controls.Unicode.v15.2.1.ocx
2013-09-01 06:09 . 2013-09-01 06:09    --------    d-----w-    c:\program files\Classic Shell
2013-09-01 06:07 . 2013-09-01 06:07    --------    d-----w-    c:\program files (x86)\Mozilla Maintenance Service
2013-09-01 06:04 . 2013-09-01 06:05    --------    d-----w-    c:\program files (x86)\Google
2013-09-01 05:46 . 2012-11-06 07:33    1566432    ----a-w-    c:\windows\system32\ole32.dll
2013-09-01 05:31 . 2013-09-01 05:31    --------    d-----w-    c:\users\Default\AppData\Local\Microsoft Help
2013-09-01 01:53 . 2013-09-01 01:53    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2013-09-01 01:53 . 2013-09-01 01:53    --------    d-----r-    c:\program files (x86)\Skype
2013-09-01 01:53 . 2013-09-01 01:53    --------    d-----w-    c:\programdata\Skype
2013-09-01 01:52 . 2013-09-01 00:53    --------    d-----w-    c:\windows\Panther
2013-09-01 01:15 . 2013-08-06 08:58    9515512    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{61BCEC84-FFE3-454E-8390-CFEF0044C548}\mpengine.dll
2013-09-01 01:15 . 2013-05-02 15:29    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-09-01 01:12 . 2013-09-11 03:31    --------    d-----w-    c:\windows\system32\MRT
2013-09-01 01:08 . 2013-09-01 01:08    --------    d-----w-    C:\Intel
2013-09-01 01:08 . 2013-08-31 20:33    --------    d-----w-    c:\program files (x86)\Intel
2013-09-01 01:06 . 2013-03-02 02:45    1627648    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2013-09-01 01:05 . 2013-04-11 22:30    1421312    ----a-w-    c:\windows\SysWow64\DWrite.dll
2013-09-01 01:04 . 2013-07-01 22:08    52848    ----a-w-    c:\program files\Windows Defender\MpTpmAtt.dll
2013-09-01 01:02 . 2012-11-01 04:40    2361344    ----a-w-    c:\windows\system32\msxml6.dll
2013-09-01 01:02 . 2012-11-01 04:40    1836032    ----a-w-    c:\windows\system32\msxml3.dll
2013-09-01 01:02 . 2012-11-01 04:41    1802240    ----a-w-    c:\windows\SysWow64\msxml6.dll
2013-09-01 01:02 . 2012-11-01 04:41    1438720    ----a-w-    c:\windows\SysWow64\msxml3.dll
2013-09-01 01:02 . 2012-11-01 04:21    2048    ----a-w-    c:\windows\system32\msxml6r.dll
2013-09-01 01:02 . 2012-11-01 04:21    2048    ----a-w-    c:\windows\system32\msxml3r.dll
2013-09-01 01:02 . 2012-11-01 04:20    2048    ----a-w-    c:\windows\SysWow64\msxml6r.dll
2013-09-01 01:02 . 2012-11-01 04:20    2048    ----a-w-    c:\windows\SysWow64\msxml3r.dll
2013-09-01 01:01 . 2013-08-31 20:33    --------    d-----w-    c:\users\UpdatusUser
2013-09-01 01:01 . 2013-08-31 15:14    --------    d-----w-    c:\programdata\NVIDIA
2013-09-01 00:55 . 2013-09-01 00:55    --------    d--h--r-    c:\users\Public\AccountPictures
2013-09-01 00:54 . 2013-09-01 00:55    --------    d-----w-    c:\programdata\PRICache
2013-09-01 00:54 . 2013-08-31 20:33    --------    d-----w-    c:\users\Jeff
2013-08-31 22:23 . 2013-08-31 22:23    --------    d-----w-    c:\programdata\FARO
2013-08-31 22:20 . 2013-08-31 22:20    --------    d-----w-    c:\program files\Common Files\Macrovision Shared
2013-08-31 22:20 . 2013-09-01 02:06    --------    d-----w-    c:\program files\Autodesk
2013-08-31 22:20 . 2013-09-01 01:57    --------    d-----w-    c:\program files\Common Files\Autodesk Shared
2013-08-31 22:18 . 2013-08-31 22:18    --------    d-----w-    c:\program files (x86)\Autodesk
2013-08-31 22:15 . 2013-09-01 05:11    --------    d-----w-    c:\programdata\Autodesk
2013-08-31 22:12 . 2013-08-31 22:12    234544    ----a-w-    c:\windows\RegBootClean64.exe
2013-08-31 22:12 . 2013-08-31 22:53    --------    d-----w-    C:\Autodesk
2013-08-31 22:05 . 2013-08-31 22:05    --------    d-----w-    c:\programdata\FNP
2013-08-31 22:02 . 2013-09-01 02:51    --------    d-----w-    c:\programdata\FLEXnet
2013-08-31 21:59 . 2013-09-02 02:27    --------    d-----w-    c:\program files (x86)\Common Files\ArcGIS
2013-08-31 21:59 . 2013-09-02 02:26    --------    d-----w-    c:\program files (x86)\ArcGIS
2013-08-31 21:50 . 2008-07-31 14:41    68616    ----a-w-    c:\windows\SysWow64\XAPOFX1_1.dll
2013-08-31 21:50 . 2008-07-31 14:40    509448    ----a-w-    c:\windows\SysWow64\XAudio2_2.dll
2013-08-31 21:50 . 2008-07-12 12:18    467984    ----a-w-    c:\windows\SysWow64\d3dx10_39.dll
2013-08-31 21:50 . 2008-07-12 12:18    1493528    ----a-w-    c:\windows\SysWow64\D3DCompiler_39.dll
2013-08-31 21:50 . 2008-07-12 12:18    3851784    ----a-w-    c:\windows\SysWow64\D3DX9_39.dll
2013-08-31 21:49 . 2013-08-31 21:49    --------    d-sh--w-    c:\windows\SysWow64\AI_RecycleBin
2013-08-31 21:48 . 2013-09-17 02:48    --------    d-----w-    c:\programdata\PMB Files
2013-08-31 21:48 . 2013-08-31 21:48    --------    d-----w-    c:\program files (x86)\Pando Networks
2013-08-31 21:32 . 2013-09-01 02:49    --------    d-----w-    c:\programdata\regid.1986-12.com.adobe
2013-08-31 21:30 . 2013-08-31 21:30    --------    d-----w-    c:\programdata\ALM
2013-08-31 21:28 . 2013-08-31 21:28    --------    d-----w-    c:\program files (x86)\Common Files\Adobe AIR
2013-08-31 21:26 . 2013-08-31 21:32    --------    d-----w-    c:\program files\Adobe
2013-08-31 21:26 . 2013-08-31 21:32    --------    d-----w-    c:\program files\Common Files\Adobe
2013-08-31 21:25 . 2013-08-31 21:45    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2013-08-31 20:57 . 2013-08-31 20:57    --------    d-----w-    c:\windows\PCHEALTH
2013-08-31 20:55 . 2013-08-31 20:55    --------    d-----w-    c:\program files\Microsoft Office
2013-08-31 20:55 . 2013-08-31 20:55    --------    d-----w-    c:\program files (x86)\Microsoft Analysis Services
2013-08-31 20:55 . 2013-09-11 03:33    --------    d-----w-    c:\programdata\Microsoft Help
2013-08-31 20:55 . 2013-08-31 20:55    --------    d-----r-    C:\MSOCache
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-05 20:09 . 2012-07-26 08:14    78296    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-05 20:09 . 2012-07-26 08:14    694232    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-01 00:54 . 2012-07-26 08:13    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-08-31 15:13 . 2013-04-08 20:32    1412832    ----a-w-    c:\windows\system32\nvumdshimx.dll
2013-08-31 15:13 . 2013-04-08 20:32    1222824    ----a-w-    c:\windows\SysWow64\nvumdshim.dll
2013-08-31 15:13 . 2013-04-08 20:32    141336    ----a-w-    c:\windows\SysWow64\nvinit.dll
2013-08-31 15:13 . 2013-04-08 20:32    168616    ----a-w-    c:\windows\system32\nvinitx.dll
2013-08-31 15:13 . 2013-04-08 20:32    12946848    ----a-w-    c:\windows\SysWow64\nvd3dum.dll
2013-08-31 15:13 . 2013-04-08 20:32    2986672    ----a-w-    c:\windows\system32\nvapi64.dll
2013-08-31 14:54 . 2013-05-07 21:17    4058624    ----a-w-    c:\windows\system32\MetroIntelGenericUIFramework.dll
2013-08-31 14:54 . 2013-05-14 20:04    279024    ----a-w-    c:\windows\SysWow64\IntelCpHeciSvc.exe
2013-08-31 14:54 . 2013-05-14 20:04    165872    ----a-w-    c:\windows\system32\igfxtray.exe
2013-08-31 14:54 . 2013-05-07 21:25    89600    ----a-w-    c:\windows\system32\igfxCoIn_v3165.dll
2013-08-31 14:54 . 2013-05-07 21:21    258560    ----a-w-    c:\windows\system32\IntelOpenCL64.dll
2013-08-31 14:54 . 2013-05-07 21:21    203264    ----a-w-    c:\windows\SysWow64\IntelOpenCL32.dll
2013-08-31 14:54 . 2013-05-07 21:17    345600    ----a-w-    c:\windows\system32\igfxTMM.dll
2013-08-31 14:54 . 2013-04-30 14:43    64000    ----a-w-    c:\windows\system32\Intel_OpenCL_ICD64.dll
2013-08-31 14:54 . 2013-04-30 14:43    60416    ----a-w-    c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2013-08-31 14:54 . 2013-04-30 14:43    861184    ----a-w-    c:\windows\system32\iglhsip64.dll
2013-08-31 14:54 . 2013-04-30 14:43    856576    ----a-w-    c:\windows\SysWow64\iglhsip32.dll
2013-08-31 14:54 . 2013-04-30 14:43    216064    ----a-w-    c:\windows\system32\iglhcp64.dll
2013-08-31 14:54 . 2013-04-30 14:43    180224    ----a-w-    c:\windows\SysWow64\iglhcp32.dll
2013-08-31 14:54 . 2013-05-14 20:04    529904    ----a-w-    c:\windows\system32\igfxsrvc.exe
2013-08-31 14:54 . 2013-05-07 21:17    8900096    ----a-w-    c:\windows\system32\igfxress.dll
2013-08-31 14:54 . 2013-05-07 21:17    66048    ----a-w-    c:\windows\system32\igfxsrvc.dll
2013-08-31 14:54 . 2013-05-07 21:17    444416    ----a-w-    c:\windows\system32\igfxresn.lrc
2013-08-31 14:54 . 2013-05-07 21:17    444416    ----a-w-    c:\windows\system32\igfxrell.lrc
2013-08-31 14:54 . 2013-05-07 21:17    443904    ----a-w-    c:\windows\system32\igfxrrus.lrc
2013-08-31 14:54 . 2013-05-07 21:17    443904    ----a-w-    c:\windows\system32\igfxrplk.lrc
2013-08-31 14:54 . 2013-05-07 21:17    443904    ----a-w-    c:\windows\system32\igfxrfra.lrc
2013-08-31 14:54 . 2013-05-07 21:17    443392    ----a-w-    c:\windows\system32\igfxrnld.lrc
2013-08-31 14:54 . 2013-05-07 21:17    443392    ----a-w-    c:\windows\system32\igfxrita.lrc
2013-08-31 14:54 . 2013-05-07 21:17    443392    ----a-w-    c:\windows\system32\igfxrdeu.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442880    ----a-w-    c:\windows\system32\igfxrsky.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442880    ----a-w-    c:\windows\system32\igfxrrom.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442880    ----a-w-    c:\windows\system32\igfxrhun.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442880    ----a-w-    c:\windows\system32\igfxrhrv.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442880    ----a-w-    c:\windows\system32\igfxrcsy.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442368    ----a-w-    c:\windows\system32\igfxrsve.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442368    ----a-w-    c:\windows\system32\igfxrslv.lrc
2013-08-31 14:54 . 2013-05-07 21:17    442368    ----a-w-    c:\windows\system32\igfxrptg.lrc
2013-08-31 14:54 . 2013-05-07 21:17    441856    ----a-w-    c:\windows\system32\igfxrfin.lrc
2013-08-31 14:54 . 2013-05-07 21:17    441344    ----a-w-    c:\windows\system32\igfxrtrk.lrc
2013-08-31 14:54 . 2013-05-07 21:17    441344    ----a-w-    c:\windows\system32\igfxrptb.lrc
2013-08-31 14:54 . 2013-05-07 21:17    441344    ----a-w-    c:\windows\system32\igfxrnor.lrc
2013-08-31 14:54 . 2013-05-07 21:17    440832    ----a-w-    c:\windows\system32\igfxrtha.lrc
2013-08-31 14:54 . 2013-05-07 21:17    440832    ----a-w-    c:\windows\system32\igfxrdan.lrc
2013-08-31 14:54 . 2013-05-07 21:17    439296    ----a-w-    c:\windows\system32\igfxrheb.lrc
2013-08-31 14:54 . 2013-05-07 21:17    434688    ----a-w-    c:\windows\system32\igfxrjpn.lrc
2013-08-31 14:54 . 2013-05-07 21:17    433152    ----a-w-    c:\windows\system32\igfxrkor.lrc
2013-08-31 14:54 . 2013-05-07 21:17    288768    ----a-w-    c:\windows\system32\igfxrenu.lrc
2013-08-31 14:54 . 2013-05-14 20:04    444400    ----a-w-    c:\windows\system32\igfxpers.exe
2013-08-31 14:54 . 2013-05-14 20:04    251888    ----a-w-    c:\windows\system32\igfxext.exe
2013-08-31 14:54 . 2013-05-07 21:22    8632320    ----a-w-    c:\windows\system32\igdumdim64.dll
2013-08-31 14:54 . 2013-05-07 21:20    7836160    ----a-w-    c:\windows\SysWow64\igdumdim32.dll
2013-08-31 14:54 . 2013-05-07 21:17    353792    ----a-w-    c:\windows\SysWow64\igfxdv32.dll
2013-08-31 14:54 . 2013-05-07 21:17    25088    ----a-w-    c:\windows\SysWow64\igfxexps32.dll
2013-08-31 14:54 . 2013-05-07 21:17    440320    ----a-w-    c:\windows\system32\igfxdev.dll
2013-08-31 14:54 . 2013-05-07 21:17    438784    ----a-w-    c:\windows\system32\igfxrara.lrc
2013-08-31 14:54 . 2013-05-07 21:17    431104    ----a-w-    c:\windows\system32\igfxrcht.lrc
2013-08-31 14:54 . 2013-05-07 21:17    430592    ----a-w-    c:\windows\system32\igfxrchs.lrc
2013-08-31 14:54 . 2013-05-07 21:17    357888    ----a-w-    c:\windows\system32\igfxpph.dll
2013-08-31 14:54 . 2013-05-07 21:17    140288    ----a-w-    c:\windows\system32\igfxdo.dll
2013-08-31 14:54 . 2013-05-07 21:17    124928    ----a-w-    c:\windows\system32\igfxcpl.cpl
2013-08-31 14:54 . 2013-05-07 21:17    12288    ----a-w-    c:\windows\system32\IGFXDEVLib.dll
2013-08-31 14:54 . 2013-05-07 21:17    29184    ----a-w-    c:\windows\system32\igfxexps.dll
2013-08-31 14:54 . 2013-05-07 21:12    3411456    ----a-w-    c:\windows\SysWow64\igdusc32.dll
2013-08-31 14:54 . 2013-05-07 21:12    4369920    ----a-w-    c:\windows\system32\igdusc64.dll
2013-08-31 14:54 . 2013-04-30 14:43    2064896    ----a-w-    c:\windows\system32\igfxcmjit64.dll
2013-08-31 14:54 . 2013-04-30 14:43    1814016    ----a-w-    c:\windows\SysWow64\igfxcmjit32.dll
2013-08-31 14:54 . 2013-04-30 14:43    145920    ----a-w-    c:\windows\system32\igfxcmrt64.dll
2013-08-31 14:54 . 2013-04-30 14:43    138240    ----a-w-    c:\windows\system32\igfx11cmrt64.dll
2013-08-31 14:54 . 2013-04-30 14:43    124416    ----a-w-    c:\windows\SysWow64\igfxcmrt32.dll
2013-08-31 14:54 . 2013-04-30 14:43    118784    ----a-w-    c:\windows\SysWow64\igfx11cmrt32.dll
2013-08-31 14:54 . 2013-05-07 21:22    4431840    ----a-w-    c:\windows\system32\drivers\igdkmd64.sys
2013-08-31 14:54 . 2013-05-07 21:22    1690112    ----a-w-    c:\windows\system32\igdrcl64.dll
2013-08-31 14:54 . 2013-05-07 21:21    1564672    ----a-w-    c:\windows\SysWow64\igdrcl32.dll
2013-08-31 14:54 . 2013-05-07 21:21    24283136    ----a-w-    c:\windows\system32\igdfcl64.dll
2013-08-31 14:54 . 2013-05-07 21:16    19587072    ----a-w-    c:\windows\SysWow64\igdfcl32.dll
2013-08-31 14:54 . 2013-05-07 21:22    7021568    ----a-w-    c:\windows\system32\ig7icd64.dll
2013-08-31 14:54 . 2013-05-07 21:22    9967616    ----a-w-    c:\windows\system32\igd10iumd64.dll
2013-08-31 14:54 . 2013-05-07 21:22    286720    ----a-w-    c:\windows\system32\igdde64.dll
2013-08-31 14:54 . 2013-05-07 21:22    117760    ----a-w-    c:\windows\system32\igdail64.dll
2013-08-31 14:54 . 2013-05-07 21:22    322560    ----a-w-    c:\windows\system32\igdbcl64.dll
2013-08-31 14:54 . 2013-05-07 21:21    279040    ----a-w-    c:\windows\SysWow64\igdbcl32.dll
2013-08-31 14:54 . 2013-05-07 21:20    5452288    ----a-w-    c:\windows\SysWow64\ig7icd32.dll
2013-08-31 14:54 . 2013-05-07 21:20    9517056    ----a-w-    c:\windows\SysWow64\igd10iumd32.dll
2013-08-31 14:54 . 2013-05-07 21:20    240640    ----a-w-    c:\windows\SysWow64\igdde32.dll
2013-08-31 14:54 . 2013-05-07 21:20    103936    ----a-w-    c:\windows\SysWow64\igdail32.dll
2013-08-31 14:54 . 2013-05-14 20:04    752624    ----a-w-    c:\windows\system32\GfxUIHotKeyMenu.exe
2013-08-31 14:54 . 2013-05-14 20:04    407536    ----a-w-    c:\windows\system32\hkcmd.exe
2013-08-31 14:54 . 2013-05-14 20:04    7569392    ----a-w-    c:\windows\system32\GfxUIEx.exe
2013-08-31 14:54 . 2013-05-14 20:04    534000    ----a-w-    c:\windows\system32\DPTopologyApp.exe
2013-08-31 14:54 . 2013-05-14 20:04    153072    ----a-w-    c:\windows\system32\difx64.exe
2013-08-31 14:54 . 2013-05-07 21:17    190976    ----a-w-    c:\windows\system32\gfxSrvc.dll
2013-08-31 14:54 . 2013-05-07 21:17    108032    ----a-w-    c:\windows\system32\hccutils.dll
2013-08-31 14:54 . 2013-05-07 21:17    2384896    ----a-w-    c:\windows\system32\GfxRes.dll
2013-08-31 14:54 . 2013-05-14 20:04    397296    ----a-w-    c:\windows\system32\CustomModeApp.exe
2013-08-31 06:49 . 2013-07-11 15:25    380680    ----a-w-    c:\windows\system32\drivers\ETD.sys
2013-07-22 05:26 . 2013-07-22 05:26    17736    ----a-w-    c:\windows\system32\AcSignExtRes.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Jeff\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-08-12 1317256]
"360sd"="c:\program files\360\360 Internet Security\360sdrun.exe" [2013-08-20 541112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-06-13 1688008]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2013-08-14 5537136]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-08-12 1317256]
.
c:\users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 360rp;360 Internet Security 2013 Real-time Protection Loading Service;c:\program files\360\360 Internet Security\360rps.exe;c:\program files\360\360 Internet Security\360rps.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\System32\drivers\wacmoumonitor.sys;c:\windows\SYSNATIVE\drivers\wacmoumonitor.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\System32\drivers\wdcsam64.sys;c:\windows\SYSNATIVE\drivers\wdcsam64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 360AntiHacker;360Safe Anti Hacker Service;c:\windows\system32\Drivers\360AntiHacker64.sys;c:\windows\SYSNATIVE\Drivers\360AntiHacker64.sys [x]
S1 360Box64;360Box mini-filter driver;c:\windows\system32\DRIVERS\360Box64.sys;c:\windows\SYSNATIVE\DRIVERS\360Box64.sys [x]
S1 360Camera;360Safe Camera Filter Service;c:\windows\system32\Drivers\360Camera64.sys;c:\windows\SYSNATIVE\Drivers\360Camera64.sys [x]
S1 360FsFlt;360FsFlt mini-filter driver;c:\windows\system32\DRIVERS\360FsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x]
S1 BAPIDRV;BAPIDRV;c:\windows\System32\Drivers\BAPIDRV64.SYS;c:\windows\SYSNATIVE\Drivers\BAPIDRV64.SYS [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ArcGIS License Manager;ArcGIS License Manager;c:\program files (x86)\ArcGIS\License10.1\bin\lmgrd.exe;c:\program files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [x]
S2 AtherosSvc;AtherosSvc;c:\windows\system32\AdminService.exe;c:\windows\SYSNATIVE\AdminService.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe;c:\program files\Tablet\Pen\Pen_Tablet.exe [x]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe;c:\program files\Tablet\Pen\Pen_TouchService.exe [x]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S2 ZhuDongFangYu;Proactive Defence;c:\program files\360\360 Internet Security\deepscan\zhudongfangyu.exe;c:\program files\360\360 Internet Security\deepscan\zhudongfangyu.exe [x]
S3 360AvFlt;360AvFlt mini-filter driver;c:\windows\system32\DRIVERS\360AvFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360AvFlt.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe;c:\program files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [x]
S3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtscsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtscsibus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 i8042HDR;Keyboard Filter Driver;c:\windows\system32\DRIVERS\i8042HDR.sys;c:\windows\SYSNATIVE\DRIVERS\i8042HDR.sys [x]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-12 15:08    1177552    ----a-w-    c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-01 06:04]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-01 06:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\360UDiskGuard Icon Overlay]
@="{CC00F81D-5262-450A-B1FA-D6BEE3406263}"
[HKEY_CLASSES_ROOT\CLSID\{CC00F81D-5262-450A-B1FA-D6BEE3406263}]
2013-04-22 03:58    222144    ----a-w-    c:\program files\360\360 Internet Security\safemon\360UDiskGuard64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-08-31 13626072]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-08-31 1311304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-31 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-31 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-31 444400]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: dell.com
TCP: DhcpNameServer = 172.17.5.29 172.16.4.67 172.16.4.68
FF - ProfilePath - c:\users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0wflpxe9.default\
FF - prefs.js: browser.startup.homepage - www.google.com

FF - ExtSQL: 2013-08-31 17:45; web2pdfextension@web2pdf.adobedotcom; c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Everyday Auto Backup - c:\program files (x86)\Everyday Auto Backup\AutoBackup.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-09-17  18:03:49
ComboFix-quarantined-files.txt  2013-09-17 22:03
.
Pre-Run: 158,600,212,480 bytes free
Post-Run: 162,706,358,272 bytes free
.
- - End Of File - - ACF8C0CBED6DDCF151010DB6A0337754
5FB38429D5D77768867C76DCBDB35194
 

Link to post
Share on other sites

Multiple Antivirus Programs installed!

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either Windows Defender or 360.

Link to post
Share on other sites

Thanks Maurice,

 

I'm at work again but will do the removal as soon as I get home. I assume then that I should ONLY have the Malwarebytes program installed on my computer as my defence against viruses? I am just hesitant to delete Windows Defender as well just because it arrived as part of the Microsoft package or... in your opinion the Malwarebytes should be more than capable? Thanks once again.

Link to post
Share on other sites

You have some kind of real time protection with the full version of MBAM but it is no kind of antivirus because it works different.

 

 

Full System Scan with Malwarebytes Antimalware


  • If not existing, please download
Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.



If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

 

 

 

 

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender


    [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply.

Link to post
Share on other sites

Hi Maurice,

 

Here are the following logs you requested:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.16.06
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
Jeff :: PO-PC [administrator]
 
Protection: Enabled
 
9/19/2013 8:19:26 AM
mbam-log-2013-09-19 (08-19-26).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 527771
Time elapsed: 16 minute(s), 19 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
 
Farbar Service Scanner Version: 13-09-2013
Ran by Jeff (administrator) on 19-09-2013 at 10:37:33
Running from "C:\Users\Jeff\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll
[2013-09-10 22:13] - [2013-06-10 15:15] - 0723968 ____A (Microsoft Corporation) 73133A0C0CA63817BFF2CB9DE65B64E7
 
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2013-09-10 22:13] - [2013-08-16 01:21] - 3275776 ____A (Microsoft Corporation) 9DEC60D4783377097014DFCCA31E69F8
 
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 
 
ESET Online Scan did not find anything so there was no log file provided... 
Link to post
Share on other sites

Windows Repair (all-in-one)

Please download Windows Repair (all in one) from here.

Install the program then run it.

Go to step 2 and allow it to run Disk check.

Capture3.gif

Once that is done then go to step 3 and allow it to run SFC by clicking Do it

Capture.gif


On the Start Repairs tab, click Start.
Within the opening window, hit unselect all.
Check only the following:



  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Repair Windows Firewall
  • Repair Windows Updates



then click on Start

DON'T use the computer while each scan is in progress.

Restart may be needed to finish the repair procedure.

Let me know how that worked out for you.

Link to post
Share on other sites

Hi Maurice,

 

So I ran the Windows Repair and there are several log files. I'm not sure if you want me to upload all of them? I'll paste them below.

 

Starting Repairs...
   Start (9/19/2013 11:26:40 PM)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (9/19/2013 11:26:40 PM)
   Running Repair Under Current User Account
   Done (9/19/2013 11:26:45 PM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (9/19/2013 11:26:45 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:26:48 PM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (9/19/2013 11:26:48 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:00 PM)
 
02 - Reset File Permissions 01/15
   C:\360SANDBOX & Sub Folders
   Start (9/19/2013 11:28:00 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:02 PM)
 
02 - Reset File Permissions 02/15
   C:\AdwCleaner & Sub Folders
   Start (9/19/2013 11:28:02 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:05 PM)
 
02 - Reset File Permissions 03/15
   C:\Autodesk & Sub Folders
   Start (9/19/2013 11:28:05 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:24 PM)
 
02 - Reset File Permissions 04/15
   C:\Intel & Sub Folders
   Start (9/19/2013 11:28:24 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:26 PM)
 
02 - Reset File Permissions 05/15
   C:\MSOCache & Sub Folders
   Start (9/19/2013 11:28:26 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:28 PM)
 
02 - Reset File Permissions 06/15
   C:\NVIDIA & Sub Folders
   Start (9/19/2013 11:28:28 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:31 PM)
 
02 - Reset File Permissions 07/15
   C:\PerfLogs & Sub Folders
   Start (9/19/2013 11:28:31 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:28:33 PM)
 
02 - Reset File Permissions 08/15
   C:\Program Files & Sub Folders
   Start (9/19/2013 11:28:33 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:29:37 PM)
 
02 - Reset File Permissions 09/15
   C:\Program Files (x86) & Sub Folders
   Start (9/19/2013 11:29:37 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:30:48 PM)
 
02 - Reset File Permissions 10/15
   C:\ProgramData & Sub Folders
   Start (9/19/2013 11:30:48 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:31:07 PM)
 
02 - Reset File Permissions 11/15
   C:\Python27 & Sub Folders
   Start (9/19/2013 11:31:07 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:31:17 PM)
 
02 - Reset File Permissions 12/15
   C:\Qoobox & Sub Folders
   Start (9/19/2013 11:31:17 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:31:20 PM)
 
02 - Reset File Permissions 13/15
   C:\RegBackup & Sub Folders
   Start (9/19/2013 11:31:20 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:31:22 PM)
 
02 - Reset File Permissions 14/15
   C:\swapfile.sys & Sub Folders
   Start (9/19/2013 11:31:22 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:31:25 PM)
 
02 - Reset File Permissions 15/15
   C:\Windows & Sub Folders
   Start (9/19/2013 11:31:25 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:33:26 PM)
 
02 - Reset File Permissions 01/03
   D:\Program Files & Sub Folders
   Start (9/19/2013 11:33:26 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:33:28 PM)
 
02 - Reset File Permissions 02/03
   D:\Riot Games & Sub Folders
   Start (9/19/2013 11:33:28 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:33:51 PM)
 
02 - Reset File Permissions 03/03
   D:\Torrent Downloads & Sub Folders
   Start (9/19/2013 11:33:51 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:33:54 PM)
 
02 - Reset File Permissions: Cleanup
    & Sub Folders
   Start (9/19/2013 11:33:54 PM)
   Running Repair Under System Account
   Done (9/19/2013 11:33:58 PM)
 
03 - Register System Files
   Start (9/19/2013 11:33:58 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/19/2013 11:34:27 PM)
 
05 - Repair Windows Firewall
   Start (9/19/2013 11:34:27 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/19/2013 11:35:01 PM)
 
16 - Repair Windows Updates
   Start (9/19/2013 11:35:01 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/19/2013 11:35:22 PM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (9/19/2013 11:35:22 PM)
   Total Repair Time: 00:08:42
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
 
The Internet Connection Sharing (ICS) service is not started.
 
More help is available by typing NET HELPMSG 3521.
 
The Internet Connection Sharing (ICS) service could not be started.
 
The service did not report an error.
 
More help is available by typing NET HELPMSG 3534.
 
The Internet Connection Sharing (ICS) service is not started.
 
More help is available by typing NET HELPMSG 3521.
 
The Internet Connection Sharing (ICS) service could not be started.
 
The service did not report an error.
 
More help is available by typing NET HELPMSG 3534.
 
The Windows Update service is not started.
 
More help is available by typing NET HELPMSG 3521.
 
The system cannot find the file specified.
The Cryptographic Services service is not started.
 
More help is available by typing NET HELPMSG 3521.
 
The Background Intelligent Transfer Service service is not started.
 
More help is available by typing NET HELPMSG 3521.
 
The Windows Update service is not started.
 
More help is available by typing NET HELPMSG 3521.
 
The system cannot find the file specified.
 
 
WARNING HKEY_CLASSES_ROOT\* : registry key is skipped (contains wildcard)
 
WARNING HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard)
 
HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver : 2 The system cannot find the file specified.
 
 
HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver.1 : 2 The system cannot find the file specified.
 
 
WARNING HKEY_CLASSES_ROOT\Wow6432Node\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard)
 
 
 
WARNING HKEY_CLASSES_ROOT\* : registry key is skipped (contains wildcard)
 
WARNING HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard)
 
HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver : 2 The system cannot find the file specified.
 
 
HKEY_CLASSES_ROOT\Wow6432Node\igfxdv32.CUIDriver.1 : 2 The system cannot find the file specified.
 
 
WARNING HKEY_CLASSES_ROOT\Wow6432Node\PROTOCOLS\Name-Space Handler\mk\* : registry key is skipped (contains wildcard)
 
 
 
HKEY_CURRENT_USER\Software\360Safe - RegSetKeySecurity Error : 5 Access is denied.
 
 
WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\* : registry key is skipped (contains wildcard)
 
WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\* : registry key is skipped (contains wildcard)
 
 
 
HKEY_CURRENT_USER\Software\360Safe - RegSetKeySecurity Error : 5 Access is denied.
 
 
WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\* : registry key is skipped (contains wildcard)
 
WARNING HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\* : registry key is skipped (contains wildcard)
 
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360AntiHacker - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64 - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances\360TopInstance64 - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera\Enum - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances\360TopInstance - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360rp - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\BAPIDRV - RegSetKeySecurity Error : 5 Access is denied.
 
 
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360AntiHacker - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64 - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Box64\Instances\360TopInstance64 - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360Camera\Enum - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360FsFlt\Instances\360TopInstance - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\360rp - RegSetKeySecurity Error : 5 Access is denied.
 
 
HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\BAPIDRV - RegSetKeySecurity Error : 5 Access is denied.
 
 
 
Link to post
Share on other sites

Here it is:

 

Farbar Service Scanner Version: 13-09-2013
Ran by Jeff (administrator) on 20-09-2013 at 07:08:24
Running from "C:\Users\Jeff\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll
[2013-09-10 22:13] - [2013-06-10 15:15] - 0723968 ____A (Microsoft Corporation) 73133A0C0CA63817BFF2CB9DE65B64E7
 
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2013-09-10 22:13] - [2013-08-16 01:21] - 3275776 ____A (Microsoft Corporation) 9DEC60D4783377097014DFCCA31E69F8
 
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.