Jump to content

Recommended Posts

On the advice of AdvancedSetup, I installed WinPatrol alert as part of updated security measures. This morning on startup I got a message from WinPatrol saying that a new startup programme had been detected (where from?) and it gave me " rundll32 netman.dll,ProcessQueue " and said no company logo and no description to it. The WinPatrol site is inconclusive about whether this is good or bad but I have to say that my PC is certainly running slowly at the moment.

 

Any advice appreciated please. Sorry - I seem to be having a few problems just recently!

Link to post
Share on other sites

  • Root Admin

Hello Nigel

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


 

Late for me but I'll check back on you sometime tomorrow.

Link to post
Share on other sites

Thanks Ron

 

Just tried to run FRST64 and got an error message that the programme had stopped working, windows was trying to find a solution then it shut down. I had exactly the same problem yesterday when I was trying to run Secunia and on the Secunia site there was a thread that said there was a problem with the programme connected to IE11 update - I wonder whether its the same with FRST64.

Link to post
Share on other sites

Did that Ron but the scan stopped in exactly the same place. Here's a result from the first bit of the scan - the second wouldn't run. The scan gets to a location C:\Sue\appdata\roaming\microsoft\windows\startmenu\programs\startup and then stalls just after that at the ID of the file name I pm'd you with.

 

Also, just had a funny development - I was emptying the recycle bin and got a message that a particular file (an image) was still in use and I couldn 't delete it. The file name was different from the name I had given it - a bit like a temporary file name if you like - it started with $RZ8

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Nigel (administrator) on ADMIN-PC on 15-11-2013 19:17:30
Running from C:\Users\Nigel\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.169\GoogleCrashHandler.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.169\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Nigel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Nalpeiron Ltd.) C:\Windows\system32\nlsInterface.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516960 2013-02-15] (Acronis)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [456768 2013-10-19] (BillP Studios)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6366264 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103440 2013-01-10] (Acronis)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-29] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)
Startup: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nigel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86CAA214-65E8-4352-B03D-396AF9D236C8}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Print pages to PDF - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\printPages2Pdf@reinhold.ripper
FF Extension: ReminderFox - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: FoxClocks - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF Extension: noscript - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: tabmix - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: greasemonkey - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: defaults - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{f86ddff9-183b-4962-891c-b9183095a8fb}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======


CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (ScorchPlugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPSibelius.dll ()
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (avast! WebRep) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-29] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 nlscc; C:\Windows\system32\nlsInterface.exe [72192 2010-11-01] (Nalpeiron Ltd.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2013-10-17] (Trusteer Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-08] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-29] ()
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2007-08-20] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\SysWow64\DRIVERS\ENTECH64.sys [5632 2004-06-22] (EnTech Taiwan)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-10-28] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [284176 2013-10-17] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [317808 2013-10-17] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [399312 2013-10-17] (Trusteer Ltd.)
S3 SeqCal; C:\Windows\System32\DRIVERS\SeqCal.sys [7808 2006-05-18] (GretagMacbeth LLC)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-04-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-04-15] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-04-15] (Acronis International GmbH)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2x.sys [560128 2009-01-13] (Atheros Communications, Inc.)
S4 tsusbhub; system32\drivers\tsusbhub.sys [x]
S4 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-15 19:17 - 2013-11-15 19:18 - 00019693 _____ C:\Users\Nigel\Desktop\FRST.txt
2013-11-15 14:59 - 2013-11-15 14:59 - 00000000 ____D C:\Users\Sue\AppData\Local\Secunia PSI
2013-11-15 10:57 - 2013-11-15 10:57 - 01957794 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2013-11-15 10:57 - 2013-11-15 10:57 - 00000000 ____D C:\FRST
2013-11-13 18:00 - 2013-11-13 18:00 - 00000132 _____ C:\Users\Nigel\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-11-13 12:31 - 2013-11-13 12:31 - 00000000 ____D C:\Users\Nigel\AppData\Local\Secunia PSI
2013-11-13 11:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-13 11:52 - 2013-11-13 11:52 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 11:51 - 2013-11-13 11:54 - 00007500 _____ C:\Windows\IE11_main.log
2013-11-13 10:24 - 2013-10-05 20:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 10:24 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 10:24 - 2013-10-04 02:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 10:24 - 2013-10-04 02:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 10:24 - 2013-10-04 02:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 10:24 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 10:24 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 10:24 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 10:23 - 2013-10-03 02:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 10:23 - 2013-10-03 02:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 10:23 - 2013-09-28 01:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 10:23 - 2013-09-25 02:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 10:23 - 2013-09-25 02:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 10:23 - 2013-09-25 02:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 10:23 - 2013-09-25 02:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 10:23 - 2013-09-25 02:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 10:23 - 2013-09-25 02:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 10:23 - 2013-09-25 02:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 10:23 - 2013-09-25 02:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 10:23 - 2013-09-25 01:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 10:23 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 10:23 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 10:23 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 10:23 - 2013-09-25 01:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 10:23 - 2013-07-04 12:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 10:22 - 2013-10-12 02:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 10:22 - 2013-10-12 02:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 10:22 - 2013-10-12 02:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 10:22 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 10:22 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 20:20 - 2013-11-15 09:29 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-12 16:22 - 2013-11-12 16:22 - 01731819 _____ C:\Users\Nigel\Documents\TH Wedding notes.zip
2013-11-06 16:59 - 2013-11-06 16:59 - 00000000 ____D C:\Users\Nigel\Documents\Ubisoft
2013-11-06 15:58 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-06 15:58 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-06 15:58 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-06 15:57 - 2013-11-06 15:58 - 00017513 _____ C:\Windows\DirectX.log
2013-11-05 16:56 - 2013-11-06 10:46 - 00011475 _____ C:\Users\Nigel\Documents\eBay November 5th.xlsx
2013-11-04 17:30 - 2013-11-04 17:30 - 00000000 ____D C:\Users\Nigel\Documents\Bitlocker Codes for flash drive
2013-11-04 12:42 - 2013-11-04 12:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\WinPatrol
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Program Files (x86)\BillP Studios
2013-10-30 09:46 - 2013-10-30 09:47 - 00258674 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-10-30 09:42 - 2013-10-30 09:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 22:05 - 2013-10-29 22:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 22:05 - 2013-10-29 22:06 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 22:05 - 2013-10-29 22:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-29 22:05 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files\iPod
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-10-29 21:57 - 2013-11-13 12:31 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-10-29 16:17 - 2013-10-29 16:17 - 01402880 _____ C:\Users\Nigel\Downloads\HiJackThis.msi
2013-10-29 11:30 - 2013-10-29 11:30 - 00000000 ____D C:\Users\Sue\AppData\Roaming\AVAST Software
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\AVAST Software
2013-10-29 09:41 - 2013-11-15 19:07 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 09:41 - 2013-11-15 16:46 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-29 09:41 - 2013-11-08 21:21 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-29 09:41 - 2013-10-29 09:41 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-29 09:41 - 2013-10-29 09:41 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-29 09:21 - 2013-10-29 09:22 - 85444160 _____ (AVAST Software) C:\Users\Nigel\Downloads\avast_free_antivirus_setup.exe
2013-10-28 22:52 - 2013-10-28 22:52 - 00000000 ____D C:\Users\Nigel\Documents\Old Firefox Data
2013-10-28 16:37 - 2013-10-28 16:37 - 00448512 _____ (OldTimer Tools) C:\Users\Nigel\Desktop\TFC.exe
2013-10-27 09:58 - 2013-10-27 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-10-27 09:21 - 2013-10-27 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-27 09:20 - 2013-10-27 09:20 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-26 10:57 - 2013-10-26 10:58 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-10-24 13:44 - 2013-10-24 13:44 - 00000541 _____ C:\Windows\KB893803v2.log
2013-10-21 16:25 - 2013-09-04 12:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-15 19:18 - 2013-11-15 19:17 - 00019693 _____ C:\Users\Nigel\Desktop\FRST.txt
2013-11-15 19:15 - 2013-09-18 09:02 - 01238452 _____ C:\Windows\WindowsUpdate.log
2013-11-15 19:08 - 2012-02-09 19:10 - 00000000 ___RD C:\Users\Nigel\Dropbox
2013-11-15 19:08 - 2012-02-09 19:06 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\Dropbox
2013-11-15 19:07 - 2013-10-29 09:41 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-15 19:07 - 2013-10-05 13:23 - 00000286 _____ C:\Windows\TWAIN.LOG
2013-11-15 19:07 - 2012-12-07 17:25 - 00000156 _____ C:\Windows\Twunk001.MTX
2013-11-15 19:07 - 2012-12-07 17:25 - 00000005 _____ C:\Windows\Twain001.Mtx
2013-11-15 19:06 - 2013-10-05 13:21 - 00009520 _____ C:\Windows\setupact.log
2013-11-15 19:06 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-15 16:46 - 2013-10-29 09:41 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-15 16:33 - 2012-10-22 08:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-15 16:04 - 2009-07-14 05:13 - 00787914 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-15 14:59 - 2013-11-15 14:59 - 00000000 ____D C:\Users\Sue\AppData\Local\Secunia PSI
2013-11-15 14:53 - 2009-07-14 04:45 - 00015344 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 14:53 - 2009-07-14 04:45 - 00015344 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 10:57 - 2013-11-15 10:57 - 01957794 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2013-11-15 10:57 - 2013-11-15 10:57 - 00000000 ____D C:\FRST
2013-11-15 09:38 - 2009-12-12 18:16 - 00000000 ____D C:\Users\Nigel\AppData\Local\Adobe
2013-11-15 09:29 - 2013-11-12 20:20 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-14 21:31 - 2013-06-24 09:57 - 00020587 _____ C:\Users\Nigel\Documents\DropboxExport.log
2013-11-14 14:39 - 2009-12-12 16:02 - 00001409 _____ C:\Users\Sue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 18:00 - 2013-11-13 18:00 - 00000132 _____ C:\Users\Nigel\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-11-13 12:36 - 2012-10-22 08:28 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-13 12:36 - 2012-04-25 14:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-13 12:36 - 2011-05-13 15:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-13 12:31 - 2013-11-13 12:31 - 00000000 ____D C:\Users\Nigel\AppData\Local\Secunia PSI
2013-11-13 12:31 - 2013-10-29 21:57 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-13 12:02 - 2009-12-12 16:00 - 00001409 _____ C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 11:55 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-13 11:54 - 2013-11-13 11:51 - 00007500 _____ C:\Windows\IE11_main.log
2013-11-13 11:52 - 2013-11-13 11:52 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 10:34 - 2010-02-19 09:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 10:33 - 2013-08-14 16:29 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 10:32 - 2009-10-29 16:48 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 16:22 - 2013-11-12 16:22 - 01731819 _____ C:\Users\Nigel\Documents\TH Wedding notes.zip
2013-11-08 21:21 - 2013-10-29 09:41 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-11-06 16:59 - 2013-11-06 16:59 - 00000000 ____D C:\Users\Nigel\Documents\Ubisoft
2013-11-06 15:58 - 2013-11-06 15:57 - 00017513 _____ C:\Windows\DirectX.log
2013-11-06 15:16 - 2010-12-25 17:16 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-11-06 15:16 - 2009-10-29 16:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-06 10:46 - 2013-11-05 16:56 - 00011475 _____ C:\Users\Nigel\Documents\eBay November 5th.xlsx
2013-11-04 17:30 - 2013-11-04 17:30 - 00000000 ____D C:\Users\Nigel\Documents\Bitlocker Codes for flash drive
2013-11-04 12:42 - 2013-11-04 12:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-04 11:56 - 2012-12-23 14:53 - 00001456 _____ C:\Users\Nigel\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-10-31 12:59 - 2013-10-09 14:01 - 00002462 _____ C:\Windows\PFRO.log
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\WinPatrol
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Program Files (x86)\BillP Studios
2013-10-30 14:50 - 2012-05-07 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-30 12:56 - 2013-10-14 09:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-30 09:47 - 2013-10-30 09:46 - 00258674 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-10-30 09:43 - 2013-10-30 09:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 22:13 - 2009-12-13 12:37 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-10-29 22:12 - 2009-12-12 16:45 - 00000000 ____D C:\ProgramData\Adobe
2013-10-29 22:06 - 2013-10-29 22:05 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 22:06 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 22:06 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-29 22:05 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files\iPod
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-10-29 21:21 - 2012-03-26 11:38 - 00000000 ____D C:\Program Files\CCleaner
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-10-29 16:17 - 2013-10-29 16:17 - 01402880 _____ C:\Users\Nigel\Downloads\HiJackThis.msi
2013-10-29 11:30 - 2013-10-29 11:30 - 00000000 ____D C:\Users\Sue\AppData\Roaming\AVAST Software
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\AVAST Software
2013-10-29 09:41 - 2013-10-29 09:41 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-29 09:41 - 2013-10-29 09:41 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-29 09:41 - 2013-10-29 09:41 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-29 09:41 - 2011-01-18 17:46 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-29 09:40 - 2012-11-03 14:32 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-29 09:39 - 2013-03-02 13:05 - 00001945 _____ C:\Windows\epplauncher.mif
2013-10-29 09:22 - 2013-10-29 09:21 - 85444160 _____ (AVAST Software) C:\Users\Nigel\Downloads\avast_free_antivirus_setup.exe
2013-10-28 22:52 - 2013-10-28 22:52 - 00000000 ____D C:\Users\Nigel\Documents\Old Firefox Data
2013-10-28 16:37 - 2013-10-28 16:37 - 00448512 _____ (OldTimer Tools) C:\Users\Nigel\Desktop\TFC.exe
2013-10-28 07:50 - 2009-12-13 17:45 - 00000000 ____D C:\Users\Nigel\AppData\Local\Google
2013-10-27 09:58 - 2013-10-27 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-10-27 09:48 - 2013-10-27 09:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-27 09:20 - 2013-10-27 09:20 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-26 10:59 - 2012-03-26 12:19 - 00000000 ____D C:\Windows\ERDNT
2013-10-26 10:58 - 2013-10-26 10:57 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-10-25 15:55 - 2010-03-03 18:54 - 00017276 _____ C:\Users\Nigel\Documents\Pension projections v1.xlsx
2013-10-24 13:44 - 2013-10-24 13:44 - 00000541 _____ C:\Windows\KB893803v2.log
2013-10-24 12:44 - 2013-08-19 08:10 - 00000000 ____D C:\Users\Nigel\Documents\WORK
2013-10-22 09:02 - 2009-12-12 16:00 - 00000000 ___RD C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-21 20:18 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-21 15:32 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-20 11:14 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2013-10-18 14:17 - 2009-07-14 02:34 - 00449845 ____R C:\Windows\system32\Drivers\etc\hosts.20131024-215855.backup
2013-10-17 15:05 - 2012-12-22 14:44 - 00317808 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2013-10-16 20:30 - 2009-07-14 02:34 - 00449845 ____R C:\Windows\system32\Drivers\etc\hosts.20131018-151719.backup
2013-10-16 11:58 - 2010-03-03 18:54 - 00023694 _____ C:\Users\Nigel\Documents\MUSICIANS ACCOUNTS vi.xlsx
 

 

Look forward to your reply

 

Nigel

Link to post
Share on other sites

  • Root Admin

Not seeing anything in that log aside from an old Java entry but that should not be the issue here.

 

Please make a new System Restore Point and run the following.  Make sure you temporarily disable your antivirus while it runs and re-enable your antivirus when done.

 

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites

OK Ron - here goes :-

 

ComboFix 13-11-15.01 - Nigel 15/11/2013  22:45:57.7.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.8183.5877 [GMT 0:00]
Running from: c:\users\Nigel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-15 to 2013-11-15  )))))))))))))))))))))))))))))))
.
.
2013-11-15 14:59 . 2013-11-15 14:59    --------    d-----w-    c:\users\Sue\AppData\Local\Secunia PSI
2013-11-15 10:57 . 2013-11-15 10:57    --------    d-----w-    C:\FRST
2013-11-15 09:36 . 2013-10-16 01:20    10280728    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{B33CE83A-98E1-42C0-A016-C31290448F22}\mpengine.dll
2013-11-13 12:31 . 2013-11-13 12:31    --------    d-----w-    c:\users\Nigel\AppData\Local\Secunia PSI
2013-11-13 11:54 . 2013-10-14 18:00    28368    ----a-w-    c:\windows\system32\IEUDINIT.EXE
2013-11-13 10:24 . 2013-10-04 02:24    1930752    ----a-w-    c:\windows\system32\authui.dll
2013-11-13 10:24 . 2013-10-04 01:56    1796096    ----a-w-    c:\windows\SysWow64\authui.dll
2013-11-13 10:24 . 2013-10-04 02:28    190464    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 10:24 . 2013-10-04 02:25    197120    ----a-w-    c:\windows\system32\credui.dll
2013-11-13 10:24 . 2013-10-04 01:58    152576    ----a-w-    c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-13 10:24 . 2013-10-04 01:56    168960    ----a-w-    c:\windows\SysWow64\credui.dll
2013-11-13 10:24 . 2013-10-05 20:25    1474048    ----a-w-    c:\windows\system32\crypt32.dll
2013-11-13 10:24 . 2013-10-05 19:57    1168384    ----a-w-    c:\windows\SysWow64\crypt32.dll
2013-11-13 10:22 . 2013-10-12 02:29    859648    ----a-w-    c:\windows\system32\IKEEXT.DLL
2013-11-13 10:22 . 2013-10-12 02:30    830464    ----a-w-    c:\windows\system32\nshwfp.dll
2013-11-13 10:22 . 2013-10-12 02:29    324096    ----a-w-    c:\windows\system32\FWPUCLNT.DLL
2013-11-13 10:22 . 2013-10-12 02:03    656896    ----a-w-    c:\windows\SysWow64\nshwfp.dll
2013-11-13 10:22 . 2013-10-12 02:01    216576    ----a-w-    c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-04 12:42 . 2013-11-04 12:42    18456    ----a-w-    c:\windows\system32\drivers\psi_mf_amd64.sys
2013-10-31 10:46 . 2013-10-31 10:46    --------    d-----w-    c:\users\Nigel\AppData\Roaming\WinPatrol
2013-10-31 10:46 . 2013-10-31 10:46    --------    d-----w-    c:\program files (x86)\BillP Studios
2013-10-31 10:46 . 2013-10-31 10:46    --------    d-----w-    c:\programdata\InstallMate
2013-10-29 22:05 . 2013-10-29 22:06    --------    d-----w-    c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 22:05 . 2013-10-29 22:06    --------    d-----w-    c:\program files\iTunes
2013-10-29 22:05 . 2013-10-29 22:06    --------    d-----w-    c:\program files (x86)\iTunes
2013-10-29 22:05 . 2013-10-29 22:05    --------    d-----w-    c:\program files\iPod
2013-10-29 22:04 . 2013-10-29 22:04    --------    d-----w-    c:\users\Default\AppData\Roaming\Apple Computer
2013-10-29 22:04 . 2013-10-29 22:04    --------    d-----w-    c:\users\Default\AppData\Local\Apple Computer
2013-10-29 21:57 . 2013-11-13 12:31    --------    d-----w-    c:\program files (x86)\Secunia
2013-10-29 16:19 . 2013-10-29 16:19    388096    ----a-r-    c:\users\Nigel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-29 16:19 . 2013-10-29 16:19    --------    d-----w-    c:\program files (x86)\Trend Micro
2013-10-29 11:30 . 2013-10-29 11:30    --------    d-----w-    c:\users\Sue\AppData\Roaming\AVAST Software
2013-10-29 09:42 . 2013-10-29 09:42    --------    d-----w-    c:\users\Nigel\AppData\Roaming\AVAST Software
2013-10-29 09:41 . 2013-10-29 09:41    65264    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2013-10-29 09:41 . 2013-10-29 09:41    205320    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-10-29 09:41 . 2013-10-29 09:41    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2013-10-29 09:41 . 2013-10-29 09:41    1032416    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-10-29 09:41 . 2013-11-08 21:21    409832    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2013-10-29 09:41 . 2013-10-29 09:41    84328    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-10-29 09:41 . 2013-10-29 09:41    38984    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2013-10-29 09:41 . 2013-10-29 09:41    92544    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2013-10-29 09:41 . 2013-10-29 09:41    43152    ----a-w-    c:\windows\avastSS.scr
2013-10-27 09:58 . 2013-10-27 09:58    --------    d-----w-    c:\windows\ERUNT
2013-10-27 09:21 . 2013-10-27 09:48    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-27 09:20 . 2013-10-27 09:20    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-10-26 10:57 . 2013-10-26 10:58    --------    d-----w-    c:\program files (x86)\ERUNT
2013-10-21 16:25 . 2013-09-04 12:12    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-10-21 16:25 . 2013-09-04 12:11    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-10-21 16:25 . 2013-09-04 12:11    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-10-21 16:25 . 2013-09-04 12:11    52736    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-10-21 16:25 . 2013-09-04 12:11    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-10-21 16:25 . 2013-09-04 12:11    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2013-10-21 16:25 . 2013-09-04 12:11    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-10-18 12:35 . 2013-10-18 12:35    --------    d-----w-    c:\users\Nigel\AppData\Local\ElevatedDiagnostics
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-13 12:36 . 2012-04-25 14:24    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-13 12:36 . 2011-05-13 15:45    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 10:32 . 2009-10-29 16:48    82896128    ----a-w-    c:\windows\system32\MRT.exe
2013-10-29 09:41 . 2011-01-18 17:46    334648    ----a-w-    c:\windows\system32\aswBoot.exe
2013-10-17 15:05 . 2012-12-22 14:44    317808    ----a-w-    c:\windows\system32\drivers\RapportKE64.sys
2013-09-08 02:30 . 2013-10-11 09:18    1903552    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-11 09:18    327168    ----a-w-    c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-11 09:18    231424    ----a-w-    c:\windows\SysWow64\mswsock.dll
2013-09-03 13:35 . 2009-10-29 16:49    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-11 09:18    5549504    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-11 09:18    1732032    ----a-w-    c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-11 09:18    243712    ----a-w-    c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-11 09:18    859648    ----a-w-    c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-11 09:18    878080    ----a-w-    c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-11 09:18    3969472    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-11 09:18    3914176    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-11 09:18    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-11 09:18    1292192    ----a-w-    c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-11 09:18    619520    ----a-w-    c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-11 09:18    640512    ----a-w-    c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-11 09:18    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-11 09:18    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-11 09:18    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-11 09:18    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-11 09:18    2048    ----a-w-    c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-11 09:18    3155968    ----a-w-    c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-11 09:17    461312    ----a-w-    c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    130736    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    130736    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    130736    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    130736    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2013-10-19 456768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2012-04-02 1058912]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2013-03-28 6366264]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1103440]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-29 3567800]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-19 152392]
.
c:\users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Nigel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-11-4 565464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys;c:\windows\SYSNATIVE\DRIVERS\ENTECH64.sys [x]
R3 EyeOneDisplay;EyeOneDisplay;c:\windows\system32\Drivers\i1display_x64.sys;c:\windows\SYSNATIVE\Drivers\i1display_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 netr7364;Belkin Wireless 54G USB Network Adapter Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50a64.sys;c:\windows\SYSNATIVE\Drivers\PCAMp50a64.sys [x]
R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PCASp50a64.sys;c:\windows\SYSNATIVE\Drivers\PCASp50a64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SeqCal;SeqCal;c:\windows\system32\DRIVERS\SeqCal.sys;c:\windows\SYSNATIVE\DRIVERS\SeqCal.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\DRIVERS\WN111v2x.sys;c:\windows\SYSNATIVE\DRIVERS\WN111v2x.sys [x]
R4 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R4 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 RapportCerberus_59849;RapportCerberus_59849;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 nlscc;Nalpeiron X64 Service;c:\windows\system32\nlsInterface.exe;c:\windows\SYSNATIVE\nlsInterface.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [x]
S2 TouchServiceWacom;Wacom Professional Touch Service;c:\program files\Tablet\Wacom\Wacom_TouchService.exe;c:\program files\Tablet\Wacom\Wacom_TouchService.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys;c:\windows\SYSNATIVE\DRIVERS\netr6164.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 12:36]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20 21:25]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20 21:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-29 09:41    326944    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-28 00:59    2818848    ----a-w-    c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-28 00:59    2818848    ----a-w-    c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-28 00:59    2818848    ----a-w-    c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\Nigel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 516960]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{86CAA214-65E8-4352-B03D-396AF9D236C8}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\
FF - ExtSQL: 2013-10-29 09:41; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-10-29 10:06; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-10-29 10:06; {dc572301-7619-498c-a57d-39143191b318}; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF - ExtSQL: 2013-10-29 10:06; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-10-29 10:07; printPages2Pdf@reinhold.ripper; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\printPages2Pdf@reinhold.ripper
FF - ExtSQL: 2013-10-29 10:40; {d37dc5d0-431d-44e5-8c91-49419370caa1}; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF - ExtSQL: 2013-10-29 10:40; {ada4b710-8346-4b82-8199-5de2b400a6ae}; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - ExtSQL: 2013-10-29 11:04; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-10-29 15:54; {f86ddff9-183b-4962-891c-b9183095a8fb}; c:\users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\extensions\{f86ddff9-183b-4962-891c-b9183095a8fb}.xpi
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-55804799.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-659262273-614998807-254128721-1004_Classes\{1A493EAC-93D3-4646-B911-4697A475FF4B}*]
@Allowed: (Read) (RestrictedCode)
@=hex:4b,06,2d,16,21,b1,cc,01
.
[HKEY_USERS\S-1-5-21-659262273-614998807-254128721-1004_Classes\{3B8C523D-E999-4C87-BB58-E03B7F5C67F8}*]
@Allowed: (Read) (RestrictedCode)
@=hex:a9,e2,b0,85,b2,ba,cc,01
.
[HKEY_USERS\S-1-5-21-659262273-614998807-254128721-1004_Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*]
@Allowed: (Read) (RestrictedCode)
@=hex:17,f9,d1,92,bf,b9,cc,01
.
[HKEY_USERS\S-1-5-21-659262273-614998807-254128721-1004_Classes\{787E3340-6D04-4BF3-BCC2-2AD3630471CE}*]
@Allowed: (Read) (RestrictedCode)
@=hex:b7,ef,c9,0d,a6,b5,cc,01
.
[HKEY_USERS\S-1-5-21-659262273-614998807-254128721-1004_Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*]
@Allowed: (Read) (RestrictedCode)
@=hex:6f,fc,ad,85,b2,ba,cc,01
.
[HKEY_USERS\S-1-5-21-659262273-614998807-254128721-1004_Classes\{C4B20040-7D5A-4558-9E19-B7DF94366F97}*]
@Allowed: (Read) (RestrictedCode)
@=hex:f5,e0,e6,92,bf,b9,cc,01
.
[HKEY_USERS\S-1-5-21-659262273-614998807-254128721-1004_Classes\{C55AC07F-5B51-486C-811A-750184298D58}*]
@Allowed: (Read) (RestrictedCode)
@=hex:5b,53,55,40,ad,ba,cc,01
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{1A493EAC-93D3-4646-B911-4697A475FF4B}*]
@=hex:a0,f3,3d,00,d6,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{20EF7B60-CE85-4048-A409-02CB203268EE}*]
@=hex:85,0d,dd,ff,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{242E582C-66A8-478C-8BCA-0AF9F1D38D39}*]
@=hex:6e,8e,9f,ff,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{29638F0C-042B-4B50-A2D2-8E8E7CA71E4F}*]
@=hex:c8,ba,bb,fe,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{3B84C2D7-708C-48EF-8ED7-0C5FC0F030C6}*]
@=hex:44,5c,07,fe,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{3B8C523D-E999-4C87-BB58-E03B7F5C67F8}*]
@=hex:f5,b1,cb,fd,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*]
@=hex:f1,f1,c6,02,d6,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{787E3340-6D04-4BF3-BCC2-2AD3630471CE}*]
@=hex:44,c2,42,fc,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{92561398-2ED8-42AF-86E2-66FA8E9DC46E}*]
@=hex:65,2d,ff,fe,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}*]
@=hex:d4,0a,ea,02,d6,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*]
@=hex:c3,06,b6,fd,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{B67DA794-42D6-4DFE-AE29-0334338228C9}*]
@=hex:8d,3a,f4,fc,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C4B20040-7D5A-4558-9E19-B7DF94366F97}*]
@=hex:0f,27,02,03,d6,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C514227C-0AF4-44BB-816A-E9483A4302C9}*]
@=hex:d3,d6,60,ff,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C55AC07F-5B51-486C-811A-750184298D58}*]
@=hex:da,b2,11,00,d6,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C7A40493-BF23-4B53-AB2A-4A923B3EE34B}*]
@=hex:b6,f8,7a,fd,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{E14E55A7-29C8-4389-8E5A-3EF964510FCA}*]
@=hex:98,a3,7b,fe,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{F5E30566-7C8F-4037-A8FF-A7382E251C56}*]
@=hex:78,36,33,ff,d5,9f,cc,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-11-15  22:55:21
ComboFix-quarantined-files.txt  2013-11-15 22:55
.
Pre-Run: 88,984,854,528 bytes free
Post-Run: 88,611,753,984 bytes free
.
- - End Of File - - 630EAC563FCB7DD47B07ADF2ADBAA3F2
A36C5E4F47E84449FF07ED3517B43A31
 

 

Also, when the scan had completed, Winpatrol came up with a box headed "search page" and it reads :-

 

Your default Search page has been changed to

http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch

 

If this is OK click Accept or press enter,

 

Click reject and your last choice for search tool will be restored to

http://go.microsoft.com/fwlink/?LinkId=54896.

 

If a program continues to force a new page click on the help button.

 

This box is still active I have not replied.

 

However, I also got a message when I opened my browser to say that Firefox was not my default browser - would I like to make it so and I did.

 

Are we OK or is there a problem?

 

Thanks

 

Nigel

Link to post
Share on other sites

  • Root Admin

It appears that the search page was probably restored to default and you probably had it on Bing.com  you can select any search page you want and then update WinPatrol to use that one.  Yes it's okay to keep Firefox as the default browser.  

 

Not really seeing anything bad here.  Maybe some type of file corruption or some thing else odd giving the tools a problem.

 

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit

How to Run Disk Check in Windows 7

How to Run Check Disk at Startup in Vista or Windows 7

How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8
 

The post back the Event Log entry for the disk check when done.

Link to post
Share on other sites

Thanks Ron

 

Here's the log :-

 

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  352256 file records processed.                                          File verification completed.
  1594 large file records processed.                                      0 bad file records processed.                                        2 EA records processed.                                              59 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...
  475480 index entries processed.                                         Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...
  352256 file SDs/SIDs processed.                                         Cleaning up 210 unused index entries from index $SII of file 0x9.
Cleaning up 210 unused index entries from index $SDH of file 0x9.
Cleaning up 210 unused security descriptors.
Security descriptor verification completed.
  61613 data files processed.                                            CHKDSK is verifying Usn Journal...
  37088144 USN bytes processed.                                             Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  352240 files processed.                                                 File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  21669826 free clusters processed.                                         Free space verification is complete.
Windows has checked the file system and found no problems.

 488282111 KB total disk space.
 400952444 KB in 269934 files.
    177860 KB in 61614 indexes.
         0 KB in bad sectors.
    472503 KB in use by the system.
     65536 KB occupied by the log file.
  86679304 KB available on disk.

      4096 bytes in each allocation unit.
 122070527 total allocation units on disk.
  21669826 allocation units available on disk.

Internal Info:
00 60 05 00 25 0f 05 00 8c f0 08 00 00 00 00 00  .`..%...........
d2 6a 00 00 3b 00 00 00 00 00 00 00 00 00 00 00  .j..;...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.
 

Link to post
Share on other sites

  • Root Admin

Yeah, that does not explain any real issue either.

 

All I can say for now is to keep an eye on it and make sure your antivirus is up to date and do a Full System scan with it.

 

Might want to also run this as it will clean out all sorts of temporary file locations on the system.

 

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

 

I'm going to be going on vacation in a couple of days but if you do run into any issues go ahead and post a new topic and one of the other Helpers can assist you if needed.

 

Thanks

Link to post
Share on other sites

OK Ron - here's the post - well two posts because they're too long. Thanks for your help and enjoy your vacation

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02
Ran by Nigel (administrator) on ADMIN-PC on 18-11-2013 10:15:07
Running from C:\Users\Nigel\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\system32\nlsInterface.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.169\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.169\GoogleCrashHandler64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Nigel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516960 2013-02-15] (Acronis)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [456768 2013-10-19] (BillP Studios)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6366264 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103440 2013-01-10] (Acronis)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-29] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)
Startup: C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nigel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86CAA214-65E8-4352-B03D-396AF9D236C8}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Print pages to PDF - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\printPages2Pdf@reinhold.ripper
FF Extension: ReminderFox - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF Extension: FoxClocks - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF Extension: noscript - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: tabmix - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: greasemonkey - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: defaults - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\w24mgqft.default-1383000727538\Extensions\{f86ddff9-183b-4962-891c-b9183095a8fb}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======


CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (ScorchPlugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPSibelius.dll ()
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (avast! WebRep) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-29] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 nlscc; C:\Windows\system32\nlsInterface.exe [72192 2010-11-01] (Nalpeiron Ltd.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2013-10-17] (Trusteer Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-08] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-29] ()
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2007-08-20] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\SysWow64\DRIVERS\ENTECH64.sys [5632 2004-06-22] (EnTech Taiwan)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-10-28] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [284176 2013-10-17] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [317808 2013-10-17] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [399312 2013-10-17] (Trusteer Ltd.)
S3 SeqCal; C:\Windows\System32\DRIVERS\SeqCal.sys [7808 2006-05-18] (GretagMacbeth LLC)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-04-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-04-15] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-04-15] (Acronis International GmbH)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2x.sys [560128 2009-01-13] (Atheros Communications, Inc.)
S4 tsusbhub; system32\drivers\tsusbhub.sys [x]
S4 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-18 10:15 - 2013-11-18 10:15 - 00019907 _____ C:\Users\Nigel\Desktop\FRST.txt
2013-11-18 10:12 - 2013-11-18 10:12 - 01958026 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2013-11-17 13:27 - 2013-11-17 13:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 10:14 - 2013-11-16 10:14 - 00003528 ____N C:\bootsqm.dat
2013-11-15 22:55 - 2013-11-15 22:55 - 00029285 _____ C:\ComboFix.txt
2013-11-15 22:43 - 2013-11-15 22:55 - 00000000 ____D C:\Qoobox
2013-11-15 22:43 - 2011-06-26 06:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-15 22:43 - 2010-11-07 17:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-15 22:43 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-15 22:43 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-15 22:43 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-15 22:43 - 2000-08-31 00:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-15 22:43 - 2000-08-31 00:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-15 22:43 - 2000-08-31 00:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-15 22:37 - 2013-11-15 22:37 - 05146278 ____R (Swearware) C:\Users\Nigel\Desktop\ComboFix.exe
2013-11-15 14:59 - 2013-11-15 14:59 - 00000000 ____D C:\Users\Sue\AppData\Local\Secunia PSI
2013-11-15 10:57 - 2013-11-15 10:57 - 00000000 ____D C:\FRST
2013-11-13 18:00 - 2013-11-13 18:00 - 00000132 _____ C:\Users\Nigel\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-11-13 12:31 - 2013-11-13 12:31 - 00000000 ____D C:\Users\Nigel\AppData\Local\Secunia PSI
2013-11-13 11:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-13 11:52 - 2013-11-13 11:52 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 11:51 - 2013-11-13 11:54 - 00007500 _____ C:\Windows\IE11_main.log
2013-11-13 10:24 - 2013-10-05 20:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 10:24 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 10:24 - 2013-10-04 02:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 10:24 - 2013-10-04 02:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 10:24 - 2013-10-04 02:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 10:24 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 10:24 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 10:24 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 10:23 - 2013-10-03 02:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 10:23 - 2013-10-03 02:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 10:23 - 2013-09-28 01:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 10:23 - 2013-09-25 02:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 10:23 - 2013-09-25 02:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 10:23 - 2013-09-25 02:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 10:23 - 2013-09-25 02:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 10:23 - 2013-09-25 02:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 10:23 - 2013-09-25 02:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 10:23 - 2013-09-25 02:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 10:23 - 2013-09-25 02:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 10:23 - 2013-09-25 01:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 10:23 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 10:23 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 10:23 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 10:23 - 2013-09-25 01:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 10:23 - 2013-07-04 12:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 10:22 - 2013-10-12 02:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 10:22 - 2013-10-12 02:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 10:22 - 2013-10-12 02:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 10:22 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 10:22 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 20:20 - 2013-11-17 10:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-12 16:22 - 2013-11-12 16:22 - 01731819 _____ C:\Users\Nigel\Documents\TH Wedding notes.zip
2013-11-06 16:59 - 2013-11-06 16:59 - 00000000 ____D C:\Users\Nigel\Documents\Ubisoft
2013-11-06 15:58 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-06 15:58 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-06 15:58 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-11-06 15:58 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-06 15:58 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-11-06 15:58 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-06 15:58 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-06 15:58 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-06 15:58 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-06 15:58 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-06 15:57 - 2013-11-06 15:58 - 00017513 _____ C:\Windows\DirectX.log
2013-11-05 16:56 - 2013-11-06 10:46 - 00011475 _____ C:\Users\Nigel\Documents\eBay November 5th.xlsx
2013-11-04 17:30 - 2013-11-04 17:30 - 00000000 ____D C:\Users\Nigel\Documents\Bitlocker Codes for flash drive
2013-11-04 12:42 - 2013-11-04 12:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\WinPatrol
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Program Files (x86)\BillP Studios
2013-10-30 09:46 - 2013-10-30 09:47 - 00258674 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-10-29 22:05 - 2013-10-29 22:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 22:05 - 2013-10-29 22:06 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 22:05 - 2013-10-29 22:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-29 22:05 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files\iPod
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-10-29 21:57 - 2013-11-13 12:31 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-10-29 16:17 - 2013-10-29 16:17 - 01402880 _____ C:\Users\Nigel\Downloads\HiJackThis.msi
2013-10-29 11:30 - 2013-10-29 11:30 - 00000000 ____D C:\Users\Sue\AppData\Roaming\AVAST Software
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\AVAST Software
2013-10-29 09:41 - 2013-11-18 10:06 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 09:41 - 2013-11-17 22:46 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-29 09:41 - 2013-11-08 21:21 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-29 09:41 - 2013-10-29 09:41 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-29 09:41 - 2013-10-29 09:41 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-29 09:21 - 2013-10-29 09:22 - 85444160 _____ (AVAST Software) C:\Users\Nigel\Downloads\avast_free_antivirus_setup.exe
2013-10-28 22:52 - 2013-10-28 22:52 - 00000000 ____D C:\Users\Nigel\Documents\Old Firefox Data
2013-10-28 16:37 - 2013-11-18 10:10 - 00448512 _____ (OldTimer Tools) C:\Users\Nigel\Desktop\TFC.exe
2013-10-27 09:58 - 2013-10-27 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-10-27 09:21 - 2013-10-27 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-27 09:20 - 2013-10-27 09:20 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-26 10:57 - 2013-10-26 10:58 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-10-24 13:44 - 2013-10-24 13:44 - 00000541 _____ C:\Windows\KB893803v2.log
2013-10-21 16:25 - 2013-09-04 12:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-21 16:25 - 2013-09-04 12:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-18 10:16 - 2009-12-12 18:16 - 00000000 ____D C:\Users\Nigel\AppData\Local\Adobe
2013-11-18 10:15 - 2013-11-18 10:15 - 00019907 _____ C:\Users\Nigel\Desktop\FRST.txt
2013-11-18 10:12 - 2013-11-18 10:12 - 01958026 _____ (Farbar) C:\Users\Nigel\Desktop\FRST64.exe
2013-11-18 10:12 - 2013-09-18 09:02 - 01401881 _____ C:\Windows\WindowsUpdate.log
2013-11-18 10:10 - 2013-10-28 16:37 - 00448512 _____ (OldTimer Tools) C:\Users\Nigel\Desktop\TFC.exe
2013-11-18 10:07 - 2013-10-05 13:23 - 00000286 _____ C:\Windows\TWAIN.LOG
2013-11-18 10:07 - 2012-12-07 17:25 - 00000156 _____ C:\Windows\Twunk001.MTX
2013-11-18 10:07 - 2012-12-07 17:25 - 00000005 _____ C:\Windows\Twain001.Mtx
2013-11-18 10:07 - 2012-02-09 19:10 - 00000000 ___RD C:\Users\Nigel\Dropbox
2013-11-18 10:07 - 2012-02-09 19:06 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\Dropbox
2013-11-18 10:06 - 2013-10-29 09:41 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-18 10:05 - 2013-10-05 13:21 - 00010080 _____ C:\Windows\setupact.log
2013-11-18 10:05 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-17 23:36 - 2012-10-22 08:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-17 22:46 - 2013-10-29 09:41 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-17 21:03 - 2009-07-14 04:45 - 00015344 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-17 21:03 - 2009-07-14 04:45 - 00015344 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-17 21:01 - 2009-07-14 05:13 - 00787914 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-17 17:18 - 2013-06-24 09:57 - 00020584 _____ C:\Users\Nigel\Documents\DropboxExport.log
2013-11-17 15:14 - 2012-05-07 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-17 13:42 - 2013-11-17 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 10:39 - 2013-11-12 20:20 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-16 10:14 - 2013-11-16 10:14 - 00003528 ____N C:\bootsqm.dat
2013-11-16 07:53 - 2013-10-09 14:01 - 00003014 _____ C:\Windows\PFRO.log
2013-11-15 22:55 - 2013-11-15 22:55 - 00029285 _____ C:\ComboFix.txt
2013-11-15 22:55 - 2013-11-15 22:43 - 00000000 ____D C:\Qoobox
2013-11-15 22:52 - 2009-07-14 02:34 - 00000215 _____ C:\Windows\system.ini
2013-11-15 22:43 - 2012-03-26 12:19 - 00000000 ____D C:\Windows\ERDNT
2013-11-15 22:37 - 2013-11-15 22:37 - 05146278 ____R (Swearware) C:\Users\Nigel\Desktop\ComboFix.exe
2013-11-15 14:59 - 2013-11-15 14:59 - 00000000 ____D C:\Users\Sue\AppData\Local\Secunia PSI
2013-11-15 10:57 - 2013-11-15 10:57 - 00000000 ____D C:\FRST
2013-11-14 14:39 - 2009-12-12 16:02 - 00001409 _____ C:\Users\Sue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 18:00 - 2013-11-13 18:00 - 00000132 _____ C:\Users\Nigel\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-11-13 12:36 - 2012-10-22 08:28 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-13 12:36 - 2012-04-25 14:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-13 12:36 - 2011-05-13 15:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-13 12:31 - 2013-11-13 12:31 - 00000000 ____D C:\Users\Nigel\AppData\Local\Secunia PSI
2013-11-13 12:31 - 2013-10-29 21:57 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-13 12:02 - 2009-12-12 16:00 - 00001409 _____ C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 11:55 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-13 11:54 - 2013-11-13 11:51 - 00007500 _____ C:\Windows\IE11_main.log
2013-11-13 11:52 - 2013-11-13 11:52 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 11:52 - 2013-11-13 11:52 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 11:52 - 2013-11-13 11:52 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 11:52 - 2013-11-13 11:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 11:52 - 2013-11-13 11:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 11:52 - 2013-11-13 11:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 11:52 - 2013-11-13 11:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 11:52 - 2013-11-13 11:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 10:34 - 2010-02-19 09:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 10:33 - 2013-08-14 16:29 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 10:32 - 2009-10-29 16:48 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 16:22 - 2013-11-12 16:22 - 01731819 _____ C:\Users\Nigel\Documents\TH Wedding notes.zip
2013-11-08 21:21 - 2013-10-29 09:41 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-11-06 16:59 - 2013-11-06 16:59 - 00000000 ____D C:\Users\Nigel\Documents\Ubisoft
2013-11-06 15:58 - 2013-11-06 15:57 - 00017513 _____ C:\Windows\DirectX.log
2013-11-06 15:16 - 2010-12-25 17:16 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-11-06 15:16 - 2009-10-29 16:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-06 10:46 - 2013-11-05 16:56 - 00011475 _____ C:\Users\Nigel\Documents\eBay November 5th.xlsx
2013-11-04 17:30 - 2013-11-04 17:30 - 00000000 ____D C:\Users\Nigel\Documents\Bitlocker Codes for flash drive
2013-11-04 12:42 - 2013-11-04 12:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-04 11:56 - 2012-12-23 14:53 - 00001456 _____ C:\Users\Nigel\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\WinPatrol
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-31 10:46 - 2013-10-31 10:46 - 00000000 ____D C:\Program Files (x86)\BillP Studios
2013-10-30 12:56 - 2013-10-14 09:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-30 09:47 - 2013-10-30 09:46 - 00258674 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-10-29 22:13 - 2009-12-13 12:37 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2013-10-29 22:12 - 2009-12-12 16:45 - 00000000 ____D C:\ProgramData\Adobe
2013-10-29 22:06 - 2013-10-29 22:05 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 22:06 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 22:06 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-29 22:05 - 2013-10-29 22:05 - 00000000 ____D C:\Program Files\iPod
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-10-29 22:04 - 2013-10-29 22:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-10-29 21:21 - 2012-03-26 11:38 - 00000000 ____D C:\Program Files\CCleaner
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-10-29 16:19 - 2013-10-29 16:19 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-10-29 16:17 - 2013-10-29 16:17 - 01402880 _____ C:\Users\Nigel\Downloads\HiJackThis.msi
2013-10-29 11:30 - 2013-10-29 11:30 - 00000000 ____D C:\Users\Sue\AppData\Roaming\AVAST Software
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\AVAST Software
2013-10-29 09:41 - 2013-10-29 09:41 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-29 09:41 - 2013-10-29 09:41 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-29 09:41 - 2013-10-29 09:41 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-29 09:41 - 2013-10-29 09:41 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-29 09:41 - 2011-01-18 17:46 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-29 09:40 - 2012-11-03 14:32 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-29 09:39 - 2013-03-02 13:05 - 00001945 _____ C:\Windows\epplauncher.mif
2013-10-29 09:22 - 2013-10-29 09:21 - 85444160 _____ (AVAST Software) C:\Users\Nigel\Downloads\avast_free_antivirus_setup.exe
2013-10-28 22:52 - 2013-10-28 22:52 - 00000000 ____D C:\Users\Nigel\Documents\Old Firefox Data
2013-10-28 07:50 - 2009-12-13 17:45 - 00000000 ____D C:\Users\Nigel\AppData\Local\Google
2013-10-27 09:58 - 2013-10-27 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-10-27 09:48 - 2013-10-27 09:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-27 09:20 - 2013-10-27 09:20 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-26 10:58 - 2013-10-26 10:57 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-10-25 15:55 - 2010-03-03 18:54 - 00017276 _____ C:\Users\Nigel\Documents\Pension projections v1.xlsx
2013-10-24 13:44 - 2013-10-24 13:44 - 00000541 _____ C:\Windows\KB893803v2.log
2013-10-24 12:44 - 2013-08-19 08:10 - 00000000 ____D C:\Users\Nigel\Documents\WORK
2013-10-22 09:02 - 2009-12-12 16:00 - 00000000 ___RD C:\Users\Nigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-21 20:18 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-21 15:32 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-20 11:14 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-12 17:47

==================== End Of Log ============================

Link to post
Share on other sites

OK - sorted and uninstalled. I was just on the BBC World News site and this came up from Malwarebytes in the log?

 

Same IP address as before and the same one a number of people have reported. Should I just ignore it?

 

2013/11/18 21:02:10 GMT    ADMIN-PC    Nigel    MESSAGE    Starting protection
2013/11/18 21:02:10 GMT    ADMIN-PC    Nigel    MESSAGE    Protection started successfully
2013/11/18 21:02:10 GMT    ADMIN-PC    Nigel    MESSAGE    Starting IP protection
2013/11/18 21:02:12 GMT    ADMIN-PC    Nigel    MESSAGE    IP Protection started successfully
2013/11/18 21:20:51 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 49977, Process: avastsvc.exe)
2013/11/18 21:20:51 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 49978, Process: avastsvc.exe)
2013/11/18 21:20:51 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50006, Process: avastsvc.exe)
2013/11/18 21:20:51 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50007, Process: avastsvc.exe)
2013/11/18 21:21:15 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50023, Process: avastsvc.exe)
2013/11/18 21:21:15 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50024, Process: avastsvc.exe)
2013/11/18 21:21:31 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50035, Process: avastsvc.exe)
2013/11/18 21:21:31 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50036, Process: avastsvc.exe)
2013/11/18 21:21:31 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50041, Process: avastsvc.exe)
2013/11/18 21:21:31 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50043, Process: avastsvc.exe)
2013/11/18 21:22:27 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50055, Process: avastsvc.exe)
2013/11/18 21:22:27 GMT    ADMIN-PC    Nigel    IP-BLOCK    195.59.55.138 (Type: outgoing, Port: 50056, Process: avastsvc.exe)

 

Any ideas please or is it safe to ignore?
 

Link to post
Share on other sites

  • Root Admin

My guess is it's from some advertising site and if that is the only site you're seeing this on then yes, ignore it as MBAM is doing it's job blocking it.

 

IP address: 195.59.55.138
No host name is associated with this IP address or no reverse lookup is configured.

Error: Host not found195.59.55.138 is from United Kingdom(UK) in region Western Europe

 

Otherwise the logs still all look good.   Generally speaking there is typically nothing wrong when getting an IP address block every once in a while when on some sites as that is often advertising that is blocked from a known bad site is all.  If you're getting IP blocks constantly or blocks when no browser or email is even running then that is something to investigate.   I get a few blocks a week myself but that is normal and the main site is not what is being blocked but some other often undesirable link is all.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.