Jump to content

Recommended Posts

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

 

  •  

     

  • Double-click to run it. When the tool opens click Yes to disclaimer.

     

     

  • Press Scan button.

     

     

  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

     

     

  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

     

     

 

 

Kevin...

Link to post
Share on other sites

OK. Spent all morning cleaning out rubbish.

Thanks a lot for your time.

Files are:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-01-2014 01
Ran by Clive (administrator) on CLIVE-PC on 13-01-2014 13:31:22
Running from C:\Users\Clive\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-06-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-30] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.mx/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1A4A62CABC80CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.com.mx
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-07-09]
CHR Extension: (Google Drive) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-07-09]
CHR Extension: (YouTube) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-07-09]
CHR Extension: (Adblock Plus) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0 [2013-12-19]
CHR Extension: (Google Search) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-07-09]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble\3.0_0 [2013-07-09]
CHR Extension: (Hola Better Internet) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.2.290_0 [2013-12-31]
CHR Extension: (avast! Online Security) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0 [2014-01-08]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli\2.0.4.2_0 [2013-11-04]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\9.0_0 [2013-12-22]
CHR Extension: (cifFix) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\jclfgmgojdnckljehaliiiolimmhmoad\0.0.96_0 [2013-10-23]
CHR Extension: (Secure Gmail by Streak) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngdnjdobadbdemillgljnnbpomnfokn\1.5_0 [2013-11-18]
CHR Extension: (Google Wallet) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-19]
CHR Extension: (Gmail) - C:\Users\Clive\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-07-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-22]
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-30] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-30] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
U4 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-01-08] (Greatis Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-13 13:29 - 2014-01-13 13:29 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64 (3).exe
2014-01-13 12:46 - 2014-01-13 12:46 - 00025656 _____ C:\ComboFix.txt
2014-01-13 12:38 - 2011-06-26 00:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-13 12:38 - 2010-11-07 11:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-13 12:38 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-13 12:38 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-13 12:38 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-13 12:38 - 2000-08-30 18:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-13 12:38 - 2000-08-30 18:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-13 12:38 - 2000-08-30 18:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-13 11:38 - 2014-01-13 12:46 - 00000000 ____D C:\Qoobox
2014-01-13 11:38 - 2014-01-13 12:45 - 00000000 ____D C:\Windows\erdnt
2014-01-13 11:37 - 2014-01-13 11:37 - 05166068 _____ (Swearware) C:\Users\Clive\Downloads\ComboFix (1).exe
2014-01-13 11:33 - 2014-01-13 11:33 - 05166068 ____R (Swearware) C:\Users\Clive\Downloads\ComboFix.exe
2014-01-13 11:23 - 2014-01-13 11:23 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64 (2).exe
2014-01-13 11:18 - 2014-01-13 11:18 - 03326176 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\OutlookConnector.exe
2014-01-13 10:07 - 2014-01-13 13:31 - 00011306 _____ C:\Users\Clive\Downloads\FRST.txt
2014-01-13 10:07 - 2014-01-13 11:24 - 00021486 _____ C:\Users\Clive\Downloads\Addition.txt
2014-01-13 10:06 - 2014-01-13 10:06 - 00000000 ____D C:\FRST
2014-01-13 10:05 - 2014-01-13 10:05 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64.exe
2014-01-13 10:05 - 2014-01-13 10:05 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64 (1).exe
2014-01-12 18:30 - 2014-01-12 18:47 - 00000000 ____D C:\Users\Clive\Downloads\Escape Plan 2013 HDRiP AC3 XViD-DontKnow
2014-01-12 18:30 - 2014-01-12 18:30 - 00007515 _____ C:\Users\Clive\Downloads\Escape Plan 2013 HDRiP AC3 XViD-DontKnow.torrent
2014-01-11 12:15 - 2014-01-11 12:15 - 35901280 _____ C:\Users\Clive\Downloads\1996-FSM.zip
2014-01-09 19:49 - 2014-01-09 20:00 - 1323490828 _____ C:\Users\Clive\Downloads\The.Wolf.of.Wall.Street.2013.DVDScr.x264-HaM.m4v
2014-01-09 19:49 - 2014-01-09 19:49 - 00101311 _____ C:\Users\Clive\Downloads\The.Wolf.of.Wall.Street.2013.DVDScr.x264-HaM.m4v (1).torrent
2014-01-09 19:47 - 2014-01-09 19:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-09 14:35 - 2014-01-09 14:36 - 96926992 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\msert.exe
2014-01-09 13:41 - 2014-01-09 13:41 - 00001945 _____ C:\Windows\epplauncher.mif
2014-01-09 13:41 - 2014-01-09 13:41 - 00000000 ____D C:\Program Files\Microsoft Security Client
2014-01-09 13:41 - 2014-01-09 13:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2014-01-09 13:39 - 2014-01-09 13:39 - 13670584 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\mseinstall.exe
2014-01-09 12:30 - 2014-01-09 12:31 - 00101311 _____ C:\Users\Clive\Downloads\The.Wolf.of.Wall.Street.2013.DVDScr.x264-HaM.m4v.torrent
2014-01-08 02:05 - 2014-01-08 02:09 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-08 02:04 - 2014-01-08 02:05 - 10264904 _____ (SurfRight B.V.) C:\Users\Clive\Downloads\HitmanPro_x64.exe
2014-01-08 01:46 - 2014-01-08 01:46 - 00000000 ____D C:\Windows\ERUNT
2014-01-08 01:45 - 2014-01-08 01:45 - 01037068 _____ (Thisisu) C:\Users\Clive\Downloads\JRT.exe
2014-01-08 01:38 - 2014-01-08 01:39 - 00000000 ____D C:\AdwCleaner
2014-01-08 01:38 - 2014-01-08 01:38 - 01233962 _____ C:\Users\Clive\Downloads\adwcleaner.exe
2014-01-08 00:44 - 2014-01-13 13:23 - 00000250 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2014-01-08 00:43 - 2014-01-08 00:43 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.new
2014-01-08 00:43 - 2014-01-08 00:43 - 00000058 _____ C:\Windows\system32\Partizan.RRI
2014-01-08 00:39 - 2014-01-08 00:39 - 00040720 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2014-01-08 00:33 - 2014-01-08 00:33 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2014-01-08 00:33 - 2014-01-08 00:33 - 00000943 _____ C:\Users\Clive\Desktop\UnHackMe.lnk
2014-01-08 00:33 - 2014-01-08 00:33 - 00000418 _____ C:\Windows\Tasks\UnHackMe Task Scheduler.job
2014-01-08 00:33 - 2014-01-08 00:33 - 00000002 RSHOT C:\Windows\winstart.bat
2014-01-08 00:33 - 2014-01-08 00:33 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2014-01-08 00:33 - 2014-01-02 13:55 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2014-01-08 00:29 - 2014-01-08 00:30 - 14785888 _____ C:\Users\Clive\Downloads\unhackme (1).zip
2014-01-08 00:15 - 2014-01-08 00:15 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Clive\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-08 00:15 - 2014-01-08 00:15 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-08 00:15 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-07 23:27 - 2014-01-09 11:29 - 00000000 ____D C:\ProgramData\RegRun
2014-01-07 23:25 - 2014-01-08 00:38 - 00000000 ____D C:\@RestoreQuarantine
2014-01-07 23:16 - 2014-01-09 11:29 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2014-01-07 23:16 - 2014-01-09 11:29 - 00000000 ____D C:\Users\Clive\Documents\RegRun2
2014-01-07 23:16 - 2014-01-08 00:33 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2014-01-07 23:13 - 2014-01-07 23:15 - 14785888 _____ C:\Users\Clive\Downloads\unhackme.zip
2014-01-07 19:12 - 2014-01-08 00:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 19:12 - 2014-01-07 19:12 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Malwarebytes
2014-01-07 19:12 - 2014-01-07 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 18:37 - 2014-01-07 19:07 - 00304252 _____ C:\Users\Clive\AppData\Local\census.cache
2014-01-07 18:36 - 2014-01-07 19:07 - 00117583 _____ C:\Users\Clive\AppData\Local\ars.cache
2014-01-07 18:11 - 2014-01-07 18:11 - 00000036 _____ C:\Users\Clive\AppData\Local\housecall.guid.cache
2014-01-05 15:01 - 2014-01-05 15:06 - 65448149 _____ C:\Users\Clive\Desktop\TITLE01_08.wmv
2014-01-05 14:55 - 2014-01-05 15:01 - 78176533 _____ C:\Users\Clive\Desktop\TITLE01_07.wmv
2014-01-05 14:49 - 2014-01-05 14:55 - 78184533 _____ C:\Users\Clive\Desktop\TITLE01_06.wmv
2014-01-05 14:43 - 2014-01-05 14:49 - 78176533 _____ C:\Users\Clive\Desktop\TITLE01_05.wmv
2014-01-05 14:37 - 2014-01-05 14:43 - 78168533 _____ C:\Users\Clive\Desktop\TITLE01_04.wmv
2014-01-05 14:31 - 2014-01-05 14:37 - 78168533 _____ C:\Users\Clive\Desktop\TITLE01_03.wmv
2014-01-05 14:25 - 2014-01-05 14:31 - 78176533 _____ C:\Users\Clive\Desktop\TITLE01_02.wmv
2014-01-05 14:18 - 2014-01-05 17:47 - 00000000 ____D C:\Users\Clive\Desktop\DVD_VIDEO_RECORDER
2014-01-05 14:18 - 2014-01-05 14:25 - 78176287 _____ C:\Users\Clive\Desktop\TITLE01_01.wmv
2014-01-05 14:15 - 2014-01-05 14:15 - 00003908 ____H C:\Users\Clive\Desktop\vReveal.settings.xml
2014-01-05 13:44 - 2014-01-05 13:50 - 129863850 _____ C:\Users\Clive\Desktop\tocada_02_enhanced_x264.mp4
2014-01-05 03:03 - 2014-01-05 03:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2014-01-05 03:03 - 2014-01-05 03:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-04 20:26 - 2014-01-04 20:30 - 890463744 _____ C:\Users\Clive\Desktop\tocada_01_enhanced.avi
2014-01-04 19:25 - 2014-01-04 19:30 - 26880533 _____ C:\Users\Clive\Desktop\tocada_05.wmv
2014-01-04 19:19 - 2014-01-04 19:25 - 77696533 _____ C:\Users\Clive\Desktop\tocada_04.wmv
2014-01-04 19:14 - 2014-01-04 19:19 - 78160533 _____ C:\Users\Clive\Desktop\tocada_03.wmv
2014-01-04 19:08 - 2014-01-04 19:14 - 78168533 _____ C:\Users\Clive\Desktop\tocada_02.wmv
2014-01-04 19:02 - 2014-01-04 19:08 - 73776287 _____ C:\Users\Clive\Desktop\tocada_01.wmv
2014-01-04 18:59 - 2014-01-07 23:40 - 00000000 ____D C:\Program Files (x86)\MagicDVDRipper
2014-01-04 18:59 - 2014-01-04 18:59 - 00000000 ____D C:\Users\Clive\AppData\Local\MagicSoftware
2014-01-04 18:59 - 2014-01-04 18:59 - 00000000 ____D C:\ProgramData\MagicSoftware
2014-01-04 18:52 - 2014-01-04 18:52 - 00000000 ____D C:\Users\Clive\Documents\Tipard Studio
2014-01-04 18:37 - 2014-01-04 18:37 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Digiarty
2014-01-04 18:29 - 2014-01-07 23:40 - 00000000 ____D C:\Users\Clive\AppData\Roaming\dvdcss
2014-01-04 17:21 - 2014-01-04 17:21 - 00000000 ____D C:\Users\Clive\Documents\FormatFactory
2014-01-04 16:03 - 2014-01-04 18:11 - 00000000 ____D C:\FFOutput
2014-01-04 13:43 - 2014-01-04 13:43 - 00000000 ____D C:\Users\Clive\Documents\Any Video Converter
2014-01-04 13:42 - 2014-01-04 13:42 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2014-01-04 13:37 - 2014-01-07 23:40 - 00000000 ____D C:\Users\Clive\AppData\Roaming\AnvSoft
2014-01-04 13:15 - 2014-01-07 23:40 - 00000000 ____D C:\Program Files (x86)\Windows Live
2014-01-04 13:13 - 2014-01-04 13:13 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2014-01-04 13:12 - 2014-01-04 13:20 - 00000000 ____D C:\Users\Clive\AppData\Local\Windows Live
2014-01-04 13:11 - 2014-01-04 13:11 - 01239536 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\wlsetup-web (1).exe
2014-01-04 13:08 - 2014-01-04 13:08 - 01239536 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\wlsetup-web.exe
2014-01-03 19:52 - 2014-01-03 19:55 - 00000000 ____D C:\Users\Clive\Downloads\About.Time.2013.BDRiP.x264-PSiG
2014-01-01 15:40 - 2014-01-01 16:15 - 00000000 ____D C:\Users\Clive\.VirtualBox
2014-01-01 15:40 - 2014-01-01 15:40 - 00000000 ____D C:\Users\Clive\VirtualBox VMs
2014-01-01 15:39 - 2014-01-01 15:39 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-01-01 15:39 - 2013-12-18 17:19 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-01-01 15:39 - 2013-12-18 17:16 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-01-01 15:38 - 2014-01-07 23:52 - 00000000 ____D C:\Program Files\Oracle
2014-01-01 15:36 - 2014-01-01 15:37 - 106322704 _____ (Oracle Corporation) C:\Users\Clive\Downloads\VirtualBox-4.3.6-91406-Win.exe
2013-12-31 13:01 - 2014-01-07 23:54 - 00000000 ____D C:\Users\Clive\Downloads\American.Hustle.2013.DVDSCR.x264.AC3-FooKaS
2013-12-31 13:00 - 2014-01-07 23:54 - 00000000 ____D C:\Users\Clive\Downloads\Lone.Survivor.2013.DVDSCR.x264.AC3-FooKaS
2013-12-30 14:18 - 2013-12-30 14:19 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 17:49 - 2013-12-29 17:51 - 140442555 _____ (PerkedleApps) C:\Users\Clive\Downloads\Adobe Dreamweaver CC 13.1.0.6443 Multilingual.paf - MG.exe
2013-12-24 13:48 - 2013-12-24 13:48 - 00000000 ____D C:\Users\Clive\AppData\Local\calibre-cache
2013-12-24 13:47 - 2013-12-24 13:47 - 00000930 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-24 13:47 - 2013-12-24 13:47 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 12:19 - 2014-01-07 23:52 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Winamp
2013-12-24 12:19 - 2013-12-24 12:26 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-12-24 12:19 - 2013-12-24 12:19 - 00000979 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-12-18 17:16 - 2013-12-18 17:16 - 00154896 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-12-18 17:16 - 2013-12-18 17:16 - 00140560 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-12-18 17:16 - 2013-12-18 17:16 - 00113936 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys
2013-12-18 17:13 - 2013-12-18 17:13 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
 
==================== One Month Modified Files and Folders =======
 
2014-01-13 13:31 - 2014-01-13 10:07 - 00011306 _____ C:\Users\Clive\Downloads\FRST.txt
2014-01-13 13:29 - 2014-01-13 13:29 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64 (3).exe
2014-01-13 13:28 - 2013-08-21 15:49 - 00000000 ____D C:\Users\Clive\Documents\Outlook Files
2014-01-13 13:28 - 2009-07-13 22:45 - 00019776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-13 13:28 - 2009-07-13 22:45 - 00019776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-13 13:26 - 2013-07-08 14:50 - 01607887 _____ C:\Windows\WindowsUpdate.log
2014-01-13 13:25 - 2013-07-09 11:32 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-13 13:23 - 2014-01-08 00:44 - 00000250 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2014-01-13 13:23 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-13 13:23 - 2009-07-13 22:51 - 00034186 _____ C:\Windows\setupact.log
2014-01-13 13:00 - 2013-07-09 11:32 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-13 12:54 - 2013-07-09 11:49 - 00314820 _____ C:\Windows\PFRO.log
2014-01-13 12:46 - 2014-01-13 12:46 - 00025656 _____ C:\ComboFix.txt
2014-01-13 12:46 - 2014-01-13 11:38 - 00000000 ____D C:\Qoobox
2014-01-13 12:46 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Default
2014-01-13 12:45 - 2014-01-13 11:38 - 00000000 ____D C:\Windows\erdnt
2014-01-13 12:44 - 2009-07-13 20:34 - 00000215 _____ C:\Windows\system.ini
2014-01-13 11:37 - 2014-01-13 11:37 - 05166068 _____ (Swearware) C:\Users\Clive\Downloads\ComboFix (1).exe
2014-01-13 11:33 - 2014-01-13 11:33 - 05166068 ____R (Swearware) C:\Users\Clive\Downloads\ComboFix.exe
2014-01-13 11:24 - 2014-01-13 10:07 - 00021486 _____ C:\Users\Clive\Downloads\Addition.txt
2014-01-13 11:23 - 2014-01-13 11:23 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64 (2).exe
2014-01-13 11:18 - 2014-01-13 11:18 - 03326176 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\OutlookConnector.exe
2014-01-13 11:01 - 2013-07-15 14:33 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Adobe
2014-01-13 11:00 - 2013-07-25 18:35 - 00000000 ____D C:\ProgramData\Adobe
2014-01-13 10:29 - 2013-07-15 14:31 - 00745504 _____ C:\Windows\system32\perfh00A.dat
2014-01-13 10:29 - 2013-07-15 14:31 - 00158582 _____ C:\Windows\system32\perfc00A.dat
2014-01-13 10:29 - 2009-07-13 23:13 - 01678218 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-13 10:06 - 2014-01-13 10:06 - 00000000 ____D C:\FRST
2014-01-13 10:05 - 2014-01-13 10:05 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64.exe
2014-01-13 10:05 - 2014-01-13 10:05 - 02075648 _____ (Farbar) C:\Users\Clive\Downloads\FRST64 (1).exe
2014-01-13 09:05 - 2013-07-25 18:33 - 00000000 ____D C:\Users\Clive\AppData\Local\Adobe
2014-01-12 18:47 - 2014-01-12 18:30 - 00000000 ____D C:\Users\Clive\Downloads\Escape Plan 2013 HDRiP AC3 XViD-DontKnow
2014-01-12 18:30 - 2014-01-12 18:30 - 00007515 _____ C:\Users\Clive\Downloads\Escape Plan 2013 HDRiP AC3 XViD-DontKnow.torrent
2014-01-11 12:15 - 2014-01-11 12:15 - 35901280 _____ C:\Users\Clive\Downloads\1996-FSM.zip
2014-01-09 23:17 - 2013-07-09 14:33 - 00000000 ____D C:\Users\Clive\AppData\Roaming\vlc
2014-01-09 20:00 - 2014-01-09 19:49 - 1323490828 _____ C:\Users\Clive\Downloads\The.Wolf.of.Wall.Street.2013.DVDScr.x264-HaM.m4v
2014-01-09 19:49 - 2014-01-09 19:49 - 00101311 _____ C:\Users\Clive\Downloads\The.Wolf.of.Wall.Street.2013.DVDScr.x264-HaM.m4v (1).torrent
2014-01-09 19:47 - 2014-01-09 19:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-09 14:36 - 2014-01-09 14:35 - 96926992 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\msert.exe
2014-01-09 13:41 - 2014-01-09 13:41 - 00001945 _____ C:\Windows\epplauncher.mif
2014-01-09 13:41 - 2014-01-09 13:41 - 00000000 ____D C:\Program Files\Microsoft Security Client
2014-01-09 13:41 - 2014-01-09 13:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2014-01-09 13:39 - 2014-01-09 13:39 - 13670584 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\mseinstall.exe
2014-01-09 12:31 - 2014-01-09 12:30 - 00101311 _____ C:\Users\Clive\Downloads\The.Wolf.of.Wall.Street.2013.DVDScr.x264-HaM.m4v.torrent
2014-01-09 11:29 - 2014-01-07 23:27 - 00000000 ____D C:\ProgramData\RegRun
2014-01-09 11:29 - 2014-01-07 23:16 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2014-01-09 11:29 - 2014-01-07 23:16 - 00000000 ____D C:\Users\Clive\Documents\RegRun2
2014-01-09 03:07 - 2013-07-13 12:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-09 03:07 - 2009-07-13 20:34 - 00000478 _____ C:\Windows\win.ini
2014-01-08 02:09 - 2014-01-08 02:05 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-08 02:05 - 2014-01-08 02:04 - 10264904 _____ (SurfRight B.V.) C:\Users\Clive\Downloads\HitmanPro_x64.exe
2014-01-08 01:46 - 2014-01-08 01:46 - 00000000 ____D C:\Windows\ERUNT
2014-01-08 01:45 - 2014-01-08 01:45 - 01037068 _____ (Thisisu) C:\Users\Clive\Downloads\JRT.exe
2014-01-08 01:39 - 2014-01-08 01:38 - 00000000 ____D C:\AdwCleaner
2014-01-08 01:38 - 2014-01-08 01:38 - 01233962 _____ C:\Users\Clive\Downloads\adwcleaner.exe
2014-01-08 00:43 - 2014-01-08 00:43 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.new
2014-01-08 00:43 - 2014-01-08 00:43 - 00000058 _____ C:\Windows\system32\Partizan.RRI
2014-01-08 00:39 - 2014-01-08 00:39 - 00040720 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2014-01-08 00:39 - 2013-07-08 14:52 - 00000000 ___RD C:\Users\Clive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-08 00:38 - 2014-01-07 23:25 - 00000000 ____D C:\@RestoreQuarantine
2014-01-08 00:33 - 2014-01-08 00:33 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2014-01-08 00:33 - 2014-01-08 00:33 - 00000943 _____ C:\Users\Clive\Desktop\UnHackMe.lnk
2014-01-08 00:33 - 2014-01-08 00:33 - 00000418 _____ C:\Windows\Tasks\UnHackMe Task Scheduler.job
2014-01-08 00:33 - 2014-01-08 00:33 - 00000002 RSHOT C:\Windows\winstart.bat
2014-01-08 00:33 - 2014-01-08 00:33 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2014-01-08 00:33 - 2014-01-07 23:16 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2014-01-08 00:30 - 2014-01-08 00:29 - 14785888 _____ C:\Users\Clive\Downloads\unhackme (1).zip
2014-01-08 00:25 - 2013-08-19 17:25 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Dropbox
2014-01-08 00:24 - 2013-08-19 17:39 - 00000000 ___RD C:\Users\Clive\Dropbox
2014-01-08 00:15 - 2014-01-08 00:15 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Clive\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-08 00:15 - 2014-01-08 00:15 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-08 00:15 - 2014-01-07 19:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-08 00:01 - 2013-07-09 11:32 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-08 00:00 - 2013-07-09 11:32 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-07 23:55 - 2013-07-08 14:50 - 00000000 ____D C:\Users\Clive
2014-01-07 23:54 - 2013-12-31 13:01 - 00000000 ____D C:\Users\Clive\Downloads\American.Hustle.2013.DVDSCR.x264.AC3-FooKaS
2014-01-07 23:54 - 2013-12-31 13:00 - 00000000 ____D C:\Users\Clive\Downloads\Lone.Survivor.2013.DVDSCR.x264.AC3-FooKaS
2014-01-07 23:54 - 2013-10-17 11:19 - 00000000 ____D C:\Users\Clive\Downloads\The Best of Apache Indian
2014-01-07 23:54 - 2013-08-03 19:42 - 00000000 ____D C:\Users\Clive\Downloads\GoldWave v5.69 with Key [TorDigger]
2014-01-07 23:54 - 2013-07-12 11:12 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-07 23:54 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-07 23:53 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2014-01-07 23:52 - 2014-01-01 15:38 - 00000000 ____D C:\Program Files\Oracle
2014-01-07 23:52 - 2013-12-24 12:19 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Winamp
2014-01-07 23:52 - 2013-08-08 21:42 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Macromedia
2014-01-07 23:51 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-07 23:40 - 2014-01-04 18:59 - 00000000 ____D C:\Program Files (x86)\MagicDVDRipper
2014-01-07 23:40 - 2014-01-04 18:29 - 00000000 ____D C:\Users\Clive\AppData\Roaming\dvdcss
2014-01-07 23:40 - 2014-01-04 13:37 - 00000000 ____D C:\Users\Clive\AppData\Roaming\AnvSoft
2014-01-07 23:40 - 2014-01-04 13:15 - 00000000 ____D C:\Program Files (x86)\Windows Live
2014-01-07 23:15 - 2014-01-07 23:13 - 14785888 _____ C:\Users\Clive\Downloads\unhackme.zip
2014-01-07 19:12 - 2014-01-07 19:12 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Malwarebytes
2014-01-07 19:12 - 2014-01-07 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 19:07 - 2014-01-07 18:37 - 00304252 _____ C:\Users\Clive\AppData\Local\census.cache
2014-01-07 19:07 - 2014-01-07 18:36 - 00117583 _____ C:\Users\Clive\AppData\Local\ars.cache
2014-01-07 18:11 - 2014-01-07 18:11 - 00000036 _____ C:\Users\Clive\AppData\Local\housecall.guid.cache
2014-01-06 12:11 - 2013-07-08 16:42 - 00000000 ____D C:\Windows\Panther
2014-01-05 17:47 - 2014-01-05 14:18 - 00000000 ____D C:\Users\Clive\Desktop\DVD_VIDEO_RECORDER
2014-01-05 15:06 - 2014-01-05 15:01 - 65448149 _____ C:\Users\Clive\Desktop\TITLE01_08.wmv
2014-01-05 15:01 - 2014-01-05 14:55 - 78176533 _____ C:\Users\Clive\Desktop\TITLE01_07.wmv
2014-01-05 14:55 - 2014-01-05 14:49 - 78184533 _____ C:\Users\Clive\Desktop\TITLE01_06.wmv
2014-01-05 14:49 - 2014-01-05 14:43 - 78176533 _____ C:\Users\Clive\Desktop\TITLE01_05.wmv
2014-01-05 14:43 - 2014-01-05 14:37 - 78168533 _____ C:\Users\Clive\Desktop\TITLE01_04.wmv
2014-01-05 14:37 - 2014-01-05 14:31 - 78168533 _____ C:\Users\Clive\Desktop\TITLE01_03.wmv
2014-01-05 14:31 - 2014-01-05 14:25 - 78176533 _____ C:\Users\Clive\Desktop\TITLE01_02.wmv
2014-01-05 14:25 - 2014-01-05 14:18 - 78176287 _____ C:\Users\Clive\Desktop\TITLE01_01.wmv
2014-01-05 14:15 - 2014-01-05 14:15 - 00003908 ____H C:\Users\Clive\Desktop\vReveal.settings.xml
2014-01-05 13:50 - 2014-01-05 13:44 - 129863850 _____ C:\Users\Clive\Desktop\tocada_02_enhanced_x264.mp4
2014-01-05 03:03 - 2014-01-05 03:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2014-01-05 03:03 - 2014-01-05 03:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-04 20:30 - 2014-01-04 20:26 - 890463744 _____ C:\Users\Clive\Desktop\tocada_01_enhanced.avi
2014-01-04 19:30 - 2014-01-04 19:25 - 26880533 _____ C:\Users\Clive\Desktop\tocada_05.wmv
2014-01-04 19:25 - 2014-01-04 19:19 - 77696533 _____ C:\Users\Clive\Desktop\tocada_04.wmv
2014-01-04 19:19 - 2014-01-04 19:14 - 78160533 _____ C:\Users\Clive\Desktop\tocada_03.wmv
2014-01-04 19:14 - 2014-01-04 19:08 - 78168533 _____ C:\Users\Clive\Desktop\tocada_02.wmv
2014-01-04 19:08 - 2014-01-04 19:02 - 73776287 _____ C:\Users\Clive\Desktop\tocada_01.wmv
2014-01-04 18:59 - 2014-01-04 18:59 - 00000000 ____D C:\Users\Clive\AppData\Local\MagicSoftware
2014-01-04 18:59 - 2014-01-04 18:59 - 00000000 ____D C:\ProgramData\MagicSoftware
2014-01-04 18:52 - 2014-01-04 18:52 - 00000000 ____D C:\Users\Clive\Documents\Tipard Studio
2014-01-04 18:37 - 2014-01-04 18:37 - 00000000 ____D C:\Users\Clive\AppData\Roaming\Digiarty
2014-01-04 18:11 - 2014-01-04 16:03 - 00000000 ____D C:\FFOutput
2014-01-04 17:21 - 2014-01-04 17:21 - 00000000 ____D C:\Users\Clive\Documents\FormatFactory
2014-01-04 13:43 - 2014-01-04 13:43 - 00000000 ____D C:\Users\Clive\Documents\Any Video Converter
2014-01-04 13:42 - 2014-01-04 13:42 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2014-01-04 13:20 - 2014-01-04 13:12 - 00000000 ____D C:\Users\Clive\AppData\Local\Windows Live
2014-01-04 13:13 - 2014-01-04 13:13 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2014-01-04 13:11 - 2014-01-04 13:11 - 01239536 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\wlsetup-web (1).exe
2014-01-04 13:08 - 2014-01-04 13:08 - 01239536 _____ (Microsoft Corporation) C:\Users\Clive\Downloads\wlsetup-web.exe
2014-01-03 19:55 - 2014-01-03 19:52 - 00000000 ____D C:\Users\Clive\Downloads\About.Time.2013.BDRiP.x264-PSiG
2014-01-03 14:22 - 2013-11-03 18:26 - 00000600 _____ C:\Users\Clive\AppData\Roaming\winscp.rnd
2014-01-03 12:01 - 2013-10-24 15:01 - 00000000 ____D C:\Users\Clive\Desktop\clives website
2014-01-02 13:55 - 2014-01-08 00:33 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2014-01-01 16:15 - 2014-01-01 15:40 - 00000000 ____D C:\Users\Clive\.VirtualBox
2014-01-01 15:40 - 2014-01-01 15:40 - 00000000 ____D C:\Users\Clive\VirtualBox VMs
2014-01-01 15:39 - 2014-01-01 15:39 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-01-01 15:37 - 2014-01-01 15:36 - 106322704 _____ (Oracle Corporation) C:\Users\Clive\Downloads\VirtualBox-4.3.6-91406-Win.exe
2013-12-30 14:19 - 2013-12-30 14:18 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-30 14:18 - 2013-07-09 11:32 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-30 14:18 - 2013-07-09 11:32 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-30 14:18 - 2013-07-09 11:32 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-30 14:18 - 2013-07-09 11:32 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-30 14:18 - 2013-07-09 11:32 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-30 14:18 - 2013-07-09 11:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 17:51 - 2013-12-29 17:49 - 140442555 _____ (PerkedleApps) C:\Users\Clive\Downloads\Adobe Dreamweaver CC 13.1.0.6443 Multilingual.paf - MG.exe
2013-12-29 13:58 - 2013-08-21 23:21 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-24 13:49 - 2013-09-26 12:09 - 00000000 ____D C:\Users\Clive\AppData\Roaming\calibre
2013-12-24 13:48 - 2013-12-24 13:48 - 00000000 ____D C:\Users\Clive\AppData\Local\calibre-cache
2013-12-24 13:48 - 2013-07-13 14:25 - 00000000 ____D C:\books
2013-12-24 13:47 - 2013-12-24 13:47 - 00000930 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2013-12-24 13:47 - 2013-12-24 13:47 - 00000000 ____D C:\Program Files\Calibre2
2013-12-24 12:26 - 2013-12-24 12:19 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-12-24 12:19 - 2013-12-24 12:19 - 00000979 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-12-20 18:43 - 2013-07-14 16:45 - 00000000 ____D C:\Users\Clive\.FBReader
2013-12-18 17:19 - 2014-01-01 15:39 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-12-18 17:16 - 2014-01-01 15:39 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-12-18 17:16 - 2013-12-18 17:16 - 00154896 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-12-18 17:16 - 2013-12-18 17:16 - 00140560 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-12-18 17:16 - 2013-12-18 17:16 - 00113936 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys
2013-12-18 17:13 - 2013-12-18 17:13 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-09 01:22
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-01-2014 01
Ran by Clive at 2014-01-13 13:31:39
Running from C:\Users\Clive\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (x32 Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (x32 Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
AMD Accelerated Video Transcoding (Version: 13.10.100.30604 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80604.1838 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) Hidden
Audacity 2.0.3 (x32 Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
BioShock Infinite (x32 Version:  - )
calibre 64bit (Version: 1.16.0 - Kovid Goyal)
Call of Duty - World at War (x32 Version: 1.00.0000 - Modern)
Call of Duty Modern Warfare 2 (x32 Version:  - Activision)
Call of Duty: Black Ops (x32 Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
Chessmaster Grandmaster Edition (x32 Version: 1.00.0000 - Ubisoft) Hidden
Chessmaster Grandmaster Edition (x32 Version: 1.02.0000 - Ubisoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Dropbox (HKCU Version: 2.0.26 - Dropbox, Inc.)
Epubor (x32 Version: 1.51.0.4 - Epubor Inc.)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
FBReader for Windows (x32 Version:  - )
GoldWave v5.69 (x32 Version: 5.69 - GoldWave Inc.)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Intel® Management Engine Components (x32 Version: 8.1.0.1281 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LinuxLive USB Creator (x32 Version: 2.8 - Thibaut Lauziere)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mobipocket Creator 4.2 (x32 Version: 4.2.41 - Mobipocket.com)
Mozilla Maintenance Service (x32 Version: 17.0.7 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nitro Reader 3 (Version: 3.5.6.5 - Nitro)
Oracle VM VirtualBox 4.3.6 (Version: 4.3.6 - Oracle Corporation)
PeaZip 5.0 (WIN64) (Version:  - Giorgio Tani)
PowerISO (x32 Version: 5.6 - Power Software Ltd)
Realtek Ethernet Controller Driver (x32 Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sigil 0.7.3 (x32 Version:  - John Schember)
Skype™ 6.9 (x32 Version: 6.9.106 - Skype Technologies S.A.)
Sublime Text 2.0.2 (Version:  - )
UnHackMe 7.00 release (x32 Version:  - Greatis Software, LLC.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
vReveal 3 (x32 Version:  - MotionDSP)
Winamp (x32 Version: 5.666  - Nullsoft, Inc)
WinSCP 5.1.7 (x32 Version: 5.1.7 - Martin Prikryl)
 
==================== Restore Points  =========================
 
08-01-2014 09:00:20 Windows Update
08-01-2014 17:03:33 Windows Update
09-01-2014 09:00:38 Windows Update
12-01-2014 19:52:06 Windows Update
13-01-2014 16:12:54 Revo Uninstaller's restore point - baretorrent
13-01-2014 16:25:17 Revo Uninstaller's restore point - BattleField 3
13-01-2014 16:42:55 Revo Uninstaller's restore point - Call of duty Black Ops 2 1.0
13-01-2014 17:00:23 Revo Uninstaller's restore point - Adobe Dreamweaver CS6
13-01-2014 17:05:18 Revo Uninstaller's restore point - Adobe Dreamweaver CS6
 
==================== Hosts content: ==========================
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {4C236DA0-0E1A-4A7B-962D-1B992E45C2A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
Task: {E06C49F6-AF94-43F7-9C72-43E32F24FF16} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-30] (AVAST Software)
Task: {F8E552ED-30CE-4497-AE32-BCFB3F8DCF37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\UnHackMe Task Scheduler.job => C:\Program Files (x86)\UnHackMe\hackmon.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-01-13 09:04 - 2014-01-13 03:57 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\14011300\algo.dll
2013-10-22 14:32 - 2013-10-22 14:32 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-07-09 10:15 - 2012-07-18 10:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-12-04 09:55 - 2013-12-03 20:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-04 09:55 - 2013-12-03 20:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-04 09:55 - 2013-12-03 20:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-04 09:55 - 2013-12-03 20:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-04 09:55 - 2013-12-03 20:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:890CC2F3
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/13/2014 11:20:33 AM) (Source: Microsoft-Windows-RestartManager) (User: Clive-PC)
Description: Application or service 'Microsoft Windows Search Protocol Host' could not be shut down.
 
Error: (01/12/2014 05:20:09 PM) (Source: Application Hang) (User: )
Description: The program BlackOps.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 200c
 
Start Time: 01cf0fec3ddeaeab
 
Termination Time: 101
 
Application Path: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe
 
Report Id:
 
 
System errors:
=============
Error: (01/13/2014 01:24:22 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/13/2014 00:55:49 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/13/2014 00:44:28 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (01/13/2014 00:42:25 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (01/13/2014 11:16:46 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/13/2014 10:02:08 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (01/13/2014 10:02:07 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (01/13/2014 10:02:07 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (01/13/2014 10:02:06 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (01/13/2014 09:04:47 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
 
Microsoft Office Sessions:
=========================
Error: (01/13/2014 11:20:33 AM) (Source: Microsoft-Windows-RestartManager)(User: Clive-PC)
Description: 1C:\Windows\SysWOW64\SearchProtocolHost.exeMicrosoft Windows Search Protocol Host0511757160
 
Error: (01/12/2014 05:20:09 PM) (Source: Application Hang)(User: )
Description: BlackOps.exe0.0.0.0200c01cf0fec3ddeaeab101C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 43%
Total physical RAM: 4078.7 MB
Available physical RAM: 2287.46 MB
Total Pagefile: 8155.59 MB
Available Pagefile: 5956.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:295.07 GB) NTFS
Drive d: (DVD_VIDEO_RECORDER) (CDROM) (Total:1.9 GB) (Free:0 GB) UDF
Drive e: (USB1) (Removable) (Total:1.86 GB) (Free:0 GB) FAT32
Drive f: (HOPPY LABEL) (Removable) (Total:7.45 GB) (Free:6.16 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: DAFD5622)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: CC2FA4A8)
Partition 1: (Not Active) - (Size=2 GB) - (Type=0B)
 
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)
 
==================== End Of Log ============================
Link to post
Share on other sites

Do not see any obvious malware in those logs, I do see two security systems running with Anti-virus components, that really is counterproductive. Having two active systems with AV will cause major issues. You should remove one from your system asap....

 

I see you`ve ran Combofix, can you post the produced log, will be here: C:\Combofix.txt

Link to post
Share on other sites

I've been going over and over it, getting rid of everything suspect. Combofix file is below.

In my initial panic I d/l and installed the MS defender a/v but as you saw I still have Avast running.

I bought the Pro version of Avast but haven't upgraded yet.

Which is better in your opinion? MS or Avast? I'll uninstall one of them.

Thanks!

 

 

ComboFix 14-01-13.01 - Clive 01/13/2014  12:39:41.1.4 - x64

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4079.2591 [GMT -6:00]

Running from: c:\users\Clive\Downloads\ComboFix.exe

AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((   Files Created from 2013-12-13 to 2014-01-13  )))))))))))))))))))))))))))))))

.

.

2014-01-13 18:44 . 2014-01-13 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-01-13 16:06 . 2014-01-13 16:06 -------- d-----w- C:\FRST

2014-01-12 19:52 . 2013-12-04 01:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1947BE1-B2E5-45D3-9757-F03A95415062}\mpengine.dll

2014-01-12 07:42 . 2013-12-04 01:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-01-10 01:47 . 2014-01-10 01:47 -------- d-----w- c:\programdata\boost_interprocess

2014-01-09 19:42 . 2014-01-09 19:42 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{14712CE7-8B52-41D5-BE27-5670AFC3FB11}\gapaengine.dll

2014-01-09 19:41 . 2014-01-09 19:41 -------- d-----w- c:\program files (x86)\Microsoft Security Client

2014-01-09 19:41 . 2014-01-09 19:41 -------- d-----w- c:\program files\Microsoft Security Client

2014-01-08 08:05 . 2014-01-08 08:09 -------- d-----w- c:\programdata\HitmanPro

2014-01-08 07:46 . 2014-01-08 07:46 -------- d-----w- c:\windows\ERUNT

2014-01-08 07:38 . 2014-01-08 07:39 -------- d-----w- C:\AdwCleaner

2014-01-08 06:43 . 2014-01-08 06:43 332288 ----a-w- c:\windows\system32\uxtheme.new

2014-01-08 06:39 . 2014-01-08 06:39 40720 ----a-w- c:\windows\system32\Partizan.exe

2014-01-08 06:33 . 2014-01-08 06:33 35816 ----a-w- c:\windows\SysWow64\drivers\Partizan.sys

2014-01-08 06:33 . 2014-01-08 06:33 2 --shatr- c:\windows\winstart.bat

2014-01-08 06:33 . 2014-01-02 19:55 12800 ----a-w- c:\windows\SysWow64\drivers\UnHackMeDrv.sys

2014-01-08 06:15 . 2013-04-04 20:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-01-08 06:09 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE9BBD7D-7123-4946-8D12-CA408FE9D8CA}\mpengine.dll

2014-01-08 05:27 . 2014-01-09 17:29 -------- d-----w- c:\programdata\RegRun

2014-01-08 05:25 . 2014-01-08 06:38 -------- d-----w- C:\@RestoreQuarantine

2014-01-08 05:16 . 2014-01-08 06:33 -------- d-----w- c:\program files (x86)\UnHackMe

2014-01-08 01:12 . 2014-01-08 01:12 -------- d-----w- c:\users\Clive\AppData\Roaming\Malwarebytes

2014-01-08 01:12 . 2014-01-08 01:12 -------- d-----w- c:\programdata\Malwarebytes

2014-01-08 01:12 . 2014-01-08 06:15 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2014-01-05 09:03 . 2014-01-05 09:03 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2014-01-05 00:59 . 2014-01-05 00:59 -------- d-----w- c:\programdata\MagicSoftware

2014-01-05 00:59 . 2014-01-05 00:59 -------- d-----w- c:\users\Clive\AppData\Local\MagicSoftware

2014-01-05 00:59 . 2014-01-08 05:40 -------- d-----w- c:\program files (x86)\MagicDVDRipper

2014-01-05 00:37 . 2014-01-05 00:37 -------- d-----w- c:\users\Clive\AppData\Roaming\Digiarty

2014-01-05 00:29 . 2014-01-08 05:40 -------- d-----w- c:\users\Clive\AppData\Roaming\dvdcss

2014-01-04 22:03 . 2014-01-05 00:11 -------- d-----w- C:\FFOutput

2014-01-04 19:42 . 2014-01-04 19:42 -------- d-----w- c:\program files (x86)\AnvSoft

2014-01-04 19:37 . 2014-01-08 05:40 -------- d-----w- c:\users\Clive\AppData\Roaming\AnvSoft

2014-01-04 19:15 . 2014-01-08 05:40 -------- d-----w- c:\program files (x86)\Windows Live

2014-01-04 19:13 . 2014-01-04 19:13 -------- d-----w- c:\programdata\Microsoft SkyDrive

2014-01-04 19:12 . 2014-01-04 19:20 -------- d-----w- c:\users\Clive\AppData\Local\Windows Live

2014-01-04 19:08 . 2014-01-08 05:51 -------- d-----w- c:\program files (x86)\Common Files\Windows Live

2014-01-01 21:40 . 2014-01-01 21:40 -------- d-----w- c:\users\Clive\VirtualBox VMs

2014-01-01 21:40 . 2014-01-01 22:15 -------- d-----w- c:\users\Clive\.VirtualBox

2014-01-01 21:39 . 2013-12-18 23:19 252688 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2014-01-01 21:39 . 2014-01-08 05:54 -------- dc----w- c:\windows\system32\DRVSTORE

2014-01-01 21:39 . 2013-12-18 23:16 126736 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2014-01-01 21:38 . 2014-01-08 05:52 -------- d-----w- c:\program files\Oracle

2013-12-31 20:49 . 2013-12-31 20:49 2179072 ----a-w- c:\programdata\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll

2013-12-31 20:49 . 2013-12-31 20:49 2492416 ----a-w- c:\programdata\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll

2013-12-30 20:18 . 2013-12-30 20:19 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys

2013-12-29 23:53 . 2014-01-08 05:53 -------- d-----w- C:\DreamweaverPortable

2013-12-24 19:48 . 2013-12-24 19:48 -------- d-----w- c:\users\Clive\AppData\Local\calibre-cache

2013-12-24 19:47 . 2013-12-24 19:47 -------- d-----w- c:\program files\Calibre2

2013-12-24 18:19 . 2013-12-24 18:19 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2013-12-24 18:19 . 2014-01-08 05:52 -------- d-----w- c:\users\Clive\AppData\Roaming\Winamp

2013-12-24 18:19 . 2013-12-24 18:26 -------- d-----w- c:\program files (x86)\Winamp

2013-12-18 23:16 . 2013-12-18 23:16 154896 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys

2013-12-18 23:16 . 2013-12-18 23:16 140560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys

2013-12-18 23:16 . 2013-12-18 23:16 113936 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys

2013-12-18 23:13 . 2013-12-18 23:13 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-30 20:18 . 2013-07-09 17:32 422216 ----a-w- c:\windows\system32\drivers\aswsp.sys

2013-12-30 20:18 . 2013-07-09 17:32 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-12-30 20:18 . 2013-07-09 17:32 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-12-30 20:18 . 2013-07-09 17:32 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-12-30 20:18 . 2013-07-09 17:32 334136 ----a-w- c:\windows\system32\aswBoot.exe

2013-12-30 20:18 . 2013-07-09 17:31 43152 ----a-w- c:\windows\avastSS.scr

2013-12-13 00:09 . 2013-07-11 15:37 90708896 ----a-w- c:\windows\system32\MRT.exe

2013-12-01 07:18 . 2013-12-01 07:18 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-12-01 07:18 . 2013-12-01 07:18 194048 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-12-01 07:18 . 2013-12-01 07:18 942592 ----a-w- c:\windows\system32\jsIntl.dll

2013-12-01 07:18 . 2013-12-01 07:18 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-12-01 07:18 . 2013-12-01 07:18 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-12-01 07:18 . 2013-12-01 07:18 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-12-01 07:18 . 2013-12-01 07:18 84992 ----a-w- c:\windows\system32\mshtmled.dll

2013-12-01 07:18 . 2013-12-01 07:18 83968 ----a-w- c:\windows\system32\MshtmlDac.dll

2013-12-01 07:18 . 2013-12-01 07:18 81408 ----a-w- c:\windows\system32\icardie.dll

2013-12-01 07:18 . 2013-12-01 07:18 774144 ----a-w- c:\windows\system32\jscript.dll

2013-12-01 07:18 . 2013-12-01 07:18 77312 ----a-w- c:\windows\system32\tdc.ocx

2013-12-01 07:18 . 2013-12-01 07:18 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-12-01 07:18 . 2013-12-01 07:18 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-12-01 07:18 . 2013-12-01 07:18 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll

2013-12-01 07:18 . 2013-12-01 07:18 626176 ----a-w- c:\windows\system32\msfeeds.dll

2013-12-01 07:18 . 2013-12-01 07:18 62464 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-12-01 07:18 . 2013-12-01 07:18 62464 ----a-w- c:\windows\system32\pngfilt.dll

2013-12-01 07:18 . 2013-12-01 07:18 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll

2013-12-01 07:18 . 2013-12-01 07:18 61952 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-12-01 07:18 . 2013-12-01 07:18 616104 ----a-w- c:\windows\system32\ieapfltr.dat

2013-12-01 07:18 . 2013-12-01 07:18 548352 ----a-w- c:\windows\system32\vbscript.dll

2013-12-01 07:18 . 2013-12-01 07:18 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-12-01 07:18 . 2013-12-01 07:18 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll

2013-12-01 07:18 . 2013-12-01 07:18 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-12-01 07:18 . 2013-12-01 07:18 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-12-01 07:18 . 2013-12-01 07:18 48128 ----a-w- c:\windows\system32\imgutil.dll

2013-12-01 07:18 . 2013-12-01 07:18 454656 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-12-01 07:18 . 2013-12-01 07:18 453120 ----a-w- c:\windows\system32\dxtmsft.dll

2013-12-01 07:18 . 2013-12-01 07:18 413696 ----a-w- c:\windows\system32\html.iec

2013-12-01 07:18 . 2013-12-01 07:18 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

2013-12-01 07:18 . 2013-12-01 07:18 36352 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-12-01 07:18 . 2013-12-01 07:18 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2013-12-01 07:18 . 2013-12-01 07:18 337408 ----a-w- c:\windows\SysWow64\html.iec

2013-12-01 07:18 . 2013-12-01 07:18 30208 ----a-w- c:\windows\system32\licmgr10.dll

2013-12-01 07:18 . 2013-12-01 07:18 296960 ----a-w- c:\windows\system32\dxtrans.dll

2013-12-01 07:18 . 2013-12-01 07:18 263376 ----a-w- c:\windows\system32\iedkcs32.dll

2013-12-01 07:18 . 2013-12-01 07:18 247808 ----a-w- c:\windows\system32\msls31.dll

2013-12-01 07:18 . 2013-12-01 07:18 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-12-01 07:18 . 2013-12-01 07:18 243200 ----a-w- c:\windows\system32\webcheck.dll

2013-12-01 07:18 . 2013-12-01 07:18 235520 ----a-w- c:\windows\system32\url.dll

2013-12-01 07:18 . 2013-12-01 07:18 235008 ----a-w- c:\windows\system32\elshyph.dll

2013-12-01 07:18 . 2013-12-01 07:18 195584 ----a-w- c:\windows\system32\msrating.dll

2013-12-01 07:18 . 2013-12-01 07:18 182272 ----a-w- c:\windows\SysWow64\msls31.dll

2013-12-01 07:18 . 2013-12-01 07:18 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-12-01 07:18 . 2013-12-01 07:18 151552 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-12-01 07:18 . 2013-12-01 07:18 147968 ----a-w- c:\windows\system32\occache.dll

2013-12-01 07:18 . 2013-12-01 07:18 143872 ----a-w- c:\windows\system32\wextract.exe

2013-12-01 07:18 . 2013-12-01 07:18 139264 ----a-w- c:\windows\SysWow64\wextract.exe

2013-12-01 07:18 . 2013-12-01 07:18 13824 ----a-w- c:\windows\system32\mshta.exe

2013-12-01 07:18 . 2013-12-01 07:18 135680 ----a-w- c:\windows\system32\iepeers.dll

2013-12-01 07:18 . 2013-12-01 07:18 13312 ----a-w- c:\windows\SysWow64\mshta.exe

2013-12-01 07:18 . 2013-12-01 07:18 13312 ----a-w- c:\windows\system32\msfeedssync.exe

2013-12-01 07:18 . 2013-12-01 07:18 131072 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-12-01 07:18 . 2013-12-01 07:18 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-12-01 07:18 . 2013-12-01 07:18 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-12-01 07:18 . 2013-12-01 07:18 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-12-01 07:18 . 2013-12-01 07:18 105984 ----a-w- c:\windows\system32\iesysprep.dll

2013-12-01 07:18 . 2013-12-01 07:18 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-12-01 07:18 . 2013-12-01 07:18 101376 ----a-w- c:\windows\system32\inseng.dll

2013-11-28 06:24 . 2013-11-28 06:24 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-26 11:54 . 2013-12-13 00:11 23183360 ----a-w- c:\windows\system32\mshtml.dll

2013-11-26 10:19 . 2013-12-13 00:11 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2013-11-26 10:18 . 2013-12-13 00:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

2013-11-26 09:48 . 2013-12-13 00:11 66048 ----a-w- c:\windows\system32\iesetup.dll

2013-11-26 09:46 . 2013-12-13 00:11 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll

2013-11-26 09:41 . 2013-12-13 00:11 2764288 ----a-w- c:\windows\system32\iertutil.dll

2013-11-26 09:29 . 2013-12-13 00:11 53760 ----a-w- c:\windows\system32\jsproxy.dll

2013-11-26 09:27 . 2013-12-13 00:11 33792 ----a-w- c:\windows\system32\iernonce.dll

2013-11-26 09:23 . 2013-12-13 00:11 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

2013-11-26 09:21 . 2013-12-13 00:11 574976 ----a-w- c:\windows\system32\ieui.dll

2013-11-26 09:18 . 2013-12-13 00:11 139264 ----a-w- c:\windows\system32\ieUnatt.exe

2013-11-26 09:18 . 2013-12-13 00:11 111616 ----a-w- c:\windows\system32\ieetwcollector.exe

2013-11-26 09:16 . 2013-12-13 00:11 708608 ----a-w- c:\windows\system32\jscript9diag.dll

2013-11-26 08:57 . 2013-12-13 00:11 218624 ----a-w- c:\windows\system32\ie4uinit.exe

2013-11-26 08:35 . 2013-12-13 00:11 5769216 ----a-w- c:\windows\system32\jscript9.dll

2013-11-26 08:28 . 2013-12-13 00:11 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll

2013-11-26 08:16 . 2013-12-13 00:11 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll

2013-11-26 08:02 . 2013-12-13 00:11 1995264 ----a-w- c:\windows\system32\inetcpl.cpl

2013-11-26 07:48 . 2013-12-13 00:11 12996608 ----a-w- c:\windows\system32\ieframe.dll

2013-11-26 07:32 . 2013-12-13 00:11 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2013-11-26 07:07 . 2013-12-13 00:11 2334208 ----a-w- c:\windows\system32\wininet.dll

2013-11-26 06:40 . 2013-12-13 00:11 1395200 ----a-w- c:\windows\system32\urlmon.dll

2013-11-26 06:34 . 2013-12-13 00:11 817664 ----a-w- c:\windows\system32\ieapfltr.dll

2013-11-26 06:33 . 2013-12-13 00:11 1820160 ----a-w- c:\windows\SysWow64\wininet.dll

2013-11-23 18:26 . 2013-12-13 00:08 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47 . 2013-12-13 00:08 465920 ----a-w- c:\windows\system32\WMPhoto.dll

2013-11-19 10:21 . 2013-07-09 16:25 267936 ------w- c:\windows\system32\MpSigStub.exe

2013-11-12 02:23 . 2013-12-13 00:08 2048 ----a-w- c:\windows\system32\tzres.dll

2013-11-12 02:07 . 2013-12-13 00:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2013-10-30 02:32 . 2013-12-13 00:08 335360 ----a-w- c:\windows\system32\msieftp.dll

2013-10-30 02:19 . 2013-12-13 00:08 301568 ----a-w- c:\windows\SysWow64\msieftp.dll

2013-10-30 01:24 . 2013-12-13 00:08 3155968 ----a-w- c:\windows\system32\win32k.sys

2013-10-22 20:32 . 2013-07-09 17:32 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\Clive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\Clive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\Clive\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-06-05 676608]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-30 3764024]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ   autocheck autochk *\0Partizan

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 PrintNotify;Printer Extensions and Notifications;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]

S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]

S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-12-04 15:54 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09 17:32]

.

2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09 17:32]

.

2014-01-08 c:\windows\Tasks\UnHackMe Task Scheduler.job

- c:\program files (x86)\UnHackMe\hackmon.exe [2014-01-08 19:55]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-12-30 20:18 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\Clive\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\Clive\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\Clive\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\Clive\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-10-26 13213840]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm


mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe

AddRemove-Adobe Digital Editions 2.0 - c:\program files (x86)\Adobe\Adobe Digital Editions 2.0\uninstall.exe

AddRemove-LinuxLive USB Creator - f:\linuxlive usb creator\Uninstall.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2014-01-13  12:46:20

ComboFix-quarantined-files.txt  2014-01-13 18:46

.

Pre-Run: 316,828,336,128 bytes free

Post-Run: 316,735,492,096 bytes free

.

- - End Of File - - 82AE398A5D6379802E3D28A52A184F24

A36C5E4F47E84449FF07ED3517B43A31
Link to post
Share on other sites

If Avast is the paid for Pro version then that`s the one i`d keep, you can uninstall MSE. The following removal tool will remove all traces:

 

http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log....

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Thanks,

 

Kevin

Link to post
Share on other sites

Hi again. The program immediately detected two 'Riskware' objects but then I realised they were in the waste basket so I stopped the scan, emptied the waste basket, then restarted the scan; nothing detected this time.
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.13.09
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Clive :: CLIVE-PC [administrator]
 
Protection: Enabled
 
1/13/2014 3:45:03 PM
mbam-log-2014-01-13 (15-45-03).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399608
Time elapsed: 42 minute(s), 17 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
=========================
 
 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
avast! Antivirus                
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 45  
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
 

Looking good, I hope!

Link to post
Share on other sites

Excellent, we still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report in next reply

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.