Willhomes71 Posted March 6, 2014 ID:800089 Share Posted March 6, 2014 I upgraded to the Pro version yesterday because Malwarebytes could not removed 403 bugs, but I'm having the same problem where I can select the bugs, but Pro won't remove or quarantine. It just freezes, won't respond and I have to close it down. I followed the suggested protocols and here are the files. First is DDS and then the "Attach" Notepad file. Thanks in advance. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16514 BrowserJavaVersion: 10.51.2Run by Matt at 10:23:33 on 2014-03-06Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3545.1348 [GMT -5:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exeC:\Windows\system32\SLsvc.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exeC:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CrashPlan\CrashPlanService.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Microsoft LifeCam\MSCamS32.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Real\RealPlayer\Update\realsched.exeC:\Program Files\Dell V520 Series\DKADGmon.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\vVX3000.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Users\Matt\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exeC:\Program Files\CrashPlan\CrashPlanTray.exeC:\Program Files\Microsoft Office\Office14\ONENOTEM.EXEC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Microsoft Security Client\NisSrv.exeC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Microsoft Office\Office14\ONENOTE.EXEC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\system32\werfault.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation.============== Pseudo HJT Report ===============.uSearch Bar = PreserveBHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dlluRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [spotify Web Helper] "c:\users\matt\appdata\roaming\spotify\data\SpotifyWebHelper.exe"uRun: [Facebook Update] "c:\users\matt\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserveruRun: [DKADGmon] "c:\program files\dell v520 series\DKADGmon.exe"uRun: [Amazon Cloud Player] "c:\users\matt\appdata\local\amazon cloud player\Amazon Music Helper.exe"uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exemRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hidemRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exemRun: [Apoint] c:\program files\delltpad\Apoint.exemRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServicesmRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osbootmRun: [DKADGmon] "c:\program files\dell v520 series\DKADGmon.exe"mRun: [VX3000] c:\windows\vVX3000.exemRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"StartupFolder: c:\users\matt\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXEStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\crashp~1.lnk - c:\program files\crashplan\CrashPlanTray.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:221mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.1.1TCP: Interfaces\{6352F28E-E80E-4E66-BE02-E72C00A2D312} : DHCPNameServer = 128.226.6.250 128.226.6.251TCP: Interfaces\{8554D68F-0208-4909-8692-0ED99CE4B73E} : DHCPNameServer = 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dllNotify: igfxcui - igfxdev.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkgmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.146\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]R1 MpKslecd758ed;MpKslecd758ed;c:\programdata\microsoft\microsoft antimalware\definition updates\{46616e4c-ad53-475a-9d8d-a707279296b7}\MpKslecd758ed.sys [2014-3-6 39464]R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_f6ef8056\AEstSrv.exe [2012-9-20 81920]R2 CrashPlanService;CrashPlan Backup Service;c:\program files\crashplan\CrashPlanService.exe [2012-8-16 152576]R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-3-5 418376]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-3-5 701512]R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 107392]R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-3-5 22856]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-3-6 40776]R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-8-12 295376]R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-4-11 19968]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408].=============== Created Last 30 ================.2014-03-06 14:30:20 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2014-03-06 14:09:59 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{46616e4c-ad53-475a-9d8d-a707279296b7}\MpKslecd758ed.sys2014-03-05 23:02:39 -------- d-----w- c:\users\matt\appdata\roaming\Malwarebytes2014-03-05 23:02:23 -------- d-----w- c:\programdata\Malwarebytes2014-03-05 23:02:20 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2014-03-05 23:02:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2014-03-05 22:14:39 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{46616e4c-ad53-475a-9d8d-a707279296b7}\mpengine.dll2014-03-05 20:29:40 -------- d-----w- c:\users\matt\appdata\roaming\DigitalSites2014-03-04 14:08:03 765968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{0cc3233a-2828-48b3-9a96-01fbd85e2ce7}\gapaengine.dll2014-03-01 05:05:23 -------- d-----w- c:\users\matt\appdata\roaming\WiseUpdate2014-02-28 02:19:16 -------- d-----w- c:\program files\iPod2014-02-28 02:19:13 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E12014-02-28 02:19:13 -------- d-----w- c:\program files\iTunes2014-02-28 02:13:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll2014-02-28 02:13:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll2014-02-28 02:13:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll2014-02-28 02:13:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll2014-02-28 02:13:57 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll2014-02-26 14:34:54 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2014-02-25 14:52:33 -------- d-----w- c:\programdata\Oracle2014-02-25 14:51:40 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2014-02-25 04:05:41 -------- d-----w- c:\users\matt\appdata\local\ElevatedDiagnostics.==================== Find3M ====================.2014-01-17 21:24:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx2014-01-17 21:24:12 69632 ----a-w- c:\windows\system32\QuickTime.qts.============= FINISH: 10:25:11.48 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Basic Boot Device: \Device\HarddiskVolume1Install Date: 9/19/2012 5:15:06 PMSystem Uptime: 3/6/2014 8:56:19 AM (2 hours ago).Motherboard: Dell Inc. | | 0K138PProcessor: Pentium® Dual-Core CPU T4200 @ 2.00GHz | Microprocessor | 2000/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 298 GiB total, 152.201 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================..==== Installed Programs ======================.Adobe Shockwave Player 12.0Amazon Cloud PlayerAmazon MP3 Downloader 1.0.17Apple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install ManagerAudible Download ManagerBonjourCrashPlanDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell TouchpadDell V520 Series UninstallerDropboxFacebook Messenger 2.1.4814.0Google ChromeGoogle Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)iCloudIDT AudioIntel® Graphics Media Accelerator DriverIntel® TV WizardIntel® Matrix Storage ManageriTunesJava 7 Update 51Java Auto UpdaterMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft CorporationMicrosoft LifeCamMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office InfoPath MUI (English) 2007Microsoft Office OneNote 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Professional Plus 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2007Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2007Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2007Microsoft Office Proofing (English) 2010Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2007Microsoft OneNote 2010Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161OEM Logo and InformationPhoneClean 3.2.0QuickTime 7RealDownloaderRealNetworks - Microsoft Visual C++ 2008 RuntimeRealNetworks - Microsoft Visual C++ 2010 RuntimeRealUpgrade 1.1Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionSkype Click to CallSkype™ 6.6SpotifyswMSMUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionWise Disk Cleaner 8.03Wise Registry Cleaner 7.94.==== End Of File =========================== Link to post Share on other sites More sharing options...
Willhomes71 Posted March 6, 2014 Author ID:800095 Share Posted March 6, 2014 Also: I am unable to update Windows update or Western Digital backup software, if that matters, although MWB seems to update okay. Link to post Share on other sites More sharing options...
Staff CatByte Posted March 9, 2014 Staff ID:800913 Share Posted March 9, 2014 Hello and welcome to malwarebytes Please run the following: Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Link to post Share on other sites More sharing options...
Willhomes71 Posted March 9, 2014 Author ID:800921 Share Posted March 9, 2014 Thanks for your help. I ran the Farbar Scan, and here is the FRST result. I didn't see the Addition.txt you mentioned, though. Sorry, I'm new to doing these kind of deep scans. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2014 01Ran by Matt (administrator) on MATT-PC on 08-03-2014 20:47:06Running from C:\Users\Matt\DesktopMicrosoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe(Microsoft Corporation) C:\Windows\system32\SLsvc.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe(Intel Corporation) C:\Windows\system32\igfxsrvc.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe() C:\Program Files\Dell V520 Series\DKADGmon.exe(Microsoft Corporation) C:\Windows\vVX3000.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Spotify Ltd) C:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe() C:\Users\Matt\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [278528 2010-01-25] (Alps Electric Co., Ltd.)HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295072 2012-12-26] (RealNetworks, Inc.)HKLM\...\Run: [DKADGmon] - C:\Program Files\Dell V520 Series\DKADGmon.exe [951656 2012-11-07] ()HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM\...\Run: [sDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-06] (IDT, Inc.)HKLM\...\Run: [WD Quick View] - C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-03-08] (AVAST Software)Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [spotify Web Helper] - C:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-12] (Spotify Ltd)HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [DKADGmon] - C:\Program Files\Dell V520 Series\DKADGmon.exe [951656 2012-11-07] ()HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [Amazon Cloud Player] - C:\Users\Matt\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2013-12-12] ()HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [ApplePhotoStreams] - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\MountPoints2: {4fe22fb4-0580-11e2-9303-002564579899} - E:\unlock.exe autoplay=trueAppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll File Not FoundStartup: C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnkShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usHKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Chrome: =======CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No FileCHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No FileCHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No FileCHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)CHR Plugin: (Facebook Desktop) - C:\Users\Matt\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No FileCHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-02]CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-02]CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-02]CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-02]CHR Extension: (No Name) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj [2013-09-07]CHR Extension: (AdBlock) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07]CHR Extension: (avast! Online Security) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-08]CHR Extension: (Clearly) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2014-03-07]CHR Extension: (No Name) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-09-07]CHR Extension: (Skype Click to Call) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-02]CHR Extension: (No Name) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-09-07]CHR Extension: (Chrome In-App Payments service) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-02]CHR Extension: (RSS Feed Reader) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2013-08-02]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-08]CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09] ========================== Services (Whitelisted) ================= R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-08] (AVAST Software)R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-03-08] (AVAST Software)R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [152576 2012-08-16] (CrashPlan)R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe [254042 2009-03-06] (IDT, Inc.)R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.)R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-08] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-08] (AVAST Software)R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2014-03-08] (ALWIL Software)R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252592 2014-03-08] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-08] (AVAST Software)R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-08] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-03-08] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-03-08] (AVAST Software)R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-08] (AVAST Software)R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-03-08] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)S3 IpInIp; system32\DRIVERS\ipinip.sys [X]S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]S1 qknfd; system32\drivers\qknfd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-08 20:47 - 2014-03-08 20:47 - 00022012 _____ () C:\Users\Matt\Desktop\FRST.txt2014-03-08 20:45 - 2014-03-08 20:46 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (2).exe2014-03-08 20:43 - 2014-03-08 20:43 - 00052747 _____ () C:\Users\Matt\Desktop\FRST_march_8.txt2014-03-08 20:40 - 2014-03-08 20:40 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (1).exe2014-03-08 19:20 - 2014-03-08 19:30 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat2014-03-08 17:05 - 2014-03-08 17:05 - 00100104 _____ (Kaspersky Lab) C:\Users\Matt\Downloads\kateskiller.exe2014-03-08 07:42 - 2014-03-08 07:42 - 00001919 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk2014-03-08 07:42 - 2014-03-08 07:42 - 00001859 _____ () C:\Users\Public\Desktop\avast! Premier.lnk2014-03-08 07:42 - 2014-03-08 07:42 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\AVAST Software2014-03-08 07:42 - 2014-03-08 07:42 - 00000000 _____ () C:\Windows\setuperr.log2014-03-08 07:42 - 2014-03-08 07:42 - 00000000 _____ () C:\Windows\setupact.log2014-03-08 07:40 - 2014-03-08 07:39 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2014-03-08 07:40 - 2014-03-08 07:39 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2014-03-08 07:40 - 2014-03-08 07:39 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2014-03-08 07:40 - 2014-03-08 07:39 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2014-03-08 07:40 - 2014-03-08 07:39 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2014-03-08 07:40 - 2014-03-08 07:39 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2014-03-08 07:40 - 2014-03-08 07:39 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys2014-03-08 07:40 - 2014-03-08 07:39 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2014-03-08 07:40 - 2014-03-08 07:39 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys2014-03-08 07:40 - 2014-03-08 07:38 - 00252592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys2014-03-08 07:39 - 2014-03-08 07:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2014-03-08 07:38 - 2014-03-08 07:38 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys2014-03-08 07:36 - 2014-03-08 07:36 - 00000000 ____D () C:\Program Files\AVAST Software2014-03-08 07:30 - 2014-03-08 07:30 - 04669416 _____ (AVAST Software) C:\Users\Matt\Downloads\avast_premier_antivirus_setup_online.exe2014-03-08 07:30 - 2014-03-08 07:30 - 00000000 ____D () C:\ProgramData\AVAST Software2014-03-08 00:30 - 2014-03-08 00:30 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\iExplore.exe2014-03-07 22:51 - 2014-03-07 22:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.Run.exe2014-03-07 21:45 - 2014-03-07 21:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (2).exe2014-03-07 21:45 - 2014-03-07 21:45 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-03-07 21:45 - 2014-03-07 21:45 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware2014-03-07 21:45 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-03-07 20:17 - 2014-03-07 20:17 - 00080456 _____ (Malwarebytes Corporation) C:\Users\Matt\Downloads\mbam-clean-1.60.2.0003.exe2014-03-07 20:12 - 2014-03-07 20:15 - 00033553 _____ () C:\Users\Matt\Downloads\Addition.txt2014-03-07 20:11 - 2014-03-08 20:47 - 00000000 ____D () C:\FRST2014-03-07 20:11 - 2014-03-08 20:42 - 00052747 _____ () C:\Users\Matt\Downloads\FRST.txt2014-03-07 20:11 - 2014-03-07 20:11 - 01145344 _____ (Farbar) C:\Users\Matt\Desktop\FRST.exe2014-03-07 17:59 - 2014-03-07 17:59 - 00000000 ____D () C:\Program Files\Western Digital2014-03-07 17:59 - 2014-03-07 17:59 - 00000000 ____D () C:\Program Files\Common Files\Western Digital2014-03-07 17:48 - 2014-03-07 17:48 - 36862640 _____ () C:\Users\Matt\Downloads\WD_SmartWare_Installer_2.3.0.20.zip2014-03-07 17:38 - 2014-03-07 18:00 - 00014402 _____ () C:\Windows\DPINST.LOG2014-03-07 17:21 - 2014-03-07 17:27 - 00000000 ____D () C:\AdwCleaner2014-03-07 17:20 - 2014-03-07 17:20 - 00930952 _____ (CNET Download.com) C:\Users\Matt\Downloads\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe2014-03-07 16:32 - 2014-02-05 03:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-03-07 16:32 - 2014-02-05 03:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-03-07 16:32 - 2014-02-05 03:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-03-07 16:32 - 2014-02-05 03:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-03-07 16:32 - 2014-02-05 03:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-03-07 16:32 - 2014-02-05 03:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-03-07 16:32 - 2014-02-05 03:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2014-03-07 16:32 - 2014-02-05 03:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-03-07 16:32 - 2014-02-05 03:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-03-07 16:32 - 2014-02-05 03:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-03-07 16:32 - 2014-02-05 03:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-03-07 16:32 - 2014-02-05 03:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-03-07 16:32 - 2014-02-05 03:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-03-07 16:32 - 2014-02-05 03:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-03-07 16:32 - 2014-02-05 03:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-03-07 16:32 - 2014-02-05 03:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-03-07 16:01 - 2013-10-22 02:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2014-03-07 16:00 - 2013-12-04 21:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-03-07 16:00 - 2013-10-29 21:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll2014-03-07 16:00 - 2013-10-29 20:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2014-03-07 16:00 - 2013-10-29 19:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2014-03-07 16:00 - 2013-10-29 19:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-03-07 16:00 - 2013-10-10 21:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL2014-03-07 16:00 - 2013-10-10 21:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2014-03-07 16:00 - 2013-10-10 21:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2014-03-07 16:00 - 2013-10-10 21:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll2014-03-07 16:00 - 2013-10-10 21:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL2014-03-07 16:00 - 2013-10-10 19:39 - 00218228 _____ () C:\Windows\system32\WFP.TMF2014-03-07 16:00 - 2013-10-10 19:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2014-03-07 16:00 - 2013-10-10 19:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2014-03-07 16:00 - 2013-10-03 07:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2014-03-07 16:00 - 2013-10-03 07:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2014-03-07 15:46 - 2014-03-07 15:46 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Intel Corporation2014-03-07 15:42 - 2009-12-17 10:25 - 00433176 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys2014-03-07 15:41 - 2014-03-07 15:41 - 10607056 _____ (Hewlett-Packard ) C:\Users\Matt\Downloads\sp47845.exe2014-03-07 15:39 - 2014-03-07 15:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic.diagcab2014-03-07 15:39 - 2014-03-07 15:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic (1).diagcab2014-03-07 15:34 - 2014-03-07 15:35 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86 (1).msu2014-03-07 15:25 - 2014-03-07 15:25 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe2014-03-06 20:58 - 2014-03-06 20:58 - 00100432 _____ () C:\Users\Matt\AppData\Local\GDIPFONTCACHEV1.DAT2014-03-06 20:56 - 2014-03-08 11:06 - 00017648 _____ () C:\Windows\PFRO.log2014-03-06 20:56 - 2014-03-07 17:03 - 00371512 _____ () C:\Windows\system32\FNTCACHE.DAT2014-03-06 14:10 - 2014-03-08 19:30 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job2014-03-06 14:10 - 2014-03-08 00:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-03-06 14:10 - 2014-03-06 20:57 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job2014-03-06 14:10 - 2014-03-06 20:57 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job2014-03-06 14:10 - 2014-03-06 14:12 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 22014-03-06 14:10 - 2014-03-06 14:10 - 00001958 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-03-06 14:10 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe2014-03-06 14:08 - 2014-03-06 14:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Matt\Downloads\spybot-2.2.exe2014-03-06 13:53 - 2014-03-06 14:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-03-06 13:51 - 2014-03-06 13:51 - 00000104 _____ () C:\Users\Matt\Desktop\Recycle Bin - Shortcut.lnk2014-03-06 13:46 - 2014-03-06 14:06 - 00000000 ____D () C:\Users\Matt\Desktop\mbar2014-03-06 13:43 - 2014-03-06 13:43 - 00380416 _____ () C:\Users\Matt\Downloads\8z5w3dui.exe2014-03-06 12:00 - 2014-03-06 12:00 - 00001892 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk2014-03-06 11:59 - 2014-03-08 07:49 - 00000000 ____D () C:\Program Files\Common Files\Adobe2014-03-06 11:59 - 2014-03-06 11:59 - 00000000 ____D () C:\Program Files\Adobe2014-03-06 11:45 - 2014-03-06 11:46 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.exe2014-03-06 11:43 - 2014-03-06 11:43 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.com2014-03-06 10:36 - 2014-03-06 10:36 - 00008560 _____ () C:\Users\Matt\Desktop\Attach_Malwarebytes.txt2014-03-06 10:22 - 2014-03-06 10:23 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.com2014-03-05 18:02 - 2014-03-05 18:02 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Malwarebytes2014-03-05 18:02 - 2014-03-05 18:02 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-03-05 18:01 - 2014-03-05 18:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (1).exe2014-03-05 17:17 - 2014-03-05 17:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-consumer.exe2014-03-05 16:48 - 2014-03-05 16:49 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds (1).scr2014-03-05 16:44 - 2014-03-05 16:44 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr2014-03-05 15:42 - 2014-03-05 15:42 - 00021232 _____ () C:\Users\Matt\Downloads\Fix WU.zip2014-03-05 15:42 - 2014-03-05 15:42 - 00000000 ____D () C:\Users\Matt\Downloads\Fix WU2014-03-05 15:30 - 2014-03-05 15:30 - 00000044 _____ () C:\Users\Matt\AppData\Roaming\WB.CFG2014-03-05 15:29 - 2014-03-05 15:30 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job2014-03-05 15:28 - 2014-03-05 15:28 - 00668048 _____ ( ) C:\Users\Matt\Downloads\ZipOpenerSetup.exe2014-03-03 22:34 - 2014-03-08 19:36 - 01854796 _____ () C:\Windows\WindowsUpdate.log2014-03-01 00:05 - 2014-03-01 00:11 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\WiseUpdate2014-02-27 21:20 - 2014-02-27 21:20 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-02-27 21:19 - 2014-02-27 21:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E12014-02-27 21:19 - 2014-02-27 21:20 - 00000000 ____D () C:\Program Files\iTunes2014-02-27 21:19 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files\iPod2014-02-27 21:13 - 2014-02-27 21:13 - 00000000 ____D () C:\Program Files\QuickTime2014-02-25 09:52 - 2014-02-25 09:52 - 00000000 ____D () C:\ProgramData\Sun2014-02-25 09:52 - 2014-02-25 09:52 - 00000000 ____D () C:\ProgramData\Oracle2014-02-25 09:52 - 2014-02-25 09:52 - 00000000 ____D () C:\Program Files\Common Files\Java2014-02-25 09:52 - 2014-02-25 09:51 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2014-02-25 09:51 - 2014-02-25 09:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2014-02-25 09:51 - 2014-02-25 09:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe2014-02-25 09:51 - 2014-02-25 09:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll2014-02-25 09:51 - 2014-02-25 09:51 - 00000000 ____D () C:\Program Files\Java2014-02-25 09:50 - 2014-02-25 09:50 - 00921000 _____ (Oracle Corporation) C:\Users\Matt\Downloads\chromeinstall-7u51.exe2014-02-24 23:11 - 2014-02-24 23:12 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86.msu2014-02-15 10:59 - 2014-02-15 11:00 - 168036333 _____ () C:\Users\Matt\Downloads\De-La-Soul-Is-Dead (1).zip2014-02-15 10:58 - 2014-02-15 10:59 - 160849169 _____ () C:\Users\Matt\Downloads\Stakes-Is-High.zip2014-02-15 00:11 - 2014-02-15 00:13 - 159346091 _____ () C:\Users\Matt\Downloads\3-Feet-High.zip2014-02-15 00:11 - 2014-02-15 00:13 - 114367391 _____ () C:\Users\Matt\Downloads\Buhloone-Mindstate.zip2014-02-14 23:57 - 2014-02-14 23:57 - 00000215 _____ () C:\Users\Matt\Downloads\Valentine's_Day_Promo.vcf2014-02-14 14:00 - 2014-02-14 14:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1.tif2014-02-14 14:00 - 2014-02-14 14:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1 (1).tif ==================== One Month Modified Files and Folders ======= 2014-03-08 20:47 - 2014-03-08 20:47 - 00022012 _____ () C:\Users\Matt\Desktop\FRST.txt2014-03-08 20:47 - 2014-03-07 20:11 - 00000000 ____D () C:\FRST2014-03-08 20:46 - 2014-03-08 20:45 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (2).exe2014-03-08 20:43 - 2014-03-08 20:43 - 00052747 _____ () C:\Users\Matt\Desktop\FRST_march_8.txt2014-03-08 20:42 - 2014-03-07 20:11 - 00052747 _____ () C:\Users\Matt\Downloads\FRST.txt2014-03-08 20:40 - 2014-03-08 20:40 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (1).exe2014-03-08 19:58 - 2012-09-21 08:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-03-08 19:58 - 2012-09-21 08:06 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-03-08 19:36 - 2014-03-03 22:34 - 01854796 _____ () C:\Windows\WindowsUpdate.log2014-03-08 19:30 - 2014-03-08 19:20 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat2014-03-08 19:30 - 2014-03-06 14:10 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job2014-03-08 19:29 - 2006-11-02 07:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-03-08 19:29 - 2006-11-02 07:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A02014-03-08 19:29 - 2006-11-02 07:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A02014-03-08 19:28 - 2006-11-02 07:58 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-03-08 18:57 - 2012-12-03 15:52 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2621633412-1475908225-2326514310-1000UA.job2014-03-08 17:05 - 2014-03-08 17:05 - 00100104 _____ (Kaspersky Lab) C:\Users\Matt\Downloads\kateskiller.exe2014-03-08 11:06 - 2014-03-06 20:56 - 00017648 _____ () C:\Windows\PFRO.log2014-03-08 07:49 - 2014-03-06 11:59 - 00000000 ____D () C:\Program Files\Common Files\Adobe2014-03-08 07:42 - 2014-03-08 07:42 - 00001919 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk2014-03-08 07:42 - 2014-03-08 07:42 - 00001859 _____ () C:\Users\Public\Desktop\avast! Premier.lnk2014-03-08 07:42 - 2014-03-08 07:42 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\AVAST Software2014-03-08 07:42 - 2014-03-08 07:42 - 00000000 _____ () C:\Windows\setuperr.log2014-03-08 07:42 - 2014-03-08 07:42 - 00000000 _____ () C:\Windows\setupact.log2014-03-08 07:41 - 2012-09-19 13:33 - 00000000 ____D () C:\Users\Matt2014-03-08 07:39 - 2014-03-08 07:40 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2014-03-08 07:39 - 2014-03-08 07:40 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2014-03-08 07:39 - 2014-03-08 07:40 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2014-03-08 07:39 - 2014-03-08 07:40 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2014-03-08 07:39 - 2014-03-08 07:40 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2014-03-08 07:39 - 2014-03-08 07:40 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2014-03-08 07:39 - 2014-03-08 07:40 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys2014-03-08 07:39 - 2014-03-08 07:40 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2014-03-08 07:39 - 2014-03-08 07:40 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys2014-03-08 07:39 - 2014-03-08 07:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2014-03-08 07:38 - 2014-03-08 07:40 - 00252592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys2014-03-08 07:38 - 2014-03-08 07:38 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys2014-03-08 07:36 - 2014-03-08 07:36 - 00000000 ____D () C:\Program Files\AVAST Software2014-03-08 07:30 - 2014-03-08 07:30 - 04669416 _____ (AVAST Software) C:\Users\Matt\Downloads\avast_premier_antivirus_setup_online.exe2014-03-08 07:30 - 2014-03-08 07:30 - 00000000 ____D () C:\ProgramData\AVAST Software2014-03-08 00:30 - 2014-03-08 00:30 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\iExplore.exe2014-03-08 00:29 - 2014-03-06 14:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-03-08 00:23 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET2014-03-08 00:00 - 2006-11-02 05:22 - 46137344 _____ () C:\Windows\system32\config\SOFTWARE.bak2014-03-08 00:00 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak2014-03-08 00:00 - 2006-11-02 05:22 - 00053248 _____ () C:\Windows\system32\config\SAM.bak2014-03-08 00:00 - 2006-11-02 05:22 - 00020480 _____ () C:\Windows\system32\config\SECURITY.bak2014-03-07 23:27 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\spool2014-03-07 23:19 - 2006-11-02 05:33 - 00752486 _____ () C:\Windows\system32\PerfStringBackup.INI2014-03-07 22:51 - 2014-03-07 22:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.Run.exe2014-03-07 21:45 - 2014-03-07 21:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (2).exe2014-03-07 21:45 - 2014-03-07 21:45 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-03-07 21:45 - 2014-03-07 21:45 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware2014-03-07 21:33 - 2013-09-05 22:54 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Wise Disk Cleaner2014-03-07 20:17 - 2014-03-07 20:17 - 00080456 _____ (Malwarebytes Corporation) C:\Users\Matt\Downloads\mbam-clean-1.60.2.0003.exe2014-03-07 20:15 - 2014-03-07 20:12 - 00033553 _____ () C:\Users\Matt\Downloads\Addition.txt2014-03-07 20:11 - 2014-03-07 20:11 - 01145344 _____ (Farbar) C:\Users\Matt\Desktop\FRST.exe2014-03-07 18:08 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\rescache2014-03-07 18:00 - 2014-03-07 17:38 - 00014402 _____ () C:\Windows\DPINST.LOG2014-03-07 17:59 - 2014-03-07 17:59 - 00000000 ____D () C:\Program Files\Western Digital2014-03-07 17:59 - 2014-03-07 17:59 - 00000000 ____D () C:\Program Files\Common Files\Western Digital2014-03-07 17:58 - 2012-09-23 20:07 - 00000000 ____D () C:\ProgramData\Western Digital2014-03-07 17:51 - 2013-04-29 14:28 - 00000000 ____D () C:\ProgramData\Package Cache2014-03-07 17:48 - 2014-03-07 17:48 - 36862640 _____ () C:\Users\Matt\Downloads\WD_SmartWare_Installer_2.3.0.20.zip2014-03-07 17:27 - 2014-03-07 17:21 - 00000000 ____D () C:\AdwCleaner2014-03-07 17:20 - 2014-03-07 17:20 - 00930952 _____ (CNET Download.com) C:\Users\Matt\Downloads\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe2014-03-07 17:03 - 2014-03-06 20:56 - 00371512 _____ () C:\Windows\system32\FNTCACHE.DAT2014-03-07 16:55 - 2012-09-20 13:03 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-03-07 16:53 - 2013-07-15 11:07 - 00000000 ___RD () C:\Program Files\Skype2014-03-07 16:53 - 2013-07-15 11:07 - 00000000 ____D () C:\ProgramData\Skype2014-03-07 16:51 - 2012-09-21 08:02 - 00001945 _____ () C:\Windows\epplauncher.mif2014-03-07 16:51 - 2012-09-21 08:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client2014-03-07 16:44 - 2013-07-11 09:43 - 00000000 ____D () C:\Windows\system32\MRT2014-03-07 15:57 - 2012-12-03 15:52 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2621633412-1475908225-2326514310-1000Core.job2014-03-07 15:46 - 2014-03-07 15:46 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Intel Corporation2014-03-07 15:46 - 2012-09-20 13:58 - 00000000 ____D () C:\Intel2014-03-07 15:45 - 2012-09-20 13:59 - 00000000 ____D () C:\Program Files\Intel2014-03-07 15:41 - 2014-03-07 15:41 - 10607056 _____ (Hewlett-Packard ) C:\Users\Matt\Downloads\sp47845.exe2014-03-07 15:39 - 2014-03-07 15:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic.diagcab2014-03-07 15:39 - 2014-03-07 15:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic (1).diagcab2014-03-07 15:35 - 2014-03-07 15:34 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86 (1).msu2014-03-07 15:30 - 2012-09-22 17:53 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Spotify2014-03-07 15:25 - 2014-03-07 15:25 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe2014-03-07 14:22 - 2013-03-02 13:24 - 00000000 ____D () C:\ProgramData\DellUpdate2014-03-06 20:58 - 2014-03-06 20:58 - 00100432 _____ () C:\Users\Matt\AppData\Local\GDIPFONTCACHEV1.DAT2014-03-06 20:57 - 2014-03-06 14:10 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job2014-03-06 20:57 - 2014-03-06 14:10 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job2014-03-06 14:12 - 2014-03-06 14:10 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 22014-03-06 14:10 - 2014-03-06 14:10 - 00001958 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-03-06 14:08 - 2014-03-06 14:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Matt\Downloads\spybot-2.2.exe2014-03-06 14:06 - 2014-03-06 13:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-03-06 14:06 - 2014-03-06 13:46 - 00000000 ____D () C:\Users\Matt\Desktop\mbar2014-03-06 13:51 - 2014-03-06 13:51 - 00000104 _____ () C:\Users\Matt\Desktop\Recycle Bin - Shortcut.lnk2014-03-06 13:43 - 2014-03-06 13:43 - 00380416 _____ () C:\Users\Matt\Downloads\8z5w3dui.exe2014-03-06 12:02 - 2012-09-24 15:25 - 00000000 ____D () C:\Users\Matt\AppData\Local\Adobe2014-03-06 12:00 - 2014-03-06 12:00 - 00001892 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk2014-03-06 11:59 - 2014-03-06 11:59 - 00000000 ____D () C:\Program Files\Adobe2014-03-06 11:59 - 2012-09-21 08:03 - 00000000 ____D () C:\ProgramData\Adobe2014-03-06 11:46 - 2014-03-06 11:45 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.exe2014-03-06 11:43 - 2014-03-06 11:43 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.com2014-03-06 10:36 - 2014-03-06 10:36 - 00008560 _____ () C:\Users\Matt\Desktop\Attach_Malwarebytes.txt2014-03-06 10:23 - 2014-03-06 10:22 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.com2014-03-05 18:02 - 2014-03-05 18:02 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Malwarebytes2014-03-05 18:02 - 2014-03-05 18:02 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-03-05 18:01 - 2014-03-05 18:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (1).exe2014-03-05 17:17 - 2014-03-05 17:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-consumer.exe2014-03-05 16:49 - 2014-03-05 16:48 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds (1).scr2014-03-05 16:44 - 2014-03-05 16:44 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr2014-03-05 15:42 - 2014-03-05 15:42 - 00021232 _____ () C:\Users\Matt\Downloads\Fix WU.zip2014-03-05 15:42 - 2014-03-05 15:42 - 00000000 ____D () C:\Users\Matt\Downloads\Fix WU2014-03-05 15:30 - 2014-03-05 15:30 - 00000044 _____ () C:\Users\Matt\AppData\Roaming\WB.CFG2014-03-05 15:30 - 2014-03-05 15:29 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job2014-03-05 15:28 - 2014-03-05 15:28 - 00668048 _____ ( ) C:\Users\Matt\Downloads\ZipOpenerSetup.exe2014-03-05 14:57 - 2013-03-02 13:32 - 00000000 ____D () C:\ProgramData\ABBYY2014-03-05 12:55 - 2012-09-19 13:33 - 00000000 ___RD () C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-03-05 11:47 - 2012-09-21 17:50 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Apple Computer2014-03-05 11:17 - 2014-01-23 10:10 - 00000000 ____D () C:\Users\Matt\AppData\Local\FBCBC565-3E66-4F6D-84D1-685CEEF89A4E.aplzod2014-03-03 15:56 - 2013-10-22 13:10 - 00000428 _____ () C:\Windows\Tasks\Wise Disk Cleaner Schedule Task.job2014-03-03 15:01 - 2012-09-22 17:54 - 00000000 ____D () C:\Users\Matt\AppData\Local\Spotify2014-03-03 14:10 - 2013-09-13 16:35 - 00000440 _____ () C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job2014-03-01 00:11 - 2014-03-01 00:05 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\WiseUpdate2014-02-27 21:20 - 2014-02-27 21:20 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-02-27 21:20 - 2014-02-27 21:19 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E12014-02-27 21:20 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files\iTunes2014-02-27 21:19 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files\iPod2014-02-27 21:19 - 2012-09-21 17:44 - 00000000 ____D () C:\Program Files\Common Files\Apple2014-02-27 21:13 - 2014-02-27 21:13 - 00000000 ____D () C:\Program Files\QuickTime2014-02-27 09:14 - 2012-09-20 15:56 - 00000000 ____D () C:\Users\Matt\Documents\Dissertation2014-02-27 08:40 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\IME2014-02-26 09:30 - 2012-09-21 18:05 - 00000000 ____D () C:\Program Files\CrashPlan2014-02-25 09:52 - 2014-02-25 09:52 - 00000000 ____D () C:\ProgramData\Sun2014-02-25 09:52 - 2014-02-25 09:52 - 00000000 ____D () C:\ProgramData\Oracle2014-02-25 09:52 - 2014-02-25 09:52 - 00000000 ____D () C:\Program Files\Common Files\Java2014-02-25 09:51 - 2014-02-25 09:52 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2014-02-25 09:51 - 2014-02-25 09:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2014-02-25 09:51 - 2014-02-25 09:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe2014-02-25 09:51 - 2014-02-25 09:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll2014-02-25 09:51 - 2014-02-25 09:51 - 00000000 ____D () C:\Program Files\Java2014-02-25 09:50 - 2014-02-25 09:50 - 00921000 _____ (Oracle Corporation) C:\Users\Matt\Downloads\chromeinstall-7u51.exe2014-02-24 23:12 - 2014-02-24 23:11 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86.msu2014-02-19 23:00 - 2013-09-03 18:57 - 00000000 ____D () C:\Windows\Minidump2014-02-15 11:00 - 2014-02-15 10:59 - 168036333 _____ () C:\Users\Matt\Downloads\De-La-Soul-Is-Dead (1).zip2014-02-15 10:59 - 2014-02-15 10:58 - 160849169 _____ () C:\Users\Matt\Downloads\Stakes-Is-High.zip2014-02-15 00:13 - 2014-02-15 00:11 - 159346091 _____ () C:\Users\Matt\Downloads\3-Feet-High.zip2014-02-15 00:13 - 2014-02-15 00:11 - 114367391 _____ () C:\Users\Matt\Downloads\Buhloone-Mindstate.zip2014-02-14 23:57 - 2014-02-14 23:57 - 00000215 _____ () C:\Users\Matt\Downloads\Valentine's_Day_Promo.vcf2014-02-14 14:00 - 2014-02-14 14:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1.tif2014-02-14 14:00 - 2014-02-14 14:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1 (1).tif2014-02-11 09:22 - 2013-01-09 09:32 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Dropbox2014-02-11 09:14 - 2013-01-09 09:42 - 00000000 ___RD () C:\Users\Matt\Dropbox ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legitC:\Windows\system32\winlogon.exe => MD5 is legitC:\Windows\system32\wininit.exe => MD5 is legitC:\Windows\system32\svchost.exe => MD5 is legitC:\Windows\system32\services.exe => MD5 is legitC:\Windows\system32\User32.dll => MD5 is legitC:\Windows\system32\userinit.exe => MD5 is legitC:\Windows\system32\rpcss.dll => MD5 is legitC:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-08 19:37 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Staff CatByte Posted March 9, 2014 Staff ID:801172 Share Posted March 9, 2014 Please run the following; Download the attached fixlist.txt file and save it to the Desktop. FixList.txt NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. Run FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply. Link to post Share on other sites More sharing options...
Willhomes71 Posted March 9, 2014 Author ID:801193 Share Posted March 9, 2014 Okay, so here is the FRST notepad result, followed by the Fixlog. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-03-2014 01Ran by Matt (administrator) on MATT-PC on 09-03-2014 17:52:04Running from C:\Users\Matt\DesktopMicrosoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe(Microsoft Corporation) C:\Windows\system32\SLsvc.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Intel Corporation) C:\Windows\system32\igfxsrvc.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe() C:\Program Files\Dell V520 Series\DKADGmon.exe(Microsoft Corporation) C:\Windows\vVX3000.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Spotify Ltd) C:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe() C:\Users\Matt\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [278528 2010-01-25] (Alps Electric Co., Ltd.)HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295072 2012-12-26] (RealNetworks, Inc.)HKLM\...\Run: [DKADGmon] - C:\Program Files\Dell V520 Series\DKADGmon.exe [951656 2012-11-07] ()HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM\...\Run: [sDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-06] (IDT, Inc.)HKLM\...\Run: [WD Quick View] - C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-03-08] (AVAST Software)Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [spotify Web Helper] - C:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-12] (Spotify Ltd)HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [DKADGmon] - C:\Program Files\Dell V520 Series\DKADGmon.exe [951656 2012-11-07] ()HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [Amazon Cloud Player] - C:\Users\Matt\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2013-12-12] ()HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [ApplePhotoStreams] - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Run: [spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKU\S-1-5-21-2621633412-1475908225-2326514310-1000\...\MountPoints2: {4fe22fb4-0580-11e2-9303-002564579899} - E:\unlock.exe autoplay=trueAppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll File Not FoundStartup: C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnkShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usHKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Chrome: =======CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No FileCHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No FileCHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No FileCHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)CHR Plugin: (Facebook Desktop) - C:\Users\Matt\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No FileCHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-02]CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-02]CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-02]CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-02]CHR Extension: (No Name) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj [2013-09-07]CHR Extension: (AdBlock) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07]CHR Extension: (avast! Online Security) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-08]CHR Extension: (Clearly) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2014-03-07]CHR Extension: (No Name) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-09-07]CHR Extension: (Skype Click to Call) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-02]CHR Extension: (No Name) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-09-07]CHR Extension: (Chrome In-App Payments service) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-02]CHR Extension: (RSS Feed Reader) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2013-08-02]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-08]CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09] ========================== Services (Whitelisted) ================= R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-08] (AVAST Software)R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-03-08] (AVAST Software)R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [152576 2012-08-16] (CrashPlan)R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe [254042 2009-03-06] (IDT, Inc.)R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.)R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-08] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-08] (AVAST Software)R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2014-03-08] (ALWIL Software)R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252592 2014-03-08] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-08] (AVAST Software)R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-08] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-03-08] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-03-08] (AVAST Software)R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-08] (AVAST Software)R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-03-08] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-08] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)S3 IpInIp; system32\DRIVERS\ipinip.sys [X]S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]S1 qknfd; system32\drivers\qknfd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-09 17:51 - 2014-03-09 17:51 - 00000000 ____D () C:\Users\Matt\Desktop\FRST-OlderVersion2014-03-09 17:50 - 2014-03-09 17:50 - 00002086 _____ () C:\Users\Matt\Desktop\FixList.txt2014-03-09 17:49 - 2014-03-09 17:49 - 00002086 _____ () C:\Users\Matt\Downloads\FixList.txt2014-03-08 22:55 - 2014-03-08 22:59 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys2014-03-08 21:47 - 2014-03-09 17:52 - 00022151 _____ () C:\Users\Matt\Desktop\FRST.txt2014-03-08 21:45 - 2014-03-08 21:46 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (2).exe2014-03-08 21:40 - 2014-03-08 21:40 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (1).exe2014-03-08 20:20 - 2014-03-09 17:27 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat2014-03-08 18:05 - 2014-03-08 18:05 - 00100104 _____ (Kaspersky Lab) C:\Users\Matt\Downloads\kateskiller.exe2014-03-08 08:42 - 2014-03-08 08:42 - 00001919 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk2014-03-08 08:42 - 2014-03-08 08:42 - 00001859 _____ () C:\Users\Public\Desktop\avast! Premier.lnk2014-03-08 08:42 - 2014-03-08 08:42 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\AVAST Software2014-03-08 08:42 - 2014-03-08 08:42 - 00000000 _____ () C:\Windows\setuperr.log2014-03-08 08:42 - 2014-03-08 08:42 - 00000000 _____ () C:\Windows\setupact.log2014-03-08 08:40 - 2014-03-08 08:39 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2014-03-08 08:40 - 2014-03-08 08:39 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2014-03-08 08:40 - 2014-03-08 08:39 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2014-03-08 08:40 - 2014-03-08 08:39 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2014-03-08 08:40 - 2014-03-08 08:39 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2014-03-08 08:40 - 2014-03-08 08:39 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2014-03-08 08:40 - 2014-03-08 08:39 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys2014-03-08 08:40 - 2014-03-08 08:39 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2014-03-08 08:40 - 2014-03-08 08:39 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys2014-03-08 08:40 - 2014-03-08 08:38 - 00252592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys2014-03-08 08:39 - 2014-03-08 08:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2014-03-08 08:38 - 2014-03-08 08:38 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys2014-03-08 08:36 - 2014-03-08 08:36 - 00000000 ____D () C:\Program Files\AVAST Software2014-03-08 08:30 - 2014-03-08 08:30 - 04669416 _____ (AVAST Software) C:\Users\Matt\Downloads\avast_premier_antivirus_setup_online.exe2014-03-08 08:30 - 2014-03-08 08:30 - 00000000 ____D () C:\ProgramData\AVAST Software2014-03-08 01:30 - 2014-03-08 01:30 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\iExplore.exe2014-03-07 23:51 - 2014-03-07 23:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.Run.exe2014-03-07 22:45 - 2014-03-07 22:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (2).exe2014-03-07 22:45 - 2014-03-07 22:45 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-03-07 22:45 - 2014-03-07 22:45 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware2014-03-07 22:45 - 2013-04-04 15:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-03-07 21:17 - 2014-03-07 21:17 - 00080456 _____ (Malwarebytes Corporation) C:\Users\Matt\Downloads\mbam-clean-1.60.2.0003.exe2014-03-07 21:12 - 2014-03-07 21:15 - 00033553 _____ () C:\Users\Matt\Downloads\Addition.txt2014-03-07 21:11 - 2014-03-09 17:52 - 00000000 ____D () C:\FRST2014-03-07 21:11 - 2014-03-09 17:51 - 01145856 _____ (Farbar) C:\Users\Matt\Desktop\FRST.exe2014-03-07 21:11 - 2014-03-08 21:42 - 00052747 _____ () C:\Users\Matt\Downloads\FRST.txt2014-03-07 18:59 - 2014-03-07 18:59 - 00000000 ____D () C:\Program Files\Western Digital2014-03-07 18:59 - 2014-03-07 18:59 - 00000000 ____D () C:\Program Files\Common Files\Western Digital2014-03-07 18:48 - 2014-03-07 18:48 - 36862640 _____ () C:\Users\Matt\Downloads\WD_SmartWare_Installer_2.3.0.20.zip2014-03-07 18:38 - 2014-03-07 19:00 - 00014402 _____ () C:\Windows\DPINST.LOG2014-03-07 18:21 - 2014-03-07 18:27 - 00000000 ____D () C:\AdwCleaner2014-03-07 18:20 - 2014-03-07 18:20 - 00930952 _____ (CNET Download.com) C:\Users\Matt\Downloads\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe2014-03-07 17:32 - 2014-02-05 04:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-03-07 17:32 - 2014-02-05 04:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-03-07 17:32 - 2014-02-05 04:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-03-07 17:32 - 2014-02-05 04:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-03-07 17:32 - 2014-02-05 04:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-03-07 17:32 - 2014-02-05 04:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-03-07 17:32 - 2014-02-05 04:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2014-03-07 17:32 - 2014-02-05 04:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-03-07 17:32 - 2014-02-05 04:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-03-07 17:32 - 2014-02-05 04:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-03-07 17:32 - 2014-02-05 04:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-03-07 17:32 - 2014-02-05 04:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-03-07 17:32 - 2014-02-05 04:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-03-07 17:32 - 2014-02-05 04:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-03-07 17:32 - 2014-02-05 04:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-03-07 17:32 - 2014-02-05 04:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-03-07 17:01 - 2013-10-22 03:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2014-03-07 17:00 - 2013-12-04 22:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-03-07 17:00 - 2013-10-29 22:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll2014-03-07 17:00 - 2013-10-29 21:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2014-03-07 17:00 - 2013-10-29 20:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2014-03-07 17:00 - 2013-10-29 20:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-03-07 17:00 - 2013-10-10 22:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL2014-03-07 17:00 - 2013-10-10 22:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2014-03-07 17:00 - 2013-10-10 22:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2014-03-07 17:00 - 2013-10-10 22:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll2014-03-07 17:00 - 2013-10-10 22:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL2014-03-07 17:00 - 2013-10-10 20:39 - 00218228 _____ () C:\Windows\system32\WFP.TMF2014-03-07 17:00 - 2013-10-10 20:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2014-03-07 17:00 - 2013-10-10 20:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2014-03-07 17:00 - 2013-10-03 08:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2014-03-07 17:00 - 2013-10-03 08:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2014-03-07 16:46 - 2014-03-07 16:46 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Intel Corporation2014-03-07 16:42 - 2009-12-17 11:25 - 00433176 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys2014-03-07 16:41 - 2014-03-07 16:41 - 10607056 _____ (Hewlett-Packard ) C:\Users\Matt\Downloads\sp47845.exe2014-03-07 16:39 - 2014-03-07 16:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic.diagcab2014-03-07 16:39 - 2014-03-07 16:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic (1).diagcab2014-03-07 16:34 - 2014-03-07 16:35 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86 (1).msu2014-03-07 16:25 - 2014-03-07 16:25 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe2014-03-06 21:58 - 2014-03-06 21:58 - 00100432 _____ () C:\Users\Matt\AppData\Local\GDIPFONTCACHEV1.DAT2014-03-06 21:56 - 2014-03-08 12:06 - 00017648 _____ () C:\Windows\PFRO.log2014-03-06 21:56 - 2014-03-07 18:03 - 00371512 _____ () C:\Windows\system32\FNTCACHE.DAT2014-03-06 15:10 - 2014-03-09 17:26 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job2014-03-06 15:10 - 2014-03-08 01:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-03-06 15:10 - 2014-03-06 21:57 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job2014-03-06 15:10 - 2014-03-06 21:57 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job2014-03-06 15:10 - 2014-03-06 15:12 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 22014-03-06 15:10 - 2014-03-06 15:10 - 00001958 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-03-06 15:10 - 2013-09-20 11:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe2014-03-06 15:08 - 2014-03-06 15:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Matt\Downloads\spybot-2.2.exe2014-03-06 14:53 - 2014-03-06 15:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-03-06 14:51 - 2014-03-06 14:51 - 00000104 _____ () C:\Users\Matt\Desktop\Recycle Bin - Shortcut.lnk2014-03-06 14:46 - 2014-03-06 15:06 - 00000000 ____D () C:\Users\Matt\Desktop\mbar2014-03-06 14:43 - 2014-03-06 14:43 - 00380416 _____ () C:\Users\Matt\Downloads\8z5w3dui.exe2014-03-06 13:00 - 2014-03-06 13:00 - 00001892 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk2014-03-06 12:59 - 2014-03-08 08:49 - 00000000 ____D () C:\Program Files\Common Files\Adobe2014-03-06 12:59 - 2014-03-06 12:59 - 00000000 ____D () C:\Program Files\Adobe2014-03-06 12:45 - 2014-03-06 12:46 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.exe2014-03-06 12:43 - 2014-03-06 12:43 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.com2014-03-06 11:36 - 2014-03-06 11:36 - 00008560 _____ () C:\Users\Matt\Desktop\Attach_Malwarebytes.txt2014-03-06 11:22 - 2014-03-06 11:23 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.com2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Malwarebytes2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-03-05 19:01 - 2014-03-05 19:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (1).exe2014-03-05 18:17 - 2014-03-05 18:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-consumer.exe2014-03-05 17:48 - 2014-03-05 17:49 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds (1).scr2014-03-05 17:44 - 2014-03-05 17:44 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr2014-03-05 16:42 - 2014-03-05 16:42 - 00021232 _____ () C:\Users\Matt\Downloads\Fix WU.zip2014-03-05 16:42 - 2014-03-05 16:42 - 00000000 ____D () C:\Users\Matt\Downloads\Fix WU2014-03-05 16:30 - 2014-03-05 16:30 - 00000044 _____ () C:\Users\Matt\AppData\Roaming\WB.CFG2014-03-05 16:29 - 2014-03-05 16:30 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job2014-03-05 16:28 - 2014-03-05 16:28 - 00668048 _____ ( ) C:\Users\Matt\Downloads\ZipOpenerSetup.exe2014-03-03 23:34 - 2014-03-09 17:35 - 01876949 _____ () C:\Windows\WindowsUpdate.log2014-03-01 01:05 - 2014-03-01 01:11 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\WiseUpdate2014-02-27 22:20 - 2014-02-27 22:20 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-02-27 22:19 - 2014-02-27 22:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E12014-02-27 22:19 - 2014-02-27 22:20 - 00000000 ____D () C:\Program Files\iTunes2014-02-27 22:19 - 2014-02-27 22:19 - 00000000 ____D () C:\Program Files\iPod2014-02-27 22:13 - 2014-02-27 22:13 - 00000000 ____D () C:\Program Files\QuickTime2014-02-25 10:52 - 2014-02-25 10:52 - 00000000 ____D () C:\ProgramData\Sun2014-02-25 10:52 - 2014-02-25 10:52 - 00000000 ____D () C:\ProgramData\Oracle2014-02-25 10:52 - 2014-02-25 10:52 - 00000000 ____D () C:\Program Files\Common Files\Java2014-02-25 10:52 - 2014-02-25 10:51 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2014-02-25 10:51 - 2014-02-25 10:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2014-02-25 10:51 - 2014-02-25 10:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe2014-02-25 10:51 - 2014-02-25 10:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll2014-02-25 10:51 - 2014-02-25 10:51 - 00000000 ____D () C:\Program Files\Java2014-02-25 10:50 - 2014-02-25 10:50 - 00921000 _____ (Oracle Corporation) C:\Users\Matt\Downloads\chromeinstall-7u51.exe2014-02-25 00:11 - 2014-02-25 00:12 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86.msu2014-02-15 11:59 - 2014-02-15 12:00 - 168036333 _____ () C:\Users\Matt\Downloads\De-La-Soul-Is-Dead (1).zip2014-02-15 11:58 - 2014-02-15 11:59 - 160849169 _____ () C:\Users\Matt\Downloads\Stakes-Is-High.zip2014-02-15 01:11 - 2014-02-15 01:13 - 159346091 _____ () C:\Users\Matt\Downloads\3-Feet-High.zip2014-02-15 01:11 - 2014-02-15 01:13 - 114367391 _____ () C:\Users\Matt\Downloads\Buhloone-Mindstate.zip2014-02-15 00:57 - 2014-02-15 00:57 - 00000215 _____ () C:\Users\Matt\Downloads\Valentine's_Day_Promo.vcf2014-02-14 15:00 - 2014-02-14 15:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1.tif2014-02-14 15:00 - 2014-02-14 15:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1 (1).tif ==================== One Month Modified Files and Folders ======= 2014-03-09 17:52 - 2014-03-08 21:47 - 00022151 _____ () C:\Users\Matt\Desktop\FRST.txt2014-03-09 17:52 - 2014-03-07 21:11 - 00000000 ____D () C:\FRST2014-03-09 17:51 - 2014-03-09 17:51 - 00000000 ____D () C:\Users\Matt\Desktop\FRST-OlderVersion2014-03-09 17:51 - 2014-03-07 21:11 - 01145856 _____ (Farbar) C:\Users\Matt\Desktop\FRST.exe2014-03-09 17:50 - 2014-03-09 17:50 - 00002086 _____ () C:\Users\Matt\Desktop\FixList.txt2014-03-09 17:49 - 2014-03-09 17:49 - 00002086 _____ () C:\Users\Matt\Downloads\FixList.txt2014-03-09 17:35 - 2014-03-03 23:34 - 01876949 _____ () C:\Windows\WindowsUpdate.log2014-03-09 17:32 - 2006-11-02 06:33 - 00759082 _____ () C:\Windows\system32\PerfStringBackup.INI2014-03-09 17:27 - 2014-03-08 20:20 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat2014-03-09 17:26 - 2014-03-06 15:10 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job2014-03-09 17:24 - 2012-09-21 09:06 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-03-09 17:24 - 2006-11-02 08:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-03-09 17:24 - 2006-11-02 08:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A02014-03-09 17:24 - 2006-11-02 08:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A02014-03-09 13:26 - 2006-11-02 08:58 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-03-09 12:58 - 2012-09-21 09:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-03-09 12:57 - 2012-12-03 16:52 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2621633412-1475908225-2326514310-1000UA.job2014-03-08 22:59 - 2014-03-08 22:55 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys2014-03-08 21:46 - 2014-03-08 21:45 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (2).exe2014-03-08 21:42 - 2014-03-07 21:11 - 00052747 _____ () C:\Users\Matt\Downloads\FRST.txt2014-03-08 21:40 - 2014-03-08 21:40 - 01145344 _____ (Farbar) C:\Users\Matt\Downloads\FRST (1).exe2014-03-08 18:05 - 2014-03-08 18:05 - 00100104 _____ (Kaspersky Lab) C:\Users\Matt\Downloads\kateskiller.exe2014-03-08 12:06 - 2014-03-06 21:56 - 00017648 _____ () C:\Windows\PFRO.log2014-03-08 08:49 - 2014-03-06 12:59 - 00000000 ____D () C:\Program Files\Common Files\Adobe2014-03-08 08:42 - 2014-03-08 08:42 - 00001919 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk2014-03-08 08:42 - 2014-03-08 08:42 - 00001859 _____ () C:\Users\Public\Desktop\avast! Premier.lnk2014-03-08 08:42 - 2014-03-08 08:42 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\AVAST Software2014-03-08 08:42 - 2014-03-08 08:42 - 00000000 _____ () C:\Windows\setuperr.log2014-03-08 08:42 - 2014-03-08 08:42 - 00000000 _____ () C:\Windows\setupact.log2014-03-08 08:41 - 2012-09-19 14:33 - 00000000 ____D () C:\Users\Matt2014-03-08 08:39 - 2014-03-08 08:40 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2014-03-08 08:39 - 2014-03-08 08:40 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2014-03-08 08:39 - 2014-03-08 08:40 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2014-03-08 08:39 - 2014-03-08 08:40 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2014-03-08 08:39 - 2014-03-08 08:40 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2014-03-08 08:39 - 2014-03-08 08:40 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2014-03-08 08:39 - 2014-03-08 08:40 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys2014-03-08 08:39 - 2014-03-08 08:40 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2014-03-08 08:39 - 2014-03-08 08:40 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys2014-03-08 08:39 - 2014-03-08 08:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2014-03-08 08:38 - 2014-03-08 08:40 - 00252592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys2014-03-08 08:38 - 2014-03-08 08:38 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys2014-03-08 08:36 - 2014-03-08 08:36 - 00000000 ____D () C:\Program Files\AVAST Software2014-03-08 08:30 - 2014-03-08 08:30 - 04669416 _____ (AVAST Software) C:\Users\Matt\Downloads\avast_premier_antivirus_setup_online.exe2014-03-08 08:30 - 2014-03-08 08:30 - 00000000 ____D () C:\ProgramData\AVAST Software2014-03-08 01:30 - 2014-03-08 01:30 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\iExplore.exe2014-03-08 01:29 - 2014-03-06 15:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-03-08 01:23 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET2014-03-08 01:00 - 2006-11-02 06:22 - 46137344 _____ () C:\Windows\system32\config\SOFTWARE.bak2014-03-08 01:00 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak2014-03-08 01:00 - 2006-11-02 06:22 - 00053248 _____ () C:\Windows\system32\config\SAM.bak2014-03-08 01:00 - 2006-11-02 06:22 - 00020480 _____ () C:\Windows\system32\config\SECURITY.bak2014-03-08 00:27 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\spool2014-03-07 23:51 - 2014-03-07 23:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.Run.exe2014-03-07 22:45 - 2014-03-07 22:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (2).exe2014-03-07 22:45 - 2014-03-07 22:45 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-03-07 22:45 - 2014-03-07 22:45 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware2014-03-07 22:33 - 2013-09-05 23:54 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Wise Disk Cleaner2014-03-07 21:17 - 2014-03-07 21:17 - 00080456 _____ (Malwarebytes Corporation) C:\Users\Matt\Downloads\mbam-clean-1.60.2.0003.exe2014-03-07 21:15 - 2014-03-07 21:12 - 00033553 _____ () C:\Users\Matt\Downloads\Addition.txt2014-03-07 19:08 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache2014-03-07 19:00 - 2014-03-07 18:38 - 00014402 _____ () C:\Windows\DPINST.LOG2014-03-07 18:59 - 2014-03-07 18:59 - 00000000 ____D () C:\Program Files\Western Digital2014-03-07 18:59 - 2014-03-07 18:59 - 00000000 ____D () C:\Program Files\Common Files\Western Digital2014-03-07 18:58 - 2012-09-23 21:07 - 00000000 ____D () C:\ProgramData\Western Digital2014-03-07 18:51 - 2013-04-29 15:28 - 00000000 ____D () C:\ProgramData\Package Cache2014-03-07 18:48 - 2014-03-07 18:48 - 36862640 _____ () C:\Users\Matt\Downloads\WD_SmartWare_Installer_2.3.0.20.zip2014-03-07 18:27 - 2014-03-07 18:21 - 00000000 ____D () C:\AdwCleaner2014-03-07 18:20 - 2014-03-07 18:20 - 00930952 _____ (CNET Download.com) C:\Users\Matt\Downloads\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe2014-03-07 18:03 - 2014-03-06 21:56 - 00371512 _____ () C:\Windows\system32\FNTCACHE.DAT2014-03-07 17:55 - 2012-09-20 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-03-07 17:53 - 2013-07-15 12:07 - 00000000 ___RD () C:\Program Files\Skype2014-03-07 17:53 - 2013-07-15 12:07 - 00000000 ____D () C:\ProgramData\Skype2014-03-07 17:51 - 2012-09-21 09:02 - 00001945 _____ () C:\Windows\epplauncher.mif2014-03-07 17:51 - 2012-09-21 09:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client2014-03-07 17:44 - 2013-07-11 10:43 - 00000000 ____D () C:\Windows\system32\MRT2014-03-07 16:57 - 2012-12-03 16:52 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2621633412-1475908225-2326514310-1000Core.job2014-03-07 16:46 - 2014-03-07 16:46 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Intel Corporation2014-03-07 16:46 - 2012-09-20 14:58 - 00000000 ____D () C:\Intel2014-03-07 16:45 - 2012-09-20 14:59 - 00000000 ____D () C:\Program Files\Intel2014-03-07 16:41 - 2014-03-07 16:41 - 10607056 _____ (Hewlett-Packard ) C:\Users\Matt\Downloads\sp47845.exe2014-03-07 16:39 - 2014-03-07 16:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic.diagcab2014-03-07 16:39 - 2014-03-07 16:39 - 00280204 _____ () C:\Users\Matt\Downloads\WindowsUpdateDiagnostic (1).diagcab2014-03-07 16:35 - 2014-03-07 16:34 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86 (1).msu2014-03-07 16:30 - 2012-09-22 18:53 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Spotify2014-03-07 16:25 - 2014-03-07 16:25 - 00347816 _____ (Microsoft Corporation) C:\Users\Matt\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe2014-03-07 15:22 - 2013-03-02 14:24 - 00000000 ____D () C:\ProgramData\DellUpdate2014-03-06 21:58 - 2014-03-06 21:58 - 00100432 _____ () C:\Users\Matt\AppData\Local\GDIPFONTCACHEV1.DAT2014-03-06 21:57 - 2014-03-06 15:10 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job2014-03-06 21:57 - 2014-03-06 15:10 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job2014-03-06 15:12 - 2014-03-06 15:10 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 22014-03-06 15:10 - 2014-03-06 15:10 - 00001958 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-03-06 15:08 - 2014-03-06 15:08 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Matt\Downloads\spybot-2.2.exe2014-03-06 15:06 - 2014-03-06 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-03-06 15:06 - 2014-03-06 14:46 - 00000000 ____D () C:\Users\Matt\Desktop\mbar2014-03-06 14:51 - 2014-03-06 14:51 - 00000104 _____ () C:\Users\Matt\Desktop\Recycle Bin - Shortcut.lnk2014-03-06 14:43 - 2014-03-06 14:43 - 00380416 _____ () C:\Users\Matt\Downloads\8z5w3dui.exe2014-03-06 13:02 - 2012-09-24 16:25 - 00000000 ____D () C:\Users\Matt\AppData\Local\Adobe2014-03-06 13:00 - 2014-03-06 13:00 - 00001892 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk2014-03-06 12:59 - 2014-03-06 12:59 - 00000000 ____D () C:\Program Files\Adobe2014-03-06 12:59 - 2012-09-21 09:03 - 00000000 ____D () C:\ProgramData\Adobe2014-03-06 12:46 - 2014-03-06 12:45 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.exe2014-03-06 12:43 - 2014-03-06 12:43 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.com2014-03-06 11:36 - 2014-03-06 11:36 - 00008560 _____ () C:\Users\Matt\Desktop\Attach_Malwarebytes.txt2014-03-06 11:23 - 2014-03-06 11:22 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.com2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Malwarebytes2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-03-05 19:01 - 2014-03-05 19:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-setup-1.75.0.1300 (1).exe2014-03-05 18:17 - 2014-03-05 18:17 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matt\Downloads\mbam-consumer.exe2014-03-05 17:49 - 2014-03-05 17:48 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds (1).scr2014-03-05 17:44 - 2014-03-05 17:44 - 00688992 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr2014-03-05 16:42 - 2014-03-05 16:42 - 00021232 _____ () C:\Users\Matt\Downloads\Fix WU.zip2014-03-05 16:42 - 2014-03-05 16:42 - 00000000 ____D () C:\Users\Matt\Downloads\Fix WU2014-03-05 16:30 - 2014-03-05 16:30 - 00000044 _____ () C:\Users\Matt\AppData\Roaming\WB.CFG2014-03-05 16:30 - 2014-03-05 16:29 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job2014-03-05 16:28 - 2014-03-05 16:28 - 00668048 _____ ( ) C:\Users\Matt\Downloads\ZipOpenerSetup.exe2014-03-05 15:57 - 2013-03-02 14:32 - 00000000 ____D () C:\ProgramData\ABBYY2014-03-05 13:55 - 2012-09-19 14:33 - 00000000 ___RD () C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-03-05 12:47 - 2012-09-21 18:50 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Apple Computer2014-03-05 12:17 - 2014-01-23 11:10 - 00000000 ____D () C:\Users\Matt\AppData\Local\FBCBC565-3E66-4F6D-84D1-685CEEF89A4E.aplzod2014-03-03 16:56 - 2013-10-22 14:10 - 00000428 _____ () C:\Windows\Tasks\Wise Disk Cleaner Schedule Task.job2014-03-03 16:01 - 2012-09-22 18:54 - 00000000 ____D () C:\Users\Matt\AppData\Local\Spotify2014-03-03 15:10 - 2013-09-13 17:35 - 00000440 _____ () C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job2014-03-01 01:11 - 2014-03-01 01:05 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\WiseUpdate2014-02-27 22:20 - 2014-02-27 22:20 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-02-27 22:20 - 2014-02-27 22:19 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E12014-02-27 22:20 - 2014-02-27 22:19 - 00000000 ____D () C:\Program Files\iTunes2014-02-27 22:19 - 2014-02-27 22:19 - 00000000 ____D () C:\Program Files\iPod2014-02-27 22:19 - 2012-09-21 18:44 - 00000000 ____D () C:\Program Files\Common Files\Apple2014-02-27 22:13 - 2014-02-27 22:13 - 00000000 ____D () C:\Program Files\QuickTime2014-02-27 10:14 - 2012-09-20 16:56 - 00000000 ____D () C:\Users\Matt\Documents\Dissertation2014-02-27 09:40 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\IME2014-02-26 10:30 - 2012-09-21 19:05 - 00000000 ____D () C:\Program Files\CrashPlan2014-02-25 10:52 - 2014-02-25 10:52 - 00000000 ____D () C:\ProgramData\Sun2014-02-25 10:52 - 2014-02-25 10:52 - 00000000 ____D () C:\ProgramData\Oracle2014-02-25 10:52 - 2014-02-25 10:52 - 00000000 ____D () C:\Program Files\Common Files\Java2014-02-25 10:51 - 2014-02-25 10:52 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2014-02-25 10:51 - 2014-02-25 10:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2014-02-25 10:51 - 2014-02-25 10:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe2014-02-25 10:51 - 2014-02-25 10:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll2014-02-25 10:51 - 2014-02-25 10:51 - 00000000 ____D () C:\Program Files\Java2014-02-25 10:50 - 2014-02-25 10:50 - 00921000 _____ (Oracle Corporation) C:\Users\Matt\Downloads\chromeinstall-7u51.exe2014-02-25 00:12 - 2014-02-25 00:11 - 150518130 _____ () C:\Users\Matt\Downloads\Windows6.0-KB947821-v33-x86.msu2014-02-20 00:00 - 2013-09-03 19:57 - 00000000 ____D () C:\Windows\Minidump2014-02-15 12:00 - 2014-02-15 11:59 - 168036333 _____ () C:\Users\Matt\Downloads\De-La-Soul-Is-Dead (1).zip2014-02-15 11:59 - 2014-02-15 11:58 - 160849169 _____ () C:\Users\Matt\Downloads\Stakes-Is-High.zip2014-02-15 01:13 - 2014-02-15 01:11 - 159346091 _____ () C:\Users\Matt\Downloads\3-Feet-High.zip2014-02-15 01:13 - 2014-02-15 01:11 - 114367391 _____ () C:\Users\Matt\Downloads\Buhloone-Mindstate.zip2014-02-15 00:57 - 2014-02-15 00:57 - 00000215 _____ () C:\Users\Matt\Downloads\Valentine's_Day_Promo.vcf2014-02-14 15:00 - 2014-02-14 15:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1.tif2014-02-14 15:00 - 2014-02-14 15:00 - 00073946 _____ () C:\Users\Matt\Downloads\Prynne_William-A_short_demurrer_to_the_Jewes_long-Wing-P4079-1818_24a-p1 (1).tif2014-02-11 10:22 - 2013-01-09 10:32 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Dropbox2014-02-11 10:14 - 2013-01-09 10:42 - 00000000 ___RD () C:\Users\Matt\Dropbox ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legitC:\Windows\system32\winlogon.exe => MD5 is legitC:\Windows\system32\wininit.exe => MD5 is legitC:\Windows\system32\svchost.exe => MD5 is legitC:\Windows\system32\services.exe => MD5 is legitC:\Windows\system32\User32.dll => MD5 is legitC:\Windows\system32\userinit.exe => MD5 is legitC:\Windows\system32\rpcss.dll => MD5 is legitC:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-09 17:34 ==================== End Of Log ============================ Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-03-2014 01Ran by Matt at 2014-03-09 17:53:20 Run:1Running from C:\Users\Matt\DesktopBoot Mode: Normal ============================================== Content of fixlist:*****************startAppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll File Not FoundSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByDyCyEyDyBzyzzzyzy0EyCyBtBtN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1StN1L1G1B1V1N2Y1L1Qzu2StAtA0E0BtB0ByCtBtGyBtBtC0DtG0D0D0AtAtGtByDyByCtGtD0F0ByCzzzytDtDyB0AyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtA0AyE0C0BtC0BtG0EyB0AtAtG0CtC0CzztG0DtDyDzztGtCyByCyE0C0B0AzytAyCzyyB2Q&cr=1757847756&ir=Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No Fileend ***************** "C:\\PROGRA~1\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll" => Value Data removed successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully. ==== End of Fixlog ==== Link to post Share on other sites More sharing options...
Staff CatByte Posted March 10, 2014 Staff ID:801213 Share Posted March 10, 2014 Please run the following: Refer to the ComboFix User's GuideDownload ComboFix from the following location: Link * IMPORTANT !!! Place ComboFix.exe on your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs hereDouble click on ComboFix.exe & follow the prompts.Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.When finished, it shall produce a log for you. Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. ---------------------------------------------------------------------------------------------Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error. Link to post Share on other sites More sharing options...
Willhomes71 Posted March 10, 2014 Author ID:801472 Share Posted March 10, 2014 Hi. I've posted the Combofix log below, but I could not actually save the Combofix program to my desktop, as I was only getting the option of running it (or not via the screen that says "Allow" and "Deny". It did eventually run, scan and reboot, so hopefully this is what you need. ComboFix 14-03-10.01 - Matt 03/10/2014 16:10:10.1.2 - x86Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3545.1280 [GMT -4:00]Running from: c:\users\Matt\Downloads\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\TEMP\jna696531982106247310.dll..((((((((((((((((((((((((( Files Created from 2014-02-10 to 2014-03-10 )))))))))))))))))))))))))))))))..2014-03-10 20:28 . 2014-03-10 20:33 -------- d-----w- c:\users\Matt\AppData\Local\temp2014-03-10 20:28 . 2014-03-10 20:28 -------- d-----w- c:\users\Default\AppData\Local\temp2014-03-10 01:16 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BE3C7F84-F2F9-405B-A1CD-24B793175E9F}\mpengine.dll2014-03-10 00:59 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-03-09 02:55 . 2014-03-09 02:59 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2014-03-09 00:34 . 2014-02-17 18:30 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0224F734-8203-422A-96D7-09ABBAF450D6}\gapaengine.dll2014-03-08 12:42 . 2014-03-08 12:42 -------- d-----w- c:\users\Matt\AppData\Roaming\AVAST Software2014-03-08 12:40 . 2014-03-08 12:39 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys2014-03-08 12:40 . 2014-03-08 12:39 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys2014-03-08 12:40 . 2014-03-08 12:39 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys2014-03-08 12:40 . 2014-03-08 12:39 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys2014-03-08 12:40 . 2014-03-08 12:39 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2014-03-08 12:40 . 2014-03-08 12:39 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys2014-03-08 12:40 . 2014-03-08 12:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2014-03-08 12:40 . 2014-03-08 12:39 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys2014-03-08 12:40 . 2014-03-08 12:38 252592 ----a-w- c:\windows\system32\drivers\aswNdis2.sys2014-03-08 12:40 . 2014-03-08 12:39 270240 ----a-w- c:\windows\system32\aswBoot.exe2014-03-08 12:39 . 2014-03-08 12:39 43152 ----a-w- c:\windows\avastSS.scr2014-03-08 12:38 . 2014-03-08 12:38 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys2014-03-08 12:36 . 2014-03-08 12:36 -------- d-----w- c:\program files\AVAST Software2014-03-08 12:30 . 2014-03-08 12:30 -------- d-----w- c:\programdata\AVAST Software2014-03-08 02:45 . 2014-03-08 02:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2014-03-08 02:45 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2014-03-08 01:11 . 2014-03-09 21:53 -------- d-----w- C:\FRST2014-03-07 22:59 . 2014-03-07 22:59 -------- d-----w- c:\program files\Common Files\Western Digital2014-03-07 22:59 . 2014-03-07 22:59 -------- d-----w- c:\program files\Western Digital2014-03-07 22:21 . 2014-03-07 22:27 -------- d-----w- C:\AdwCleaner2014-03-07 22:21 . 2014-03-07 22:21 -------- d-----w- c:\windows\Migration2014-03-07 21:01 . 2013-10-22 07:19 158208 ----a-w- c:\windows\system32\imagehlp.dll2014-03-07 20:46 . 2014-03-07 20:46 -------- d-----w- c:\users\Matt\AppData\Roaming\Intel Corporation2014-03-07 20:42 . 2009-12-17 15:25 433176 ----a-w- c:\windows\system32\drivers\iaStor.sys2014-03-07 20:42 . 2014-03-07 20:42 -------- d-----w- C:\swsetup2014-03-06 19:10 . 2014-03-10 00:53 -------- d-----w- c:\programdata\Spybot - Search & Destroy2014-03-06 19:10 . 2014-03-10 01:04 -------- d-----w- c:\program files\Spybot - Search & Destroy 22014-03-06 18:53 . 2014-03-06 19:06 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2014-03-06 16:59 . 2014-03-08 12:49 -------- d-----w- c:\program files\Common Files\Adobe2014-03-05 23:02 . 2014-03-05 23:02 -------- d-----w- c:\users\Matt\AppData\Roaming\Malwarebytes2014-03-05 23:02 . 2014-03-05 23:02 -------- d-----w- c:\programdata\Malwarebytes2014-03-01 05:05 . 2014-03-01 05:11 -------- d-----w- c:\users\Matt\AppData\Roaming\WiseUpdate2014-02-28 02:19 . 2014-02-28 02:19 -------- d-----w- c:\program files\iPod2014-02-28 02:19 . 2014-02-28 02:20 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E12014-02-28 02:19 . 2014-02-28 02:20 -------- d-----w- c:\program files\iTunes2014-02-28 02:13 . 2014-02-28 02:13 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll2014-02-28 02:13 . 2014-02-28 02:13 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll2014-02-28 02:13 . 2014-02-28 02:13 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll2014-02-28 02:13 . 2014-02-28 02:13 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll2014-02-28 02:13 . 2014-02-28 02:13 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll2014-02-28 02:13 . 2014-02-28 02:13 -------- d-----w- c:\program files\QuickTime2014-02-25 14:52 . 2014-02-25 14:52 -------- d-----w- c:\programdata\Oracle2014-02-25 14:52 . 2014-02-25 14:52 -------- d-----w- c:\program files\Common Files\Java2014-02-25 14:51 . 2014-02-25 14:51 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2014-02-25 14:51 . 2014-02-25 14:51 -------- d-----w- c:\program files\Java2014-02-25 04:05 . 2014-02-25 04:05 -------- d-----w- c:\users\Matt\AppData\Local\ElevatedDiagnostics...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-02-17 18:30 . 2012-10-02 12:42 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2014-01-19 07:32 . 2012-09-20 18:51 231584 ------w- c:\windows\system32\MpSigStub.exe2014-01-17 21:24 . 2014-01-17 21:24 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx2014-01-17 21:24 . 2014-01-17 21:24 69632 ----a-w- c:\windows\system32\QuickTime.qts..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2014-03-08 12:39 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 131248 ----a-w- c:\users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 131248 ----a-w- c:\users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 131248 ----a-w- c:\users\Matt\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Spotify Web Helper"="c:\users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-12 1171968]"DKADGmon"="c:\program files\Dell V520 Series\DKADGmon.exe" [2012-11-08 951656]"Amazon Cloud Player"="c:\users\Matt\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2013-12-12 3145536]"ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-10-31 59720].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-01-25 278528]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-13 43848]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-12-26 295072]"DKADGmon"="c:\program files\Dell V520 Series\DKADGmon.exe" [2012-11-08 951656]"VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736]"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-21 152392]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-06 483428]"WD Quick View"="c:\program files\Western Digital\WD Quick View\WDDMStatus.exe" [2014-02-28 5545328]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-08 3767096].c:\users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2012-8-16 217088].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]@="Service".S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-03-02 81920]..[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvcLocalServiceAndNoImpersonation REG_MULTI_SZ FontCache.[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-03-04 13:59 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-21 13:06].2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-21 13:06].2014-03-10 c:\windows\Tasks\Wise Disk Cleaner Schedule Task.job- c:\program files\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [2013-09-06 22:57].2014-03-10 c:\windows\Tasks\Wise Registry Cleaner Schedule Task.job- c:\program files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2013-09-13 15:34]..------- Supplementary Scan -------.uInternet Settings,ProxyOverride = *.localuInternet Settings,ProxyServer = localhost:8080TCP: DhcpNameServer = 192.168.1.1.- - - - ORPHANS REMOVED - - - -.SafeBoot-WudfPfSafeBoot-WudfRd...**************************************************************************scanning hidden processes ... .scanning hidden autostart entries ... .scanning hidden files ... .scan completed successfullyhidden files: .**************************************************************************.------------------------ Other Running Processes ------------------------.c:\program files\Microsoft Security Client\MsMpEng.exec:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exec:\program files\AVAST Software\Avast\AvastSvc.exec:\windows\system32\WLANExt.exec:\program files\AVAST Software\Avast\afwServ.exec:\program files\Google\Update\1.3.22.5\GoogleCrashHandler.exec:\program files\Common Files\Adobe\ARM\1.0\armsvc.exec:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files\Bonjour\mDNSResponder.exec:\program files\CrashPlan\CrashPlanService.exec:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exec:\program files\Malwarebytes' Anti-Malware\mbamservice.exec:\program files\Microsoft LifeCam\MSCamS32.exec:\program files\RealNetworks\RealDownloader\rndlresolversvc.exec:\program files\Malwarebytes' Anti-Malware\mbamgui.exec:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exec:\program files\Western Digital\WD Drive Manager\WDDriveService.exec:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exec:\windows\system32\igfxsrvc.exec:\program files\Western Digital\WD SmartWare\WDBackupEngine.exec:\program files\DellTPad\ApMsgFwd.exec:\program files\Microsoft Office\Office14\ONENOTEM.EXEc:\program files\DellTPad\Apntex.exec:\program files\DellTPad\HidFind.exec:\program files\iPod\bin\iPodService.exec:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exec:\\?\c:\windows\system32\wbem\WMIADAP.EXEc:\windows\servicing\TrustedInstaller.exe.**************************************************************************.Completion time: 2014-03-10 16:38:58 - machine was rebootedComboFix-quarantined-files.txt 2014-03-10 20:38.Pre-Run: 155,686,686,720 bytes freePost-Run: 155,519,418,368 bytes free.- - End Of File - - B879F85A3C213C07DAEFBAAEB2E061075C616939100B85E558DA92B899A0FC36 Link to post Share on other sites More sharing options...
Staff CatByte Posted March 10, 2014 Staff ID:801483 Share Posted March 10, 2014 Hello, Running two antivirus programs can cause system slowdowns, conflicts and crashes so I recommend removing one of them: AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} Please run the following: Please download Junkware Removal Tool to your desktop.Shutdown your antivirus to avoid any conflicts.Right-mouse click JRT.exe and select Run as administratorThe tool will open and start scanning your system.Please be patient as this can take a while to complete.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message NEXT Download AdwCleaner from here and save it to your desktop.Run AdwCleaner and select ScanIf items are found, please select the Clean buttonOnce done it will ask to reboot, allow the rebootOn reboot a log will be produced, please attach the content of the log to your next reply Link to post Share on other sites More sharing options...
Willhomes71 Posted March 11, 2014 Author ID:801833 Share Posted March 11, 2014 I uninstalled Avast! Here are the two reports, and thanks again for helping me. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.2 (02.20.2014:1)OS: Windows Vista Home Basic x86Ran by Matt on Tue 03/11/2014 at 10:29:00.27~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] qknfd Successfully deleted: [service] qknfd ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproductsSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} ~~~ Files Successfully deleted: [File] "C:\Windows\Tasks\wise registry cleaner schedule task.job" ~~~ Folders ~~~ Chrome Successfully deleted: [Folder] C:\Users\Matt\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Tue 03/11/2014 at 10:33:38.75End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.021 - Report created 11/03/2014 at 10:39:25# Updated 10/03/2014 by Xplode# Operating System : Windows Vista Home Basic Service Pack 2 (32 bits)# Username : Matt - MATT-PC# Running from : C:\Users\Matt\Downloads\adwcleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmljFolder Deleted : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eiimolhnbbbdagljikeckdkldgemmmljKey Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\Software\caphyonKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16533 -\\ Google Chrome v33.0.1750.146 [ File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3870 octets] - [07/03/2014 18:21:29]AdwCleaner[R1].txt - [2147 octets] - [11/03/2014 10:38:20]AdwCleaner[s0].txt - [683 octets] - [07/03/2014 18:27:42]AdwCleaner[s1].txt - [2094 octets] - [11/03/2014 10:39:25] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2154 octets] ########## Link to post Share on other sites More sharing options...
Staff CatByte Posted March 11, 2014 Staff ID:801861 Share Posted March 11, 2014 looks good, let's do a sweep for any leftovers, please do the following;Please open your MalwareBytes AntiMalware ProgramClick the Update Tab and search for updatesIf an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish, so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected. <-- very importantWhen disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. NEXT Go here to run an online scanner from ESET.Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activeX control to installClick StartMake sure that the option Remove found threats is unticked and the Scan Archives option is ticked.Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.Click ScanWait for the scan to finishWhen the scan completes, if it shows a screen that says "Threats found!", then click "List of found threats" buttonPress EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktopInclude the contents of this report in your next reply.Press the BACK button.Press Finish Link to post Share on other sites More sharing options...
Willhomes71 Posted March 11, 2014 Author ID:801954 Share Posted March 11, 2014 Here they are. Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2014.03.11.08 Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421Matt :: MATT-PC [administrator] Protection: Enabled 3/11/2014 11:51:01 AMmbam-log-2014-03-11 (11-51-01).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 223823Time elapsed: 9 minute(s), 46 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) C:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_0\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_0\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_1\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_1\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_10\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_10\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_11\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_11\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_2\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_2\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_3\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_3\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_4\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_4\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_5\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_5\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_6\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_6\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_7\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_7\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_8\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_8\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_9\background.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_9\content.js.vir Win32/BrowseFox.B potentially unwanted applicationC:\Users\Matt\Downloads\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe a variant of Win32/CNETInstaller.B potentially unwanted applicationC:\Users\Matt\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationC:\Users\Matt\Downloads\ZipOpenerSetup.exe a variant of Win32/InstallCore.KT potentially unwanted applicationC:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application Link to post Share on other sites More sharing options...
Staff CatByte Posted March 12, 2014 Staff ID:802431 Share Posted March 12, 2014 Please do the following: Navigate to the following installer files in your downloads folder > right click and delete them: C:\Users\Matt\Downloads\cbsidlm-cbsi183-AdwCleaner-SEO-75851221.exe C:\Users\Matt\Downloads\Shockwave_Installer_Slim.exe C:\Users\Matt\Downloads\ZipOpenerSetup.exe The rest of what was detected by ESET is in quarantine already. Please advise how the computer is running now and if there are any outstanding issues. Link to post Share on other sites More sharing options...
Willhomes71 Posted March 12, 2014 Author ID:802446 Share Posted March 12, 2014 I deleted those three files. Does the ESET quarantine need to be emptied or deleted? Otherwise, the computer is working a lot better. I've run MWB and Microsoft Essentials and there is no indication of infection. Should I delete the scan software (FRST, JST, Adware Cleaner)? Thanks again. Link to post Share on other sites More sharing options...
Staff CatByte Posted March 12, 2014 Staff ID:802455 Share Posted March 12, 2014 Those files are in the adwCleaner quarantine which you can delete C:\AdwCleaner\Quarantine we just need to clean up our tools: You can delete the DDS, FRST and JRT logs and programs from your desktop. NEXT Follow these steps to uninstall Combofix Make sure your security programs are totally disabled.Press the WinKey +R to open a run boxNow copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there. NEXTDouble click on adwcleaner.exe to run the tool.Click on Uninstall.Confirm with yes.If there are any logs/tools remaining on your desktop > right click and delete them. NEXT Below I have included a number of recommendations for how to protect your computer against malware infections.It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.Keep Windows updated by regularly checking their website at : http://windowsupdate.microsoft.com/ This will ensure your computer has always the latest security updates available installed on your computer.Make Internet Explorer more secureClick Start > RunType Inetcpl.cpl & click OKClick on the Security tabClick Reset all zones to default levelMake sure the Internet Zone is selected & Click Custom levelIn the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".Next Click OK, then Apply button and then OK to exit the Internet Properties page.Download TFC to your desktopClose any open windows.Double click the TFC icon to run the programTFC will close all open programs itself in order to run,Click the Start button to begin the process.Allow TFC to run uninterrupted.The program should not take long to finish it's jobOnce its finished it should automatically reboot your machine,if it doesn't, manually reboot to ensure a complete cleanIt's normal after running TFC cleaner that the PC will be slower to boot the first time. WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:Green to goYellow for cautionRed to stopWOT has an addon available for Chrome, Firefox and IEAdblockPlusAdblockPlus, Surf the web without annoying ads!Blocks banners, pop-ups and video ads - even on Facebook and YouTubeProtects your online privacyTwo-click installation, It's free!click the icon that corresponds to your browser and download.Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles: PC Safety and Security--What Do I Need?.Simple and easy ways to keep your computer safe and secure on the InternetThank you for your patience, and performing all of the procedures requested. Please respond one last time so we can consider the thread resolved and close it, thank-you. Link to post Share on other sites More sharing options...
Willhomes71 Posted March 13, 2014 Author ID:802559 Share Posted March 13, 2014 Excellent. I uninstalled the previous scan applications, deleted the logs and ran TFC with no issues; it deleted tons of files, which is good. I added the AdBlock and WOT extensions and will look into the others. Thanks again; I really, really appreciate it. Link to post Share on other sites More sharing options...
Staff CatByte Posted March 13, 2014 Staff ID:802567 Share Posted March 13, 2014 you are welcome stay safe ~CB Link to post Share on other sites More sharing options...
Staff CatByte Posted March 13, 2014 Staff ID:802568 Share Posted March 13, 2014 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts