Go Back   Cyber Tech Help Support Forums > Software > Malware Removal Forum

Notices

Reply
 
Topic Tools
  #16  
Old October 14th, 2013, 06:36 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,425
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.



Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check
  • Click the button.
  • Accept any security warnings from your browser.
  • Check
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push
  • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the button.
  • Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt


Also please post back with a fresh FRST logfile and tell me how the system is running.
Reply With Quote


  #17  
Old October 14th, 2013, 10:57 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
Already have Malwarebytes and have run it. Its not loaded to the desktop - does that matter?
Reply With Quote
  #18  
Old October 15th, 2013, 06:20 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,425
no
Reply With Quote
  #19  
Old October 15th, 2013, 08:36 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
MBAM scan clear - but I have been running it and removed some PUPs...

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.14.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Phil :: PHILLIP [administrator]

15/10/2013 20:31:07
mbam-log-2013-10-15 (20-31-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 200030
Time elapsed: 3 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Reply With Quote
  #20  
Old October 15th, 2013, 08:44 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
# AdwCleaner v3.007 - Report created 15/10/2013 at 20:40:14
# Updated 09/10/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Phil - PHILLIP
# Running from : C:\Users\Phil\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Phil\AppData\Roaming\digitalsite
File Deleted : C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\invalidprefs.js
File Deleted : C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\searchplugins\searchgol.xml
File Deleted : C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\user.js
File Deleted : C:\windows\Tasks\digitalsite.job
File Deleted : C:\windows\System32\Tasks\digitalsite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\prefs.js ]

Line Deleted : user_pref("CT3299872.embeddedsData", "[{\"appId\":\"130116395078024690\",\"apiPermissions \":{\"crossDomainAjax\":true,\"getMainFrameTitle\" :true,\"getMainFrameUrl\":true,\"getSearchTerm\":t rue,\"insta[...]
Line Deleted : user_pref("CT3299872_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1381521849396,\"isWithState\":\ "\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("extensions.searchgol.admin", false);
Line Deleted : user_pref("extensions.searchgol.aflt", "babsst");
Line Deleted : user_pref("extensions.searchgol.appId", "{4277F7CF-0000-46CF-BA49-D624465C4BAB}");
Line Deleted : user_pref("extensions.searchgol.autoRvrt", "false");
Line Deleted : user_pref("extensions.searchgol.dfltLng", "en");
Line Deleted : user_pref("extensions.searchgol.excTlbr", false);
Line Deleted : user_pref("extensions.searchgol.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.searchgol.id", "6e06af6300000000000024fd52f9412f");
Line Deleted : user_pref("extensions.searchgol.instlDay", "15989");
Line Deleted : user_pref("extensions.searchgol.instlRef", "sst");
Line Deleted : user_pref("extensions.searchgol.newTab", false);
Line Deleted : user_pref("extensions.searchgol.prdct", "searchgol");
Line Deleted : user_pref("extensions.searchgol.prtnrId", "searchgol");
Line Deleted : user_pref("extensions.searchgol.rvrt", "false");
Line Deleted : user_pref("extensions.searchgol.smplGrp", "none");
Line Deleted : user_pref("extensions.searchgol.tlbrId", "base");
Line Deleted : user_pref("extensions.searchgol.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.searchgol.vrsn", "1.8.16.19");
Line Deleted : user_pref("extensions.searchgol.vrsnTs", "1.8.16.1921:57:09");
Line Deleted : user_pref("extensions.searchgol.vrsni", "1.8.16.19");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);
Line Deleted : user_pref("smartbar.machineId", "GU8PE6/ZMYJDWDJTQERNMXK0ISDHGD2HYV+OIQN7KSF8M6P87PD9L/5DDUXOCF7XB7O2MUONDEOILGQHYY+MVG");

*************************

AdwCleaner[R0].txt - [3343 octets] - [17/09/2013 18:38:26]
AdwCleaner[R1].txt - [3403 octets] - [17/09/2013 18:42:28]
AdwCleaner[R2].txt - [4052 octets] - [15/10/2013 20:38:03]
AdwCleaner[R3].txt - [4112 octets] - [15/10/2013 20:39:34]
AdwCleaner[S0].txt - [3388 octets] - [17/09/2013 18:43:43]
AdwCleaner[S1].txt - [3953 octets] - [15/10/2013 20:40:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4013 octets] ##########
Reply With Quote
  #21  
Old October 15th, 2013, 10:02 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
FRST part 1

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Phil (administrator) on PHILLIP on 15-10-2013 21:58:19
Running from C:\Users\Phil\Downloads
Windows 8 (X64) OS Language: English(UK)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_Activ eX.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] - C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Phil\AppData\Roaming\Spotify\Data\Spotify WebHelper.exe [1104384 2013-09-02] (Spotify Ltd)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] - C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] - c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Phil\AppData\Roaming\Dropbox\bin\Dropbox. exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
SearchScopes: HKLM - DefaultScope {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ATMJS
SearchScopes: HKLM - {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ATMJS
SearchScopes: HKLM-x32 - {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ATMJS
SearchScopes: HKCU - DefaultScope {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL =
SearchScopes: HKCU - {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Winsock: Catalog5 08 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5 09 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5-x64 08 C:\windows\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\windows\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_80 0_168.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_80 0_168.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\windows\SysWOW64\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp .dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116240 2013-01-04] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [x]

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-02] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-15 20:50 - 2013-10-15 20:50 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-15 20:37 - 2013-10-15 20:37 - 01048960 _____ C:\Users\Phil\Downloads\adwcleaner.exe
2013-10-14 10:52 - 2013-10-14 10:53 - 00086451 _____ C:\Users\Phil\Desktop\FRST.txt
2013-10-14 10:51 - 2013-10-14 10:52 - 00021656 _____ C:\Users\Phil\Desktop\Addition.txt
2013-10-14 10:49 - 2013-10-14 10:49 - 01954124 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2013-10-14 10:45 - 2013-10-14 10:45 - 01087213 _____ (Farbar) C:\Users\Phil\Downloads\FRST.exe
2013-10-14 10:40 - 2013-10-14 10:45 - 01954124 _____ (Farbar) C:\Users\Phil\Downloads\FRST64.exe
2013-10-13 20:46 - 2013-10-13 20:46 - 00334735 _____ C:\Users\Phil\Downloads\Halfords Wipers Confirmation.htm
2013-10-13 20:46 - 2013-10-13 20:46 - 00000000 ____D C:\Users\Phil\Downloads\Halfords Wipers Confirmation_files
2013-10-13 13:08 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2013-10-13 13:08 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2013-10-13 13:08 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2013-10-13 13:08 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2013-10-13 13:08 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2013-10-13 13:08 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2013-10-13 13:08 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-10-13 13:07 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-10-13 13:07 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-10-13 13:07 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-10-13 13:07 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-10-13 13:07 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-10-13 13:07 - 2013-08-02 07:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-10-13 13:07 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-10-13 13:07 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-10-13 13:07 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-10-13 13:07 - 2013-08-02 06:06 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-10-13 13:07 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-10-13 13:07 - 2013-07-31 00:30 - 00386923 _____ C:\windows\system32\ApnDatabase.xml
2013-10-13 13:07 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2013-10-13 13:07 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2013-10-13 13:07 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2013-10-13 13:07 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2013-10-11 22:23 - 2013-10-11 22:23 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Harmony Assistant
2013-10-11 22:21 - 2013-10-11 22:21 - 24013216 _____ (Myriad) C:\Users\Phil\Downloads\harmony963i-install.exe
2013-10-11 22:19 - 2013-10-11 22:19 - 00001300 _____ C:\Users\Phil\Documents\cc_20131011_221922.reg
2013-10-11 22:17 - 2013-10-11 22:17 - 00367872 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-11 22:09 - 2013-10-11 22:09 - 00016682 _____ C:\Users\Phil\Documents\cc_20131011_220941.reg
2013-10-11 22:08 - 2013-10-11 22:08 - 04369632 _____ (Piriform Ltd) C:\Users\Phil\Downloads\ccsetup406.exe
2013-10-11 21:55 - 2013-10-11 21:55 - 00000000 ____D C:\Users\Phil\AppData\Roaming\TuneUp Software
2013-10-11 21:54 - 2013-10-11 21:56 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 ____D C:\Users\Phil\Desktop\Video
2013-10-11 21:53 - 2013-10-11 21:54 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DVDVideoSoft
2013-10-11 21:53 - 2013-10-11 21:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-11 20:37 - 2013-10-11 20:41 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-10 17:45 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-10 17:45 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-10 17:45 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-10 17:45 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-10 17:45 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-10 17:45 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-10 17:45 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-10 17:45 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-10 17:45 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-10-10 17:45 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-10-10 17:45 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-10 17:45 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-10 17:45 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-10-10 17:45 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-10 17:44 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-10 17:44 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2013-10-10 17:44 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNativ e_v0300.dll
2013-10-10 17:44 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-10 17:44 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-10-10 17:44 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-10-10 17:44 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-10-10 17:44 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-10-10 17:44 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-10 17:44 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-10 17:44 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-10 17:44 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-10 17:44 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-10 17:44 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-10 17:44 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-10 17:44 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-10 17:44 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-10 17:44 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-10 17:44 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-09 11:31 - 2013-10-09 11:31 - 00000794 _____ C:\windows\setupact.log
2013-10-09 11:31 - 2013-10-09 11:31 - 00000000 _____ C:\windows\setuperr.log
2013-10-08 20:59 - 2013-10-08 20:59 - 00000000 ____D C:\FRST
2013-10-07 18:42 - 2013-10-15 10:26 - 00000000 ____D C:\Users\Phil\Documents\CCLI data
2013-10-03 21:00 - 2013-10-03 21:00 - 00001011 _____ C:\Users\Phil\Desktop\Dropbox.lnk
2013-10-03 20:58 - 2013-10-03 20:59 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Dropbox
2013-10-03 20:42 - 2013-10-14 15:12 - 00000000 ___RD C:\Users\Phil\Dropbox
2013-10-03 20:39 - 2013-10-14 17:41 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Dropbox
2013-10-03 20:38 - 2013-10-03 20:39 - 35282952 _____ (Dropbox, Inc.) C:\Users\Phil\Downloads\Dropbox 2.4.0.exe
2013-10-03 10:41 - 2013-10-11 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 18:15 - 2013-10-01 18:15 - 00068322 _____ C:\Users\Phil\Documents\Public Rights of Way problem report.htm
2013-10-01 18:15 - 2013-10-01 18:15 - 00000000 ____D C:\Users\Phil\Documents\Public Rights of Way problem report_files
2013-09-27 19:59 - 2013-09-27 20:00 - 00252416 _____ C:\Users\Phil\Documents\Copy of projection-and-transformation-calculations.xls
2013-09-21 19:17 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-09-17 18:38 - 2013-10-15 20:40 - 00000000 ____D C:\AdwCleaner
2013-09-17 18:07 - 2012-11-20 06:24 - 01164800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
2013-09-17 18:07 - 2012-11-20 06:17 - 01184256 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2013-09-17 18:07 - 2012-11-20 06:02 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDKURD.DLL
2013-09-17 18:07 - 2012-11-20 05:59 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDKURD.DLL
2013-09-17 18:07 - 2012-10-24 05:54 - 00396008 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2013-09-17 18:07 - 2012-10-12 07:13 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\dskquota.dll
2013-09-17 18:07 - 2012-10-12 06:39 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\dskquota.dll
2013-09-17 18:06 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-09-17 18:06 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-09-17 18:06 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-09-17 18:06 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-09-17 18:06 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-09-17 18:06 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-09-17 18:06 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-09-17 18:06 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-09-17 18:06 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-09-17 18:06 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-09-17 18:06 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-09-17 18:06 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-09-17 18:06 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-09-17 18:06 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-09-17 18:06 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-09-17 18:06 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-09-17 18:06 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-09-17 18:06 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-09-17 18:06 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-09-17 18:06 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-09-17 18:06 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-09-17 18:06 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-09-17 18:06 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-09-17 18:06 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-09-17 18:06 - 2012-10-17 05:32 - 01172992 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2013-09-17 18:06 - 2012-10-17 05:32 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2013-09-17 18:06 - 2012-10-17 05:32 - 00673280 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2013-09-17 18:06 - 2012-10-17 04:57 - 00929792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2013-09-17 18:06 - 2012-10-17 04:57 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2013-09-17 18:06 - 2012-10-17 04:57 - 00513024 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2013-09-17 18:05 - 2013-05-04 08:58 - 00120736 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2013-09-17 18:05 - 2013-05-04 08:34 - 00284416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2013-09-17 18:05 - 2013-05-04 07:59 - 13644288 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-09-17 18:05 - 2013-05-04 07:59 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2013-09-17 18:05 - 2013-05-04 07:59 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2013-09-17 18:05 - 2013-05-04 07:58 - 01332736 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00470528 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00330240 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 01131520 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00501760 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00389120 _____ (Microsoft Corporation) C:\windows\system32\BCP47Langs.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2013-09-17 18:05 - 2013-05-04 07:56 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2013-09-17 18:05 - 2013-05-04 05:58 - 00758784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2013-09-17 18:05 - 2013-05-04 05:57 - 10788864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 00449536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
Reply With Quote
  #22  
Old October 15th, 2013, 10:03 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
FRST PArt 2

2013-09-17 18:05 - 2013-05-04 05:56 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\BCP47Langs.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2013-09-17 18:05 - 2013-05-04 05:55 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2013-09-17 18:05 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\windows\system32\rars.rs
2013-09-17 18:05 - 2013-05-04 05:48 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2013-09-17 18:05 - 2013-05-04 05:47 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2013-09-17 18:05 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\windows\SysWOW64\rars.rs
2013-09-17 18:04 - 2013-05-31 00:24 - 01257472 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-09-17 18:04 - 2013-05-31 00:08 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-09-17 18:04 - 2013-05-15 03:25 - 00888320 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2013-09-17 18:04 - 2013-05-15 03:25 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2013-09-17 18:04 - 2013-05-15 03:24 - 00793088 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2013-09-17 18:04 - 2013-05-15 03:24 - 00482816 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2013-09-17 18:03 - 2013-03-02 11:57 - 00332520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2013-09-17 18:03 - 2013-03-02 11:57 - 00077544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storahci.sys
2013-09-17 18:03 - 2013-03-02 11:45 - 00148712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-09-17 18:03 - 2013-03-02 11:39 - 00495336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2013-09-17 18:03 - 2013-03-02 09:23 - 01338880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authenticatio n.OnlineId.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncInfo.dll
2013-09-17 18:03 - 2013-03-02 09:22 - 05091840 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2013-09-17 18:03 - 2013-03-02 09:22 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2013-09-17 18:03 - 2013-03-02 09:21 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2013-09-17 18:03 - 2013-03-02 09:21 - 00145408 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2013-09-17 18:03 - 2013-03-02 09:21 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevDispItemProvider.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 01149952 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authenticatio n.OnlineId.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\fsquirt.exe
2013-09-17 18:03 - 2013-03-02 03:45 - 00180224 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\TimeBrokerServer.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\WSDPrintProxy.DLL
2013-09-17 18:03 - 2013-03-02 03:44 - 05978624 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\NdisImPlatform.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\DevDispItemProvider.dll
2013-09-17 18:03 - 2013-03-02 03:43 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2013-09-17 18:03 - 2013-03-02 03:15 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2013-09-17 18:03 - 2013-03-01 05:56 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys
2013-09-17 18:03 - 2013-03-01 05:56 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys
2013-09-17 18:03 - 2013-03-01 05:55 - 01175040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2013-09-17 18:01 - 2013-09-17 18:01 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-17 18:01 - 2013-09-17 18:01 - 00000000 ____D C:\ProgramData\Oracle
2013-09-17 17:59 - 2013-04-09 06:33 - 00489576 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2013-09-17 17:59 - 2013-04-09 06:33 - 00446792 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2013-09-17 17:59 - 2013-04-09 06:33 - 00253544 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2013-09-17 17:59 - 2013-04-09 06:20 - 00306952 _____ (Microsoft Corporation) C:\windows\system32\kd_02_10ec.dll
2013-09-17 17:59 - 2013-04-09 06:17 - 01829408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-09-17 17:59 - 2013-04-09 05:52 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2013-09-17 17:59 - 2013-04-09 05:52 - 00804352 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2013-09-17 17:59 - 2013-04-09 05:52 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2013-09-17 17:59 - 2013-04-09 05:51 - 14267904 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 03552768 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 00456704 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-09-17 17:59 - 2013-04-09 05:50 - 02107904 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2013-09-17 17:59 - 2013-04-09 05:50 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2013-09-17 17:59 - 2013-04-09 05:50 - 00435200 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2013-09-17 17:59 - 2013-04-09 05:50 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 01444864 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\fhengine.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2013-09-17 17:59 - 2013-04-09 05:48 - 00169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2013-09-17 17:59 - 2013-04-09 03:33 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2013-09-17 17:59 - 2013-04-09 03:32 - 00805376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2013-09-17 17:59 - 2013-04-09 00:39 - 01408896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-09-17 17:59 - 2013-04-09 00:37 - 00426024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2013-09-17 17:59 - 2013-04-09 00:37 - 00324368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2013-09-17 17:59 - 2013-04-08 22:52 - 11878912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2013-09-17 17:59 - 2013-04-08 22:52 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2013-09-17 17:59 - 2013-04-08 22:52 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2013-09-17 17:59 - 2013-04-08 22:51 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAudDecMFT.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00659456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-09-17 17:59 - 2013-04-05 00:30 - 00503080 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2013-09-17 17:59 - 2013-03-15 23:05 - 00298456 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2013-09-17 17:59 - 2013-03-15 23:05 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2013-09-17 17:59 - 2013-03-02 03:43 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2013-09-17 17:58 - 2013-04-09 06:20 - 00086280 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2013-09-17 17:58 - 2013-04-09 06:18 - 00077960 _____ (Microsoft Corporation) C:\windows\system32\kdvm.dll
2013-09-17 17:58 - 2013-04-09 05:52 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2013-09-17 17:58 - 2013-04-09 05:52 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2013-09-17 17:58 - 2013-04-09 05:51 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00745984 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\GenuineCenter.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2013-09-17 17:58 - 2013-04-09 05:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2013-09-17 17:58 - 2013-04-09 05:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\fmifs.dll
2013-09-17 17:58 - 2013-04-09 03:34 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2013-09-17 17:58 - 2013-04-09 03:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2013-09-17 17:58 - 2013-04-09 03:31 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2013-09-17 17:58 - 2013-04-09 03:31 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2013-09-17 17:58 - 2013-04-09 00:44 - 00123880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2013-09-17 17:58 - 2013-04-08 22:52 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2013-09-17 17:58 - 2013-04-08 22:52 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2013-09-17 17:58 - 2013-04-08 22:51 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\fmifs.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2013-09-17 17:58 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2013-09-17 15:19 - 2013-09-17 17:52 - 00000000 ____D C:\Users\Phil\AppData\Roaming\QuickScan
2013-09-17 13:52 - 2013-09-17 13:54 - 89939216 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\msert.exe
2013-09-17 13:11 - 2013-10-15 20:40 - 01425738 _____ C:\windows\WindowsUpdate.log
2013-09-17 13:10 - 2013-10-14 13:15 - 00036732 _____ C:\windows\PFRO.log
2013-09-17 13:02 - 2013-09-17 18:05 - 00000075 _____ C:\DiskDefrag.log
2013-09-17 13:02 - 2013-09-17 18:05 - 00000000 ____D C:\Users\Phil\AppData\Roaming\GlarySoft
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\windows\en
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-09-15 22:04 - 2013-09-15 22:05 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-09-15 22:03 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2013-09-15 22:03 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2013-09-15 22:03 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2013-09-15 22:03 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2013-09-15 22:03 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2013-09-15 22:03 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2013-09-15 22:03 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2013-09-15 22:03 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2013-09-15 20:19 - 2013-09-20 20:10 - 00000000 ____D C:\Users\Phil\AppData\Local\Windows Live
2013-09-15 20:08 - 2013-09-15 20:11 - 00000000 ___RD C:\windows\BrowserChoice

==================== One Month Modified Files and Folders =======

2013-10-15 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-10-15 20:50 - 2013-10-15 20:50 - 00000000 ____D C:\Program Files (x86)\ESET
2013-10-15 20:43 - 2013-08-30 21:44 - 00000000 ___RD C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup
2013-10-15 20:43 - 2013-08-30 21:44 - 00000000 ___RD C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Administrative Tools
2013-10-15 20:42 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-15 20:41 - 2012-07-26 06:26 - 00786432 ___SH C:\windows\system32\config\BBI
2013-10-15 20:40 - 2013-09-17 18:38 - 00000000 ____D C:\AdwCleaner
2013-10-15 20:40 - 2013-09-17 13:11 - 01425738 _____ C:\windows\WindowsUpdate.log
2013-10-15 20:40 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-10-15 20:37 - 2013-10-15 20:37 - 01048960 _____ C:\Users\Phil\Downloads\adwcleaner.exe
2013-10-15 10:41 - 2013-09-11 17:01 - 00000000 ____D C:\ProgramData\CopyReport4
2013-10-15 10:26 - 2013-10-07 18:42 - 00000000 ____D C:\Users\Phil\Documents\CCLI data
2013-10-14 17:41 - 2013-10-03 20:39 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Dropbox
2013-10-14 15:12 - 2013-10-03 20:42 - 00000000 ___RD C:\Users\Phil\Dropbox
2013-10-14 14:50 - 2013-08-30 23:09 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Mp3tag
2013-10-14 14:46 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Audacity
2013-10-14 14:45 - 2013-09-02 12:58 - 00000000 ____D C:\Users\Phil\Documents\Audio
2013-10-14 14:39 - 2012-07-26 08:28 - 00848230 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-14 13:15 - 2013-09-17 13:10 - 00036732 _____ C:\windows\PFRO.log
2013-10-14 10:53 - 2013-10-14 10:52 - 00086451 _____ C:\Users\Phil\Desktop\FRST.txt
2013-10-14 10:52 - 2013-10-14 10:51 - 00021656 _____ C:\Users\Phil\Desktop\Addition.txt
2013-10-14 10:49 - 2013-10-14 10:49 - 01954124 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2013-10-14 10:45 - 2013-10-14 10:45 - 01087213 _____ (Farbar) C:\Users\Phil\Downloads\FRST.exe
2013-10-14 10:45 - 2013-10-14 10:40 - 01954124 _____ (Farbar) C:\Users\Phil\Downloads\FRST64.exe
2013-10-14 08:42 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-10-13 22:09 - 2013-09-05 17:03 - 00007599 _____ C:\Users\Phil\AppData\Local\Resmon.ResmonCfg
2013-10-13 21:14 - 2013-08-30 23:10 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Spotify
2013-10-13 20:46 - 2013-10-13 20:46 - 00334735 _____ C:\Users\Phil\Downloads\Halfords Wipers Confirmation.htm
2013-10-13 20:46 - 2013-10-13 20:46 - 00000000 ____D C:\Users\Phil\Downloads\Halfords Wipers Confirmation_files
2013-10-13 16:22 - 2013-08-30 23:18 - 00000000 ____D C:\Users\Phil\AppData\Local\Spotify
2013-10-12 17:51 - 2013-09-07 16:29 - 00000000 ____D C:\Users\Phil\Documents\My bb
2013-10-11 22:42 - 2013-08-30 21:52 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1700735764-1372277227-1461843278-1001
2013-10-11 22:23 - 2013-10-11 22:23 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Harmony Assistant
2013-10-11 22:23 - 2013-08-31 08:15 - 00000000 ____D C:\Program Files (x86)\Harmony Assistant
2013-10-11 22:21 - 2013-10-11 22:21 - 24013216 _____ (Myriad) C:\Users\Phil\Downloads\harmony963i-install.exe
2013-10-11 22:19 - 2013-10-11 22:19 - 00001300 _____ C:\Users\Phil\Documents\cc_20131011_221922.reg
2013-10-11 22:17 - 2013-10-11 22:17 - 00367872 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-11 22:09 - 2013-10-11 22:09 - 00016682 _____ C:\Users\Phil\Documents\cc_20131011_220941.reg
2013-10-11 22:09 - 2013-09-11 12:40 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-11 22:09 - 2013-09-11 12:40 - 00000000 ____D C:\Program Files\CCleaner
2013-10-11 22:08 - 2013-10-11 22:08 - 04369632 _____ (Piriform Ltd) C:\Users\Phil\Downloads\ccsetup406.exe
2013-10-11 21:56 - 2013-10-11 21:54 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 21:55 - 2013-10-11 21:55 - 00000000 ____D C:\Users\Phil\AppData\Roaming\TuneUp Software
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 ____D C:\Users\Phil\Desktop\Video
2013-10-11 21:54 - 2013-10-11 21:53 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DVDVideoSoft
2013-10-11 21:53 - 2013-10-11 21:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-11 20:51 - 2013-08-30 22:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 20:50 - 2013-09-14 11:03 - 00000000 ____D C:\windows\system32\MRT
2013-10-11 20:49 - 2013-09-14 11:03 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-11 20:41 - 2013-10-11 20:37 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-11 20:37 - 2013-10-03 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-11 20:33 - 2013-08-30 21:55 - 00000000 ____D C:\Users\Phil\AppData\Local\Thunderbird
2013-10-11 17:01 - 2013-08-31 08:17 - 00000000 ____D C:\Users\Phil\AppData\Roaming\ACAMPREF
2013-10-09 11:31 - 2013-10-09 11:31 - 00000794 _____ C:\windows\setupact.log
2013-10-09 11:31 - 2013-10-09 11:31 - 00000000 _____ C:\windows\setuperr.log
2013-10-08 20:59 - 2013-10-08 20:59 - 00000000 ____D C:\FRST
2013-10-05 22:06 - 2013-08-30 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-03 21:00 - 2013-10-03 21:00 - 00001011 _____ C:\Users\Phil\Desktop\Dropbox.lnk
2013-10-03 20:59 - 2013-10-03 20:58 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Dropbox
2013-10-03 20:42 - 2013-08-30 21:43 - 00000000 ____D C:\Users\Phil
2013-10-03 20:39 - 2013-10-03 20:38 - 35282952 _____ (Dropbox, Inc.) C:\Users\Phil\Downloads\Dropbox 2.4.0.exe
2013-10-03 10:44 - 2013-08-30 22:46 - 00000000 ____D C:\Users\Phil\AppData\Local\Mozilla
2013-10-02 02:38 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 02:38 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 18:15 - 2013-10-01 18:15 - 00068322 _____ C:\Users\Phil\Documents\Public Rights of Way problem report.htm
2013-10-01 18:15 - 2013-10-01 18:15 - 00000000 ____D C:\Users\Phil\Documents\Public Rights of Way problem report_files
2013-09-27 20:00 - 2013-09-27 19:59 - 00252416 _____ C:\Users\Phil\Documents\Copy of projection-and-transformation-calculations.xls
2013-09-26 19:55 - 2013-09-09 15:40 - 00000000 ____D C:\Users\Phil\AppData\Local\CUSTPDF Writer
2013-09-24 21:44 - 2013-08-30 21:43 - 00000000 ____D C:\Users\Phil\AppData\Local\Packages
2013-09-23 00:28 - 2013-10-10 17:45 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-23 00:28 - 2013-10-10 17:45 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-22 23:55 - 2013-10-10 17:45 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-22 23:55 - 2013-10-10 17:45 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-22 23:55 - 2013-10-10 17:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-22 23:54 - 2013-10-10 17:45 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-22 21:06 - 2013-08-30 22:05 - 00000000 ____D C:\Users\Phil\AppData\Local\Microsoft Help
2013-09-22 21:06 - 2013-05-23 20:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-09-22 20:08 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-09-20 21:40 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\oobe
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessibility
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\en-GB
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\en-GB
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-09-20 21:39 - 2012-07-26 06:38 - 00000000 ____D C:\windows\SysWOW64\Dism
2013-09-20 21:39 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\Dism
2013-09-20 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-09-20 20:10 - 2013-09-15 20:19 - 00000000 ____D C:\Users\Phil\AppData\Local\Windows Live
2013-09-17 18:05 - 2013-09-17 13:02 - 00000075 _____ C:\DiskDefrag.log
2013-09-17 18:05 - 2013-09-17 13:02 - 00000000 ____D C:\Users\Phil\AppData\Roaming\GlarySoft
2013-09-17 18:01 - 2013-09-17 18:01 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-17 18:01 - 2013-09-17 18:01 - 00000000 ____D C:\ProgramData\Oracle
2013-09-17 18:00 - 2013-09-08 13:13 - 00868264 _____ (Oracle Corporation) C:\windows\SysWOW64\xnpDeployJava1.dll
2013-09-17 18:00 - 2013-09-08 13:13 - 00790440 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-09-17 17:54 - 2013-08-30 22:49 - 00000000 ____D C:\Users\Phil\AppData\Local\Adobe
2013-09-17 17:52 - 2013-09-17 15:19 - 00000000 ____D C:\Users\Phil\AppData\Roaming\QuickScan
2013-09-17 13:54 - 2013-09-17 13:52 - 89939216 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\msert.exe
2013-09-17 13:03 - 2013-05-24 20:37 - 00000000 ____D C:\windows\Panther
2013-09-17 12:39 - 2013-09-09 17:39 - 00000113 _____ C:\Users\Phil\AppData\Roaming\WB.CFG
2013-09-17 12:39 - 2013-09-09 17:39 - 00000005 _____ C:\Users\Phil\AppData\Roaming\WBPU-TTL.DAT
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\windows\en
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-09-15 22:05 - 2013-09-15 22:04 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-09-15 22:05 - 2012-07-26 10:43 - 00000000 ____D C:\windows\en-GB
2013-09-15 22:04 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-15 20:11 - 2013-09-15 20:08 - 00000000 ___RD C:\windows\BrowserChoice
2013-09-15 20:11 - 2013-05-23 18:58 - 00000000 ____D C:\ProgramData\PRICache
2013-09-15 20:08 - 2012-07-26 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender

Some content of TEMP:
====================
C:\Users\Phil\AppData\Local\Temp\COIOSHelper.dll
C:\Users\Phil\AppData\Local\Temp\Install_HOSTS_Ant i-Adware.exe
C:\Users\Phil\AppData\Local\Temp\lowproc.exe
C:\Users\Phil\AppData\Local\Temp\ose00000.exe
C:\Users\Phil\AppData\Local\Temp\proxy_vole4834437 718293735848.dll
C:\Users\Phil\AppData\Local\Temp\Quarantine.exe
C:\Users\Phil\AppData\Local\Temp\ShellLink.dll
C:\Users\Phil\AppData\Local\Temp\stubhelper.dll
C:\Users\Phil\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-13 21:05

==================== End Of Log ============================
Reply With Quote
  #23  
Old October 15th, 2013, 10:03 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
Online scan found nothing. Everything appears ok...
Reply With Quote
  #24  
Old October 17th, 2013, 07:28 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,425
Please delete this folder:

C:\Program Files (x86)\BonanzaDeals


manually and empty the recycle bin.

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.



Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it Clean

Hiding Hidden Files
Please set your system to hide all hidden files.
Click Start, open My Computer, select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, uncheck Show hidden files and folders.
Check: Hide file extensions for known file types
Check the Hide protected operating system files (recommended) option.
Click Yes to confirm.

Purging System Restore Points
Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
One of the most common questions found when cleaning Spyware or other Malware is "how did my machine get infected?". There are a variety of reasons, but the most common ones are that you are going to sites that you are not practicing Safe Internet, you are not running the proper security software, and that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer so that you will not be infected again in the future.


Practice Safe Internet

One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will. Below are a list of simple precautions to take to keep your computer clean and running securely:
  1. If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.

  2. If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.

  3. If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.

  4. If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software.

    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. For a list of these types of programs we recommend you visit this link: Rogue/Suspect Anti-Spyware Products & Web Sites

  5. Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you. We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake.

  6. Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.

  7. When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.

  8. Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.

  9. Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site.

  10. DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
Visit Microsoft's Windows Update Site Frequently

It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Make Internet Explorer 7 more secure
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    1. Change the Download signed ActiveX controls to Prompt
    2. Change the Download unsigned ActiveX controls to Disable
    3. Change the Initialize and script ActiveX controls not marked as safe to Disable
    4. Change the Installation of desktop items to Prompt
    5. Change the Launching programs and files in an IFRAME to Prompt
    6. Change the Navigate sub-frames across different domains to Prompt
    7. When all these settings have been made, click on the OK button.
    8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
  5. Next press the Apply button and then the OK to exit the Internet Properties page.


If we have helped you, please consider supporting Cyber Tech Help with a subscription.
Reply With Quote
  #25  
Old October 17th, 2013, 10:06 AM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
Not sure why I need to run OTC since it appears to remove all the malware removal tools that I've loaded. For example I use MBAM regularly...
Reply With Quote
  #26  
Old October 18th, 2013, 06:11 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,425
It will not remove MBAM, but our scanning tools that have to go again.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 10:03 AM.