Go Back   Cyber Tech Help Support Forums > Software > Malware Removal Forum

Notices

Reply
 
Topic Tools
  #1  
Old September 17th, 2013, 06:34 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
How do I get rid of web.longfintuna.net?

About once a day when I open a new browser tab (Firefox on Windows 8) I get a message from web.longfintuna.net/... telling me I have spyware n my computer. I do nt of course click on the 'more information' button. Seen other recent postings but no-one can seem to discover the source/remove it from their system. Nothing I've scanned with detects it.
Reply With Quote


  #2  
Old September 18th, 2013, 09:08 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,451
Hello, philthebass
Welcome to the CyberTechHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.



Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.



For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop.

Please run it and click Scan, post back with the 2 logfiles.
Reply With Quote
  #3  
Old September 18th, 2013, 09:25 PM
jwgera jwgera is offline
New Member
 
Join Date: Sep 2013
Posts: 6
longfintuna.net

I am also having a problem with longfintuna.net and saw your thread.

I ran the scan program. How do I get the information to you since cybertechhelp says I can not post attachments?

Thank you,
John
Reply With Quote
  #4  
Old September 19th, 2013, 12:08 AM
judge bean judge bean is offline
New Member
 
Join Date: Sep 2013
Posts: 1
Dont understand

Last edited by judge bean; September 19th, 2013 at 11:48 AM. Reason: tmi
Reply With Quote
  #5  
Old September 19th, 2013, 12:33 AM
jwgera jwgera is offline
New Member
 
Join Date: Sep 2013
Posts: 6
longfintuna removal (file 1)

here are my files:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03
Ran by John (administrator) on JWG-SERVER on 18-09-2013 11:11:14
Running from C:\Documents and Settings\John\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Apache Software Foundation) C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe
(Apache Software Foundation) C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc. exe
(Microsoft Corporation) C:\WINDOWS\System32\snmp.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
(Microsoft Corporation) C:\WINDOWS\system32\fxssvc.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(The Weather Channel) C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe
(Creative Technology Ltd.) C:\WINDOWS\system32\devldr32.exe
(Apache Software Foundation) C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager .exe
(LaCrosse Technology USA 1116 South Oak Street, La Crescent, MN 55947) C:\HeavyWeather\heavy weather.exe
(Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [18750976 2009-10-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [StartNowToolbarHelper] - "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe"
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [295512 2013-09-17] (RealNetworks, Inc.)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2011-06-04] (Google Inc.)
HKCU\...\Run: [NVIDIA nTune] - "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
HKCU\...\Run: [DW6] - "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKCU\...\Run: [DW7] - C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe [13103104 2013-07-09] (The Weather Channel)
HKCU\...\Run: [VJoy] - C:\Program Files\VJoy\VJoy.exe
MountPoints2: {306d56a6-9c6e-11e2-a88f-406186065a64} - J:\RunClubSanDisk.exe
MountPoints2: {a58f88c2-257a-11e0-8d47-806d6172696f} - D:\DVDSetup.exe
HKU\Games\...\Run: [DW6] - "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\Games\...\Run: [DW7] - C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe [ 2013-07-09] (The Weather Channel)
Startup: C:\Documents and Settings\Games\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Documents and Settings\Games\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Documents and Settings\John\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\Documents and Settings\John\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x787E4DE6E8F6CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - DefaultScope {5C9FAC61-0C4F-43D4-B97D-2334E18042D9} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE0006
SearchScopes: HKCU - {29713E3F-ABFF-408A-834A-4A026F890D17} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=524517&p={searchTerms}
SearchScopes: HKCU - {5C9FAC61-0C4F-43D4-B97D-2334E18042D9} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE0006
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE \rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
Toolbar: HKLM - StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} https://lp.soe.com/static/plugin/SOEWebInstaller.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Tcpip\..\Interfaces\{B22A70D2-A26C-4E35-98C1-BEF7C4E8A8E8}: [NameServer]68.87.69.150,68.87.85.102

Chrome:
=======
CHR HomePage: hxxp://www.google.com/advanced_search
CHR Extension: (YouTube) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.20_0
CHR Extension: (WebToSave) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\efbkdhmfnmnmfimllbjamfodco anhmdd\5.2.1.0_0
CHR Extension: (RealDownloader) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjb npdiji\1.3.1_0
CHR Extension: (BargainJoy) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\khongjfjjmklggionajlpjcpmn ppdace\3.3.3.0_0
CHR Extension: (Popup HTML Editor) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\mjpagcblmlakmpcihopmpfknak kimjdh\0.2_0
CHR Extension: (Norton Identity Protection) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmn jhmcmk\2013.4.0.10_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\0.0.4.10_2
CHR Extension: (Gmail) - C:\DOCUME~1\John\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_2
CHR HKLM\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\DOCUME~1\John\LOCALS~1\APPLIC~1\WebToSave.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Ch rome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [khongjfjjmklggionajlpjcpmnppdace] - C:\DOCUME~1\John\LOCALS~1\APPLIC~1\BargainJoy.crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\Exts\Chrome.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 Apache2.2; C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2010-10-18] (Apache Software Foundation)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe [387616 2009-08-10] ()
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 N360; C:\Program Files\Norton Security Suite\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-08-10] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc. exe [39056 2013-08-14] ()
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 acfva; C:\Windows\System32\DRIVERS\ACFVA32.sys [87040 2008-07-15] (Conexant Systems Inc.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\ 20130903.002\BHDrvx86.sys [1097816 2013-09-03] (Symantec Corporation)
R2 BT848; C:\Windows\System32\drivers\wf2kvcap.sys [75925 2004-10-04] (Leadtek Research Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSet x86.sys [134744 2013-04-15] (Symantec Corporation)
R3 ctljystk; C:\Windows\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP32.sys [28928 2008-06-15] (Conexant Systems, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-26] (Symantec Corporation)
R3 emu10k; C:\Windows\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
R3 emu10k1; C:\Windows\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-26] (Symantec Corporation)
R3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\2 0130918.001\IDSxpx86.sys [380832 2013-08-20] (Symantec Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2012-05-27] (http://libusb-win32.sourceforge.net)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK32.sys [12672 2007-03-15] (Conexant)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 msgame; C:\Windows\System32\DRIVERS\msgame.sys [35200 2001-08-17] (Microsoft Corporation)
R3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs \20130918.001\NAVENG.SYS [93272 2013-08-28] (Symantec Corporation)
R3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs \20130918.001\NAVEX15.SYS [1612376 2013-08-28] (Symantec Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [66816 2009-07-30] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [165920 2009-08-04] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [13824 2009-07-30] (NVIDIA Corporation)
S3 PPJoyBus; C:\Windows\System32\drivers\PPJoyBus.sys [13952 2004-10-24] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\drivers\PPortJoy.sys [28800 2004-10-24] (Deon van der Westhuysen)
R3 sfman; C:\Windows\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP .SYS [603224 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSP X.SYS [32344 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS .SYS [367704 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEF A.SYS [934488 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142496 2013-07-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx 86.SYS [175264 2012-07-27] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\N360\1404000.028\SYMTD I.SYS [396760 2013-04-24] (Symantec Corporation)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [26816 2011-01-21] (Acronis)
R2 tv2ktunr; C:\Windows\System32\drivers\wf2ktunr.sys [36423 2004-10-04] (Leadtek Research Inc.)
R2 Tv2kXbar; C:\Windows\System32\drivers\wf2kxbar.sys [10005 2004-10-04] (Leadtek Research Inc.)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [13112 2013-04-18] (Headsoft)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [18560 2005-03-02] (X10 Wireless Technology, Inc.)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-18 11:10 - 2013-09-18 11:10 - 00000000 ____D C:\FRST
2013-09-17 20:26 - 2013-09-17 20:29 - 00000000 ____D C:\Documents and Settings\John\Application Data\FileZilla
2013-09-17 20:25 - 2013-09-17 20:25 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-09-17 20:25 - 2013-09-17 20:25 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
2013-09-17 11:33 - 2013-09-17 11:33 - 00000000 ____D C:\Documents and Settings\John\Application Data\RealNetworks
2013-09-17 11:31 - 2013-09-17 11:31 - 00000747 _____ C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
2013-09-17 11:31 - 2013-09-17 11:31 - 00000000 ____D C:\Program Files\RealNetworks
2013-09-17 11:31 - 2013-09-17 11:31 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RealNetworks
2013-09-17 11:30 - 2013-09-17 11:30 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-09-14 11:01 - 2013-09-18 10:26 - 00000000 ____D C:\Documents and Settings\John\Desktop\deerPlum
2013-09-14 10:52 - 2013-09-14 10:52 - 00000000 ____D C:\Documents and Settings\John\Desktop\DeerCam
2013-09-14 00:44 - 2013-09-14 00:44 - 00049545 _____ C:\Documents and Settings\John\Local Settings\Application Data\WebToSave.crx
2013-09-13 15:27 - 2013-09-13 15:27 - 00000000 ____D C:\a
2013-09-11 12:57 - 2013-09-11 12:57 - 00446639 _____ C:\Documents and Settings\John\Desktop\googlemaps_h9sbrsh4.jar
2013-09-03 11:47 - 2013-09-03 12:25 - 00001824 _____ C:\Documents and Settings\John\Desktop\austin.txt
2013-08-31 07:44 - 2013-08-31 08:14 - 00002506 _____ C:\Documents and Settings\John\Desktop\jen.txt
2013-08-31 00:44 - 2013-08-31 00:44 - 00057107 _____ C:\Documents and Settings\John\Local Settings\Application Data\BargainJoy.crx
2013-08-22 10:29 - 2013-08-22 10:29 - 00000341 _____ C:\Documents and Settings\John\Desktop\jeffpapers.txt

==================== One Month Modified Files and Folders =======

2013-09-18 11:11 - 2011-01-21 18:46 - 00000000 ____D C:\HeavyWeather
2013-09-18 11:10 - 2013-09-18 11:10 - 00000000 ____D C:\FRST
2013-09-18 10:44 - 2013-08-05 14:44 - 00000406 _____ C:\WINDOWS\Tasks\At2.job
2013-09-18 10:44 - 2013-08-05 14:44 - 00000406 _____ C:\WINDOWS\Tasks\At1.job
2013-09-18 10:39 - 2011-03-27 11:21 - 00048640 _____ C:\Documents and Settings\John\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-18 10:35 - 2013-06-12 20:44 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-18 10:26 - 2013-09-14 11:01 - 00000000 ____D C:\Documents and Settings\John\Desktop\deerPlum
2013-09-18 10:25 - 2011-01-21 18:20 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1003UA.job
2013-09-18 10:24 - 2011-04-03 16:03 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-18 08:25 - 2011-01-21 17:49 - 00032338 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-18 00:44 - 2013-08-16 00:44 - 00000112 _____ C:\Documents and Settings\John\Application Data\WB.CFG
2013-09-18 00:44 - 2013-08-16 00:44 - 00000005 _____ C:\Documents and Settings\John\Application Data\WBPU-TTL.DAT
2013-09-18 00:25 - 2011-01-21 18:20 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1003Core.job
2013-09-17 20:29 - 2013-09-17 20:26 - 00000000 ____D C:\Documents and Settings\John\Application Data\FileZilla
2013-09-17 20:25 - 2013-09-17 20:25 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-09-17 20:25 - 2013-09-17 20:25 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
2013-09-17 20:21 - 2011-01-21 09:18 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2013-09-17 19:11 - 2011-01-21 09:23 - 01049980 _____ C:\WINDOWS\setupapi.log
2013-09-17 18:03 - 2011-01-21 17:37 - 00378741 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-17 17:57 - 2013-02-21 22:42 - 00000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1006.job
2013-09-17 17:57 - 2013-02-05 13:22 - 00000298 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTas kS-1-5-21-776561741-583907252-839522115-1003.job
2013-09-17 17:57 - 2013-02-05 13:12 - 00000284 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTas kS-1-5-21-776561741-583907252-839522115-1003.job
2013-09-17 17:57 - 2013-02-05 13:12 - 00000276 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1003.job
2013-09-17 17:57 - 2012-06-26 10:11 - 00000278 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1006.job
2013-09-17 17:57 - 2011-11-09 15:01 - 00000276 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1003.job
2013-09-17 17:57 - 2011-04-03 16:03 - 00000878 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-17 17:57 - 2011-01-21 17:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-17 17:57 - 2011-01-21 09:25 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-09-17 17:57 - 2011-01-21 09:25 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-09-17 17:57 - 2009-09-27 19:19 - 00253748 _____ C:\WINDOWS\system32\NvApps.xml
2013-09-17 17:56 - 2012-03-06 13:19 - 01890885 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-776561741-583907252-839522115-1003-0.dat
2013-09-17 17:56 - 2012-03-06 13:19 - 00333882 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-09-17 17:55 - 2011-01-21 17:50 - 00000178 ___SH C:\Documents and Settings\John\ntuser.ini
2013-09-17 12:08 - 2011-10-08 16:08 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-776561741-583907252-839522115-1003.job
2013-09-17 11:33 - 2013-09-17 11:33 - 00000000 ____D C:\Documents and Settings\John\Application Data\RealNetworks
2013-09-17 11:31 - 2013-09-17 11:31 - 00000747 _____ C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
2013-09-17 11:31 - 2013-09-17 11:31 - 00000000 ____D C:\Program Files\RealNetworks
2013-09-17 11:31 - 2013-09-17 11:31 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RealNetworks
2013-09-17 11:31 - 2013-02-05 13:11 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
2013-09-17 11:31 - 2011-10-08 16:07 - 00000000 ____D C:\Program Files\Real
2013-09-17 11:30 - 2013-09-17 11:30 - 00000000 ____D C:\Program Files\Common Files\xing shared
2013-09-17 11:30 - 2013-02-05 13:11 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll
2013-09-17 11:30 - 2013-02-05 13:11 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\rmoc3260.dll
2013-09-17 11:30 - 2013-02-05 13:11 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\pndx5016.dll
2013-09-17 11:30 - 2013-02-05 13:11 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\pndx5032.dll
2013-09-17 11:30 - 2011-10-08 16:07 - 00272896 _____ (Progressive Networks) C:\WINDOWS\system32\pncrt.dll
2013-09-17 11:30 - 2011-10-08 16:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Real
2013-09-17 11:16 - 2001-08-23 05:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-15 14:31 - 2013-02-21 22:42 - 00000286 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTas kS-1-5-21-776561741-583907252-839522115-1006.job
2013-09-14 10:52 - 2013-09-14 10:52 - 00000000 ____D C:\Documents and Settings\John\Desktop\DeerCam
2013-09-14 00:44 - 2013-09-14 00:44 - 00049545 _____ C:\Documents and Settings\John\Local Settings\Application Data\WebToSave.crx
2013-09-13 17:04 - 2013-02-05 13:22 - 00000324 _____ C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduled TaskS-1-5-21-776561741-583907252-839522115-1003.job
2013-09-13 16:35 - 2012-05-27 17:35 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-13 16:35 - 2011-08-17 14:07 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-13 15:27 - 2013-09-13 15:27 - 00000000 ____D C:\a
2013-09-13 11:58 - 2013-02-05 13:22 - 00000306 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeSchedule dTaskS-1-5-21-776561741-583907252-839522115-1003.job
2013-09-12 21:42 - 2012-06-26 10:11 - 00000286 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-776561741-583907252-839522115-1006.job
2013-09-12 21:00 - 2011-04-25 11:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\X10 Settings
2013-09-12 16:49 - 2011-02-24 21:05 - 00155429 _____ C:\Documents and Settings\John\Desktop\PrayerRequest.txt
2013-09-11 12:57 - 2013-09-11 12:57 - 00446639 _____ C:\Documents and Settings\John\Desktop\googlemaps_h9sbrsh4.jar
2013-09-11 00:44 - 2013-08-06 14:44 - 00000117 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2013-09-11 00:44 - 2013-08-06 14:44 - 00000005 _____ C:\Documents and Settings\NetworkService\Application Data\WBPU-TTL.DAT
2013-09-10 18:49 - 2013-07-12 16:25 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2013-09-08 12:16 - 2011-01-21 20:07 - 00000000 ____D C:\Data
2013-09-03 16:03 - 2013-05-25 14:58 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-09-03 16:03 - 2012-06-21 22:16 - 01030232 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-776561741-583907252-839522115-1006-0.dat
2013-09-03 12:25 - 2013-09-03 11:47 - 00001824 _____ C:\Documents and Settings\John\Desktop\austin.txt
2013-08-31 08:14 - 2013-08-31 07:44 - 00002506 _____ C:\Documents and Settings\John\Desktop\jen.txt
2013-08-31 00:44 - 2013-08-31 00:44 - 00057107 _____ C:\Documents and Settings\John\Local Settings\Application Data\BargainJoy.crx
2013-08-25 15:54 - 2011-07-22 09:24 - 00000178 ___SH C:\Documents and Settings\Games\ntuser.ini
2013-08-25 15:54 - 2011-07-22 09:23 - 00000000 ____D C:\Documents and Settings\Games
2013-08-25 14:36 - 2011-01-21 21:30 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2013-08-22 10:29 - 2013-08-22 10:29 - 00000341 _____ C:\Documents and Settings\John\Desktop\jeffpapers.txt

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job


Some content of TEMP:
====================
C:\Documents and Settings\John\Local Settings\Temp\lowproc.exe
C:\Documents and Settings\John\Local Settings\Temp\ose00000.exe
C:\Documents and Settings\John\Local Settings\Temp\stubhelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2004-08-03 22:56] - [2008-04-14 06:42] - 0108544 ____A (Microsoft Corporation) 0e776ed5f7cc9f94299e70461b7b8185

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
Reply With Quote
  #6  
Old September 19th, 2013, 12:34 AM
jwgera jwgera is offline
New Member
 
Join Date: Sep 2013
Posts: 6
longfintuna removal (file 2)

here are my files:


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-09-2013 03
Ran by John at 2013-09-18 11:11:46
Running from C:\Documents and Settings\John\My Documents\Downloads
Boot Mode: Normal
================================================== ========


==================== Installed Programs =======================

123 Free Solitaire (Version: 123 Free Solitaire 2002)
Acronis*TrueImage
ActiveHome Pro
ActiveHome Scripting
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader XI (11.0.04) (Version: 11.0.04)
Allway Sync version 12.14.11
Any Video Converter 5 5.0.3
Apache HTTP Server 2.2.17 (Version: 2.2.17)
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Privacy Protector
AutoHotkey 1.0.40.01 (Version: 1.0.40.01)
ControlAgent
Disney Pixar 1st Grade
e-Sword (Version: 9.05.0001)
F-22 Raptor
FileZilla Client 3.7.3 (Version: 3.7.3)
FMS
Free Easy Burner V 5.1 (Version: 5.1.0.0)
Google Chrome (HKCU Version: 29.0.1547.66)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Gourmania
HeavyWeatherReview 1.0
HiDef Media Player 1.1.12 (Version: 1.1.12)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Hunt for the Red Baron
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 22 (Version: 6.0.220)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.4763.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Moyea FLV Player version: 2.0.2.96
MSN
NetSurveillance
Norton Security Suite (Version: 20.4.0.40)
NVIDIA Drivers (Version: 1.7)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7316)
NVIDIA nView Desktop Manager (Version: 125.24)
OpenOffice.org 3.3 (Version: 3.3.9567)
QuickTime (Version: 7.70.80.34)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
Realtek High Definition Audio Driver
RealUpgrade 1.1 (Version: 1.1.0)
SmartPropoPlus (Version: 0.3.3.7)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
StartNow Toolbar (Version: 2.5.0)
The Weather Channel App
The Weather Channel Desktop 6
The Weather Channel Toolbar
Update for Image Editor
USB ACF Modem (Version: 2.0.17.50)
VideoLAN VLC media player 0.8.6f (Version: 0.8.6f)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Resource Kit Tools (Version: 5.2.3790)
Windows XP Service Pack 3 (Version: 20080414.031525)
Yahoo! Widgets (Version: 4.5.2.0)

==================== Restore Points =========================

20-06-2013 21:23:44 System Checkpoint
25-06-2013 04:17:59 Removed Java 7 Update 17
25-06-2013 04:18:26 Installed Java 7 Update 25
26-06-2013 16:09:53 System Checkpoint
27-06-2013 16:27:42 System Checkpoint
29-06-2013 03:47:02 System Checkpoint
01-07-2013 17:40:35 System Checkpoint
02-07-2013 01:23:20 before fms, tv, f22
03-07-2013 01:18:41 Unsigned driver install
03-07-2013 04:43:19 Unsigned driver install
04-07-2013 04:58:54 System Checkpoint
05-07-2013 17:53:22 before f22 install
07-07-2013 02:25:47 System Checkpoint
09-07-2013 23:53:38 System Checkpoint
11-07-2013 02:20:49 System Checkpoint
12-07-2013 04:13:10 System Checkpoint
13-07-2013 06:44:09 System Checkpoint
14-07-2013 06:51:16 System Checkpoint
16-07-2013 06:56:32 System Checkpoint
21-07-2013 00:18:03 System Checkpoint
22-07-2013 00:32:15 System Checkpoint
23-07-2013 01:13:47 System Checkpoint
26-07-2013 04:11:59 System Checkpoint
27-07-2013 04:41:09 System Checkpoint
28-07-2013 05:05:54 System Checkpoint
29-07-2013 16:27:55 System Checkpoint
31-07-2013 01:14:21 System Checkpoint
04-08-2013 20:25:06 System Checkpoint
05-08-2013 17:22:07 before dvr editerinstall
07-08-2013 00:00:25 System Checkpoint
08-08-2013 01:46:58 System Checkpoint
09-08-2013 01:55:31 System Checkpoint
10-08-2013 02:25:03 System Checkpoint
12-08-2013 01:42:56 System Checkpoint
13-08-2013 02:13:22 Removed Ask Toolbar.
13-08-2013 02:13:46 Removed Dealio Toolbar v7.3.
14-08-2013 03:35:50 System Checkpoint
16-08-2013 20:53:43 System Checkpoint
18-08-2013 02:49:04 System Checkpoint
19-08-2013 15:27:51 System Checkpoint
20-08-2013 16:38:03 System Checkpoint
21-08-2013 17:35:44 System Checkpoint
22-08-2013 18:53:21 System Checkpoint
23-08-2013 20:31:21 System Checkpoint
25-08-2013 02:29:13 System Checkpoint
26-08-2013 02:41:01 System Checkpoint
27-08-2013 04:51:43 System Checkpoint
28-08-2013 05:42:44 System Checkpoint
29-08-2013 05:43:26 System Checkpoint
30-08-2013 07:09:08 System Checkpoint
31-08-2013 08:14:20 System Checkpoint
01-09-2013 16:08:17 System Checkpoint
02-09-2013 20:07:58 System Checkpoint
03-09-2013 23:19:22 System Checkpoint
11-09-2013 02:28:43 System Checkpoint
12-09-2013 19:33:14 System Checkpoint
13-09-2013 21:17:39 System Checkpoint
15-09-2013 00:07:15 System Checkpoint
16-09-2013 00:14:23 System Checkpoint
17-09-2013 22:57:19 System Checkpoint
18-09-2013 03:21:52 before filezilla

==================== Hosts content: ==========================

2001-08-23 05:00 - 2001-08-23 05:00 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\John\APPLIC~1\DSite\UPDATE~1\UPDATE~1. EXE
Task: C:\WINDOWS\Tasks\At2.job => C:\DOCUME~1\John\APPLIC~1\DSite\UPDATE~1\UPDATE~1. EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1003Core.job => C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-776561741-583907252-839522115-1003UA.job => C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduled TaskS-1-5-21-776561741-583907252-839522115-1003.job => C:\Program Files\RealNetworks\RealDownloader\recordingmanager .exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTas kS-1-5-21-776561741-583907252-839522115-1003.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeSchedule dTaskS-1-5-21-776561741-583907252-839522115-1003.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTas kS-1-5-21-776561741-583907252-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTas kS-1-5-21-776561741-583907252-839522115-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-776561741-583907252-839522115-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-776561741-583907252-839522115-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-776561741-583907252-839522115-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2004-08-03 22:56 - 2008-04-14 06:40 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfime.ime
2009-09-27 01:12 - 2009-09-27 01:12 - 00888832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2004-08-03 22:56 - 2008-04-14 06:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-09-03 15:26 - 2013-09-03 15:26 - 00197560 _____ (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\ 20130903.002\UMEngx86.dll
2009-08-10 16:59 - 2009-08-10 16:59 - 00068128 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.d ll
2009-08-10 16:59 - 2009-08-10 16:59 - 00436768 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase .dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\rpcref.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\iisadmin.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\COADMIN.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\metadata.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\nsepm.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\wamreg.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\admexs.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\svcext.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\w3svc.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\INFOCOMM.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\ISATQ.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\IISFECNV.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\lonsint.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\iscomlog.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\sspifilt.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\compfilt.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\gzip.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\pwsdata.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\md5filt.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\httpext.dll
2011-01-21 19:32 - 2008-04-14 06:41 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\iislog.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\SMTPSVC.dll
2011-01-21 19:32 - 2008-04-14 06:42 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\seo.dll
2011-01-21 19:31 - 2008-04-14 06:41 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\aqueue.dll
2011-01-21 21:30 - 2001-08-17 23:36 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\ntfsdrv.dll
2013-07-15 23:50 - 2013-05-28 10:52 - 01439056 ____R (SwapDrive, Inc.) C:\Program Files\Norton Security Suite\Engine\20.4.0.40\BuEng.dll
2013-09-03 15:26 - 2013-09-03 15:26 - 02037688 _____ (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\ 20130903.002\BHEngine.dll
2013-09-16 17:50 - 2013-08-20 15:28 - 00799136 _____ (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\2 0130914.001\IDSxpx86.dll
2013-07-15 23:50 - 2012-08-16 18:05 - 00374232 ____R (GEAR-Software) C:\Program Files\Norton Security Suite\Engine\20.4.0.40\gwrks32.dll
2013-07-15 23:50 - 2012-08-16 18:05 - 03914712 ____R (GEAR-Software) C:\Program Files\Norton Security Suite\Engine\20.4.0.40\gearaw32.dll
2013-09-18 01:57 - 2013-08-20 15:28 - 00799136 _____ (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\2 0130918.001\IDSxpx86.dll
2013-09-18 08:28 - 2013-08-28 17:20 - 00300952 _____ (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs \20130918.001\ecmsvr32.dll
2013-09-18 08:28 - 2013-08-28 17:20 - 01951568 _____ (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs \20130918.001\NAVEX32a.DLL
2013-09-18 08:28 - 2013-08-28 17:20 - 00190288 _____ (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs \20130918.001\NAVENG32.DLL
2011-01-21 19:32 - 2008-04-14 06:41 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetsrv\httpmib.dll
2013-07-15 23:51 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON SECURITY SUITE\ENGINE\20.4.0.40\wincfi39.dll
2011-04-25 11:12 - 2006-06-21 11:10 - 01273856 _____ (X10 Wireless Technology, Inc.) C:\Program Files\Common Files\X10\Common\x10net.dll
2009-09-27 19:19 - 2009-09-27 19:19 - 00086016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvMcTray.dll
2013-09-13 16:35 - 2013-09-13 16:35 - 16244616 ____R (Adobe Systems, Inc.) C:\WINDOWS\system32\Macromed\Flash\Flash32_11_8_80 0_174.ocx
2004-08-03 22:56 - 2008-04-14 06:42 - 01288192 _____ () C:\WINDOWS\system32\quartz.dll
2013-07-02 16:36 - 2001-08-17 22:36 - 00256512 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\DEVCON32.DLL
2013-07-02 16:36 - 2001-08-17 22:36 - 00051200 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\SFMAN32.DLL
2008-01-08 15:50 - 2008-01-08 15:50 - 00349147 _____ () C:\Program Files\Yahoo!\Widgets\sqlite3.dll
2008-03-18 17:21 - 2008-03-18 17:21 - 00512000 _____ () C:\Program Files\Yahoo!\Widgets\js32.dll
2008-03-18 17:21 - 2008-03-18 17:21 - 00094208 _____ () C:\Program Files\Yahoo!\Widgets\jsd.dll
2011-01-21 18:46 - 2001-08-01 01:00 - 01826816 _____ (National Instruments) C:\WINDOWS\system32\cvirte.dll
2013-09-03 15:28 - 2013-09-02 13:34 - 47074256 _____ (Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\chrome .dll
2013-09-03 15:28 - 2013-09-02 13:35 - 09962960 _____ (The ICU Project) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\icudt. dll
2013-09-03 15:28 - 2013-09-02 13:35 - 04053456 _____ () C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\pdf.dl l
2013-09-03 15:28 - 2013-09-02 13:35 - 00410576 _____ () C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\ppGoog leNaClPluginChrome.dll
2013-09-03 15:28 - 2013-09-02 13:35 - 02110928 _____ (Google Inc.) C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\libpee rconnection.dll
2013-09-03 15:28 - 2013-09-02 13:35 - 01604560 _____ () C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\ffmpeg sumo.dll
2013-09-10 12:35 - 2013-09-10 12:35 - 16177544 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_80 0_168.dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/17/2013 05:57:14 PM) (Source: Apache Service) (User: )
Description: The Apache service named reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.4 for ServerName .

Error: (09/17/2013 11:16:48 AM) (Source: Apache Service) (User: )
Description: The Apache service named reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.4 for ServerName .

Error: (09/10/2013 00:55:13 PM) (Source: Apache Service) (User: )
Description: The Apache service named reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.4 for ServerName .

Error: (09/06/2013 11:14:32 AM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 29.0.1547.66, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/05/2013 08:56:23 PM) (Source: Application Error) (User: )
Description: Fault bucket 550296178.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (09/05/2013 08:56:17 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module urlmon.dll, version 8.0.6001.18702, fault address 0x0000c971.
Processing media-specific event for [iexplore.exe!ws!]

Error: (09/04/2013 06:12:23 PM) (Source: Application Hang) (User: )
Description: Fault bucket -486978317.

Error: (09/04/2013 06:12:01 PM) (Source: Application Hang) (User: )
Description: Hanging application chrome.exe, version 29.0.1547.66, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/04/2013 04:47:40 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (09/04/2013 04:47:34 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (09/01/2013 10:44:00 AM) (Source: Schedule) (User: )
Description: The At2.job command failed to start due to the following error:
%%2147942405

Error: (08/31/2013 05:44:00 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942405

Error: (08/30/2013 06:25:00 AM) (Source: DCOM) (User: JWG-SERVER)
Description: Unable to start a DCOM Server: {022105BD-948A-40C9-AB42-A3300DDF097F}.
The error:
"%%5"
Happened while starting this command:
"C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" -Embedding


Microsoft Office Sessions:
=========================
Error: (09/17/2013 05:57:14 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.4 for ServerName

Error: (09/17/2013 11:16:48 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.4 for ServerName

Error: (09/10/2013 00:55:13 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.4 for ServerName

Error: (09/06/2013 11:14:32 AM) (Source: Application Hang)(User: )
Description: chrome.exe29.0.1547.66hungapp0.0.0.000000000

Error: (09/05/2013 08:56:23 PM) (Source: Application Error)(User: )
Description: 550296178

Error: (09/05/2013 08:56:17 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702urlmon.dll8.0.6001.18702 0000c971

Error: (09/04/2013 06:12:23 PM) (Source: Application Hang)(User: )
Description: -486978317

Error: (09/04/2013 06:12:01 PM) (Source: Application Hang)(User: )
Description: chrome.exe29.0.1547.66hungapp0.0.0.000000000

Error: (09/04/2013 04:47:40 PM) (Source: Application Hang)(User: )
Description: 1180947459

Error: (09/04/2013 04:47:34 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 2815.17 MB
Available physical RAM: 1842.84 MB
Total Pagefile: 4701.4 MB
Available Pagefile: 3556.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.59 MB

==================== Drives ================================

Drive c: (C (Fixed) (Total:465.75 GB) (Free:368.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Backup) (Fixed) (Total:149.05 GB) (Free:98.63 GB) NTFS
Drive i: (F22RAPTOR) (CDROM) (Total:0.53 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

================================================== ======
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: E109E109)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Reply With Quote
  #7  
Old September 19th, 2013, 08:30 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,451
jwgera, judgebean:

please open a new topic for your problems.
Reply With Quote
  #8  
Old September 19th, 2013, 03:58 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
Thanks Tom,

I've had to go away from home for a week or so and the connection here seems very slow. If I can run the program I will - but may not get a chance until I'm back home. Otherwise I'm taking precautions not to access anything sensitive...
Reply With Quote
  #9  
Old September 20th, 2013, 09:27 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,451
ok.
Reply With Quote
  #10  
Old September 21st, 2013, 08:15 PM
Capt.Duck Capt.Duck is offline
New Member
 
Join Date: Sep 2013
Posts: 1
As per the CTH guidelines for the Malware Removal Forum shown Here, this post has been deleted. Members who have not been approved by the CTH Staff to provide infection removal/repair steps are prohibited from posting advice. Please disregard any information/steps that had been posted here.
Reply With Quote
  #11  
Old October 8th, 2013, 09:10 PM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
How do I send you the files. I keep getting a message that I'm sending too many characters
Reply With Quote
  #12  
Old October 10th, 2013, 10:44 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,451
Please split the logfiles, you can use several posts if needed.
Reply With Quote
  #13  
Old October 14th, 2013, 11:21 AM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
FRST part 1

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Phil (administrator) on PHILLIP on 14-10-2013 10:51:16
Running from C:\Users\Phil\Desktop
Windows 8 (X64) OS Language: English(UK)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
(Microsoft Corporation) C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_non e_62280e15510f8e79\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_11_8_800_168.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] - C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Phil\AppData\Roaming\Spotify\Data\Spotify WebHelper.exe [1104384 2013-09-02] (Spotify Ltd)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] - C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] - c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Phil\AppData\Roaming\Dropbox\bin\Dropbox. exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
SearchScopes: HKLM - DefaultScope {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ATMJS
SearchScopes: HKLM - {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ATMJS
SearchScopes: HKLM-x32 - {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=M ATMJS
SearchScopes: HKCU - DefaultScope {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL =
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {B2997A6D-9165-4878-BA30-BFFE49FCE75E} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog5 08 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5 09 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5-x64 08 C:\windows\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\windows\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default
FF user.js: detected! => C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\user.js
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_80 0_168.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_80 0_168.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\windows\SysWOW64\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp .dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\searchplugins\searchgol.xml
FF Extension: WOT - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Prof iles\1qb10ap6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116240 2013-01-04] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [x]

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-02] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498
C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB
C:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9C
C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C
C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2
C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43
C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8
C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F
C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72
C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75
C:\Windows\system32\drivers\afd.sys 36D6A3201721558A8AFBCC09C2DA4C2C
C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9
C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9
C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6
C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304
C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164
C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7
C:\Windows\system32\drivers\AmUStor.SYS 838B52A5EFEF8AD36636E514AE51263F
C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233
C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7
C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644
C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A
C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9
C:\Windows\system32\DRIVERS\athw8x.sys DFF2CAB5FDE5C32715C56A0DC7FD2427
C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDD
C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334
C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606
C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183
C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E
C:\Windows\system32\DRIVERS\btfilter.sys 398FF3FB43EC1C0DDE714D40DEEA65F5
C:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59
C:\Windows\System32\drivers\BthEnum.sys A8B20D852B07AE19A13B5D47EC4E4C3B
C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4
C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1
C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2C
C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97
C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957
C:\Windows\System32\Drivers\BTHport.sys 13795CAA34239D97A7211E7F9D96E012
C:\Windows\System32\Drivers\BTHUSB.sys 1F715957F5236D30B6020A19A4271F6A
C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772
C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE
C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E
C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3
C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313
C:\Windows\System32\Drivers\cng.sys E708BFF0473EC6B271EA46B65B16CA56
C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92
C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D
C:\Windows\System32\drivers\dam.sys FAEF4C245BE832DB41B15DAAC336AFB7
C:\Windows\System32\Drivers\dfsc.sys 09D9EB9E7898F8E6561473A20CC808B9
C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0
C:\Windows\System32\drivers\disk.sys 560495FF4CA22E1D9B1972FA18F43B6F
C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A
C:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FF
C:\Windows\System32\drivers\dxgkrnl.sys 6D1B8A9A2C0BD4851D8AF1AB43E67AD9
C:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4
C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098
C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2
C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B
C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03
C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282
C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4
C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397
C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02
C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D
C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D
C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705
C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8
C:\Windows\System32\DRIVERS\fvevol.sys FA228F4BB10DC7ED7E7D131C034E2331
C:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2
C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D
C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541
C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410E
C:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84F
C:\Windows\System32\drivers\HDAudBus.sys 7D87B5B6C7188D553E11B59DC7F0B111
C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C
C:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143
C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4
C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06
C:\Windows\System32\drivers\hidusb.sys 012C354B4AB48E9A7A657DF39E3A2073
C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF
C:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603C
C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94
C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27
C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C
C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3
C:\Windows\System32\drivers\iaStorA.sys 8E139FA049B84B395EA86B59C4C3D917
C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62
C:\Windows\system32\DRIVERS\igdkmd64.sys C63C32080615F49A4B8CA50523D6AA59
C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320
C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24
C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0D
C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9
C:\Windows\System32\drivers\IPMIDrv.sys 6E98A046A12AA113F8898AA5D612BD6E
C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02
C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C
C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2
C:\Windows\System32\drivers\msiscsi.sys 69C8BF0BC2B0EA10F130F4D3104DC2EF
C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21
C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6
C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87
C:\Windows\System32\Drivers\ksecdd.sys DFA480F6DED551464F3A5B959F437800
C:\Windows\System32\Drivers\ksecpkg.sys 127FB0AAD232BAAD2C9BBACD374F4FC5
C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0
C:\Windows\system32\DRIVERS\L1C63x64.sys B914A7133D759C53FAA5C08F33C09A4E
C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC
C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2
C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F
C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC
C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F
C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368
C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C
C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0
C:\Windows\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B
C:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48B
C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E
C:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBB
C:\Windows\System32\drivers\mountmgr.sys 89D263DBF08119CE16273991C120D6DD
C:\Windows\System32\drivers\mpsdrv.sys 0D1609DD82C7440F5D5BF21A9D4D5C0C
C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC
C:\Windows\System32\DRIVERS\mrxsmb.sys 93179D48066918323628CB016D8C94DC
C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3
C:\Windows\System32\DRIVERS\mrxsmb20.sys 5C7DD2E5759FFCCD2C7341C1B90F2B26
C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13
C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2
C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03
C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40
C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E
C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C
C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD
C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604
C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641
C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269
C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84
C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E
C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1
C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001
C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A
C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664
C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479
C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66
C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440
C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7
C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650
C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770
C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A
C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11
C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4
C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1
C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947
C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0
C:\Windows\System32\Drivers\Ntfs.sys 76929F4A69E425911A63B407E26C2589
C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D
C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2
C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9
C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036
C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766
C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3
C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2
C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837
C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269
C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27
C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBF
C:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493
C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys EE926C59CBD4DC4DC9FBB85014A2F1A5
C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD
C:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6D
C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF
C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E
C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F
C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA
C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE
C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042
C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4
C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69
C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68
C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3
C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DA
C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151
C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4
C:\Windows\System32\drivers\rfcomm.sys CCBFCABDFE2BC22F0645CEAADDB36004
C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF
C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A
C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92
C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E
C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041
C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C
C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD
C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6
C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB
C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1
C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2
C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D
C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 07165344E45AC9E93A999F74908F8AF6
C:\Windows\System32\drivers\spaceport.sys FD3AF5575B99871BADB94E7699DBCE08
C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202
C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6
C:\Windows\System32\DRIVERS\srv2.sys 56218A571ECF8D55E0CDFF8DF2546CF1
C:\Windows\System32\DRIVERS\srvnet.sys 14FC338B80CFF7E04215133B568D15C4
C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7
C:\Windows\system32\DRIVERS\stwrt64.sys 6841C97882D372C4ACEA62D419ECCCA1
C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57
C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2
C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59
C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9
C:\Windows\system32\DRIVERS\SynTP.sys E31797EEC50DDB5C5500EDFA4BC6A960
C:\Windows\System32\drivers\tcpip.sys 1794C43A000A47D92B3304FC1E3E512A
C:\Windows\system32\DRIVERS\tcpip.sys 1794C43A000A47D92B3304FC1E3E512A
C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989
C:\Windows\system32\DRIVERS\tdcmdpst.sys 58480A57ACF2671C343FD1D4BA990E34
C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7
C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4
C:\Windows\System32\drivers\Thotkey.sys 16E745743BABAF480B7718442F38B076
C:\Windows\System32\drivers\tosrfec.sys 0A160E31CB3A03B55E66560F499F8E28
C:\Windows\System32\drivers\tos_sps64.sys 36391C3953D191A2AF4556D5D706C641
C:\Windows\system32\drivers\tpm.sys 6F0BFF80EE2A5BC841286A51F893CBAD
C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3
C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513
C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740
C:\Windows\System32\drivers\TVALZ_O.SYS 54BDBF3D4DED58DA78B702471C68D4CA
C:\Windows\system32\DRIVERS\TVALZFL.sys 55A9A23DD64EB7781FCAB565B028CD0E
C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A
C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026
C:\Windows\System32\drivers\ucx01000.sys 061BA3EE0D2BE17944990544008CF190
C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2
C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A
C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860
C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09
C:\Windows\System32\drivers\usbccgp.sys C976C4306F9AE133D6BBD47FDFC3BF92
C:\Windows\System32\drivers\usbcir.sys 427B6DB8C05A5A977E8C3525370A2595
C:\Windows\System32\drivers\usbehci.sys B24FDEB1B18496F1B463782235AA3AF1
C:\Windows\System32\drivers\usbhub.sys F8C2A832DF9403F5EA8080CBDBDA95FB
C:\Windows\System32\drivers\UsbHub3.sys B1E910DDC08A8536116214326124903C
C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422AB
C:\Windows\System32\drivers\usbprint.sys 9FDBA6982582A6F2354144980F641E7B
C:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4B
C:\Windows\System32\drivers\usbuhci.sys 1ABF657259DB57F7E5558E4DF1357C0C
C:\Windows\System32\Drivers\usbvideo.sys 9EF7C01D3ACCBC243B5CB1A95865B2FF
C:\Windows\System32\drivers\USBXHCI.SYS 8DC398D7B8E02C929A2096E74A170970
C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8
C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE
C:\Windows\System32\drivers\vhdmp.sys 500BE6B2E49883720D0AE8BB859ED7A3
C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D
C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0
C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91
C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18
C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824
C:\Windows\System32\drivers\volsnap.sys 78A5BBA3819FFFC62FFEC3E2220D102D
C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D
C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353
C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC
C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611
C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F
C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86
C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB
C:\Windows\System32\drivers\WdBoot.sys FD47DF026B32969B8A68721A0243E8EE
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\drivers\WdFilter.sys 5F425D842DD6ADE9F95A51A0616AFAD7
C:\Windows\System32\DRIVERS\wfplwfs.sys 3F1F31883EAC9DDDF836ACC6D1DAC36C
C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60
C:\Windows\system32\DRIVERS\WinUsb.sys BB20956C424531003F7FA6CD36F11D5D
C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084
C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3
C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6
C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-14 10:49 - 2013-10-14 10:49 - 01954124 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2013-10-14 10:47 - 2013-10-14 10:47 - 00059397 _____ C:\Users\Phil\Downloads\FRST.txt
2013-10-14 10:45 - 2013-10-14 10:45 - 01087213 _____ (Farbar) C:\Users\Phil\Downloads\FRST.exe
2013-10-14 10:40 - 2013-10-14 10:45 - 01954124 _____ (Farbar) C:\Users\Phil\Downloads\FRST64.exe
2013-10-13 20:46 - 2013-10-13 20:46 - 00334735 _____ C:\Users\Phil\Downloads\Halfords Wipers Confirmation.htm
2013-10-13 20:46 - 2013-10-13 20:46 - 00000000 ____D C:\Users\Phil\Downloads\Halfords Wipers Confirmation_files
2013-10-11 22:23 - 2013-10-11 22:23 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Harmony Assistant
2013-10-11 22:21 - 2013-10-11 22:21 - 24013216 _____ (Myriad) C:\Users\Phil\Downloads\harmony963i-install.exe
2013-10-11 22:19 - 2013-10-11 22:19 - 00001300 _____ C:\Users\Phil\Documents\cc_20131011_221922.reg
2013-10-11 22:17 - 2013-10-11 22:17 - 00367872 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-11 22:09 - 2013-10-11 22:09 - 00016682 _____ C:\Users\Phil\Documents\cc_20131011_220941.reg
2013-10-11 22:08 - 2013-10-11 22:08 - 04369632 _____ (Piriform Ltd) C:\Users\Phil\Downloads\ccsetup406.exe
2013-10-11 21:55 - 2013-10-11 21:55 - 00000000 ____D C:\Users\Phil\AppData\Roaming\TuneUp Software
2013-10-11 21:54 - 2013-10-11 21:56 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 ____D C:\Users\Phil\Desktop\Video
2013-10-11 21:53 - 2013-10-11 21:54 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DVDVideoSoft
2013-10-11 21:53 - 2013-10-11 21:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-11 20:37 - 2013-10-11 20:42 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-11 20:37 - 2013-10-11 20:41 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-11 20:37 - 2013-10-11 20:37 - 00000000 ____D C:\Users\Phil\AppData\Local\BonanzaDealsLive
2013-10-11 20:37 - 2013-10-11 20:37 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-11 20:36 - 2013-10-11 22:15 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DigitalSite
2013-10-11 20:36 - 2013-10-11 20:37 - 00002642 _____ C:\windows\System32\Tasks\DigitalSite
2013-10-11 20:36 - 2013-10-11 20:37 - 00000304 _____ C:\windows\Tasks\DigitalSite.job
2013-10-11 20:36 - 2013-10-11 20:36 - 00000000 ____D C:\ProgramData\Babylon
2013-10-10 17:45 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-10 17:45 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-10 17:45 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-10 17:45 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-10 17:45 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-10 17:45 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-10 17:45 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-10 17:45 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-10 17:45 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-10 17:45 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-10 17:45 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-10-10 17:45 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-10-10 17:45 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-10 17:45 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-10 17:45 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-10-10 17:45 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-10 17:44 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-10 17:44 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2013-10-10 17:44 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNativ e_v0300.dll
2013-10-10 17:44 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-10 17:44 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-10-10 17:44 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-10-10 17:44 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-10-10 17:44 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-10-10 17:44 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-10 17:44 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-10 17:44 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-10 17:44 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-10 17:44 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-10 17:44 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-10 17:44 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-10 17:44 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-10 17:44 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-10 17:44 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-10 17:44 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-10 17:44 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-09 11:31 - 2013-10-09 11:31 - 00000794 _____ C:\windows\setupact.log
2013-10-09 11:31 - 2013-10-09 11:31 - 00000000 _____ C:\windows\setuperr.log
2013-10-08 20:59 - 2013-10-08 20:59 - 00000000 ____D C:\FRST
2013-10-07 18:42 - 2013-10-08 09:51 - 00000000 ____D C:\Users\Phil\Documents\CCLI data
2013-10-03 21:00 - 2013-10-03 21:00 - 00001011 _____ C:\Users\Phil\Desktop\Dropbox.lnk
2013-10-03 20:58 - 2013-10-03 20:59 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Dropbox
2013-10-03 20:42 - 2013-10-13 13:02 - 00000000 ___RD C:\Users\Phil\Dropbox
2013-10-03 20:39 - 2013-10-13 13:02 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Dropbox
2013-10-03 20:38 - 2013-10-03 20:39 - 35282952 _____ (Dropbox, Inc.) C:\Users\Phil\Downloads\Dropbox 2.4.0.exe
2013-10-03 10:41 - 2013-10-11 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 18:15 - 2013-10-01 18:15 - 00068322 _____ C:\Users\Phil\Documents\Public Rights of Way problem report.htm
2013-10-01 18:15 - 2013-10-01 18:15 - 00000000 ____D C:\Users\Phil\Documents\Public Rights of Way problem report_files
2013-09-27 19:59 - 2013-09-27 20:00 - 00252416 _____ C:\Users\Phil\Documents\Copy of projection-and-transformation-calculations.xls
2013-09-21 19:17 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-09-17 18:38 - 2013-09-17 18:43 - 00000000 ____D C:\AdwCleaner
2013-09-17 18:07 - 2012-11-20 06:24 - 01164800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
Reply With Quote
  #14  
Old October 14th, 2013, 11:22 AM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
FRST Part 2

2013-09-17 18:07 - 2012-11-20 06:17 - 01184256 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2013-09-17 18:07 - 2012-11-20 06:02 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDKURD.DLL
2013-09-17 18:07 - 2012-11-20 05:59 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDKURD.DLL
2013-09-17 18:07 - 2012-10-24 05:54 - 00396008 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2013-09-17 18:07 - 2012-10-12 07:13 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\dskquota.dll
2013-09-17 18:07 - 2012-10-12 06:39 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\dskquota.dll
2013-09-17 18:06 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-09-17 18:06 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-09-17 18:06 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-09-17 18:06 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-09-17 18:06 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-09-17 18:06 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-09-17 18:06 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-09-17 18:06 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-09-17 18:06 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-09-17 18:06 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-09-17 18:06 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-09-17 18:06 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-09-17 18:06 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-09-17 18:06 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-09-17 18:06 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-09-17 18:06 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-09-17 18:06 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-09-17 18:06 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-09-17 18:06 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-09-17 18:06 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-09-17 18:06 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-09-17 18:06 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-09-17 18:06 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-09-17 18:06 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-09-17 18:06 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-09-17 18:06 - 2012-10-17 05:32 - 01172992 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2013-09-17 18:06 - 2012-10-17 05:32 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2013-09-17 18:06 - 2012-10-17 05:32 - 00673280 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2013-09-17 18:06 - 2012-10-17 04:57 - 00929792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2013-09-17 18:06 - 2012-10-17 04:57 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2013-09-17 18:06 - 2012-10-17 04:57 - 00513024 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2013-09-17 18:05 - 2013-05-04 08:58 - 00120736 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2013-09-17 18:05 - 2013-05-04 08:34 - 00284416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2013-09-17 18:05 - 2013-05-04 07:59 - 13644288 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-09-17 18:05 - 2013-05-04 07:59 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2013-09-17 18:05 - 2013-05-04 07:59 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2013-09-17 18:05 - 2013-05-04 07:58 - 10116096 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 01332736 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00470528 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00330240 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2013-09-17 18:05 - 2013-05-04 07:58 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 02305024 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 01131520 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00501760 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00389120 _____ (Microsoft Corporation) C:\windows\system32\BCP47Langs.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2013-09-17 18:05 - 2013-05-04 07:57 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2013-09-17 18:05 - 2013-05-04 07:56 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2013-09-17 18:05 - 2013-05-04 05:58 - 00758784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2013-09-17 18:05 - 2013-05-04 05:57 - 10788864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 08857088 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2013-09-17 18:05 - 2013-05-04 05:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 00449536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\BCP47Langs.dll
2013-09-17 18:05 - 2013-05-04 05:56 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2013-09-17 18:05 - 2013-05-04 05:55 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2013-09-17 18:05 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\windows\system32\rars.rs
2013-09-17 18:05 - 2013-05-04 05:48 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2013-09-17 18:05 - 2013-05-04 05:47 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2013-09-17 18:05 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\windows\SysWOW64\rars.rs
2013-09-17 18:04 - 2013-05-31 00:24 - 01257472 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-09-17 18:04 - 2013-05-31 00:08 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-09-17 18:04 - 2013-05-15 03:25 - 00888320 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2013-09-17 18:04 - 2013-05-15 03:25 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2013-09-17 18:04 - 2013-05-15 03:24 - 00793088 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2013-09-17 18:04 - 2013-05-15 03:24 - 00482816 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2013-09-17 18:03 - 2013-03-02 11:57 - 00332520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2013-09-17 18:03 - 2013-03-02 11:57 - 00077544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storahci.sys
2013-09-17 18:03 - 2013-03-02 11:45 - 00148712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-09-17 18:03 - 2013-03-02 11:39 - 00495336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2013-09-17 18:03 - 2013-03-02 09:23 - 01338880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authenticatio n.OnlineId.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-09-17 18:03 - 2013-03-02 09:23 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncInfo.dll
2013-09-17 18:03 - 2013-03-02 09:22 - 05091840 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2013-09-17 18:03 - 2013-03-02 09:22 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2013-09-17 18:03 - 2013-03-02 09:21 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2013-09-17 18:03 - 2013-03-02 09:21 - 00145408 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2013-09-17 18:03 - 2013-03-02 09:21 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevDispItemProvider.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 01149952 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authenticatio n.OnlineId.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\fsquirt.exe
2013-09-17 18:03 - 2013-03-02 03:45 - 00180224 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\TimeBrokerServer.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2013-09-17 18:03 - 2013-03-02 03:45 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\WSDPrintProxy.DLL
2013-09-17 18:03 - 2013-03-02 03:44 - 05978624 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\NdisImPlatform.dll
2013-09-17 18:03 - 2013-03-02 03:44 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\DevDispItemProvider.dll
2013-09-17 18:03 - 2013-03-02 03:43 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2013-09-17 18:03 - 2013-03-02 03:15 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2013-09-17 18:03 - 2013-03-01 05:56 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys
2013-09-17 18:03 - 2013-03-01 05:56 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys
2013-09-17 18:03 - 2013-03-01 05:55 - 01175040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2013-09-17 18:01 - 2013-09-17 18:01 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-17 18:01 - 2013-09-17 18:01 - 00000000 ____D C:\ProgramData\Oracle
2013-09-17 17:59 - 2013-04-09 06:33 - 00489576 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2013-09-17 17:59 - 2013-04-09 06:33 - 00446792 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2013-09-17 17:59 - 2013-04-09 06:33 - 00253544 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2013-09-17 17:59 - 2013-04-09 06:20 - 00306952 _____ (Microsoft Corporation) C:\windows\system32\kd_02_10ec.dll
2013-09-17 17:59 - 2013-04-09 06:17 - 01829408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-09-17 17:59 - 2013-04-09 05:52 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2013-09-17 17:59 - 2013-04-09 05:52 - 00804352 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2013-09-17 17:59 - 2013-04-09 05:52 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2013-09-17 17:59 - 2013-04-09 05:51 - 14267904 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 03552768 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 00456704 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2013-09-17 17:59 - 2013-04-09 05:51 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-09-17 17:59 - 2013-04-09 05:50 - 02107904 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2013-09-17 17:59 - 2013-04-09 05:50 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2013-09-17 17:59 - 2013-04-09 05:50 - 00435200 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2013-09-17 17:59 - 2013-04-09 05:50 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 01444864 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\fhengine.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2013-09-17 17:59 - 2013-04-09 05:49 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2013-09-17 17:59 - 2013-04-09 05:48 - 00169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2013-09-17 17:59 - 2013-04-09 03:33 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2013-09-17 17:59 - 2013-04-09 03:32 - 00805376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2013-09-17 17:59 - 2013-04-09 00:39 - 01408896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-09-17 17:59 - 2013-04-09 00:37 - 00426024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2013-09-17 17:59 - 2013-04-09 00:37 - 00324368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2013-09-17 17:59 - 2013-04-08 22:52 - 11878912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2013-09-17 17:59 - 2013-04-08 22:52 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2013-09-17 17:59 - 2013-04-08 22:52 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2013-09-17 17:59 - 2013-04-08 22:51 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAudDecMFT.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00659456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2013-09-17 17:59 - 2013-04-08 22:51 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-09-17 17:59 - 2013-04-05 00:30 - 00503080 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2013-09-17 17:59 - 2013-03-15 23:05 - 00298456 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2013-09-17 17:59 - 2013-03-15 23:05 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2013-09-17 17:59 - 2013-03-02 03:43 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2013-09-17 17:58 - 2013-04-09 06:20 - 00086280 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2013-09-17 17:58 - 2013-04-09 06:18 - 00077960 _____ (Microsoft Corporation) C:\windows\system32\kdvm.dll
2013-09-17 17:58 - 2013-04-09 05:52 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2013-09-17 17:58 - 2013-04-09 05:52 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2013-09-17 17:58 - 2013-04-09 05:51 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00745984 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\GenuineCenter.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2013-09-17 17:58 - 2013-04-09 05:50 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2013-09-17 17:58 - 2013-04-09 05:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2013-09-17 17:58 - 2013-04-09 05:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\fmifs.dll
2013-09-17 17:58 - 2013-04-09 03:34 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2013-09-17 17:58 - 2013-04-09 03:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2013-09-17 17:58 - 2013-04-09 03:31 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2013-09-17 17:58 - 2013-04-09 03:31 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2013-09-17 17:58 - 2013-04-09 00:44 - 00123880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2013-09-17 17:58 - 2013-04-08 22:52 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2013-09-17 17:58 - 2013-04-08 22:52 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2013-09-17 17:58 - 2013-04-08 22:51 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\fmifs.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2013-09-17 17:58 - 2013-04-08 22:51 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2013-09-17 17:58 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2013-09-17 15:19 - 2013-09-17 17:52 - 00000000 ____D C:\Users\Phil\AppData\Roaming\QuickScan
2013-09-17 13:52 - 2013-09-17 13:54 - 89939216 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\msert.exe
2013-09-17 13:11 - 2013-10-14 10:20 - 01048850 _____ C:\windows\WindowsUpdate.log
2013-09-17 13:10 - 2013-10-11 22:16 - 00032672 _____ C:\windows\PFRO.log
2013-09-17 13:02 - 2013-09-17 18:05 - 00000075 _____ C:\DiskDefrag.log
2013-09-17 13:02 - 2013-09-17 18:05 - 00000000 ____D C:\Users\Phil\AppData\Roaming\GlarySoft
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\windows\en
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-09-15 22:04 - 2013-09-15 22:05 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-09-15 22:03 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2013-09-15 22:03 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2013-09-15 22:03 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2013-09-15 22:03 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2013-09-15 22:03 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2013-09-15 22:03 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2013-09-15 22:03 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2013-09-15 22:03 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2013-09-15 22:03 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2013-09-15 20:19 - 2013-09-20 20:10 - 00000000 ____D C:\Users\Phil\AppData\Local\Windows Live
2013-09-15 20:08 - 2013-09-15 20:11 - 00000000 ___RD C:\windows\BrowserChoice
2013-09-14 11:03 - 2013-10-11 20:50 - 00000000 ____D C:\windows\system32\MRT
2013-09-14 11:03 - 2013-10-11 20:49 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-09-14 10:54 - 2013-04-24 00:13 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2013-09-14 10:54 - 2013-04-24 00:12 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2013-09-14 10:54 - 2013-04-23 23:56 - 01255936 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2013-09-14 10:54 - 2013-04-23 23:55 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-09-14 10:53 - 2013-07-02 01:44 - 00036288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2013-09-14 10:53 - 2013-07-01 23:08 - 00247216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys

==================== One Month Modified Files and Folders =======

2013-10-14 10:49 - 2013-10-14 10:49 - 01954124 _____ (Farbar) C:\Users\Phil\Desktop\FRST64.exe
2013-10-14 10:47 - 2013-10-14 10:47 - 00059397 _____ C:\Users\Phil\Downloads\FRST.txt
2013-10-14 10:45 - 2013-10-14 10:45 - 01087213 _____ (Farbar) C:\Users\Phil\Downloads\FRST.exe
2013-10-14 10:45 - 2013-10-14 10:40 - 01954124 _____ (Farbar) C:\Users\Phil\Downloads\FRST64.exe
2013-10-14 10:20 - 2013-09-17 13:11 - 01048850 _____ C:\windows\WindowsUpdate.log
2013-10-14 09:00 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-10-14 08:42 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-10-13 22:09 - 2013-09-05 17:03 - 00007599 _____ C:\Users\Phil\AppData\Local\Resmon.ResmonCfg
2013-10-13 21:14 - 2013-08-30 23:10 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Spotify
2013-10-13 20:46 - 2013-10-13 20:46 - 00334735 _____ C:\Users\Phil\Downloads\Halfords Wipers Confirmation.htm
2013-10-13 20:46 - 2013-10-13 20:46 - 00000000 ____D C:\Users\Phil\Downloads\Halfords Wipers Confirmation_files
2013-10-13 16:22 - 2013-08-30 23:18 - 00000000 ____D C:\Users\Phil\AppData\Local\Spotify
2013-10-13 13:02 - 2013-10-03 20:42 - 00000000 ___RD C:\Users\Phil\Dropbox
2013-10-13 13:02 - 2013-10-03 20:39 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Dropbox
2013-10-12 17:51 - 2013-09-07 16:29 - 00000000 ____D C:\Users\Phil\Documents\My bb
2013-10-11 22:42 - 2013-08-30 21:52 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1700735764-1372277227-1461843278-1001
2013-10-11 22:27 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-11 22:23 - 2013-10-11 22:23 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Harmony Assistant
2013-10-11 22:23 - 2013-08-31 08:15 - 00000000 ____D C:\Program Files (x86)\Harmony Assistant
2013-10-11 22:21 - 2013-10-11 22:21 - 24013216 _____ (Myriad) C:\Users\Phil\Downloads\harmony963i-install.exe
2013-10-11 22:19 - 2013-10-11 22:19 - 00001300 _____ C:\Users\Phil\Documents\cc_20131011_221922.reg
2013-10-11 22:17 - 2013-10-11 22:17 - 00367872 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-11 22:16 - 2013-09-17 13:10 - 00032672 _____ C:\windows\PFRO.log
2013-10-11 22:16 - 2012-07-26 06:26 - 00786432 ___SH C:\windows\system32\config\BBI
2013-10-11 22:15 - 2013-10-11 20:36 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DigitalSite
2013-10-11 22:09 - 2013-10-11 22:09 - 00016682 _____ C:\Users\Phil\Documents\cc_20131011_220941.reg
2013-10-11 22:09 - 2013-09-11 12:40 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-11 22:09 - 2013-09-11 12:40 - 00000000 ____D C:\Program Files\CCleaner
2013-10-11 22:08 - 2013-10-11 22:08 - 04369632 _____ (Piriform Ltd) C:\Users\Phil\Downloads\ccsetup406.exe
2013-10-11 21:56 - 2013-10-11 21:54 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 21:55 - 2013-10-11 21:55 - 00000000 ____D C:\Users\Phil\AppData\Roaming\TuneUp Software
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 21:54 - 2013-10-11 21:54 - 00000000 ____D C:\Users\Phil\Desktop\Video
2013-10-11 21:54 - 2013-10-11 21:53 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DVDVideoSoft
2013-10-11 21:53 - 2013-10-11 21:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-11 20:51 - 2013-08-30 22:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 20:50 - 2013-09-14 11:03 - 00000000 ____D C:\windows\system32\MRT
2013-10-11 20:49 - 2013-09-14 11:03 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-11 20:42 - 2013-10-11 20:37 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-11 20:41 - 2013-10-11 20:37 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-11 20:37 - 2013-10-11 20:37 - 00000000 ____D C:\Users\Phil\AppData\Local\BonanzaDealsLive
2013-10-11 20:37 - 2013-10-11 20:37 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-11 20:37 - 2013-10-11 20:36 - 00002642 _____ C:\windows\System32\Tasks\DigitalSite
2013-10-11 20:37 - 2013-10-11 20:36 - 00000304 _____ C:\windows\Tasks\DigitalSite.job
2013-10-11 20:37 - 2013-10-03 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-11 20:36 - 2013-10-11 20:36 - 00000000 ____D C:\ProgramData\Babylon
2013-10-11 20:33 - 2013-08-30 21:55 - 00000000 ____D C:\Users\Phil\AppData\Local\Thunderbird
2013-10-11 17:35 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Audacity
2013-10-11 17:01 - 2013-08-31 08:17 - 00000000 ____D C:\Users\Phil\AppData\Roaming\ACAMPREF
2013-10-10 19:09 - 2013-09-02 12:58 - 00000000 ____D C:\Users\Phil\Documents\Audio
2013-10-09 11:32 - 2012-07-26 08:28 - 00848230 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-09 11:31 - 2013-10-09 11:31 - 00000794 _____ C:\windows\setupact.log
2013-10-09 11:31 - 2013-10-09 11:31 - 00000000 _____ C:\windows\setuperr.log
2013-10-08 20:59 - 2013-10-08 20:59 - 00000000 ____D C:\FRST
2013-10-08 10:33 - 2013-09-11 17:01 - 00000000 ____D C:\ProgramData\CopyReport4
2013-10-08 09:51 - 2013-10-07 18:42 - 00000000 ____D C:\Users\Phil\Documents\CCLI data
2013-10-07 15:06 - 2013-08-30 23:09 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Mp3tag
2013-10-05 22:06 - 2013-08-30 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-03 21:00 - 2013-10-03 21:00 - 00001011 _____ C:\Users\Phil\Desktop\Dropbox.lnk
2013-10-03 20:59 - 2013-10-03 20:58 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Dropbox
2013-10-03 20:59 - 2013-08-30 21:44 - 00000000 ___RD C:\Users\Phil\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup
2013-10-03 20:42 - 2013-08-30 21:43 - 00000000 ____D C:\Users\Phil
2013-10-03 20:39 - 2013-10-03 20:38 - 35282952 _____ (Dropbox, Inc.) C:\Users\Phil\Downloads\Dropbox 2.4.0.exe
2013-10-03 10:44 - 2013-08-30 22:46 - 00000000 ____D C:\Users\Phil\AppData\Local\Mozilla
2013-10-02 02:38 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 02:38 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 18:15 - 2013-10-01 18:15 - 00068322 _____ C:\Users\Phil\Documents\Public Rights of Way problem report.htm
2013-10-01 18:15 - 2013-10-01 18:15 - 00000000 ____D C:\Users\Phil\Documents\Public Rights of Way problem report_files
2013-09-27 20:00 - 2013-09-27 19:59 - 00252416 _____ C:\Users\Phil\Documents\Copy of projection-and-transformation-calculations.xls
2013-09-26 19:55 - 2013-09-09 15:40 - 00000000 ____D C:\Users\Phil\AppData\Local\CUSTPDF Writer
2013-09-24 21:44 - 2013-08-30 21:43 - 00000000 ____D C:\Users\Phil\AppData\Local\Packages
2013-09-23 00:28 - 2013-10-10 17:45 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-23 00:28 - 2013-10-10 17:45 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-23 00:27 - 2013-10-10 17:45 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-22 23:55 - 2013-10-10 17:45 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-22 23:55 - 2013-10-10 17:45 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-22 23:55 - 2013-10-10 17:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-22 23:54 - 2013-10-10 17:45 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-22 23:54 - 2013-10-10 17:45 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-22 21:06 - 2013-08-30 22:05 - 00000000 ____D C:\Users\Phil\AppData\Local\Microsoft Help
2013-09-22 21:06 - 2013-05-23 20:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-09-22 20:08 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-09-20 21:40 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\oobe
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessibility
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\en-GB
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\en-GB
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-09-20 21:39 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-09-20 21:39 - 2012-07-26 06:38 - 00000000 ____D C:\windows\SysWOW64\Dism
2013-09-20 21:39 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\Dism
2013-09-20 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-09-20 20:10 - 2013-09-15 20:19 - 00000000 ____D C:\Users\Phil\AppData\Local\Windows Live
2013-09-17 18:43 - 2013-09-17 18:38 - 00000000 ____D C:\AdwCleaner
2013-09-17 18:05 - 2013-09-17 13:02 - 00000075 _____ C:\DiskDefrag.log
2013-09-17 18:05 - 2013-09-17 13:02 - 00000000 ____D C:\Users\Phil\AppData\Roaming\GlarySoft
2013-09-17 18:01 - 2013-09-17 18:01 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-09-17 18:01 - 2013-09-17 18:01 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-17 18:01 - 2013-09-17 18:01 - 00000000 ____D C:\ProgramData\Oracle
2013-09-17 18:00 - 2013-09-08 13:13 - 00868264 _____ (Oracle Corporation) C:\windows\SysWOW64\xnpDeployJava1.dll
2013-09-17 18:00 - 2013-09-08 13:13 - 00790440 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-09-17 17:54 - 2013-08-30 22:49 - 00000000 ____D C:\Users\Phil\AppData\Local\Adobe
2013-09-17 17:52 - 2013-09-17 15:19 - 00000000 ____D C:\Users\Phil\AppData\Roaming\QuickScan
2013-09-17 13:54 - 2013-09-17 13:52 - 89939216 _____ (Microsoft Corporation) C:\Users\Phil\Downloads\msert.exe
2013-09-17 13:03 - 2013-05-24 20:37 - 00000000 ____D C:\windows\Panther
2013-09-17 12:39 - 2013-09-09 17:39 - 00000113 _____ C:\Users\Phil\AppData\Roaming\WB.CFG
2013-09-17 12:39 - 2013-09-09 17:39 - 00000005 _____ C:\Users\Phil\AppData\Roaming\WBPU-TTL.DAT
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\windows\en
2013-09-15 22:05 - 2013-09-15 22:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-09-15 22:05 - 2013-09-15 22:04 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-09-15 22:05 - 2012-07-26 10:43 - 00000000 ____D C:\windows\en-GB
2013-09-15 22:04 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-15 20:11 - 2013-09-15 20:08 - 00000000 ___RD C:\windows\BrowserChoice
2013-09-15 20:11 - 2013-05-23 18:58 - 00000000 ____D C:\ProgramData\PRICache
2013-09-15 20:08 - 2012-07-26 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-15 20:08 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender

Some content of TEMP:
====================
C:\Users\Phil\AppData\Local\Temp\COIOSHelper.dll
C:\Users\Phil\AppData\Local\Temp\Install_HOSTS_Ant i-Adware.exe
C:\Users\Phil\AppData\Local\Temp\lowproc.exe
C:\Users\Phil\AppData\Local\Temp\ose00000.exe
C:\Users\Phil\AppData\Local\Temp\proxy_vole4512790 608256080790.dll
C:\Users\Phil\AppData\Local\Temp\Quarantine.exe
C:\Users\Phil\AppData\Local\Temp\ShellLink.dll
C:\Users\Phil\AppData\Local\Temp\stubhelper.dll
C:\Users\Phil\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{db5849a1-de2c-11e2-be74-806e6f6e6963}
{db58499f-de2c-11e2-be74-806e6f6e6963}
{db5849a0-de2c-11e2-be74-806e6f6e6963}
timeout 2

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-GB
inherit {globalsettings}
integrityservices Enable
extendedinput Yes
default {current}
resumeobject {343b5593-de35-11e2-971b-9fe6d4679273}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
customactions 0x1000000300001
0x5400000f
custom:5400000f {357029dd-11b3-11e3-be7d-24fd52f9412f}

Firmware Application (101fffff)
-------------------------------
identifier {db58499f-de2c-11e2-be74-806e6f6e6963}
description EFI USB Device

Firmware Application (101fffff)
-------------------------------
identifier {db5849a0-de2c-11e2-be74-806e6f6e6963}
description EFI DVD/CDROM

Firmware Application (101fffff)
-------------------------------
identifier {db5849a1-de2c-11e2-be74-806e6f6e6963}
description EFI Network

Firmware Application (101fffff)
-------------------------------
identifier {db5849a2-de2c-11e2-be74-806e6f6e6963}
description EFI Network 0 for IPv6 (7C-05-07-DE-EC-BE)

Firmware Application (101fffff)
-------------------------------
identifier {db5849a3-de2c-11e2-be74-806e6f6e6963}
description EFI Network 0 for IPv4 (7C-05-07-DE-EC-BE)

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \windows\system32\winload.efi
description Windows 8
locale en-GB
inherit {bootloadersettings}
recoverysequence {357029dd-11b3-11e3-be7d-24fd52f9412f}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \windows
resumeobject {343b5593-de35-11e2-971b-9fe6d4679273}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {357029dd-11b3-11e3-be7d-24fd52f9412f}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{357029de-11b3-11e3-be7d-24fd52f9412f}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-gb
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{357029de-11b3-11e3-be7d-24fd52f9412f}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {343b5593-de35-11e2-971b-9fe6d4679273}
device partition=C:
path \windows\system32\winresume.efi
description Windows Resume Application
locale en-GB
inherit {resumeloadersettings}
recoverysequence {357029dd-11b3-11e3-be7d-24fd52f9412f}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale en-GB
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {357029de-11b3-11e3-be7d-24fd52f9412f}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi



LastRegBack: 2013-10-13 21:05

==================== End Of Log ============================
Reply With Quote
  #15  
Old October 14th, 2013, 11:23 AM
philthebass philthebass is offline
New Member
 
Join Date: Sep 2013
Posts: 13
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Phil at 2013-10-14 10:51:54
Running from C:\Users\Phil\Desktop
Boot Mode: Normal
================================================== ========


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Alcor Micro USB Card Reader (x32 Version: 4.7.1245.73473)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Atheros Bluetooth Filter Driver Package (Version: 2.0.0.9)
Atheros Driver Installation Program (x32 Version: 10.0)
Audacity 2.0.3 (x32 Version: 2.0.3)
Bejeweled 3 (x32 Version: 2.2.0.98)
CCleaner (Version: 4.06)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
CopyReport4 (4.5.6) (x32 Version: (4.5.6))
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 2.4.0)
DTS Sound (x32 Version: 1.00.0071)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98)
Free Video to DVD Converter version 5.0.28.827 (x32 Version: 5.0.28.827)
Google Update Helper (x32 Version: 1.3.23.0)
Harmony Assistant (x32 Version: 9.6.3i)
IDT Audio Driver (Version: 6.10.6472.0)
Intel AppUp(R) center (x32 Version: 3.8.0.41663.61)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1281)
Intel(R) Processor Graphics (x32 Version: 9.17.10.3040)
Intel(R) Rapid Storage Technology (Version: 12.0.4.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.738.1)
Island Tribe (x32 Version: 2.2.0.98)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98)
LAME v3.99.3 (for Windows) (x32)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 en-GB) (x32 Version: 17.0.8)
Mp3tag v2.57 (x32 Version: v2.57)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
PDF Creator
PDF Writer Packages (HKCU)
Peggle Nights (x32 Version: 2.2.0.98)
PG Music DirectX Plugins 1.3.4.1 (x32)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.13)
RealDrums Set 2c - Country and Reggae (x32)
Shared C Run-time for x64 (Version: 10.0.0)
Spotify (x32 Version: 0.8.5.1333.g822e0de8)
Synaptics Pointing Device Driver (Version: 16.4.2.8)
TOSHIBA Desktop Assist (Version: 1.01.02.6405)
TOSHIBA Display Utility (Version: 1.0.4.5)
TOSHIBA eco Utility (Version: 2.0.3.6403)
TOSHIBA Function Key (Version: 1.00.6630.6403)
TOSHIBA Manuals (x32 Version: 10.10)
TOSHIBA Password Utility (x32 Version: 3.00.342)
TOSHIBA PC Health Monitor (Version: 1.9.02.6402)
TOSHIBA Recovery Media Creator (x32 Version: 3.0.01.55004008)
TOSHIBA Resolution+ Plug-in for Windows Media Player (x32 Version: 1.2.6.0)
TOSHIBA Service Station (Version: 2.5.6)
TOSHIBA System Driver (x32 Version: 1.00.0020)
TOSHIBA System Settings (x32 Version: 1.00.0007.32003)
Toshiba TEMPRO (x32 Version: 4.3.3)
TOSHIBA VIDEO PLAYER (Version: 5.3.5.59)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update for PDF Writer (HKCU)
Update Installer for WildTangent Games App (x32)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)

==================== Restore Points =========================

17-09-2013 16:59:47 Installed Java 7 Update 40
22-09-2013 18:56:28 Windows Update
28-09-2013 17:43:44 Windows Update
11-10-2013 13:36:43 Windows Update

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2D676536-31D6-448F-900A-6508A3E63E7F} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-03-19] (TOSHIBA Corporation)
Task: {2F3B320D-8DA9-4371-ADE6-70CE67038997} - System32\Tasks\DigitalSite => C:\Users\Phil\AppData\Roaming\DIGITA~1\UPDATE~1\UP DATE~1.EXE
Task: {71993921-17EF-4096-A590-9C810E16178B} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {79DF6308-1570-4E21-98D8-210CA43A3EA7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1700735764-1372277227-1461843278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8BC2125E-29AA-49FF-9585-9CD74606232F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-02] (Synaptics Incorporated)
Task: {A26C056F-7D35-4A06-B67D-6B6B7B1B0078} - \DSite No Task File
Task: {AEB8BFD0-62CE-4ABF-9AEA-96E0AD2CAD8E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1700735764-1372277227-1461843278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C1581511-4821-4342-8223-A98A37A12C42} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-01-04] (Toshiba Europe GmbH)
Task: {E0F54520-BAE2-4541-AE24-C9D803280238} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {E4BA03FD-919C-47B0-85E8-428A5E7D7962} - System32\Tasks\OfficeSoftwareProtectionPlatform\Sv cRestartTask => Sc.exe start osppsvc
Task: {EA0212A7-932B-4296-A29B-D42E6BD2F0B7} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: C:\windows\Tasks\DigitalSite.job => C:\Users\Phil\AppData\Roaming\DIGITA~1\UPDATE~1\UP DATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2013-09-09 15:38 - 2011-10-04 22:43 - 00087552 _____ () C:\windows\System32\custmon64i.dll
2013-05-23 20:37 - 2013-04-02 11:42 - 00176024 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShared\ ErrorReporting\ErrorReporting.dll
2013-03-10 16:54 - 2013-02-22 06:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-06-26 07:59 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-30 21:55 - 2013-08-02 00:24 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-08-30 21:55 - 2013-08-02 00:24 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-30 21:55 - 2013-08-02 00:24 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-10-03 10:41 - 2013-10-03 10:42 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mcpltsvc => ""=""

==================== Faulty Device Manager Devices =============

Name: MyBookWorld
Description: My Book World Edition Network Storage
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: Western Digital Corporation
Service: UmPass
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2013 10:41:52 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 24.0.0.5001 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1010

Start Time: 01cec8c154a8e411

Termination Time: 22

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: c61c5fa9-34b4-11e3-be90-24fd52f9412f

Faulting package full name:

Faulting package-relative application ID:

Error: (10/13/2013 09:30:17 PM) (Source: Application Hang) (User: )
Description: The program Spotify.exe version 0.9.1.57 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10bc

Start Time: 01cec8281360d72c

Termination Time: 4294967295

Application Path: C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe

Report Id: 3d4f870f-3446-11e3-be90-24fd52f9412f

Faulting package full name:

Faulting package-relative application ID:

Error: (10/13/2013 08:47:07 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a0c

Start Time: 01cec80c041d9302

Termination Time: 0

Application Path: C:\windows\Explorer.EXE

Report Id: 39ab611f-3440-11e3-be90-24fd52f9412f

Faulting package full name:

Faulting package-relative application ID:

Error: (10/13/2013 08:22:42 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/12/2013 11:21:56 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/11/2013 10:33:28 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/11/2013 10:14:52 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/10/2013 05:47:37 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/09/2013 07:18:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_8_800_168.exe, version: 11.8.800.168, time stamp: 0x52223bb7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x72fd2366
Faulting process ID: 0x189c
Faulting application start time: 0xFlashPlayerPlugin_11_8_800_168.exe0
Faulting application path: FlashPlayerPlugin_11_8_800_168.exe1
Faulting module path: FlashPlayerPlugin_11_8_800_168.exe2
Report ID: FlashPlayerPlugin_11_8_800_168.exe3
Faulting package full name: FlashPlayerPlugin_11_8_800_168.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_8_800_168.exe5

Error: (10/09/2013 07:18:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_8_800_168.exe, version: 11.8.800.168, time stamp: 0x52223bb7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00001a5
Fault offset: 0x02aa4fa0
Faulting process ID: 0x189c
Faulting application start time: 0xFlashPlayerPlugin_11_8_800_168.exe0
Faulting application path: FlashPlayerPlugin_11_8_800_168.exe1
Faulting module path: FlashPlayerPlugin_11_8_800_168.exe2
Report ID: FlashPlayerPlugin_11_8_800_168.exe3
Faulting package full name: FlashPlayerPlugin_11_8_800_168.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_8_800_168.exe5


System errors:
=============
Error: (10/11/2013 10:27:31 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (10/11/2013 10:17:35 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (10/11/2013 08:55:05 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (10/05/2013 10:06:26 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (09/30/2013 09:49:34 AM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (09/28/2013 06:48:07 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (09/27/2013 08:14:40 PM) (Source: DCOM) (User: PHILLIP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}PhillipPhilS-1-5-21-1700735764-1372277227-1461843278-1001LocalHost (Using LRPC)Microsoft.BingFinance_1.7.0.38_x64__8wekyb3d8 bbweS-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472

Error: (09/25/2013 07:20:13 PM) (Source: DCOM) (User: PHILLIP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}PhillipPhilS-1-5-21-1700735764-1372277227-1461843278-1001LocalHost (Using LRPC)Microsoft.BingFinance_1.7.0.38_x64__8wekyb3d8 bbweS-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472

Error: (09/25/2013 07:20:08 PM) (Source: DCOM) (User: PHILLIP)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}PhillipPhilS-1-5-21-1700735764-1372277227-1461843278-1001LocalHost (Using LRPC)Microsoft.BingFinance_1.7.0.38_x64__8wekyb3d8 bbweS-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472

Error: (09/22/2013 07:42:51 PM) (Source: Service Control Manager) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (10/14/2013 10:41:52 AM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.5001101001cec8c154a8e41122C:\Pro gram Files (x86)\Mozilla Firefox\firefox.exec61c5fa9-34b4-11e3-be90-24fd52f9412f

Error: (10/13/2013 09:30:17 PM) (Source: Application Hang)(User: )
Description: Spotify.exe0.9.1.5710bc01cec8281360d72c4294967295C :\Users\Phil\AppData\Roaming\Spotify\Spotify.exe3d 4f870f-3446-11e3-be90-24fd52f9412f

Error: (10/13/2013 08:47:07 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.2.9200.16628a0c01cec80c041d93020C:\w indows\Explorer.EXE39ab611f-3440-11e3-be90-24fd52f9412f

Error: (10/13/2013 08:22:42 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/12/2013 11:21:56 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/11/2013 10:33:28 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/11/2013 10:14:52 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/10/2013 05:47:37 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/09/2013 07:18:18 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_8_800_168.exe11.8.800.1685222 3bb7unknown0.0.0.000000000c000000572fd2366189c01ce c51bed61b7aeC:\windows\SysWOW64\Macromed\Flash\Fla shPlayerPlugin_11_8_800_168.exeunknown2b9fb496-310f-11e3-be8d-24fd52f9412f

Error: (10/09/2013 07:18:17 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_8_800_168.exe11.8.800.1685222 3bb7unknown0.0.0.000000000c00001a502aa4fa0189c01ce c51bed61b7aeC:\windows\SysWOW64\Macromed\Flash\Fla shPlayerPlugin_11_8_800_168.exeunknown2b156a80-310f-11e3-be8d-24fd52f9412f


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 3971.27 MB
Available physical RAM: 2602.25 MB
Total Pagefile: 4675.27 MB
Available Pagefile: 3220.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI31121600A) (Fixed) (Total:686.56 GB) (Free:639.98 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 699 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 09:21 AM.