Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Blackhole infection


  • This topic is locked This topic is locked
50 replies to this topic

#1 jetlink

jetlink

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 02 January 2014 - 08:38 AM

Hi guys, new to the site and not sure what to do, so i'm very glad to have found a place where you can get proper assistance in these matters and I'm very thankful for  this. (sorry for bad english, scandinavian here)
 
My antivirus just blocked what I believe might be a blackhole intrusion, as more users got the same warning from the source that started it.
 
I downloaded malwarebytes as a security measure, which keeps popping up messages about blocked connections, but I have no skills of my own to get rid of the problem. Where do I begin? Any help would be exremely appreciated!
 
Thank you!
 
Edit: Sorry, here is the DDS log
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Patrick at 14:42:04 on 2014-01-02
Microsoft Windows 8  6.2.9200.0.1252.46.1053.18.8007.4112 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\RfBtnSvc64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files (x86)\RadioController\RfBtnHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://acer13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [uTorrent] "C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify Web Helper] "C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [LManager] <no file>
mRunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\2d2d05db-2f99-439c-85b3-91ff5a6c40a5.exe /check
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 195.54.122.199 195.54.122.204
TCP: Interfaces\{2A1585BF-74FE-4AF7-BBC1-68AA6D908D2F} : DHCPNameServer = 195.54.122.199 195.54.122.204
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\9na772c8.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: !HIDDEN! 2013-08-30 13:52; {8D150B8F-EFE8-45a3-A4A3-053020F48FAC}; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-8-20 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-8-20 205320]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-20 645952]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2012-11-20 30056]
R1 aswKbd;aswKbd;C:\Windows\System32\Drivers\aswKbd.sys [2013-9-19 22600]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-8-20 1032416]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-8-20 409832]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-8-20 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-8-20 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-6 50344]
R2 BrcmCardReader;Broadcom Card Reader Service;C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-8-21 176640]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-10-24 348784]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2012-10-24 100752]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-20 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-2 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-2 701512]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-6-7 144368]
R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2012-11-20 96880]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-20 364416]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\Drivers\b57xdbd.sys [2012-8-13 72280]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\Drivers\b57xdmp.sys [2012-8-13 21080]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-17 1393240]
R3 bScsiMSa;bScsiMSa;C:\Windows\System32\Drivers\bScsiMSa.sys [2012-6-19 55384]
R3 bScsiSDa;bScsiSDa;C:\Windows\System32\Drivers\bScsiSDa.sys [2012-8-14 70744]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1404000.028\ccsetx64.sys [2013-6-7 169048]
R3 ePowerSvc;ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-8-23 658576]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-5-19 138912]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-10-24 330640]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130717.001\IDSviA64.sys [2013-7-18 513184]
R3 IntcDAud;Intel® bildskärmsljud;C:\Windows\System32\Drivers\IntcDAud.sys [2012-10-29 342528]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\Drivers\k57nd60a.sys [2012-6-2 425472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-1-2 25928]
R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2012-11-20 26736]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-30 1498768]
R3 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1404000.028\symds64.sys [2013-6-7 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1404000.028\symefa64.sys [2013-6-7 1139800]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\ironx64.sys [2013-6-7 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-6-7 433752]
R3 xusb22;Drivrutinstjänst 22 för trådlös Xbox 360-mottagare;C:\Windows\System32\Drivers\xusb22.sys [2012-7-26 89088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-8-23 468624]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\Drivers\rdpvideominiport.sys [2013-5-19 27880]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-30 1498768]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S4 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symelam.sys [2013-6-7 23448]
.
=============== Created Last 30 ================
.
2014-01-02 12:38:25    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\Malwarebytes
2014-01-02 12:37:06    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-01-02 12:37:00    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-02 12:37:00    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 17:18:08    --------    d-----w-    C:\Users\Patrick\AppData\Local\Ubisoft Game Launcher
2014-01-01 17:17:00    77656    ----a-w-    C:\Windows\System32\XAPOFX1_5.dll
2014-01-01 17:17:00    518488    ----a-w-    C:\Windows\System32\XAudio2_7.dll
2014-01-01 17:15:59    5425496    ----a-w-    C:\Windows\System32\D3DX9_41.dll
2014-01-01 17:14:56    540688    ----a-w-    C:\Windows\System32\d3dx10_38.dll
2014-01-01 17:13:58    411496    ----a-w-    C:\Windows\System32\xactengine2_9.dll
2014-01-01 17:12:57    363288    ----a-w-    C:\Windows\System32\xactengine2_3.dll
2013-12-29 11:25:28    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\Worthless Bums
2013-12-28 11:01:30    236208    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 21:20:26    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\.minecraft
2013-12-22 10:29:57    23350272    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-22 10:29:55    22615040    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-21 20:58:16    --------    d-----w-    C:\Users\Patrick\AppData\Local\Valdis_Story_AC
2013-12-21 14:50:58    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\System
2013-12-21 14:50:56    --------    d-----w-    C:\Users\Patrick\AppData\Local\Universe Sandbox
2013-12-21 14:50:55    --------    d-sh--w-    C:\Users\Patrick\AppData\Roaming\wyUpdate AU
2013-12-21 14:50:46    74072    ----a-w-    C:\Windows\SysWow64\XAPOFX1_5.dll
2013-12-21 14:50:46    527192    ----a-w-    C:\Windows\SysWow64\XAudio2_7.dll
2013-12-21 14:50:44    22360    ----a-w-    C:\Windows\SysWow64\X3DAudio1_7.dll
2013-12-21 14:50:44    1974616    ----a-w-    C:\Windows\SysWow64\D3DCompiler_42.dll
2013-12-21 14:50:43    1892184    ----a-w-    C:\Windows\SysWow64\D3DX9_42.dll
2013-12-21 14:50:42    4379984    ----a-w-    C:\Windows\SysWow64\D3DX9_40.dll
2013-12-21 14:50:41    81768    ----a-w-    C:\Windows\SysWow64\xinput1_3.dll
2013-12-21 14:50:41    3734536    ----a-w-    C:\Windows\SysWow64\d3dx9_36.dll
2013-12-21 14:50:40    2414360    ----a-w-    C:\Windows\SysWow64\d3dx9_31.dll
2013-12-15 08:51:14    78304    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-15 08:51:13    694240    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-13 22:23:54    13661696    ----a-w-    C:\Windows\System32\Windows.UI.Xaml.dll
2013-12-13 22:23:52    10799104    ----a-w-    C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-12-13 22:23:51    914432    ----a-w-    C:\Windows\SysWow64\UIAutomationCore.dll
2013-12-13 22:23:51    1173504    ----a-w-    C:\Windows\System32\UIAutomationCore.dll
2013-12-13 22:23:50    328192    ----a-w-    C:\Windows\System32\ubpm.dll
2013-12-13 22:23:50    151896    ----a-w-    C:\Windows\System32\drivers\tpm.sys
2013-12-13 22:23:49    817152    ----a-w-    C:\Windows\System32\kerberos.dll
2013-12-13 22:23:49    61784    ----a-w-    C:\Windows\System32\drivers\crashdmp.sys
2013-12-13 22:23:49    465240    ----a-w-    C:\Windows\System32\drivers\fvevol.sys
2013-12-13 22:23:49    247296    ----a-w-    C:\Windows\SysWow64\ubpm.dll
2013-12-13 22:23:48    599040    ----a-w-    C:\Windows\System32\WSDApi.dll
2013-12-13 22:23:48    485376    ----a-w-    C:\Windows\SysWow64\WSDApi.dll
2013-12-13 22:23:47    656896    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2013-12-13 22:22:57    1300992    ----a-w-    C:\Windows\System32\gdi32.dll
2013-12-13 22:22:57    1022976    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-12-13 22:22:45    1890816    ----a-w-    C:\Windows\System32\crypt32.dll
2013-12-13 22:22:45    1569280    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-12-13 22:22:11    288768    ----a-w-    C:\Windows\System32\drivers\portcls.sys
2013-12-13 22:22:00    626688    ----a-w-    C:\Windows\System32\resutils.dll
2013-12-13 22:22:00    374784    ----a-w-    C:\Windows\System32\clusapi.dll
2013-12-13 22:22:00    1455448    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-12-13 22:20:59    2062848    ----a-w-    C:\Windows\System32\d3d11.dll
2013-12-13 22:20:59    1711616    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2013-12-13 22:20:55    312320    ----a-w-    C:\Windows\System32\msieftp.dll
2013-12-13 22:20:54    273408    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-12-13 22:20:53    420864    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-12-13 22:20:53    368640    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-12-13 22:20:42    2035712    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-12-13 22:20:40    2304512    ----a-w-    C:\Windows\System32\authui.dll
2013-12-13 22:20:37    419328    ----a-w-    C:\Windows\System32\schannel.dll
2013-12-13 22:20:37    323072    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-12-10 16:39:10    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\AVAST Software
2013-12-09 21:56:12    --------    d-----w-    C:\Users\Patrick\AppData\Local\Demiurge Studios
2013-12-03 19:46:46    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\Natural Selection 2
.
==================== Find3M  ====================
.
2013-12-06 22:26:37    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-12-06 22:26:37    205320    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-12-06 22:26:36    84328    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-06 22:26:36    1032416    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-12-06 22:26:34    92544    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-12-06 22:26:31    43152    ----a-w-    C:\Windows\avastSS.scr
2013-11-06 23:18:57    4036608    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-25 06:19:22    2241536    ----a-w-    C:\Windows\System32\wininet.dll
2013-10-25 06:19:12    915968    ----a-w-    C:\Windows\System32\uxtheme.dll
2013-10-25 06:17:57    3959808    ----a-w-    C:\Windows\System32\jscript9.dll
2013-10-25 04:45:11    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-10-25 04:43:42    2877952    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-10-19 05:45:45    62976    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-10-19 04:04:07    59392    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-10-10 11:53:35    96600    ----a-w-    C:\Windows\System32\drivers\wfplwfs.sys
2013-10-10 09:32:09    115712    ----a-w-    C:\Windows\SysWow64\cscript.exe
2013-10-10 09:30:50    162304    ----a-w-    C:\Windows\SysWow64\scrobj.dll
2013-10-10 09:30:50    156160    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2013-10-10 09:24:02    143872    ----a-w-    C:\Windows\System32\wshom.ocx
2013-10-10 09:23:41    146944    ----a-w-    C:\Windows\System32\cscript.exe
2013-10-10 09:22:46    222720    ----a-w-    C:\Windows\System32\scrobj.dll
2013-10-10 09:22:46    194048    ----a-w-    C:\Windows\System32\scrrun.dll
2013-10-10 09:21:20    1160192    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2013-10-10 09:20:43    723968    ----a-w-    C:\Windows\System32\BFE.DLL
2013-10-08 22:30:32    35328    ----a-w-    C:\Windows\SysWow64\wuapp.exe
2013-10-08 22:30:17    84992    ----a-w-    C:\Windows\SysWow64\wudriver.dll
2013-10-08 22:30:17    126976    ----a-w-    C:\Windows\SysWow64\wuwebv.dll
2013-10-08 22:28:11    40448    ----a-w-    C:\Windows\System32\wuapp.exe
2013-10-08 22:27:56    99328    ----a-w-    C:\Windows\System32\wudriver.dll
2013-10-08 22:27:56    252928    ----a-w-    C:\Windows\System32\WUSettingsProvider.dll
2013-10-08 22:27:56    1622016    ----a-w-    C:\Windows\System32\wucltux.dll
2013-10-08 22:27:56    142848    ----a-w-    C:\Windows\System32\wuwebv.dll
2013-10-08 22:27:45    175104    ----a-w-    C:\Windows\System32\storewuauth.dll
2013-10-05 06:10:20    285016    ----a-w-    C:\Windows\System32\drivers\spaceport.sys
2013-10-04 22:58:24    963232    ----a-w-    C:\Windows\System32\msvcr120.dll
.
============= FINISH: 14:44:33,23 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 2013-05-19 23:27:04
System Uptime: 2013-12-28 11:50:13 (123 hours ago)
.
Motherboard: Packard Bell | | EG50_HC_CR
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz | U3E1 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 446 GiB total, 87,689 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (IP)
Device ID: ROOT\MS_NDISWANIP\0000
Manufacturer: Microsoft
Name: WAN Miniport (IP)
PNP Device ID: ROOT\MS_NDISWANIP\0000
Service: NdisWan
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (IPv6)
Device ID: ROOT\MS_NDISWANIPV6\0000
Manufacturer: Microsoft
Name: WAN Miniport (IPv6)
PNP Device ID: ROOT\MS_NDISWANIPV6\0000
Service: NdisWan
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (Network Monitor)
Device ID: ROOT\MS_NDISWANBH\0000
Manufacturer: Microsoft
Name: WAN Miniport (Network Monitor)
PNP Device ID: ROOT\MS_NDISWANBH\0000
Service: NdisWan
.
==== System Restore Points ===================
.
RP42: 2013-12-21 13:47:10 - Schemalagd kontrollpunkt
RP44: 2013-12-29 01:44:23 - Schemalagd kontrollpunkt
RP45: 2014-01-01 18:10:41 - DirectX har installerats
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05) - Svenska
Aerena
Agatha Christie - Death on the Nile
Aloha TriPeaks
Angry Video Game Nerd Adventures
Apple-programstöd
Apple Mobile Device Support
Apple Software Update
Archeblade
µTorrent
Aura DVD Ripper Professional 1.6.2
Aura Software Manager 1.0.3
avast! Free Antivirus
Bejeweled 3
Bonjour
Broadcom Card Reader Driver Installer
BS.Player FREE
CastleStorm
ComicRack v0.9.175
Cry of Fear
CyberLink PowerDVD 10
Defender's Quest: Valley of the Forgotten
Delicious: Emily's True Love Premium Edition
DLC Quest
Door Kickers
Dritek Radio Controller
Dust: An Elysian Tail
Elsword
ETDWare PS/2-X64 11.6.13.004_WHQL
Evil Genius
Google Chrome
Google Update Helper
Governor of Poker 2 Premium Edition
Half-Life 2
Half-Life 2: Lost Coast
Hard Reset
Hotline Miami
Identity Card
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
Ironclad Tactics
Island Tribe
iTunes
Java 7 Update 25 (64-bit)
Jewel Match 3
John Deere Drive Green
Killing Floor
Launch Manager
Live Updater
Magic Academy
Malwarebytes Anti-Malware version 1.75.0.1300
Mark of the Ninja
Marvel Puzzle Quest: Dark Reign
McAfee Security Scan Plus
McPixel
Mercenary Kings
Microsoft Office
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel 2007 Help Uppdatering (KB963678)
Microsoft Office Excel MUI (Swedish) 2007
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Swedish) 2007
Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)
Microsoft Office PowerPoint MUI (Swedish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Finnish) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Swedish) 2007
Microsoft Office Proofing (Swedish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (Swedish) 2007
Microsoft Office Shared MUI (Swedish) 2007
Microsoft Office Word 2007 Help Uppdatering (KB963665)
Microsoft Office Word MUI (Swedish) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft XNA Framework Redistributable 4.0 Refresh
Mozilla Firefox 26.0 (x86 sv-SE)
Mozilla Maintenance Service
Natural Selection 2
Nero 12 Essentials OEM.a01
Nero BackItUp
Nero BackItUp 12 Essentials OEM.a01
Nero BackItUp Help (CHM)
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero Express
Nero Express Help (CHM)
Nero Launcher
Nero RescueAgent
Nero RescueAgent Help (CHM)
Nero Update
No More Room in Hell
Norton Internet Security
NVIDIA Control Panel 307.17
NVIDIA Graphics Driver 307.17
NVIDIA Install Application
NVIDIA Optimus 1.10.8
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0613
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenAL
Packard Bell Device Fast-lane
Packard Bell Power Management
Packard Bell Recovery Management
Penguins!
Plants vs. Zombies - Game of the Year
Polar Bowler
Pool Nation
Prerequisite installer
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver
Reus
Rise of the Triad
Rogue Legacy
RollerCoaster Tycoon 3: Platinum!
Sang-Froid - Tales of Werewolves
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Serious Sam 3: BFE
Shadowrun Returns
SimCity 4 Deluxe
Skype™ 6.11
Spotify
State of Decay
Steam
Steam Marines
Super Amazing Wagon Adventure
Surgeon Simulator 2013
System Requirements Lab Detection
Tales of Lagoona
Team Fortress 2
The Incredible Adventures of Van Helsing
The Raven - Legacy of a Master Thief
The Typing of The Dead: Overkill
TrackMania² Canyon
TrackMania² Stadium
Trials Evolution Gold Edition
Universe Sandbox
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update Installer for WildTangent Games App
Uplay
Valdis Story: Abyssal City
Vampire: The Masquerade - Bloodlines
Warframe
Wasteland 1 - The Original Classic
Wasteland 2
WildTangent Games
WildTangent Games App
WinRAR 4.20 (32-bit)
VLC media player 2.0.6
Volgarr the Viking
Wondershare Video Converter Ultimate(Build 6.5.1.2)
Zuma's Revenge
.
==== End Of File ===========================

Edited by Oh My, 10 January 2014 - 08:43 PM.
Removed Spoiler and Posted Attach log


BC AdBot (Login to Remove)

 


#2 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 02 January 2014 - 08:54 AM

And attach.

 

Thank you.

Attached Files


Edited by jetlink, 02 January 2014 - 09:01 AM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 AM

Posted 07 January 2014 - 08:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/519357 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 07 January 2014 - 02:45 PM

I would still very much appreciate all the help I can get :) disconnected computer from internet since messages about blocked attempts to access computer started and not sure if it's safe to connect before it's been resolved somehow. If its needed from me though, of course i'll connect the computer and post a new dds log. again, thank you in advance guys.

#5 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 07 January 2014 - 05:41 PM

Also, I apologize for being incoherent and posted attach, unzipped, without it being requested. i kind of panicked when this happened, sorry.

Edited by jetlink, 07 January 2014 - 05:41 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:41 AM

Posted 10 January 2014 - 08:57 PM

Greetings jetlink and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run this program for me. If necessary download programs onto a USB device on a clean computer and transfer the file to the infected computer.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 11 January 2014 - 05:30 PM

Thank you so much for your reply Gary, I really, really appreciate you taking this time to help me out!
FYI, I went online with this computer to post this, and believe that I am experiencing some slowdowns.
 
Here are the results from the Farbar scan, (also with a new DDS log at the bottom, Farbar and DDS were ran while offline though)
 
Again, thanks a bunch!
 
Sincerely,
Patrick.
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 05
Ran by Patrick (administrator) on CYBERDYNEPILDUR on 11-01-2014 23:21:27
Running from C:\Users\Patrick\Downloads
Windows 8 (X64) OS Language: Swedish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\Setup\New\instup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-10-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [RadioController] - C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2012-11-20] (Dritek System Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [BrowserPlugInHelper] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [1969440 2013-06-18] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-06] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [uTorrent] - C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe [1045072 2013-05-19] (BitTorrent Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-09] (Spotify Ltd)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-20] (SUPERAntiSpyware)
MountPoints2: {5bb372da-3322-11e2-be6a-806e6f6e6963} - "D:\SETUP.EXE"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM - DefaultScope {8903BDB3-4178-4396-A947-34906ED3039E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
SearchScopes: HKLM - {8903BDB3-4178-4396-A947-34906ED3039E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
SearchScopes: HKLM-x32 - {8903BDB3-4178-4396-A947-34906ED3039E} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
SearchScopes: HKCU - {8903BDB3-4178-4396-A947-34906ED3039E} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.54.122.199 195.54.122.204

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\9na772c8.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: Bitdefender QuickScan - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\9na772c8.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-01-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\9na772c8.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-08-29]
FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\9na772c8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-20]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-05-25]
CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-05-25]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp\6.0.0_0 [2013-09-02]
CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-05-25]
CHR Extension: (avast! Online Security) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0 [2013-07-18]
CHR Extension: (Norton Identity Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0 [2013-06-19]
CHR Extension: (Google Wallet) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 [2013-11-19]
CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-05-23]
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2013-06-07]

==================== Services (Whitelisted) =================

U2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-06] (AVAST Software)
U3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
U3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-10-19] (ELAN Microelectronics Corp.)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
U2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
U2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2012-11-20] (Dritek System INC.)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-06] (AVAST Software)
U1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
U2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-06] (AVAST Software)
U1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-06] (AVAST Software)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-06] ()
U1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-06] (AVAST Software)
U1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-06] (AVAST Software)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-06] ()
U3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
U3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
U3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-05-19] (Symantec Corporation)
U3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-05-19] (Symantec Corporation)
U3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130717.001\IDSvia64.sys [513184 2013-05-17] (Symantec Corporation)
U3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [89304 2014-01-03] (Malwarebytes Corporation)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130718.004\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
U3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130718.004\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
U3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-20] (Dritek System Inc.)
U3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1498768 2012-07-25] (Realtek Semiconductor Corporation                           )
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498768 2012-07-25] (Realtek Semiconductor Corporation                           )
U1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
U3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
U3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
U3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
U4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
U3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
U3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
U3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
U3 athr; \SystemRoot\system32\DRIVERS\athrx.sys [x]
U3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-11 23:21 - 2014-01-11 23:22 - 00021906 _____ C:\Users\Patrick\Downloads\FRST.txt
2014-01-11 23:21 - 2014-01-11 23:21 - 00000000 ____D C:\FRST
2014-01-11 23:19 - 2014-01-11 23:19 - 02076672 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2014-01-07 23:37 - 2014-01-07 23:39 - 00009226 _____ C:\Users\Patrick\Desktop\attach.txt
2014-01-07 23:37 - 2014-01-07 23:38 - 00022969 _____ C:\Users\Patrick\Desktop\dds.txt
2014-01-03 02:14 - 2014-01-03 02:14 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\rkill64-20600.exe
2014-01-03 02:14 - 2014-01-03 02:14 - 00000000 ____D C:\ProgramData\SUPERSetup
2014-01-03 02:12 - 2014-01-03 02:30 - 00002188 _____ C:\Users\Patrick\Desktop\Rkill.txt
2014-01-02 18:18 - 2014-01-03 02:09 - 00000000 ____D C:\AdwCleaner
2014-01-02 18:05 - 2014-01-02 18:05 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-02 17:10 - 2014-01-02 17:10 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-02 17:10 - 2014-01-02 17:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-02 17:10 - 2014-01-02 17:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-02 17:10 - 2014-01-02 17:10 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-02 17:10 - 2014-01-02 17:10 - 00000000 ____D C:\ProgramData\Oracle
2014-01-02 17:08 - 2014-01-02 17:08 - 30694824 _____ (Oracle Corporation) C:\Users\Patrick\Downloads\jre-7u45-windows-x64.exe
2014-01-02 16:34 - 2014-01-03 02:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-02 16:33 - 2014-01-03 02:13 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-02 16:31 - 2014-01-03 02:13 - 00000000 ____D C:\Users\Patrick\Desktop\mbar
2014-01-02 16:31 - 2014-01-02 16:31 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Patrick\Downloads\mbar-1.07.0.1008.exe
2014-01-02 15:34 - 2014-01-07 23:34 - 00000546 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 16e85c13-1172-485b-8c0c-88aacb51302c.job
2014-01-02 15:34 - 2014-01-04 02:00 - 00000546 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 72759f17-260e-4716-a3c2-450c6ec7ac86.job
2014-01-02 15:34 - 2014-01-02 15:34 - 00003618 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 72759f17-260e-4716-a3c2-450c6ec7ac86
2014-01-02 15:34 - 2014-01-02 15:34 - 00003536 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 16e85c13-1172-485b-8c0c-88aacb51302c
2014-01-02 15:34 - 2014-01-02 15:34 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SUPERAntiSpyware.com
2014-01-02 15:33 - 2014-01-02 15:34 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-02 15:33 - 2014-01-02 15:33 - 00001820 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-02 15:33 - 2014-01-02 15:33 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2014-01-02 15:32 - 2014-01-02 15:33 - 29249704 _____ (SUPERAntiSpyware) C:\Users\Patrick\Downloads\SUPERAntiSpyware.exe
2014-01-02 15:30 - 2014-01-02 15:30 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\QuickScan
2014-01-02 15:11 - 2014-01-02 15:11 - 01233962 _____ C:\Users\Patrick\Downloads\AdwCleaner.exe
2014-01-02 15:10 - 2014-01-02 15:11 - 05160282 _____ (Swearware) C:\Users\Patrick\Downloads\ComboFix.exe
2014-01-02 15:06 - 2014-01-02 15:06 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\rkill64.exe
2014-01-02 15:06 - 2014-01-02 15:06 - 00000000 ____D C:\Users\Patrick\Desktop\rkill
2014-01-02 15:03 - 2014-01-02 15:03 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\rkill.exe
2014-01-02 14:41 - 2014-01-02 14:41 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.com
2014-01-02 13:38 - 2014-01-02 13:38 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Malwarebytes
2014-01-02 13:37 - 2014-01-02 13:37 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 13:37 - 2014-01-02 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-02 13:37 - 2014-01-02 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 13:37 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 13:36 - 2014-01-02 13:36 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-02 11:51 - 2014-01-02 11:51 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\tdsskiller.exe
2014-01-01 22:58 - 2014-01-01 22:58 - 00000000 ___RD C:\Users\Patrick\Documents\Ubisoft
2014-01-01 18:18 - 2014-01-01 23:01 - 00000000 ____D C:\Users\Patrick\AppData\Local\Ubisoft Game Launcher
2014-01-01 18:17 - 2014-01-01 18:17 - 00001217 _____ C:\Users\Patrick\Desktop\Uplay.lnk
2014-01-01 18:17 - 2014-01-01 18:17 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-01 18:17 - 2014-01-01 18:17 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2014-01-01 18:17 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-01-01 18:17 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-01-01 18:16 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-01-01 18:16 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-01-01 18:16 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-01-01 18:16 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-01-01 18:16 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-01-01 18:16 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-01-01 18:16 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-01-01 18:16 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-01-01 18:16 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-01-01 18:16 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-01-01 18:16 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-01-01 18:16 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-01-01 18:16 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-01-01 18:16 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-01-01 18:16 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-01-01 18:16 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-01-01 18:16 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-01-01 18:16 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-01-01 18:16 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-01-01 18:16 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-01-01 18:16 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-01-01 18:16 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-01-01 18:16 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-01-01 18:15 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-01-01 18:15 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-01-01 18:15 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-01-01 18:15 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-01-01 18:15 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-01-01 18:15 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-01-01 18:15 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-01-01 18:15 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-01-01 18:15 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-01-01 18:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-01-01 18:15 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-01-01 18:15 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-01-01 18:15 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-01-01 18:15 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-01-01 18:15 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-01-01 18:15 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-01-01 18:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-01-01 18:15 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-01-01 18:15 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-01-01 18:15 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-01-01 18:15 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-01-01 18:15 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-01-01 18:15 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-01-01 18:15 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-01-01 18:15 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-01 18:15 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-01-01 18:15 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-01-01 18:15 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-01-01 18:15 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-01-01 18:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-01-01 18:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-01-01 18:15 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-01-01 18:15 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-01-01 18:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-01-01 18:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-01-01 18:15 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-01-01 18:14 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-01-01 18:14 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-01-01 18:14 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-01-01 18:14 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-01-01 18:14 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-01-01 18:14 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-01-01 18:14 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-01-01 18:14 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-01-01 18:14 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-01-01 18:14 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-01-01 18:14 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-01-01 18:14 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-01-01 18:14 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-01-01 18:14 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-01-01 18:14 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-01-01 18:14 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-01-01 18:14 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-01-01 18:14 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-01-01 18:14 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-01-01 18:14 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-01-01 18:14 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-01-01 18:14 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-01-01 18:14 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-01-01 18:14 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-01-01 18:14 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-01-01 18:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-01-01 18:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-01-01 18:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-01-01 18:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-01-01 18:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-01-01 18:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-01-01 18:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-01-01 18:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-01-01 18:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-01-01 18:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-01-01 18:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-01-01 18:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-01-01 18:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-01-01 18:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-01-01 18:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-01-01 18:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-01-01 18:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-01-01 18:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-01-01 18:13 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-01-01 18:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-01-01 18:13 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-01-01 18:13 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-01-01 18:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-01-01 18:13 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-01-01 18:13 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-01-01 18:13 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-01-01 18:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-01-01 18:13 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-01-01 18:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-01-01 18:13 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-01-01 18:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-01-01 18:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-01-01 18:13 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-01-01 18:13 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-01-01 18:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-01-01 18:13 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-01-01 18:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-01-01 18:13 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-01-01 18:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-01-01 18:13 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-01-01 18:12 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-01-01 18:12 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-01-01 18:12 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-01-01 18:12 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-01-01 18:12 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-01-01 18:12 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-01-01 18:12 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-01-01 18:12 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-01-01 18:12 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-01-01 18:12 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-01-01 18:12 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-01-01 18:12 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-01-01 18:12 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-01-01 18:12 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-01-01 18:12 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-01-01 18:12 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-01-01 18:12 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-01-01 18:12 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-01-01 18:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-01-01 18:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-01-01 18:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-01-01 18:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-01-01 18:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-01-01 18:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-01-01 18:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-01-01 18:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-01-01 18:11 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-01-01 18:11 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-12-29 12:49 - 2013-12-29 22:26 - 00000000 ____D C:\Users\Patrick\Documents\SimCity 4
2013-12-29 12:25 - 2013-12-29 12:25 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Worthless Bums
2013-12-26 22:20 - 2014-01-02 12:00 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\.minecraft
2013-12-26 22:19 - 2013-12-26 22:19 - 00675988 _____ C:\Users\Patrick\Downloads\Minecraft.exe
2013-12-21 21:58 - 2013-12-21 22:36 - 00000000 ____D C:\Users\Patrick\AppData\Local\Valdis_Story_AC
2013-12-21 15:50 - 2013-12-21 15:52 - 00000000 __SHD C:\Users\Patrick\AppData\Roaming\wyUpdate AU
2013-12-21 15:50 - 2013-12-21 15:52 - 00000000 ____D C:\Users\Patrick\Documents\Universe Sandbox
2013-12-21 15:50 - 2013-12-21 15:51 - 00000000 ____D C:\Users\Patrick\AppData\Local\Universe Sandbox
2013-12-21 15:50 - 2013-12-21 15:50 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\System
2013-12-21 15:50 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-12-21 15:50 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-12-21 15:50 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-12-21 15:50 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-12-21 15:50 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-12-21 15:50 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-12-21 15:50 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-12-21 15:50 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-12-21 15:50 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-12-20 22:46 - 2013-12-20 22:46 - 00085906 _____ C:\Users\Patrick\Downloads\DynamicURLController(1)
2013-12-20 22:46 - 2013-12-20 22:46 - 00085906 _____ C:\Users\Patrick\Downloads\DynamicURLController
2013-12-20 22:22 - 2013-12-20 22:23 - 00000000 ____D C:\Users\Patrick\Documents\Hard Reset Extended
2013-12-20 20:31 - 2013-12-20 20:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-16 22:52 - 2013-12-16 22:52 - 00321344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-15 09:51 - 2013-12-04 01:53 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-15 09:51 - 2013-12-04 01:53 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-13 23:24 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-13 23:24 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 23:24 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 23:24 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-13 23:24 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 23:24 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 23:24 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-13 23:24 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 23:24 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 23:24 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 23:24 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-13 23:24 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 23:24 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 23:24 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 23:24 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-13 23:24 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 23:24 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 23:24 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-13 23:24 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-13 23:24 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-13 23:24 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-13 23:23 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-12-13 23:23 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-12-13 23:23 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-12-13 23:23 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-12-13 23:23 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-12-13 23:23 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-12-13 23:23 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-12-13 23:23 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-12-13 23:23 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-12-13 23:23 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-12-13 23:23 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-12-13 23:23 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-12-13 23:23 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-12-13 23:22 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-13 23:22 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-13 23:22 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-13 23:22 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-13 23:22 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-13 23:22 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-13 23:22 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-13 23:22 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-12-13 23:22 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-12-13 23:21 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-12-13 23:21 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-13 23:21 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-13 23:21 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-13 23:21 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-13 23:21 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-13 23:21 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-13 23:21 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-13 23:21 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-13 23:21 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-12-13 23:21 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-13 23:21 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-12-13 23:21 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-12-13 23:21 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-12-13 23:21 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-12-13 23:21 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-12-13 23:21 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-13 23:21 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-12-13 23:21 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-13 23:21 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-12-13 23:21 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-12-13 23:21 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-12-13 23:21 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-13 23:21 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-13 23:21 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-12-13 23:21 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-12-13 23:21 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-12-13 23:21 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-13 23:21 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-12-13 23:21 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-12-13 23:20 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-13 23:20 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-13 23:20 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-13 23:20 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-13 23:20 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-13 23:20 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-13 23:20 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-13 23:20 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-13 23:20 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-13 23:20 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

==================== One Month Modified Files and Folders =======

2014-01-11 23:22 - 2014-01-11 23:21 - 00021906 _____ C:\Users\Patrick\Downloads\FRST.txt
2014-01-11 23:21 - 2014-01-11 23:21 - 00000000 ____D C:\FRST
2014-01-11 23:20 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-11 23:19 - 2014-01-11 23:19 - 02076672 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2014-01-11 23:19 - 2013-05-19 22:46 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uTorrent
2014-01-11 23:19 - 2012-11-20 16:54 - 00721676 _____ C:\Windows\system32\perfh01D.dat
2014-01-11 23:19 - 2012-11-20 16:54 - 00149042 _____ C:\Windows\system32\perfc01D.dat
2014-01-11 23:19 - 2012-07-26 08:28 - 01709686 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-11 23:16 - 2013-05-22 09:34 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Skype
2014-01-11 23:15 - 2013-05-20 10:24 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-11 23:14 - 2013-05-23 23:23 - 00001024 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-11 23:13 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-07 23:45 - 2012-07-26 06:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2014-01-07 23:44 - 2013-05-23 23:23 - 00001028 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-07 23:39 - 2014-01-07 23:37 - 00009226 _____ C:\Users\Patrick\Desktop\attach.txt
2014-01-07 23:38 - 2014-01-07 23:37 - 00022969 _____ C:\Users\Patrick\Desktop\dds.txt
2014-01-07 23:34 - 2014-01-02 15:34 - 00000546 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 16e85c13-1172-485b-8c0c-88aacb51302c.job
2014-01-07 23:33 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2014-01-07 20:49 - 2013-05-20 10:28 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-07 20:36 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-04 21:16 - 2013-05-30 01:13 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\vlc
2014-01-04 20:12 - 2013-02-02 23:46 - 00000000 ____D C:\Users\Patrick\Downloads\#instruktionsvideor
2014-01-04 16:56 - 2013-10-04 23:13 - 00000000 ____D C:\Users\Patrick\Downloads\#film & tv
2014-01-04 02:00 - 2014-01-02 15:34 - 00000546 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 72759f17-260e-4716-a3c2-450c6ec7ac86.job
2014-01-03 02:49 - 2014-01-02 16:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-03 02:30 - 2014-01-03 02:12 - 00002188 _____ C:\Users\Patrick\Desktop\Rkill.txt
2014-01-03 02:14 - 2014-01-03 02:14 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\rkill64-20600.exe
2014-01-03 02:14 - 2014-01-03 02:14 - 00000000 ____D C:\ProgramData\SUPERSetup
2014-01-03 02:13 - 2014-01-02 16:33 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-03 02:13 - 2014-01-02 16:31 - 00000000 ____D C:\Users\Patrick\Desktop\mbar
2014-01-03 02:09 - 2014-01-02 18:18 - 00000000 ____D C:\AdwCleaner
2014-01-02 18:05 - 2014-01-02 18:05 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-02 17:10 - 2014-01-02 17:10 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-02 17:10 - 2014-01-02 17:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-02 17:10 - 2014-01-02 17:10 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-02 17:10 - 2014-01-02 17:10 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-02 17:10 - 2014-01-02 17:10 - 00000000 ____D C:\ProgramData\Oracle
2014-01-02 17:08 - 2014-01-02 17:08 - 30694824 _____ (Oracle Corporation) C:\Users\Patrick\Downloads\jre-7u45-windows-x64.exe
2014-01-02 17:05 - 2012-07-26 08:21 - 00040097 _____ C:\Windows\setupact.log
2014-01-02 16:31 - 2014-01-02 16:31 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Patrick\Downloads\mbar-1.07.0.1008.exe
2014-01-02 16:24 - 2012-09-05 10:36 - 00090328 _____ C:\Windows\PFRO.log
2014-01-02 16:23 - 2013-05-21 20:27 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Spotify
2014-01-02 15:45 - 2013-10-31 11:13 - 00000000 ____D C:\Users\Patrick\Desktop\text
2014-01-02 15:34 - 2014-01-02 15:34 - 00003618 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 72759f17-260e-4716-a3c2-450c6ec7ac86
2014-01-02 15:34 - 2014-01-02 15:34 - 00003536 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 16e85c13-1172-485b-8c0c-88aacb51302c
2014-01-02 15:34 - 2014-01-02 15:34 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SUPERAntiSpyware.com
2014-01-02 15:34 - 2014-01-02 15:33 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-02 15:33 - 2014-01-02 15:33 - 00001820 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-02 15:33 - 2014-01-02 15:33 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2014-01-02 15:33 - 2014-01-02 15:32 - 29249704 _____ (SUPERAntiSpyware) C:\Users\Patrick\Downloads\SUPERAntiSpyware.exe
2014-01-02 15:30 - 2014-01-02 15:30 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\QuickScan
2014-01-02 15:11 - 2014-01-02 15:11 - 01233962 _____ C:\Users\Patrick\Downloads\AdwCleaner.exe
2014-01-02 15:11 - 2014-01-02 15:10 - 05160282 _____ (Swearware) C:\Users\Patrick\Downloads\ComboFix.exe
2014-01-02 15:06 - 2014-01-02 15:06 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\rkill64.exe
2014-01-02 15:06 - 2014-01-02 15:06 - 00000000 ____D C:\Users\Patrick\Desktop\rkill
2014-01-02 15:03 - 2014-01-02 15:03 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\rkill.exe
2014-01-02 14:41 - 2014-01-02 14:41 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.com
2014-01-02 13:38 - 2014-01-02 13:38 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Malwarebytes
2014-01-02 13:37 - 2014-01-02 13:37 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 13:37 - 2014-01-02 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-02 13:37 - 2014-01-02 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 13:36 - 2014-01-02 13:36 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-02 12:00 - 2013-12-26 22:20 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\.minecraft
2014-01-02 11:51 - 2014-01-02 11:51 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\tdsskiller.exe
2014-01-01 23:52 - 2013-05-20 12:38 - 00046967 _____ C:\Windows\DirectX.log
2014-01-01 23:01 - 2014-01-01 18:18 - 00000000 ____D C:\Users\Patrick\AppData\Local\Ubisoft Game Launcher
2014-01-01 22:58 - 2014-01-01 22:58 - 00000000 ___RD C:\Users\Patrick\Documents\Ubisoft
2014-01-01 18:17 - 2014-01-01 18:17 - 00001217 _____ C:\Users\Patrick\Desktop\Uplay.lnk
2014-01-01 18:17 - 2014-01-01 18:17 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-01 18:17 - 2014-01-01 18:17 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-29 23:21 - 2013-05-23 23:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1897009631-4170216785-4227622520-1002
2013-12-29 22:26 - 2013-12-29 12:49 - 00000000 ____D C:\Users\Patrick\Documents\SimCity 4
2013-12-29 12:25 - 2013-12-29 12:25 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Worthless Bums
2013-12-28 11:50 - 2013-05-19 22:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-27 16:05 - 2013-05-19 22:27 - 01655523 _____ C:\Windows\WindowsUpdate.log
2013-12-26 22:19 - 2013-12-26 22:19 - 00675988 _____ C:\Users\Patrick\Downloads\Minecraft.exe
2013-12-26 15:56 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-22 13:41 - 2013-09-01 15:23 - 00000000 ____D C:\Windows\system32\MRT
2013-12-21 22:36 - 2013-12-21 21:58 - 00000000 ____D C:\Users\Patrick\AppData\Local\Valdis_Story_AC
2013-12-21 15:52 - 2013-12-21 15:50 - 00000000 __SHD C:\Users\Patrick\AppData\Roaming\wyUpdate AU
2013-12-21 15:52 - 2013-12-21 15:50 - 00000000 ____D C:\Users\Patrick\Documents\Universe Sandbox
2013-12-21 15:51 - 2013-12-21 15:50 - 00000000 ____D C:\Users\Patrick\AppData\Local\Universe Sandbox
2013-12-21 15:50 - 2013-12-21 15:50 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\System
2013-12-21 12:36 - 2013-05-21 20:27 - 00000000 ____D C:\Users\Patrick\AppData\Local\Spotify
2013-12-20 22:46 - 2013-12-20 22:46 - 00085906 _____ C:\Users\Patrick\Downloads\DynamicURLController(1)
2013-12-20 22:46 - 2013-12-20 22:46 - 00085906 _____ C:\Users\Patrick\Downloads\DynamicURLController
2013-12-20 22:23 - 2013-12-20 22:22 - 00000000 ____D C:\Users\Patrick\Documents\Hard Reset Extended
2013-12-20 20:31 - 2013-12-20 20:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 18:58 - 2013-08-20 01:27 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-19 19:53 - 2013-10-03 14:31 - 00000000 ____D C:\Users\Patrick\Downloads\Subs
2013-12-16 22:52 - 2013-12-16 22:52 - 00321344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-15 11:18 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-12-15 01:20 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-12-15 01:20 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-15 01:19 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2013-12-14 12:00 - 2013-06-13 14:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-14 11:56 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-13 23:12 - 2013-05-19 23:30 - 00000000 ____D C:\Users\Patrick\AppData\Local\CrashDumps
2013-12-13 22:57 - 2013-01-21 03:34 - 00000000 ____D C:\Users\Patrick\Documents\My Games
2013-12-13 22:55 - 2013-10-17 22:14 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-12 19:30 - 2013-05-22 09:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-12 19:30 - 2013-05-22 09:34 - 00000000 ____D C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\COMAP.EXE
C:\Users\Patrick\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Patrick\AppData\Local\Temp\ose00000.exe
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrick\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-29 00:02

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 05
Ran by Patrick at 2014-01-11 23:22:57
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

µTorrent (x32 Version: 3.3.0.29677 - BitTorrent Inc.)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Svenska (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Aerena (x32 Version:  - Cliffhanger Productions)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Angry Video Game Nerd Adventures (x32 Version:  - FreakZone Games)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Apple-programstöd (x32 Version: 2.3.6 - Apple Inc.)
Archeblade (x32 Version:  - CodeBrush Games)
Aura DVD Ripper Professional 1.6.2 (x32 Version:  - Aura4You.com)
Aura Software Manager 1.0.3 (x32 Version:  - aura4you.com)
avast! Free Antivirus (x32 Version: 9.0.2008 - Avast Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (Version: 15.4.7.1 - Broadcom Corporation)
BS.Player FREE (x32 Version: 2.65.1074 - AB Team, d.o.o.)
CastleStorm (x32 Version:  - Zen Studios)
ComicRack v0.9.175 (Version: v0.9.175 - cYo Soft)
Cry of Fear (x32 Version:  - Team Psykskallar)
CyberLink PowerDVD 10 (x32 Version: 10.0.4220.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4220.52 - CyberLink Corp.) Hidden
Defender's Quest: Valley of the Forgotten (x32 Version:  - Level Up Labs, LLC)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
DLC Quest (x32 Version:  - Going Loud Studios)
Door Kickers (x32 Version:  - Killhouse Games)
Dritek Radio Controller (x32 Version: 2.02.2001.0803 - Dritek System Inc.)
Dust: An Elysian Tail (x32 Version:  - )
Elsword (x32 Version:  - KOG)
ETDWare PS/2-X64 11.6.13.004_WHQL (Version: 11.6.13.004 - ELAN Microelectronic Corp.)
Evil Genius (x32 Version:  - Elixir Studios)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Half-Life 2 (x32 Version:  - Valve)
Half-Life 2: Lost Coast (x32 Version:  - Valve)
Hard Reset (x32 Version:  - Flying Wild Hog)
Hotline Miami (x32 Version:  - Dennaton Games)
Identity Card (x32 Version: 2.00.3004 - Packard Bell)
Intel® Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 11.5.4.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Ironclad Tactics (x32 Version:  - Zachtronics)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (Version: 11.1.1.11 - Apple Inc.)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Killing Floor (x32 Version:  - Tripwire Interactive)
Launch Manager (x32 Version: 7.0.7 - Packard Bell)
Live Updater (x32 Version: 2.00.3004 - Packard Bell)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mark of the Ninja (x32 Version:  - Klei Entertainment)
Marvel Puzzle Quest: Dark Reign (x32 Version:  - )
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
McPixel (x32 Version:  - Sos)
Mercenary Kings (x32 Version:  - Tribute Games Inc.)
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel 2007 Help Uppdatering (KB963678) (x32 Version:  - Microsoft)
Microsoft Office Excel MUI (Swedish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Swedish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (x32 Version:  - Microsoft)
Microsoft Office PowerPoint MUI (Swedish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Finnish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Swedish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Swedish) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (Swedish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Swedish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help Uppdatering (KB963665) (x32 Version:  - Microsoft)
Microsoft Office Word MUI (Swedish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (x32 Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (x32 Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 sv-SE) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Natural Selection 2 (x32 Version:  - Unknown Worlds Entertainment)
Nero 12 Essentials OEM.a01 (x32 Version: 12.5.00000 - Nero AG)
Nero BackItUp (x32 Version: 12.0.0016 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00000 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.14500.0.45 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.16900.1.27 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.16001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
No More Room in Hell (x32 Version:  - No More Room in Hell Team)
Norton Internet Security (x32 Version: 20.4.0.40 - Symantec Corporation)
NVIDIA Control Panel 307.17 (Version: 307.17 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 307.17 (Version: 307.17 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OpenAL (x32 Version:  - )
Packard Bell Device Fast-lane (Version: 1.00.3007 - Packard Bell)
Packard Bell Power Management (Version: 7.00.3006 - Packard Bell)
Packard Bell Recovery Management (Version: 6.00.3011 - Packard Bell)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pool Nation (x32 Version:  - Cherry Pop Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.13.0705 - REALTEK Semiconductor Corp.)
Reus (x32 Version:  - )
Rise of the Triad (x32 Version:  - Interceptor Entertainment)
Rogue Legacy (x32 Version:  - Cellar Door Games)
RollerCoaster Tycoon 3: Platinum! (x32 Version:  - Frontier)
Sang-Froid - Tales of Werewolves (x32 Version:  - Artifice Studio)
Serious Sam 3: BFE (x32 Version:  - Croteam)
Shadowrun Returns (x32 Version:  - Harebrained Schemes)
SimCity 4 Deluxe (x32 Version:  - EA - Maxis)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spotify (x32 Version: 0.8.4.99.ga249b5f1 - Spotify AB)
State of Decay (x32 Version:  - )
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Steam Marines (x32 Version:  - )
Super Amazing Wagon Adventure (x32 Version:  - sparsevector)
SUPERAntiSpyware (Version: 5.7.1016 - SUPERAntiSpyware.com)
Surgeon Simulator 2013 (x32 Version:  - Bossa Studios)
System Requirements Lab Detection (x32 Version: 1.0.5.0 - Husdawg, LLC)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Team Fortress 2 (x32 Version:  - Valve)
The Incredible Adventures of Van Helsing (x32 Version:  - NeocoreGames)
The Raven - Legacy of a Master Thief (x32 Version:  - KING Art)
The Typing of The Dead: Overkill (x32 Version:  - Modern Dream)
TrackMania² Canyon (x32 Version:  - Nadeo)
TrackMania² Stadium (x32 Version:  - Nadeo)
Trials Evolution Gold Edition (x32 Version:  - Redlynx Ltd)
Universe Sandbox (x32 Version:  - Giant Army)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (x32 Version: 2.0 - Ubisoft)
Valdis Story: Abyssal City (x32 Version:  - )
Vampire: The Masquerade - Bloodlines (x32 Version:  - Troika Games)
Warframe (x32 Version:  - )
Wasteland 1 - The Original Classic (x32 Version:  - inXile Entertainment)
Wasteland 2 (x32 Version:  - inXile Entertainment)
WildTangent Games (x32 Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0 - win.rar GmbH)
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
Volgarr the Viking (x32 Version:  - Crazy Viking Studios)
Wondershare Video Converter Ultimate(Build 6.5.1.2) (x32 Version: 6.5.1.2 - Wondershare Software)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

21-12-2013 12:47:10 Schemalagd kontrollpunkt
29-12-2013 00:44:23 Schemalagd kontrollpunkt
01-01-2014 17:10:41 DirectX har installerats
11-01-2014 22:19:22 avast! antivirus system restore point

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0EDBA3A5-7987-4494-87B5-C38F6F71B96C} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2012-08-23] (Acer Incorporated)
Task: {146C2C02-D431-4247-B368-A2723F83D902} - System32\Tasks\SUPERAntiSpyware Scheduled Task 72759f17-260e-4716-a3c2-450c6ec7ac86 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {14CDC5F0-C933-450E-A8A4-256AE0D74ABE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {25875D50-D32C-4DE2-8167-CDE77A1405E2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {28014FD4-E415-4769-92DE-193B3C90F67D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-06] (AVAST Software)
Task: {312BC181-913D-460A-98E9-E16E13F4C10F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {33A59827-403E-467D-905F-1575024FD8C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23] (Google Inc.)
Task: {5018B6E5-7FA6-4A44-90B6-169F1A920D19} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2012-08-30] ()
Task: {7CF6E065-E857-4E12-96CE-2611DDD40065} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {9C1842DE-362D-4E5A-85BF-832DC1539256} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {9E32F70D-1D5C-47FD-AC74-440E97BF3196} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F88C0853-9C75-41C0-B7C7-669561DFD32E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23] (Google Inc.)
Task: {F9C31431-2E0F-4E2E-8F9D-FD5C218663B5} - System32\Tasks\SUPERAntiSpyware Scheduled Task 16e85c13-1172-485b-8c0c-88aacb51302c => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {FE66FF61-4D00-43A2-B0D2-B098E81A5C0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 16e85c13-1172-485b-8c0c-88aacb51302c.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 72759f17-260e-4716-a3c2-450c6ec7ac86.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2013-10-09 15:03 - 2013-10-09 15:04 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-10-29 06:33 - 2012-10-23 19:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-11 23:18 - 2014-01-11 17:34 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\14011101\algo.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-23 17:30 - 2013-11-06 22:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-05-03 14:35 - 2013-12-11 20:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 15:16 - 2013-11-06 22:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 08:51 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-12-06 23:26 - 2013-12-06 23:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-20 20:31 - 2013-12-20 20:31 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-06-07 16:59 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2012-11-20 16:06 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:96D0C06F

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38054828.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38054828.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Tj�nsten �r redan ig�ng.

Du kan f� mer hj�lp genom att skriva NET HELPMSG 2182.


==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 8007.27 MB
Available physical RAM: 5639.92 MB
Total Pagefile: 9223.27 MB
Available Pagefile: 6726.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:446.19 GB) (Free:129.21 GB) NTFS
Drive d: (OFFICE12) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: F750D0AE)

Partition: GPT Partition Type
==================== End Of Log ============================
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Patrick at 23:26:23 on 2014-01-11
Microsoft Windows 8  6.2.9200.0.1252.46.1053.18.8007.5569 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\RfBtnSvc64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhostex.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\igfxext.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files (x86)\RadioController\RfBtnHelper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\McAfee Security Scan\3.8.130\McUicnt.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\Patrick\Downloads\FRST64.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://acer13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [uTorrent] "C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify Web Helper] "C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [LManager] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 195.54.122.199 195.54.122.204
TCP: Interfaces\{2A1585BF-74FE-4AF7-BBC1-68AA6D908D2F} : DHCPNameServer = 195.54.122.199 195.54.122.204
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\9na772c8.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\9na772c8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: !HIDDEN! 2013-08-30 13:52; {8D150B8F-EFE8-45a3-A4A3-053020F48FAC}; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-8-20 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-8-20 205320]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-20 645952]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2012-11-20 30056]
R1 aswKbd;aswKbd;C:\Windows\System32\Drivers\aswKbd.sys [2013-9-19 22600]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-8-20 1032416]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-8-20 409832]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-8-20 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-8-20 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-6 50344]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-10-24 348784]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2012-10-24 100752]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-20 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-2 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-2 701512]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-6-7 144368]
R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2012-11-20 96880]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-20 364416]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\Drivers\b57xdbd.sys [2012-8-13 72280]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\Drivers\b57xdmp.sys [2012-8-13 21080]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-17 1393240]
R3 bScsiMSa;bScsiMSa;C:\Windows\System32\Drivers\bScsiMSa.sys [2012-6-19 55384]
R3 bScsiSDa;bScsiSDa;C:\Windows\System32\Drivers\bScsiSDa.sys [2012-8-14 70744]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1404000.028\ccsetx64.sys [2013-6-7 169048]
R3 ePowerSvc;ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-8-23 658576]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-5-19 138912]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-10-24 330640]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130717.001\IDSviA64.sys [2013-7-18 513184]
R3 IntcDAud;Intel® bildskärmsljud;C:\Windows\System32\Drivers\IntcDAud.sys [2012-10-29 342528]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\Drivers\k57nd60a.sys [2012-6-2 425472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-1-2 25928]
R3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2012-11-20 26736]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-30 1498768]
R3 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1404000.028\symds64.sys [2013-6-7 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1404000.028\symefa64.sys [2013-6-7 1139800]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\ironx64.sys [2013-6-7 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-6-7 433752]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-8-23 468624]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\Drivers\mbamchameleon.sys [2014-1-2 89304]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\Drivers\rdpvideominiport.sys [2013-5-19 27880]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-30 1498768]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S3 xusb22;Drivrutinstjänst 22 för trådlös Xbox 360-mottagare;C:\Windows\System32\Drivers\xusb22.sys [2012-7-26 89088]
S4 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symelam.sys [2013-6-7 23448]
.
=============== Created Last 30 ================
.
2014-01-11 22:21:03    --------    d-----w-    C:\FRST
2014-01-03 01:14:28    --------    d-----w-    C:\ProgramData\SUPERSetup
2014-01-02 17:18:07    --------    d-----w-    C:\AdwCleaner
2014-01-02 17:05:02    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-01-02 16:10:47    --------    d-----w-    C:\ProgramData\Oracle
2014-01-02 16:10:15    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-01-02 15:34:01    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-02 15:33:33    89304    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-02 14:34:11    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\SUPERAntiSpyware.com
2014-01-02 14:33:28    --------    d-----w-    C:\ProgramData\SUPERAntiSpyware.com
2014-01-02 14:33:28    --------    d-----w-    C:\Program Files\SUPERAntiSpyware
2014-01-02 14:30:37    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\QuickScan
2014-01-02 12:38:25    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\Malwarebytes
2014-01-02 12:37:06    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-01-02 12:37:00    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-02 12:37:00    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 17:18:08    --------    d-----w-    C:\Users\Patrick\AppData\Local\Ubisoft Game Launcher
2014-01-01 17:17:00    77656    ----a-w-    C:\Windows\System32\XAPOFX1_5.dll
2014-01-01 17:17:00    518488    ----a-w-    C:\Windows\System32\XAudio2_7.dll
2014-01-01 17:15:59    5425496    ----a-w-    C:\Windows\System32\D3DX9_41.dll
2014-01-01 17:14:56    540688    ----a-w-    C:\Windows\System32\d3dx10_38.dll
2014-01-01 17:13:58    411496    ----a-w-    C:\Windows\System32\xactengine2_9.dll
2014-01-01 17:12:57    363288    ----a-w-    C:\Windows\System32\xactengine2_3.dll
2013-12-29 11:25:28    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\Worthless Bums
2013-12-28 11:01:30    236208    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 21:20:26    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\.minecraft
2013-12-22 10:29:57    23350272    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-22 10:29:55    22615040    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-21 20:58:16    --------    d-----w-    C:\Users\Patrick\AppData\Local\Valdis_Story_AC
2013-12-21 14:50:58    --------    d-----w-    C:\Users\Patrick\AppData\Roaming\System
2013-12-21 14:50:56    --------    d-----w-    C:\Users\Patrick\AppData\Local\Universe Sandbox
2013-12-21 14:50:55    --------    d-sh--w-    C:\Users\Patrick\AppData\Roaming\wyUpdate AU
2013-12-21 14:50:46    74072    ----a-w-    C:\Windows\SysWow64\XAPOFX1_5.dll
2013-12-21 14:50:46    527192    ----a-w-    C:\Windows\SysWow64\XAudio2_7.dll
2013-12-21 14:50:44    22360    ----a-w-    C:\Windows\SysWow64\X3DAudio1_7.dll
2013-12-21 14:50:44    1974616    ----a-w-    C:\Windows\SysWow64\D3DCompiler_42.dll
2013-12-21 14:50:43    1892184    ----a-w-    C:\Windows\SysWow64\D3DX9_42.dll
2013-12-21 14:50:42    4379984    ----a-w-    C:\Windows\SysWow64\D3DX9_40.dll
2013-12-21 14:50:41    81768    ----a-w-    C:\Windows\SysWow64\xinput1_3.dll
2013-12-21 14:50:41    3734536    ----a-w-    C:\Windows\SysWow64\d3dx9_36.dll
2013-12-21 14:50:40    2414360    ----a-w-    C:\Windows\SysWow64\d3dx9_31.dll
2013-12-15 08:51:14    78304    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-15 08:51:13    694240    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-13 22:23:54    13661696    ----a-w-    C:\Windows\System32\Windows.UI.Xaml.dll
2013-12-13 22:23:52    10799104    ----a-w-    C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-12-13 22:23:51    914432    ----a-w-    C:\Windows\SysWow64\UIAutomationCore.dll
2013-12-13 22:23:51    1173504    ----a-w-    C:\Windows\System32\UIAutomationCore.dll
2013-12-13 22:23:50    328192    ----a-w-    C:\Windows\System32\ubpm.dll
2013-12-13 22:23:50    151896    ----a-w-    C:\Windows\System32\drivers\tpm.sys
2013-12-13 22:23:49    817152    ----a-w-    C:\Windows\System32\kerberos.dll
2013-12-13 22:23:49    61784    ----a-w-    C:\Windows\System32\drivers\crashdmp.sys
2013-12-13 22:23:49    465240    ----a-w-    C:\Windows\System32\drivers\fvevol.sys
2013-12-13 22:23:49    247296    ----a-w-    C:\Windows\SysWow64\ubpm.dll
2013-12-13 22:23:48    599040    ----a-w-    C:\Windows\System32\WSDApi.dll
2013-12-13 22:23:48    485376    ----a-w-    C:\Windows\SysWow64\WSDApi.dll
2013-12-13 22:23:47    656896    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2013-12-13 22:22:57    1300992    ----a-w-    C:\Windows\System32\gdi32.dll
2013-12-13 22:22:57    1022976    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-12-13 22:22:45    1890816    ----a-w-    C:\Windows\System32\crypt32.dll
2013-12-13 22:22:45    1569280    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-12-13 22:22:11    288768    ----a-w-    C:\Windows\System32\drivers\portcls.sys
2013-12-13 22:22:00    626688    ----a-w-    C:\Windows\System32\resutils.dll
2013-12-13 22:22:00    374784    ----a-w-    C:\Windows\System32\clusapi.dll
2013-12-13 22:22:00    1455448    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-12-13 22:20:59    2062848    ----a-w-    C:\Windows\System32\d3d11.dll
2013-12-13 22:20:59    1711616    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2013-12-13 22:20:55    312320    ----a-w-    C:\Windows\System32\msieftp.dll
2013-12-13 22:20:54    273408    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-12-13 22:20:53    420864    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-12-13 22:20:53    368640    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-12-13 22:20:42    2035712    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-12-13 22:20:40    2304512    ----a-w-    C:\Windows\System32\authui.dll
2013-12-13 22:20:37    419328    ----a-w-    C:\Windows\System32\schannel.dll
2013-12-13 22:20:37    323072    ----a-w-    C:\Windows\SysWow64\schannel.dll
.
==================== Find3M  ====================
.
2013-12-06 22:26:37    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-12-06 22:26:37    205320    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-12-06 22:26:36    84328    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-06 22:26:36    1032416    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-12-06 22:26:34    92544    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-12-06 22:26:31    43152    ----a-w-    C:\Windows\avastSS.scr
2013-11-06 23:18:57    4036608    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-25 06:19:22    2241536    ----a-w-    C:\Windows\System32\wininet.dll
2013-10-25 06:19:12    915968    ----a-w-    C:\Windows\System32\uxtheme.dll
2013-10-25 06:17:57    3959808    ----a-w-    C:\Windows\System32\jscript9.dll
2013-10-25 04:45:11    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-10-25 04:43:42    2877952    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-10-19 05:45:45    62976    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-10-19 04:04:07    59392    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
.
============= FINISH: 23:27:14,35 ===============

Edited by Oh My, 13 January 2014 - 05:44 PM.


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:41 AM

Posted 11 January 2014 - 05:50 PM

Hi Patrick,

It is my pleasure to work with you to evaluate your computer which actually looks pretty good. There is one warning I need to provide and then some steps for you to take.

Please consider and perform the following for me.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Multiple Antivirus Programs

-------------------

I do not recommend that you have more than one anti virus product installed on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please remove either Norton Internet Security or avast! Antivirus, even if only one is running. You can do this via Add/Remove Programs, or Programs and Features in the Control Panel.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKLM-x32\...\Run: [LManager] - [x]
C:\Users\Patrick\AppData\Local\Temp\COMAP.EXE
C:\Users\Patrick\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Patrick\AppData\Local\Temp\ose00000.exe
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrick\AppData\Local\Temp\SkypeSetup.exe
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Temporary File Cleaner (TFC)

--------------------
  • Download TFC by OldTimer to your desktop.
  • Close any open windows
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run
  • Click the Start button to begin the process
  • Allow TFC to run uninterrupted
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean
NOTE: It's normal for the computer to boot more slowly the first time after running TFC

TFC will clear out all temporary folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. TFC only cleans temporary folders and will not clean URL history, prefetch, or cookies


===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did one of the Antivirus programs successfully uninstall?
  • Fixlog
  • Did TFC run to completion?
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#9 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 11 January 2014 - 06:44 PM

Thank you for your fast reply Gary!

 

Norton and uTorrent has been uninstalled.

TFC ran to completion with over ½ gb data removed, no reboot followed.

 

I have not received any warnings since logging on this sesion , just for my own reassurement though as my own knowledge in these matters are very low: could the damage already have been done (if any, and in that case - what would you say caused this problem to begin with?)

 

Man, I feel that I can't thank you enough Gary, and will recommend you and this site to everyone I know.!

 

Fix log below:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2014 05
Ran by Patrick at 2014-01-12 00:24:35 Run:1
Running from C:\Users\Patrick\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [LManager] - [x]
C:\Users\Patrick\AppData\Local\Temp\COMAP.EXE
C:\Users\Patrick\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Patrick\AppData\Local\Temp\ose00000.exe
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrick\AppData\Local\Temp\SkypeSetup.exe
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
*****************



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:41 AM

Posted 11 January 2014 - 06:48 PM

Hi Patrick,

You are kind and I appreciate it.

Based on your description (blocked), the current behavior of your computer, and the lack of any evidence of malicious software in your logs I would say no damage has been done.

Did you copy and paste the entire fixlog? There should be an entry at the bottom indicating FRST fixed what we told it to fix. Is your computer running any faster?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#11 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 11 January 2014 - 06:53 PM

Sorry, I stressed out a bit there. Below is the full log. As I am typing this though, Malware Bytes are warning about blocking potentially dangerous websites even though I'm only at your web page.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2014 05
Ran by Patrick at 2014-01-12 00:24:35 Run:1
Running from C:\Users\Patrick\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [LManager] - [x]
C:\Users\Patrick\AppData\Local\Temp\COMAP.EXE
C:\Users\Patrick\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Patrick\AppData\Local\Temp\ose00000.exe
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrick\AppData\Local\Temp\SkypeSetup.exe
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => Value deleted successfully.
C:\Users\Patrick\AppData\Local\Temp\COMAP.EXE => Moved successfully.
C:\Users\Patrick\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
C:\Users\Patrick\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Patrick\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\ProgramData\Temp => ":96D0C06F" ADS removed successfully.

==== End of Fixlog ====



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:41 AM

Posted 11 January 2014 - 07:39 PM

That log looks a little better, thanks.

The warnings you are getting from Malwarebytes are normal and simply let you know it is doing its job. Here are a couple of links to explain exactly what is happening and how you can turn off the notification if you'd like.

quietman7's overview of Malwarebytes

How to turn off notifications
 
After reviewing these sites do you have any concerns or questions?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#13 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 11 January 2014 - 07:54 PM

Thank you, Gary. I checked the Malware Bytes protection log and what seemed suspect was IP BLOCK for Svchost.exe. Should I still be worried?


Edited by jetlink, 11 January 2014 - 07:55 PM.


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:41 AM

Posted 11 January 2014 - 08:30 PM

Does it indicate which IP address it is attempting to connect to?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#15 jetlink

jetlink
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 12 January 2014 - 04:43 AM

Yes, 94.102.49.210 (which seems to stem from netherlands). Could this be connected to other processes, i.e Steam client or such?

 

I ran a regular search on my computer for svchost.exe and found multiple files (18 of them, 10 of them running in task manager) ranging between 2 bytes up to 29 kb. Is this normal?

 

Edit 1: Worthy to note (maybe?) is that prior to you kindly coming to my aid, I ran some anti-malware programs (tdsskiller, rkill, adwcleaner super anti spyware, malware bytes anti root kit )., without much knowledge of these programs. I hope I have not made this harder for some reason by doing this, as I know you prefer not to run these programs without your instruction.

 

Edit 2: also 222.186.19.18 and 222.186.19.10, which seems to be chinese?


Edited by jetlink, 12 January 2014 - 06:31 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users