Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

computer crash [Solved]

Started by wilma1313 , Apr 20 2014 06:49 PM

  • This topic is locked This topic is locked
120 replies to this topic

#106 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 22 July 2014 - 10:11 AM

I cannot get it to attach. I know how the function works and have used it before. It allows me to pick up the file on browse but nothing happens when I try to use the attach button.

Edited by wilma1313, 22 July 2014 - 10:23 AM.

    Advertisements

Register to Remove

#107 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 22 July 2014 - 10:49 AM

Please try zipping it and then try to attach.


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#108 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 23 July 2014 - 11:51 AM

Ok I zipped but now I don't have the paperclip icon or any way to attach to the post


#109 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 23 July 2014 - 11:53 AM

oops got it

Attached Files

  • Attached File  MBR.zip   143bytes   196 downloads

#110 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 23 July 2014 - 02:38 PM

Well.... good and bad news.  MBR is fine.  It appears to be "non standard", but clean.  It could be a modified MBR by your system manufacturer, rather than a "straight" Microsoft MBR - but not the cause of your problems.
 
Let's get an overview from FRST again.
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. (You want the 64 bit version). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • put a check mark in the box next to addition.txt
  • Press Scan button.
  • It will produce a log called FRST.txt and addition.txt in the same directory the tool is run from.
  • Please copy and paste both logs back here.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#111 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 24 July 2014 - 06:18 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2014 01
Ran by l at 2014-07-23 16:23:50
Running from C:\Users\l\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3.5901 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2509 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.3.2509 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3724 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.1.3724 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2301 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2301 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2524 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2524 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.4930 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.4930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6263.4289 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.2989 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.54744 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.21.0 - Mediatek)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID entries: ==========================

CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\l\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\l\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\l\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\l\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll No File
CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\l\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\l\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\l\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
CustomCLSID: HKU\S-1-5-21-2497467096-1107912187-4260812050-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\l\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File

==================== Restore Points  =========================

08-07-2014 16:26:23 Tweaking.com - Windows Repair
11-07-2014 13:26:11 Restore Operation
19-07-2014 08:00:51 Scheduled Checkpoint

==================== Hosts content: ==========================

2012-07-26 00:26 - 2014-07-04 14:17 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {116ACF89-149D-4527-9D8A-2B4D81952ACE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-04] (AVAST Software)
Task: {198487C3-FB56-4E08-8917-5DD5007C8D4F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2CA39437-F2BF-479F-9969-4D9925A7E54A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {42E4216B-D53E-4793-AEF8-B98A44D35CB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN22C1H152 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {5C76E07C-9D98-4A75-AA13-B59369744392} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6A652256-3B94-4C31-BFBB-F3CB5808B5B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {709DE5DF-4DA8-4924-BDF8-7A577CC96517} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-01] (CyberLink)
Task: {735F95D2-5B4B-4F5B-863C-E75549622CFA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-07-12] (Microsoft Corporation)
Task: {799825FE-73A5-480E-AD0A-4B45DFBAE5D2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {7D145831-5C8B-4025-A3EC-FBA17E2A6BBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: {93F90927-ED8B-437F-81BA-5C40E6C2E4E4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B73F3F76-7573-4E29-AFD4-02A1E933052E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C89B9738-FCE7-4177-B52B-75B4DCA93FDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {C98B8279-63B0-44F8-87D2-2793810CD57F} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-11-01] (CyberLink Corp.)
Task: {D723125F-04B8-4C05-9E96-80DD19849605} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EFAB5290-2932-48AE-AAD2-7EC39535871C} - System32\Tasks\HPCeeScheduleForl => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForl.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-05-04 16:15 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-01-10 15:35 - 2013-01-10 15:35 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2014-07-11 10:18 - 2014-05-20 11:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-07-04 13:56 - 2014-07-04 13:56 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-23 03:17 - 2014-07-23 03:17 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072201\algo.dll
2014-07-23 14:52 - 2014-07-23 14:52 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072300\algo.dll
2013-01-10 15:30 - 2013-01-10 15:30 - 00022528 _____ () C:\windows\SYSTEM32\BsTrace.dll
2013-03-22 12:06 - 2013-03-22 12:06 - 00387936 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 12:53 - 2011-07-05 12:53 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-01-10 15:35 - 2013-01-10 15:35 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2014-07-04 13:56 - 2014-07-04 13:56 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-07-17 12:27 - 2013-01-23 18:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-07-17 12:33 - 2012-06-07 22:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Garmin USB GPS
Description: Garmin USB GPS
Class Guid: {a12a4c5a-e1a3-4151-9927-7f724ca5dc92}
Manufacturer: Garmin
Service: grmnusb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2014 00:48:20 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/23/2014 03:00:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_aepdu.dll, version: 6.2.9200.16384, time stamp: 0x50109cdd
Faulting module name: msvcrt.dll, version: 7.0.9200.16384, time stamp: 0x5010ac20
Exception code: 0xc0000005
Fault offset: 0x0000000000025a1e
Faulting process id: 0x1be0
Faulting application start time: 0xrundll32.exe_aepdu.dll0
Faulting application path: rundll32.exe_aepdu.dll1
Faulting module path: rundll32.exe_aepdu.dll2
Report Id: rundll32.exe_aepdu.dll3
Faulting package full name: rundll32.exe_aepdu.dll4
Faulting package-relative application ID: rundll32.exe_aepdu.dll5

Error: (07/23/2014 03:00:03 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (07/23/2014 03:00:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (07/22/2014 03:11:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_aepdu.dll, version: 6.2.9200.16384, time stamp: 0x50109cdd
Faulting module name: msvcrt.dll, version: 7.0.9200.16384, time stamp: 0x5010ac20
Exception code: 0xc0000005
Fault offset: 0x0000000000025a1e
Faulting process id: 0x2494
Faulting application start time: 0xrundll32.exe_aepdu.dll0
Faulting application path: rundll32.exe_aepdu.dll1
Faulting module path: rundll32.exe_aepdu.dll2
Report Id: rundll32.exe_aepdu.dll3
Faulting package full name: rundll32.exe_aepdu.dll4
Faulting package-relative application ID: rundll32.exe_aepdu.dll5

Error: (07/22/2014 03:10:37 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Error: (07/22/2014 03:10:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/22/2014 03:03:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_aepdu.dll, version: 6.2.9200.16384, time stamp: 0x50109cdd
Faulting module name: msvcrt.dll, version: 7.0.9200.16384, time stamp: 0x5010ac20
Exception code: 0xc0000005
Fault offset: 0x0000000000025a1e
Faulting process id: 0x181c
Faulting application start time: 0xrundll32.exe_aepdu.dll0
Faulting application path: rundll32.exe_aepdu.dll1
Faulting module path: rundll32.exe_aepdu.dll2
Report Id: rundll32.exe_aepdu.dll3
Faulting package full name: rundll32.exe_aepdu.dll4
Faulting package-relative application ID: rundll32.exe_aepdu.dll5

Error: (07/21/2014 09:58:50 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (07/21/2014 09:58:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

System errors:
=============
Error: (07/23/2014 03:41:13 PM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/23/2014 03:37:33 PM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/23/2014 02:51:58 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (07/23/2014 02:51:30 PM) (Source: DCOM) (EventID: 10010) (User: PURPLE)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/23/2014 02:01:03 PM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/23/2014 00:53:08 PM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/22/2014 11:11:35 AM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/22/2014 11:09:53 AM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/22/2014 11:09:21 AM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/21/2014 04:15:04 PM) (Source: DCOM) (EventID: 10016) (User: PURPLE)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}purplelS-1-5-21-2497467096-1107912187-4260812050-1001LocalHost (Using LRPC)UnavailableUnavailable

Microsoft Office Sessions:
=========================
Error: (07/23/2014 00:48:20 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/23/2014 03:00:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_aepdu.dll6.2.9200.1638450109cddmsvcrt.dll7.0.9200.163845010ac20c00000050000000000025a1e1be001cfa64c0c15b653C:\windows\system32\rundll32.exeC:\windows\system32\msvcrt.dll5c7f9424-123f-11e4-be98-c4f4fc304946

Error: (07/23/2014 03:00:03 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (07/23/2014 03:00:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (07/22/2014 03:11:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_aepdu.dll6.2.9200.1638450109cddmsvcrt.dll7.0.9200.163845010ac20c00000050000000000025a1e249401cfa58454d7182fC:\windows\system32\rundll32.exeC:\windows\system32\msvcrt.dlld929aca7-1177-11e4-be98-c4f4fc304946

Error: (07/22/2014 03:10:37 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe

Error: (07/22/2014 03:10:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/22/2014 03:03:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_aepdu.dll6.2.9200.1638450109cddmsvcrt.dll7.0.9200.163845010ac20c00000050000000000025a1e181c01cfa5834c3d71a8C:\windows\system32\rundll32.exeC:\windows\system32\msvcrt.dllaecdd2d3-1176-11e4-be98-c4f4fc304946

Error: (07/21/2014 09:58:50 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (07/21/2014 09:58:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

CodeIntegrity Errors:
===================================
  Date: 2014-07-02 16:03:45.621
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-02 16:03:45.590
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-17 08:12:37.871
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-17 08:12:37.840
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-30 16:32:03.045
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 13%
Total physical RAM: 12207.45 MB
Available physical RAM: 10591.64 MB
Total Pagefile: 12607.45 MB
Available Pagefile: 10850.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1843.67 GB) (Free:1796.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:17.87 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 35E80B5E)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-07-2014 01
Ran by l (administrator) on PURPLE on 23-07-2014 16:23:34
Running from C:\Users\l\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2497467096-1107912187-4260812050-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-27] (Google Inc.)
HKU\S-1-5-21-2497467096-1107912187-4260812050-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6564120 2014-06-04] (SUPERAntiSpyware)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{63F6AE22-B6DD-4476-A864-3652DE675725}: [NameServer]208.67.220.220,208.67.222.222
Tcpip\..\Interfaces\{D9443B57-4010-4CB8-8171-44BCB8CF3513}: [NameServer]208.67.220.220,208.67.222.222

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-04]

Chrome:
=======
CHR HomePage: https://www.yahoo.co...t&type=avastbcl
CHR StartupUrls: "https://www.yahoo.co...t&type=avastbcl"
CHR DefaultSearchKeyword: www.yahoo.com
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\l\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-04]
CHR Extension: (Google Drive) - C:\Users\l\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\l\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-09]
CHR Extension: (YouTube) - C:\Users\l\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-04]
CHR Extension: (Google Search) - C:\Users\l\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\l\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-04]
CHR Extension: (Gmail) - C:\Users\l\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-04] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129336 2013-01-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-10-11] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [61016 2014-06-09] (StdLib)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EraserUtilDrv11312; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-23 15:40 - 2014-07-23 16:23 - 00016382 _____ () C:\Users\l\Desktop\FRST.txt
2014-07-23 12:49 - 2014-07-23 12:49 - 00000143 _____ () C:\Users\l\Desktop\MBR.zip
2014-07-21 21:49 - 2014-07-21 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-21 21:49 - 2014-07-21 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-21 21:49 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-21 21:49 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-21 16:29 - 2014-07-21 21:49 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-21 16:29 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-21 16:26 - 2014-07-21 16:26 - 00002006 _____ () C:\Users\l\Desktop\aswMBR1.txt
2014-07-21 16:26 - 2014-07-21 16:26 - 00000512 _____ () C:\Users\l\Desktop\MBR.dat
2014-07-21 15:14 - 2014-07-21 15:14 - 05185536 _____ (AVAST Software) C:\Users\l\Desktop\aswMBR.exe
2014-07-19 21:08 - 2014-07-19 21:08 - 00004513 _____ () C:\Users\l\Desktop\2RKreport_DEL_07192014_210717.txt
2014-07-17 11:43 - 2014-07-17 11:43 - 00004426 _____ () C:\Users\l\Desktop\RKreport_SCN_07172014_112324.txt
2014-07-17 11:42 - 2014-07-17 11:42 - 00004426 _____ () C:\Users\l\Desktop\RKreport_SCN_07172014_112324.log
2014-07-17 11:15 - 2014-07-17 11:15 - 05336664 _____ () C:\Users\l\Desktop\RogueKillerX64.exe
2014-07-16 08:18 - 2014-07-16 08:18 - 00432288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-12 11:26 - 2014-07-12 11:26 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-12 11:22 - 2014-06-18 21:11 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-12 11:22 - 2014-06-18 19:53 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-12 11:21 - 2014-06-30 17:42 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-12 11:21 - 2014-06-30 17:42 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-07-12 11:21 - 2014-06-30 17:42 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-07-12 11:21 - 2014-06-27 22:35 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-12 11:21 - 2014-06-18 21:12 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-12 11:21 - 2014-06-18 21:12 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-12 11:21 - 2014-06-18 21:12 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-07-12 11:21 - 2014-06-18 21:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-07-12 11:21 - 2014-06-18 21:12 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-12 11:21 - 2014-06-18 21:11 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-12 11:21 - 2014-06-18 21:11 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-12 11:21 - 2014-06-18 21:10 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-12 11:21 - 2014-06-18 21:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-12 11:21 - 2014-06-18 19:53 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-12 11:21 - 2014-06-18 19:53 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-12 11:21 - 2014-06-18 19:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-12 11:21 - 2014-06-18 19:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-12 11:21 - 2014-06-18 19:53 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-12 11:21 - 2014-06-18 19:53 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-12 11:21 - 2014-06-18 19:52 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-12 11:21 - 2014-06-18 19:52 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-12 11:21 - 2014-06-18 19:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-12 11:21 - 2014-06-18 19:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-12 11:21 - 2014-06-18 17:05 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-07-12 11:21 - 2014-06-17 18:27 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-12 11:21 - 2014-06-17 18:24 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-12 11:21 - 2014-06-10 23:18 - 04038144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-12 11:21 - 2014-06-06 09:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-12 11:21 - 2014-06-06 05:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-12 11:21 - 2014-06-02 17:33 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2014-07-12 11:21 - 2014-05-29 18:31 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-07-12 11:21 - 2014-05-29 18:03 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-07-12 11:21 - 2014-05-29 18:02 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-12 11:21 - 2014-05-29 18:02 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-07-12 11:21 - 2014-05-29 17:24 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-12 11:21 - 2014-05-03 01:34 - 06974808 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-12 11:21 - 2014-05-03 01:33 - 01824808 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-07-12 11:21 - 2014-05-02 23:51 - 01408976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-07-12 11:21 - 2014-05-01 17:37 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-07-12 11:21 - 2014-04-29 17:32 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-07-12 11:21 - 2014-04-29 17:32 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-07-12 11:21 - 2014-04-23 18:51 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-07-12 11:21 - 2014-04-23 18:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-12 11:21 - 2014-04-23 18:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-07-12 11:21 - 2014-04-23 18:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-12 11:21 - 2014-02-07 23:34 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-07-11 19:42 - 2014-07-17 11:15 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-11 19:42 - 2014-07-11 19:42 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-11 12:51 - 2014-07-11 12:51 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\l\Downloads\tdsskiller.exe
2014-07-11 09:04 - 2014-07-11 09:04 - 00001999 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-07-11 08:52 - 2014-07-11 08:52 - 00014450 _____ () C:\Users\l\Desktop\combofixJUL11.txt
2014-07-11 08:50 - 2014-07-11 08:50 - 00014450 _____ () C:\ComboFix.txt
2014-07-08 11:04 - 2014-07-08 11:04 - 00003456 ____N () C:\bootsqm.dat
2014-07-06 15:20 - 2014-07-11 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-06 15:19 - 2014-07-11 09:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-06 15:19 - 2014-07-11 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-06 15:16 - 2014-07-23 14:52 - 00000330 _____ () C:\windows\Tasks\HPCeeScheduleForl.job
2014-07-06 15:16 - 2014-07-20 19:23 - 00003136 _____ () C:\windows\System32\Tasks\HPCeeScheduleForl
2014-07-05 08:41 - 2014-07-23 15:39 - 00000000 ____D () C:\Users\l\Desktop\FRST-OlderVersion
2014-07-04 18:44 - 2014-07-11 08:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 14:02 - 2014-07-11 08:57 - 00000000 ____D () C:\RegBackup
2014-07-04 14:02 - 2014-07-04 14:02 - 00000207 _____ () C:\windows\tweaking.com-regbackup-PURPLE-Microsoft-Windows-8-(64-bit).dat
2014-07-04 13:56 - 2014-07-04 13:56 - 00448400 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-07-04 13:56 - 2014-07-04 13:56 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-03 15:37 - 2014-07-11 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-03 15:37 - 2014-07-11 09:01 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-03 15:37 - 2014-07-11 08:57 - 00000000 ____D () C:\Users\l\AppData\Roaming\SUPERAntiSpyware.com
2014-07-03 15:37 - 2014-07-03 15:37 - 00001815 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-07-03 15:37 - 2014-07-03 15:37 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-03 11:03 - 2014-07-03 11:03 - 05461664 _____ () C:\Users\l\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-07-02 15:56 - 2014-07-11 08:56 - 00000000 ____D () C:\Qoobox
2014-07-02 15:56 - 2011-06-26 01:45 - 00256000 _____ () C:\windows\PEV.exe
2014-07-02 15:56 - 2010-11-07 12:20 - 00208896 _____ () C:\windows\MBR.exe
2014-07-02 15:56 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-07-02 15:56 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-07-02 15:56 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-07-02 15:56 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2014-07-02 15:56 - 2000-08-30 19:00 - 00098816 _____ () C:\windows\sed.exe
2014-07-02 15:56 - 2000-08-30 19:00 - 00080412 _____ () C:\windows\grep.exe
2014-07-02 15:56 - 2000-08-30 19:00 - 00068096 _____ () C:\windows\zip.exe
2014-07-02 15:55 - 2014-07-02 15:55 - 05212874 ____R (Swearware) C:\Users\l\Desktop\ComboFix.exe
2014-07-01 16:50 - 2014-07-01 16:50 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\l\Downloads\rkill.exe
2014-07-01 16:50 - 2014-07-01 16:50 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\l\Downloads\rkill64.exe
2014-06-30 15:17 - 2014-06-30 15:17 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-30 08:22 - 2014-07-23 16:23 - 00000000 ____D () C:\FRST
2014-06-30 08:21 - 2014-07-23 15:39 - 02091520 _____ (Farbar) C:\Users\l\Desktop\FRST64.exe
2014-06-26 11:13 - 2014-06-30 10:47 - 00000099 _____ () C:\windows\SysWOW64\REMOTEDEVICE.INI

==================== One Month Modified Files and Folders =======

2014-07-23 16:23 - 2014-07-23 15:40 - 00016382 _____ () C:\Users\l\Desktop\FRST.txt
2014-07-23 16:23 - 2014-06-30 08:22 - 00000000 ____D () C:\FRST
2014-07-23 16:22 - 2014-04-27 09:23 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-23 16:02 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-23 15:39 - 2014-07-05 08:41 - 00000000 ____D () C:\Users\l\Desktop\FRST-OlderVersion
2014-07-23 15:39 - 2014-06-30 08:21 - 02091520 _____ (Farbar) C:\Users\l\Desktop\FRST64.exe
2014-07-23 15:03 - 2014-04-19 10:23 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2497467096-1107912187-4260812050-1001
2014-07-23 14:56 - 2012-07-26 02:28 - 00876558 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-23 14:55 - 2013-03-22 12:00 - 00000983 _____ () C:\windows\SysWOW64\bscs.ini
2014-07-23 14:54 - 2014-04-27 09:23 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-23 14:54 - 2014-04-19 10:13 - 00000000 ____D () C:\Users\l
2014-07-23 14:54 - 2013-07-17 12:49 - 00003619 _____ () C:\windows\SysWOW64\LOCALSERVICE.INI
2014-07-23 14:52 - 2014-07-06 15:16 - 00000330 _____ () C:\windows\Tasks\HPCeeScheduleForl.job
2014-07-23 14:52 - 2013-07-17 12:49 - 00000088 _____ () C:\windows\SysWOW64\LOCALDEVICE.INI
2014-07-23 14:52 - 2012-07-26 02:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-23 12:49 - 2014-07-23 12:49 - 00000143 _____ () C:\Users\l\Desktop\MBR.zip
2014-07-21 21:49 - 2014-07-21 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-21 21:49 - 2014-07-21 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-21 21:49 - 2014-07-21 16:29 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-21 21:49 - 2014-05-26 17:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-21 21:49 - 2014-05-22 08:01 - 00000000 ____D () C:\Users\l\AppData\Local\CrashDumps
2014-07-21 16:26 - 2014-07-21 16:26 - 00002006 _____ () C:\Users\l\Desktop\aswMBR1.txt
2014-07-21 16:26 - 2014-07-21 16:26 - 00000512 _____ () C:\Users\l\Desktop\MBR.dat
2014-07-21 15:14 - 2014-07-21 15:14 - 05185536 _____ (AVAST Software) C:\Users\l\Desktop\aswMBR.exe
2014-07-20 19:23 - 2014-07-06 15:16 - 00003136 _____ () C:\windows\System32\Tasks\HPCeeScheduleForl
2014-07-20 19:23 - 2014-04-30 16:26 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-07-20 19:22 - 2014-04-30 16:21 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-19 21:23 - 2014-04-30 16:40 - 00002150 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-19 21:08 - 2014-07-19 21:08 - 00004513 _____ () C:\Users\l\Desktop\2RKreport_DEL_07192014_210717.txt
2014-07-17 11:43 - 2014-07-17 11:43 - 00004426 _____ () C:\Users\l\Desktop\RKreport_SCN_07172014_112324.txt
2014-07-17 11:42 - 2014-07-17 11:42 - 00004426 _____ () C:\Users\l\Desktop\RKreport_SCN_07172014_112324.log
2014-07-17 11:15 - 2014-07-17 11:15 - 05336664 _____ () C:\Users\l\Desktop\RogueKillerX64.exe
2014-07-17 11:15 - 2014-07-11 19:42 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-16 10:13 - 2014-04-27 09:41 - 00258560 ___SH () C:\Users\l\Desktop\Thumbs.db
2014-07-16 10:04 - 2014-04-19 10:14 - 00000000 ____D () C:\Users\l\AppData\Local\Packages
2014-07-16 08:18 - 2014-07-16 08:18 - 00432288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-14 10:32 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\NDF
2014-07-14 09:20 - 2014-04-19 10:14 - 01061428 _____ () C:\windows\WindowsUpdate.log
2014-07-13 03:04 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\rescache
2014-07-12 11:27 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 11:27 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 11:26 - 2014-07-12 11:26 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-12 11:26 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\WinStore
2014-07-12 11:26 - 2012-07-26 02:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 11:24 - 2012-07-26 02:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-12 11:23 - 2014-04-20 18:10 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-12 11:23 - 2014-04-20 18:10 - 00000000 ____D () C:\windows\system32\MRT
2014-07-12 11:23 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-11 19:42 - 2014-07-11 19:42 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-11 12:51 - 2014-07-11 12:51 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\l\Downloads\tdsskiller.exe
2014-07-11 12:42 - 2012-08-10 18:49 - 00258662 _____ () C:\windows\PFRO.log
2014-07-11 10:19 - 2014-04-20 17:43 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-11 09:04 - 2014-07-11 09:04 - 00001999 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-07-11 09:04 - 2014-05-04 16:20 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-07-11 09:04 - 2014-05-04 16:20 - 00001939 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-11 09:04 - 2014-05-04 16:19 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-11 09:03 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-07-11 09:02 - 2012-07-26 00:38 - 00000000 ____D () C:\windows\system32\Sysprep
2014-07-11 09:01 - 2014-07-06 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-11 09:01 - 2014-07-06 15:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-11 09:01 - 2014-07-03 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-11 09:01 - 2014-07-03 15:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-11 09:01 - 2014-05-26 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-11 09:01 - 2014-05-04 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-11 09:01 - 2014-04-30 16:27 - 00000000 ____D () C:\windows\erdnt
2014-07-11 09:01 - 2014-04-19 10:16 - 00000000 ____D () C:\Users\l\AppData\Local\bluesoleil
2014-07-11 09:01 - 2013-07-17 12:26 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-11 08:59 - 2014-07-06 15:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-11 08:58 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\registration
2014-07-11 08:57 - 2014-07-04 14:02 - 00000000 ____D () C:\RegBackup
2014-07-11 08:57 - 2014-07-03 15:37 - 00000000 ____D () C:\Users\l\AppData\Roaming\SUPERAntiSpyware.com
2014-07-11 08:56 - 2014-07-04 18:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-11 08:56 - 2014-07-02 15:56 - 00000000 ____D () C:\Qoobox
2014-07-11 08:52 - 2014-07-11 08:52 - 00014450 _____ () C:\Users\l\Desktop\combofixJUL11.txt
2014-07-11 08:50 - 2014-07-11 08:50 - 00014450 _____ () C:\ComboFix.txt
2014-07-08 11:04 - 2014-07-08 11:04 - 00003456 ____N () C:\bootsqm.dat
2014-07-08 09:19 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-04 18:37 - 2014-05-26 17:31 - 00002130 _____ () C:\Users\l\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-07-04 14:17 - 2012-07-26 00:26 - 00000230 _____ () C:\windows\win.ini
2014-07-04 14:09 - 2012-08-10 18:56 - 00876558 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-07-04 14:02 - 2014-07-04 14:02 - 00000207 _____ () C:\windows\tweaking.com-regbackup-PURPLE-Microsoft-Windows-8-(64-bit).dat
2014-07-04 13:56 - 2014-07-04 13:56 - 00448400 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-07-04 13:56 - 2014-07-04 13:56 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-04 13:56 - 2014-05-04 16:19 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-07-04 13:56 - 2014-05-04 16:19 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-04 13:56 - 2014-05-04 16:19 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-04 13:56 - 2014-05-04 16:19 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-04 13:56 - 2014-05-04 16:19 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-07-04 13:56 - 2014-05-04 16:19 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-04 13:56 - 2014-05-04 16:19 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-04 13:56 - 2014-05-04 16:19 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-04 13:56 - 2014-05-04 16:19 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2014-07-03 15:37 - 2014-07-03 15:37 - 00001815 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-07-03 15:37 - 2014-07-03 15:37 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-03 12:21 - 2012-07-26 00:26 - 00000855 _____ () C:\windows\system32\Drivers\etc\hosts_bak_786
2014-07-03 11:03 - 2014-07-03 11:03 - 05461664 _____ () C:\Users\l\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-07-02 16:04 - 2012-07-26 00:26 - 00000215 _____ () C:\windows\system.ini
2014-07-02 16:04 - 2012-07-26 00:26 - 00000027 _____ () C:\windows\system32\Drivers\etc\hosts_bak_451
2014-07-02 15:55 - 2014-07-02 15:55 - 05212874 ____R (Swearware) C:\Users\l\Desktop\ComboFix.exe
2014-07-02 09:55 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\BBI(82)
2014-07-02 09:55 - 2012-07-26 00:26 - 00262144 ___SH () C:\windows\system32\config\BBI(34)
2014-07-02 09:54 - 2014-06-11 11:00 - 00000000 ____D () C:\AdwCleaner
2014-07-01 17:11 - 2013-07-17 12:33 - 00000000 ____D () C:\ProgramData\WildTangent
2014-07-01 17:11 - 2013-07-17 12:33 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-01 16:50 - 2014-07-01 16:50 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\l\Downloads\rkill.exe
2014-07-01 16:50 - 2014-07-01 16:50 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\l\Downloads\rkill64.exe
2014-06-30 19:52 - 2014-04-27 08:45 - 00000000 ____D () C:\windows\System32\Tasks\Norton Internet Security
2014-06-30 17:42 - 2014-07-12 11:21 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-30 17:42 - 2014-07-12 11:21 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-06-30 17:42 - 2014-07-12 11:21 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-06-30 15:20 - 2012-07-26 02:21 - 00028086 _____ () C:\windows\setupact.log
2014-06-30 15:17 - 2014-06-30 15:17 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-30 10:47 - 2014-06-26 11:13 - 00000099 _____ () C:\windows\SysWOW64\REMOTEDEVICE.INI
2014-06-27 22:35 - 2014-07-12 11:21 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-26 15:53 - 2012-07-26 03:14 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 15:53 - 2012-07-26 03:14 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\l\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmueimr.dll
C:\Users\l\AppData\Local\temp\mbam-setup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-23 03:00

==================== End Of Log ============================


Edited by wilma1313, 24 July 2014 - 06:21 AM.

#112 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 24 July 2014 - 12:25 PM

Again, the good and bad news that I'm not seeing any malware.  Your system is throwing some errors... but not malware related.  I'm thinking that I'm not doing you any good.  My suggestion is that you post in the Microsoft Windows forum and see if the Tech Team can straighten out the problem.  I seem to keep taking you in circles without a solution.  Perhaps eyes looking from a different perspective will see the key.

 

When you post there, please include a link back to this thread so that they can see what I've put you through.

 

Do you agree with this assessment?


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#113 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 28 July 2014 - 07:53 AM

Hi,  Thanks for all your help.  AT this point I think I will just buy a new harddrive.  All this computer stuff is way over my head and I worked with the Windows tech team on a different computer with frustrating results.  Bummer, this is a pretty "young" computer.  Something got it good. 


#114 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 28 July 2014 - 08:54 AM

Why buy a new harddrive?  If you are willing to "start all over", why not just reformat and reinstall everything.  That will save you the cost of a new drive.


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#115 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 28 July 2014 - 10:26 AM

I actually did start all over before this whole process. 


    Advertisements

Register to Remove

#116 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 28 July 2014 - 12:05 PM

Did you actually do a reformat and reinstall... or just reset to an earlier date?


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#117 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 30 July 2014 - 10:46 AM

Good grief I answered this and the post didn't show up!  Yes I wiped everything out and started completely from scratch. 


#118 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 30 July 2014 - 09:25 PM

Sorry.  I really don't know what to say.  You had malware on your system... which you wouldn't have after reformatting - at least until you downloaded something.  I have no clue as to what is going on.  None of your symptoms seem to be related to a harddrive problem as far as I've ever seen.

 

I honestly believe that the Tech Team could be useful here... but it's over my head.


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

#119 wilma1313

wilma1313

    Silver Member

  • Authentic Member
  • PipPipPip
  • 386 posts

Posted 03 August 2014 - 08:55 AM

Idk. After vacation I guess I will reformat again. Before I left I was back to having the redirect to the fake internet explorer doesn't work, click this button to fix, so I am infected again. We haven't really used the computer yet back to that again. I expect I will buy a new hard drive and probably a new router too. Patience is a bout gone. Thanks for all your help

#120 Tomk

Tomk

    Beguilement Monitor

  • Global Moderator
  • 20,451 posts

Posted 03 August 2014 - 11:41 AM

It doesn't appear that I was much help... but rather added to your frustration.  Sorry about that.


Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
 

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

1 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


    Bing (1)
  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·