Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Police e-Crime Unit
Message
<blockquote data-quote="jamespev" data-source="post: 144702" data-attributes="member: 15000"><p>it didn't give me the addition.txt but here is the other info.</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013</p><p>Ran by Peverley (administrator) on PEVERLEY-PC on 19-11-2013 21:50:28</p><p>Running from C:\Users\Peverley\Downloads</p><p>Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)</p><p>Internet Explorer Version 10</p><p>Boot Mode: Normal</p><p></p><p>==================== Could not list processes ===============</p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)</p><p>HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)</p><p>HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-09-23] (AVG Technologies CZ, s.r.o.)</p><p>HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()</p><p>HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()</p><p>HKU\UpdatusUser\...\Run: [ISUSPM] - "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler</p><p>HKU\UpdatusUser\...\Run: [BitTorrent] - "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED</p><p>HKU\UpdatusUser\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe</p><p>HKU\UpdatusUser\...\Run: [EA Core] - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent</p><p>HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()</p><p>Startup: C:\Users\Peverley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk</p><p>ShortcutTarget: Dropbox.lnk -> C:\Users\Peverley\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)</p><p>BootExecute: autocheck autochk * sdnclean64.exe</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>ProxyServer: localhost:8080</p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/</p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch</p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = </p><p>StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe</p><p>SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = </p><p>SearchScopes: HKLM-x32 - DefaultScope {F47507B3-F134-45F0-88CF-1942324CF84C} URL = </p><p>SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = </p><p>SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = </p><p>BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)</p><p>BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)</p><p>BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)</p><p>BHO-x32: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll (Yontoo LLC)</p><p>DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab</p><p>DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab</p><p>DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab</p><p>DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab</p><p>Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File</p><p>Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File</p><p>Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)</p><p>Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll No File</p><p>Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"</p><p>Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"</p><p>Winsock: Catalog9 07 mswsock.dll File Not found ()</p><p>Winsock: Catalog9 08 mswsock.dll File Not found ()</p><p>Winsock: Catalog9 09 mswsock.dll File Not found ()</p><p>Winsock: Catalog9 10 mswsock.dll File Not found ()</p><p>Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"</p><p>Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"</p><p>Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Winsock: Catalog9-x64 17 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0</p><p></p><p>Chrome: </p><p>=======</p><p>CHR HomePage: http:\/\/search.conduit.com\/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP96EB6D66-94EF-4DC3-A6D8-6EAD818B7883&SSPV=</p><p>CHR RestoreOnStartup: "http:\/\/search.conduit.com\/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP96EB6D66-94EF-4DC3-A6D8-6EAD818B7883&SSPV="]},"sync_promo":{"show_on_first_run_allowed":false},"webkit":{"webprefs":{"allow_running_insecure_content"</p><p>CHR Extension: (entrusted) - C:\Users\Peverley\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk\10.14.370.25_0</p><p>CHR Extension: (BitTorrentBar) - C:\Users\Peverley\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.7.1_0</p><p>CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Peverley\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx</p><p>CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Peverley\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx</p><p>CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Peverley\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-09-04] (AVG Technologies CZ, s.r.o.)</p><p>R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)</p><p>R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)</p><p>R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()</p><p>R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)</p><p>R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)</p><p>R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()</p><p>R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()</p><p>R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [931640 2011-11-07] (Trusteer Ltd.)</p><p>S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [x]</p><p>S4 vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [x]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-09-04] (Emsisoft GmbH)</p><p>S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)</p><p>R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)</p><p>R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)</p><p>R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)</p><p>R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)</p><p>R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)</p><p>R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)</p><p>R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)</p><p>R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)</p><p>S3 ck3pro; C:\Windows\System32\DRIVERS\ck3pro64.sys [97280 2010-07-14] (XECUTER)</p><p>S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2013-09-04] (Emsisoft GmbH)</p><p>S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [16896 2007-03-20] (http://libusb-win32.sourceforge.net)</p><p>R1 RapportCerberus_43926; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys [505720 2012-10-30] ()</p><p>R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [55056 2011-11-07] (Trusteer Ltd.)</p><p>S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [63760 2011-11-07] (Trusteer Ltd.)</p><p>R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [61712 2011-11-07] (Trusteer Ltd.)</p><p>S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)</p><p>S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)</p><p>S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)</p><p>S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)</p><p>S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)</p><p>S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)</p><p>S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)</p><p>S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)</p><p>R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)</p><p>S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)</p><p>R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-02-13] ()</p><p>U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)</p><p>S3 catchme; \??\C:\ComboFix\catchme.sys [x]</p><p>S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [x]</p><p>S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>2013-11-19 21:50 - 2013-11-19 21:50 - 01957964 _____ (Farbar) C:\Users\Peverley\Downloads\FRST64.exe</p><p>2013-11-19 21:50 - 2013-11-19 21:50 - 00012175 _____ C:\Users\Peverley\Downloads\FRST.txt</p><p>2013-11-19 21:43 - 2013-11-19 21:43 - 00000000 ___SD C:\ComboFix</p><p>2013-11-19 21:40 - 2013-11-19 21:43 - 00000000 ___SD C:\32788R22FWJFW</p><p>2013-11-19 12:29 - 2013-11-19 12:29 - 00003352 ____N C:\bootsqm.dat</p><p>2013-11-19 12:28 - 2013-11-19 12:28 - 00000000 __SHD C:\found.000</p><p>2013-11-19 08:57 - 2013-11-19 08:57 - 00159914 _____ C:\Users\Peverley\Downloads\Need_For_Speed_Rivals_XBOX360-PROTOCOL.torrent</p><p>2013-11-14 03:24 - 2013-11-19 21:38 - 00000728 _____ C:\Windows\setupact.log</p><p>2013-11-14 03:24 - 2013-11-14 03:24 - 00000000 _____ C:\Windows\setuperr.log</p><p>2013-11-14 03:05 - 2013-10-12 08:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2013-11-14 03:05 - 2013-10-12 08:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2013-11-14 03:05 - 2013-10-12 07:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2013-11-14 03:05 - 2013-10-12 06:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2013-11-14 03:05 - 2013-10-12 06:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2013-11-14 03:05 - 2013-10-12 05:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe</p><p>2013-11-14 03:05 - 2013-10-12 05:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe</p><p>2013-11-13 04:18 - 2013-10-05 20:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll</p><p>2013-11-13 04:18 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll</p><p>2013-11-13 04:18 - 2013-09-28 01:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys</p><p>2013-11-13 04:17 - 2013-10-04 02:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll</p><p>2013-11-13 04:17 - 2013-10-04 02:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll</p><p>2013-11-13 04:17 - 2013-10-04 02:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll</p><p>2013-11-13 04:17 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll</p><p>2013-11-13 04:17 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll</p><p>2013-11-13 04:17 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll</p><p>2013-11-13 04:17 - 2013-09-25 02:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys</p><p>2013-11-13 04:17 - 2013-09-25 02:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys</p><p>2013-11-13 04:17 - 2013-09-25 02:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll</p><p>2013-11-13 04:17 - 2013-09-25 02:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll</p><p>2013-11-13 04:17 - 2013-09-25 02:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll</p><p>2013-11-13 04:17 - 2013-09-25 02:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll</p><p>2013-11-13 04:17 - 2013-09-25 02:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll</p><p>2013-11-13 04:17 - 2013-09-25 02:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll</p><p>2013-11-13 04:17 - 2013-09-25 01:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll</p><p>2013-11-13 04:17 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll</p><p>2013-11-13 04:17 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll</p><p>2013-11-13 04:17 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll</p><p>2013-11-13 04:17 - 2013-09-25 01:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe</p><p>2013-11-13 04:17 - 2013-07-04 12:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys</p><p>2013-11-13 04:16 - 2013-10-12 02:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll</p><p>2013-11-13 04:16 - 2013-10-12 02:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL</p><p>2013-11-13 04:16 - 2013-10-12 02:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL</p><p>2013-11-13 04:16 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll</p><p>2013-11-13 04:16 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL</p><p>2013-11-13 04:16 - 2013-10-03 02:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll</p><p>2013-11-13 04:16 - 2013-10-03 02:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll</p><p>2013-11-12 19:09 - 2013-11-12 19:09 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 2</p><p>2013-11-12 19:05 - 2013-11-12 19:09 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 1</p><p>2013-11-12 19:05 - 2013-11-12 19:05 - 00000000 ____D C:\Users\Peverley\Desktop\$SystemUpdate</p><p>2013-11-12 18:39 - 2013-11-12 18:39 - 00000000 ____D C:\Users\Peverley\Desktop\content</p><p>2013-11-11 14:57 - 2013-11-11 15:06 - 00000066 _____ C:\Users\Peverley\AppData\Roaming\vso_ts_preview.xml</p><p>2013-11-11 13:30 - 2013-11-11 13:30 - 3581045979 _____ C:\Users\Peverley\Desktop\Linkin Park Live From Madison Square Garden 2011.mkv</p><p>2013-11-11 13:22 - 2013-11-11 13:22 - 00034481 _____ C:\Users\Peverley\Downloads\Linkin Park - Live From Madison Square Garden 2011 720p HDTV x264 AVC.torrent</p><p>2013-11-05 20:32 - 2013-11-05 20:32 - 00000000 ____D C:\Spacekace</p><p>2013-11-03 10:25 - 2013-11-03 10:25 - 00000000 ____D C:\Program Files (x86)\Convert Audio Free</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>2013-11-19 22:00 - 2013-11-19 21:50 - 00012175 _____ C:\Users\Peverley\Downloads\FRST.txt</p><p>2013-11-19 21:50 - 2013-11-19 21:50 - 01957964 _____ (Farbar) C:\Users\Peverley\Downloads\FRST64.exe</p><p>2013-11-19 21:47 - 2009-07-14 04:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2013-11-19 21:47 - 2009-07-14 04:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2013-11-19 21:45 - 2013-09-09 18:17 - 00000000 ____D C:\ProgramData\MFAData</p><p>2013-11-19 21:43 - 2013-11-19 21:43 - 00000000 ___SD C:\ComboFix</p><p>2013-11-19 21:43 - 2013-11-19 21:40 - 00000000 ___SD C:\32788R22FWJFW</p><p>2013-11-19 21:43 - 2013-09-05 13:27 - 00000000 ____D C:\Qoobox</p><p>2013-11-19 21:41 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT</p><p>2013-11-19 21:40 - 2013-09-09 16:45 - 05146522 ____R (Swearware) C:\Users\Peverley\Desktop\ComboFix.exe</p><p>2013-11-19 21:39 - 2013-08-17 10:53 - 00000000 ___RD C:\Users\Peverley\Dropbox</p><p>2013-11-19 21:39 - 2013-08-17 10:47 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Dropbox</p><p>2013-11-19 21:39 - 2013-05-16 15:35 - 00000000 ____D C:\Users\Peverley\AppData\Local\HTC MediaHub</p><p>2013-11-19 21:39 - 2012-09-12 09:10 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2013-11-19 21:38 - 2013-11-14 03:24 - 00000728 _____ C:\Windows\setupact.log</p><p>2013-11-19 21:38 - 2010-01-01 11:53 - 00000000 ____D C:\ProgramData\NVIDIA</p><p>2013-11-19 21:38 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT</p><p>2013-11-19 12:43 - 2012-04-04 18:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2013-11-19 12:33 - 2010-01-01 11:52 - 02091483 _____ C:\Windows\WindowsUpdate.log</p><p>2013-11-19 12:29 - 2013-11-19 12:29 - 00003352 ____N C:\bootsqm.dat</p><p>2013-11-19 12:28 - 2013-11-19 12:28 - 00000000 __SHD C:\found.000</p><p>2013-11-19 08:59 - 2009-07-14 05:13 - 00006450 _____ C:\Windows\system32\PerfStringBackup.INI</p><p>2013-11-19 08:57 - 2013-11-19 08:57 - 00159914 _____ C:\Users\Peverley\Downloads\Need_For_Speed_Rivals_XBOX360-PROTOCOL.torrent</p><p>2013-11-14 04:51 - 2012-09-12 09:10 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2013-11-14 04:01 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache</p><p>2013-11-14 03:24 - 2013-11-14 03:24 - 00000000 _____ C:\Windows\setuperr.log</p><p>2013-11-14 03:05 - 2009-08-14 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help</p><p>2013-11-14 03:04 - 2013-08-07 02:08 - 00000000 ____D C:\Windows\system32\MRT</p><p>2013-11-14 03:01 - 2010-01-02 20:34 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2013-11-12 19:09 - 2013-11-12 19:09 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 2</p><p>2013-11-12 19:09 - 2013-11-12 19:05 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 1</p><p>2013-11-12 19:05 - 2013-11-12 19:05 - 00000000 ____D C:\Users\Peverley\Desktop\$SystemUpdate</p><p>2013-11-12 18:39 - 2013-11-12 18:39 - 00000000 ____D C:\Users\Peverley\Desktop\content</p><p>2013-11-12 15:20 - 2010-01-02 13:00 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\vlc</p><p>2013-11-12 14:54 - 2013-02-06 16:29 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Skype</p><p>2013-11-12 10:35 - 2010-01-21 17:54 - 00000000 ____D C:\Windows\Minidump</p><p>2013-11-11 15:06 - 2013-11-11 14:57 - 00000066 _____ C:\Users\Peverley\AppData\Roaming\vso_ts_preview.xml</p><p>2013-11-11 15:06 - 2010-01-04 08:59 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Vso</p><p>2013-11-11 14:59 - 2010-12-06 14:22 - 00000000 ____D C:\Users\Peverley\Documents\ConvertXtoDVD</p><p>2013-11-11 13:30 - 2013-11-11 13:30 - 3581045979 _____ C:\Users\Peverley\Desktop\Linkin Park Live From Madison Square Garden 2011.mkv</p><p>2013-11-11 13:25 - 2012-11-13 19:43 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\uTorrent</p><p>2013-11-11 13:22 - 2013-11-11 13:22 - 00034481 _____ C:\Users\Peverley\Downloads\Linkin Park - Live From Madison Square Garden 2011 720p HDTV x264 AVC.torrent</p><p>2013-11-10 17:14 - 2012-05-14 10:37 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Mozilla</p><p>2013-11-10 17:14 - 2011-05-04 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox</p><p>2013-11-10 17:13 - 2013-10-19 10:33 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player</p><p>2013-11-06 20:54 - 2010-01-02 17:30 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\abgx360</p><p>2013-11-06 05:29 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF</p><p>2013-11-05 20:32 - 2013-11-05 20:32 - 00000000 ____D C:\Spacekace</p><p>2013-11-04 15:47 - 2013-08-06 04:33 - 00219648 _____ C:\Users\Peverley\Desktop\Shift Plan.xls</p><p>2013-11-03 10:25 - 2013-11-03 10:25 - 00000000 ____D C:\Program Files (x86)\Convert Audio Free</p><p>2013-10-27 09:26 - 2013-10-18 09:53 - 00000000 ____D C:\Users\Peverley\Desktop\Xbox</p><p>ZeroAccess:</p><p>C:\Users\Peverley\AppData\Local\Google\Desktop\Install</p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>C:\Windows\System32\winlogon.exe => MD5 is legit</p><p>C:\Windows\System32\wininit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\wininit.exe => MD5 is legit</p><p>C:\Windows\explorer.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\explorer.exe => MD5 is legit</p><p>C:\Windows\System32\svchost.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\svchost.exe => MD5 is legit</p><p>C:\Windows\System32\services.exe => MD5 is legit</p><p>C:\Windows\System32\User32.dll => MD5 is legit</p><p>C:\Windows\SysWOW64\User32.dll => MD5 is legit</p><p>C:\Windows\System32\userinit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\userinit.exe => MD5 is legit</p><p>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</p><p></p><p></p><p>LastRegBack: 2013-11-10 14:22</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="jamespev, post: 144702, member: 15000"] it didn't give me the addition.txt but here is the other info. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013 Ran by Peverley (administrator) on PEVERLEY-PC on 19-11-2013 21:50:28 Running from C:\Users\Peverley\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Could not list processes =============== ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor) HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-09-23] (AVG Technologies CZ, s.r.o.) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] () HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] () HKU\UpdatusUser\...\Run: [ISUSPM] - "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler HKU\UpdatusUser\...\Run: [BitTorrent] - "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED HKU\UpdatusUser\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe HKU\UpdatusUser\...\Run: [EA Core] - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] () Startup: C:\Users\Peverley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Peverley\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== ProxyServer: localhost:8080 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM-x32 - DefaultScope {F47507B3-F134-45F0-88CF-1942324CF84C} URL = SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll (Yontoo LLC) DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll No File Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog9 07 mswsock.dll File Not found () Winsock: Catalog9 08 mswsock.dll File Not found () Winsock: Catalog9 09 mswsock.dll File Not found () Winsock: Catalog9 10 mswsock.dll File Not found () Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Winsock: Catalog9-x64 17 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\nvLsp64.dll [434208] (NVIDIA) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Chrome: ======= CHR HomePage: http:\/\/search.conduit.com\/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP96EB6D66-94EF-4DC3-A6D8-6EAD818B7883&SSPV= CHR RestoreOnStartup: "http:\/\/search.conduit.com\/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP96EB6D66-94EF-4DC3-A6D8-6EAD818B7883&SSPV="]},"sync_promo":{"show_on_first_run_allowed":false},"webkit":{"webprefs":{"allow_running_insecure_content" CHR Extension: (entrusted) - C:\Users\Peverley\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk\10.14.370.25_0 CHR Extension: (BitTorrentBar) - C:\Users\Peverley\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.7.1_0 CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Peverley\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Peverley\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Peverley\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx ==================== Services (Whitelisted) ================= R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-09-04] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.) R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] () R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG) R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.) R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] () R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [931640 2011-11-07] (Trusteer Ltd.) S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [x] S4 vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [x] ==================== Drivers (Whitelisted) ==================== R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-09-04] (Emsisoft GmbH) S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.) S3 ck3pro; C:\Windows\System32\DRIVERS\ck3pro64.sys [97280 2010-07-14] (XECUTER) S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2013-09-04] (Emsisoft GmbH) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [16896 2007-03-20] (http://libusb-win32.sourceforge.net) R1 RapportCerberus_43926; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys [505720 2012-10-30] () R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [55056 2011-11-07] (Trusteer Ltd.) S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [63760 2011-11-07] (Trusteer Ltd.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [61712 2011-11-07] (Trusteer Ltd.) S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd) S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation) S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation) S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation) S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation) S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation) S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation) S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation) R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-02-13] () U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [x] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-19 21:50 - 2013-11-19 21:50 - 01957964 _____ (Farbar) C:\Users\Peverley\Downloads\FRST64.exe 2013-11-19 21:50 - 2013-11-19 21:50 - 00012175 _____ C:\Users\Peverley\Downloads\FRST.txt 2013-11-19 21:43 - 2013-11-19 21:43 - 00000000 ___SD C:\ComboFix 2013-11-19 21:40 - 2013-11-19 21:43 - 00000000 ___SD C:\32788R22FWJFW 2013-11-19 12:29 - 2013-11-19 12:29 - 00003352 ____N C:\bootsqm.dat 2013-11-19 12:28 - 2013-11-19 12:28 - 00000000 __SHD C:\found.000 2013-11-19 08:57 - 2013-11-19 08:57 - 00159914 _____ C:\Users\Peverley\Downloads\Need_For_Speed_Rivals_XBOX360-PROTOCOL.torrent 2013-11-14 03:24 - 2013-11-19 21:38 - 00000728 _____ C:\Windows\setupact.log 2013-11-14 03:24 - 2013-11-14 03:24 - 00000000 _____ C:\Windows\setuperr.log 2013-11-14 03:05 - 2013-10-12 08:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-14 03:05 - 2013-10-12 08:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-14 03:05 - 2013-10-12 08:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-14 03:05 - 2013-10-12 08:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-14 03:05 - 2013-10-12 08:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-14 03:05 - 2013-10-12 07:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-14 03:05 - 2013-10-12 07:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-14 03:05 - 2013-10-12 07:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-14 03:05 - 2013-10-12 06:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-14 03:05 - 2013-10-12 06:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-14 03:05 - 2013-10-12 05:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-14 03:05 - 2013-10-12 05:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-13 04:18 - 2013-10-05 20:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 04:18 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 04:18 - 2013-09-28 01:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 04:17 - 2013-10-04 02:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 04:17 - 2013-10-04 02:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 04:17 - 2013-10-04 02:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 04:17 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 04:17 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 04:17 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 04:17 - 2013-09-25 02:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 04:17 - 2013-09-25 02:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 04:17 - 2013-09-25 02:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 04:17 - 2013-09-25 02:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 04:17 - 2013-09-25 02:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 04:17 - 2013-09-25 02:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 04:17 - 2013-09-25 02:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 04:17 - 2013-09-25 02:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 04:17 - 2013-09-25 01:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 04:17 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 04:17 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 04:17 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 04:17 - 2013-09-25 01:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 04:17 - 2013-07-04 12:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-13 04:16 - 2013-10-12 02:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 04:16 - 2013-10-12 02:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 04:16 - 2013-10-12 02:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 04:16 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 04:16 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-13 04:16 - 2013-10-03 02:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 04:16 - 2013-10-03 02:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-12 19:09 - 2013-11-12 19:09 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 2 2013-11-12 19:05 - 2013-11-12 19:09 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 1 2013-11-12 19:05 - 2013-11-12 19:05 - 00000000 ____D C:\Users\Peverley\Desktop\$SystemUpdate 2013-11-12 18:39 - 2013-11-12 18:39 - 00000000 ____D C:\Users\Peverley\Desktop\content 2013-11-11 14:57 - 2013-11-11 15:06 - 00000066 _____ C:\Users\Peverley\AppData\Roaming\vso_ts_preview.xml 2013-11-11 13:30 - 2013-11-11 13:30 - 3581045979 _____ C:\Users\Peverley\Desktop\Linkin Park Live From Madison Square Garden 2011.mkv 2013-11-11 13:22 - 2013-11-11 13:22 - 00034481 _____ C:\Users\Peverley\Downloads\Linkin Park - Live From Madison Square Garden 2011 720p HDTV x264 AVC.torrent 2013-11-05 20:32 - 2013-11-05 20:32 - 00000000 ____D C:\Spacekace 2013-11-03 10:25 - 2013-11-03 10:25 - 00000000 ____D C:\Program Files (x86)\Convert Audio Free ==================== One Month Modified Files and Folders ======= 2013-11-19 22:00 - 2013-11-19 21:50 - 00012175 _____ C:\Users\Peverley\Downloads\FRST.txt 2013-11-19 21:50 - 2013-11-19 21:50 - 01957964 _____ (Farbar) C:\Users\Peverley\Downloads\FRST64.exe 2013-11-19 21:47 - 2009-07-14 04:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-19 21:47 - 2009-07-14 04:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-19 21:45 - 2013-09-09 18:17 - 00000000 ____D C:\ProgramData\MFAData 2013-11-19 21:43 - 2013-11-19 21:43 - 00000000 ___SD C:\ComboFix 2013-11-19 21:43 - 2013-11-19 21:40 - 00000000 ___SD C:\32788R22FWJFW 2013-11-19 21:43 - 2013-09-05 13:27 - 00000000 ____D C:\Qoobox 2013-11-19 21:41 - 2009-07-14 05:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-11-19 21:40 - 2013-09-09 16:45 - 05146522 ____R (Swearware) C:\Users\Peverley\Desktop\ComboFix.exe 2013-11-19 21:39 - 2013-08-17 10:53 - 00000000 ___RD C:\Users\Peverley\Dropbox 2013-11-19 21:39 - 2013-08-17 10:47 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Dropbox 2013-11-19 21:39 - 2013-05-16 15:35 - 00000000 ____D C:\Users\Peverley\AppData\Local\HTC MediaHub 2013-11-19 21:39 - 2012-09-12 09:10 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-19 21:38 - 2013-11-14 03:24 - 00000728 _____ C:\Windows\setupact.log 2013-11-19 21:38 - 2010-01-01 11:53 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-19 21:38 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-19 12:43 - 2012-04-04 18:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-19 12:33 - 2010-01-01 11:52 - 02091483 _____ C:\Windows\WindowsUpdate.log 2013-11-19 12:29 - 2013-11-19 12:29 - 00003352 ____N C:\bootsqm.dat 2013-11-19 12:28 - 2013-11-19 12:28 - 00000000 __SHD C:\found.000 2013-11-19 08:59 - 2009-07-14 05:13 - 00006450 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-19 08:57 - 2013-11-19 08:57 - 00159914 _____ C:\Users\Peverley\Downloads\Need_For_Speed_Rivals_XBOX360-PROTOCOL.torrent 2013-11-14 04:51 - 2012-09-12 09:10 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-14 04:01 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache 2013-11-14 03:24 - 2013-11-14 03:24 - 00000000 _____ C:\Windows\setuperr.log 2013-11-14 03:05 - 2009-08-14 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-14 03:04 - 2013-08-07 02:08 - 00000000 ____D C:\Windows\system32\MRT 2013-11-14 03:01 - 2010-01-02 20:34 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-12 19:09 - 2013-11-12 19:09 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 2 2013-11-12 19:09 - 2013-11-12 19:05 - 00000000 ____D C:\Users\Peverley\Desktop\Disc 1 2013-11-12 19:05 - 2013-11-12 19:05 - 00000000 ____D C:\Users\Peverley\Desktop\$SystemUpdate 2013-11-12 18:39 - 2013-11-12 18:39 - 00000000 ____D C:\Users\Peverley\Desktop\content 2013-11-12 15:20 - 2010-01-02 13:00 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\vlc 2013-11-12 14:54 - 2013-02-06 16:29 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Skype 2013-11-12 10:35 - 2010-01-21 17:54 - 00000000 ____D C:\Windows\Minidump 2013-11-11 15:06 - 2013-11-11 14:57 - 00000066 _____ C:\Users\Peverley\AppData\Roaming\vso_ts_preview.xml 2013-11-11 15:06 - 2010-01-04 08:59 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Vso 2013-11-11 14:59 - 2010-12-06 14:22 - 00000000 ____D C:\Users\Peverley\Documents\ConvertXtoDVD 2013-11-11 13:30 - 2013-11-11 13:30 - 3581045979 _____ C:\Users\Peverley\Desktop\Linkin Park Live From Madison Square Garden 2011.mkv 2013-11-11 13:25 - 2012-11-13 19:43 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\uTorrent 2013-11-11 13:22 - 2013-11-11 13:22 - 00034481 _____ C:\Users\Peverley\Downloads\Linkin Park - Live From Madison Square Garden 2011 720p HDTV x264 AVC.torrent 2013-11-10 17:14 - 2012-05-14 10:37 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Mozilla 2013-11-10 17:14 - 2011-05-04 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-10 17:13 - 2013-10-19 10:33 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player 2013-11-06 20:54 - 2010-01-02 17:30 - 00000000 ____D C:\Users\Peverley\AppData\Roaming\abgx360 2013-11-06 05:29 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF 2013-11-05 20:32 - 2013-11-05 20:32 - 00000000 ____D C:\Spacekace 2013-11-04 15:47 - 2013-08-06 04:33 - 00219648 _____ C:\Users\Peverley\Desktop\Shift Plan.xls 2013-11-03 10:25 - 2013-11-03 10:25 - 00000000 ____D C:\Program Files (x86)\Convert Audio Free 2013-10-27 09:26 - 2013-10-18 09:53 - 00000000 ____D C:\Users\Peverley\Desktop\Xbox ZeroAccess: C:\Users\Peverley\AppData\Local\Google\Desktop\Install ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-10 14:22 ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top