1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Inactive] Sysyem Scan MBAM & DDS

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by dwjay, Sep 2, 2014.

Thread Status:
Not open for further replies.
  1. dwjay

    dwjay Established Techie7 Member

    mbam140902.TXT

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 02/09/2014
    Scan Time: 00:04:14
    Logfile: MBAM140902.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.09.01.08
    Rootkit Database: v2014.08.21.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: DJ

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 301908
    Time Elapsed: 15 min, 23 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 2
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\UPDATEFOCUSBASE.EXE, 2388, Delete-on-Reboot, [e795d513cdae5ed88ea4f2a6aa5744bc]
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\utilfocusbase.exe, 2544, Delete-on-Reboot, [f28aab3d1c5f86b08da58117dd244cb4]

    Modules: 0
    (No malicious items detected)

    Registry Keys: 11
    PUP.Optional.FocusBase.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update focusbase, Quarantined, [e795d513cdae5ed88ea4f2a6aa5744bc],
    PUP.Optional.FocusBase.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util focusbase, Quarantined, [f28aab3d1c5f86b08da58117dd244cb4],
    PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [ee8ef7f1a7d4f145ccb19819966cd927],
    PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [ee8ef7f1a7d4f145ccb19819966cd927],
    PUP.Optional.MySearchDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [6f0d07e1ccaf2e08809b08708979ab55],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\focusbase, Quarantined, [a9d3a246304bb4826a460c48fe062cd4],
    PUP.Optional.IStart123.A, HKLM\SOFTWARE\WOW6432NODE\istart123Software, Quarantined, [2f4d2fb9b3c841f51a88a848986a57a9],
    PUP.Optional.FocusBase.A, HKU\S-1-5-21-4178370440-1027878917-386577218-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\focusbase, Quarantined, [46369a4e2f4c7bbb248db69e11f3a759],
    PUP.Optional.SuperFish.A, HKU\S-1-5-21-4178370440-1027878917-386577218-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [0775e30534476cca6221ad4ea0629967],
    PUP.Optional.BubbleDock.A, HKU\S-1-5-21-4178370440-1027878917-386577218-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NOSIBAY\Bubble Dock Tag, Quarantined, [720a35b31f5c7cba944c6ab6fb0854ac],
    PUP.Optional.Softonic.A, HKU\S-1-5-21-4178370440-1027878917-386577218-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [99e3b3355d1eb581d57efa14fe056997],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 18
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\UPDATEFOCUSBASE.EXE, Delete-on-Reboot, [e795d513cdae5ed88ea4f2a6aa5744bc],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\utilfocusbase.exe, Delete-on-Reboot, [f28aab3d1c5f86b08da58117dd244cb4],
    PUP.Optional.BubbleDock.A, C:\$Recycle.Bin\S-1-5-21-4178370440-1027878917-386577218-1001\$RF66WY3\Uninstall Bubble Dock.exe, Quarantined, [6e0eecfcdba02412679156f13dc43cc4],
    PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-4178370440-1027878917-386577218-1001\$RZY84YP\focusbase.BrowserAdapterS.dll, Quarantined, [d5a76f79304be94db85a474c1be638c8],
    PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-4178370440-1027878917-386577218-1001\$RZY84YP\focusbase.PurBrowse.dll, Quarantined, [126ac1272655be788165f38f847dce32],
    PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-4178370440-1027878917-386577218-1001\$RZY84YP\focusbase.PurBrowseG.dll, Quarantined, [b9c307e15427f145fb488202659ccd33],
    Trojan.Agent.ED, C:\Users\DJ\Downloads\Adaware_Installer.exe, Quarantined, [bac25494fc7f77bfd7d42fb707f9a25e],
    PUP.Optional.OutBrowse, C:\Users\DJ\Downloads\setup.exe, Quarantined, [7ffdb8307b00d066fc085464936e2ed2],
    PUP.Optional.Softonic.A, C:\Users\DJ\Downloads\SoftonicDownloader_for_kindle.exe, Quarantined, [b1cb7c6c0a71dd59126e36f7a35e728e],
    PUP.Optional.OutBrowse, C:\Users\DJ\Downloads\Firefox.exe, Quarantined, [cfad8167a5d61b1b69cab6fb20e17e82],
    PUP.Optional.InstalleRex, C:\Users\DJ\Downloads\How To Permanently Activate Microsoft Office 2013 (KMSNano) -Tech-Vital Computer - The Simple IT Guide.exe, Quarantined, [9ede5296d1aae254b305c7e1976ab54b],
    PUP.Optional.MultiPlug.A, C:\Users\DJ\Downloads\KMSpico v9.2.3 Final Best Windows_Office Activator Free Download.exe, Quarantined, [473565831467290ddda4ecc154ad30d0],
    PUP.Optional.MultiPlug.A, C:\Users\DJ\Downloads\KMSpico v9.3.1 Final + Portable.rar.exe, Quarantined, [c5b7e8003a41ea4c4839dcd1ef12df21],
    PUP.Optional.MultiPlug.A, C:\Users\DJ\Downloads\Microsoft Toolkit 2.5 Final, Activator For Windows and Office Free Download (2).exe, Quarantined, [394333b58eed6acc1e63affe728fcc34],
    PUP.Optional.MultiPlug.A, C:\Users\DJ\Downloads\Microsoft Toolkit 2.5 Final, Activator For Windows and Office Free Download.exe, Quarantined, [b4c808e0483330061c651f8e07fab44c],
    PUP.Optional.MultiPlug.A, C:\Users\DJ\Downloads\Microsoft Toolkit 2.5 Final, Activator For Windows and Office Free Download (1).exe, Quarantined, [403c27c1e19a5ed8a4ddf6b7907127d9],
    PUP.Optional.Bubbledock.A, C:\Users\DJ\AppData\Roaming\Bubble Dock.boostrap.log, Quarantined, [5b21d4146c0fe452b8e2839b986b22de],
    PUP.Optional.ASK.A, C:\Users\DJ\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://www.search.ask.com/?gct=hp",), Replaced,[d7a5ac3c92e9d26431ccbe5cb253659b]

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    ==================------------------==========================

    DDS---ATTACH.TXT


    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 8.1
    Boot Device: \Device\HarddiskVolume2
    Install Date: 18/07/2014 20:27:31
    System Uptime: 02/09/2014 00:26:58 (0 hours ago)
    .
    Motherboard: Acer | | EA50_CX
    Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz | U3E1 | 1800/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 448 GiB total, 388.228 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP22: 22/08/2014 10:38:38 - Installed Acer System Information
    RP23: 22/08/2014 11:17:19 - Installed Microsoft Office XP Professional
    RP24: 23/08/2014 18:06:18 - Revo Uninstaller's restore point - Bubble Dock (remove only)
    RP25: 23/08/2014 18:16:20 - Removed Live Updater
    RP26: 26/08/2014 13:46:01 - Installed HP Support Solutions Framework
    RP27: 01/09/2014 23:48:25 - AA11
    .
    ==== Installed Programs ======================
    .
    Acer Docs
    Acer Media
    Acer Photo
    Acer Portal
    Acer Power Management
    Acer Quick Access
    Acer Recovery Management
    Acer Remote Files
    Acer System Information
    Ad-Aware Antivirus
    Ad-Aware Browsing Protection
    AdAwareInstaller
    AdAwareUpdater
    Adobe Acrobat 6.0 Professional
    Adobe Reader XI (11.0.08)
    Advanced SystemCare 7
    Akamai NetSession Interface
    AntimalwareEngine
    Auslogics DiskDefrag
    avast! Free Antivirus
    Belarc Advisor 8.4
    BitTorrent
    Broadcom Card Reader Driver Installer
    Broadcom NetLink Controller
    CCleaner
    CutePDF Writer 3.0
    CyberLink PowerDVD 12
    Defraggler
    Dragon NaturallySpeaking 12
    Driver Booster
    Dropbox
    Dropbox Packages
    eBay Worldwide
    ETDWare PS/2-X64 11.6.27.201_WHQL
    Google Chrome
    HP Photo Creations
    HP Photosmart 7520 series Basic Device Software
    HP Photosmart 7520 series Help
    HP Photosmart 7520 series Product Improvement Study
    HP Support Solutions Framework
    HP Update
    Identity Card
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel® Trusted Connect Service Client
    IObit Malware Fighter
    IObit Uninstaller
    LastPass (uninstall only)
    Malwarebytes Anti-Malware version 2.0.2.1012
    Microsoft Access MUI (English) 2013
    Microsoft Access Setup Metadata MUI (English) 2013
    Microsoft DCF MUI (English) 2013
    Microsoft Excel MUI (English) 2013
    Microsoft Groove MUI (English) 2013
    Microsoft InfoPath MUI (English) 2013
    Microsoft Lync MUI (English) 2013
    Microsoft Office 32-bit Components 2013
    Microsoft Office OSM MUI (English) 2013
    Microsoft Office OSM UX MUI (English) 2013
    Microsoft Office Professional Plus 2013
    Microsoft Office Proofing (English) 2013
    Microsoft Office Proofing Tools 2013 - English
    Microsoft Office Proofing Tools 2013 - Español
    Microsoft Office Shared 32-bit MUI (English) 2013
    Microsoft Office Shared MUI (English) 2013
    Microsoft Office Shared Setup Metadata MUI (English) 2013
    Microsoft Office XP Professional
    Microsoft OneNote MUI (English) 2013
    Microsoft Outlook MUI (English) 2013
    Microsoft PowerPoint MUI (English) 2013
    Microsoft Publisher MUI (English) 2013
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual Studio 2005 Tools for Office Runtime
    Microsoft Word MUI (English) 2013
    Mozilla Maintenance Service
    Mozilla Thunderbird 31.0 (x86 en-US)
    MSXML 4.0 SP2 Parser and SDK
    OpenOffice 4.1.0
    Outils de vérification linguistique 2013 de Microsoft Office - Français
    Qualcomm Atheros Bluetooth Suite (64)
    Qualcomm Atheros WLAN and Bluetooth Client Installation Program
    Realtek High Definition Audio Driver
    Revo Uninstaller 1.95
    Skype Click to Call
    Skype™ 6.18
    Smart Defrag 3
    Solar Accounts
    Spotify
    Start Menu 8
    Surfing Protection
    Visual Studio Tools for the Office system 3.0 Runtime
    Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
    WinRAR 5.10 (64-bit)
    Wise Care 365 3.22
    .
    ==== Event Viewer Messages From Past Week ========
    .
    29/08/2014 23:02:25, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Windows.Store as Unavailable/Unavailable. The error: "2" Happened while starting this command: "C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
    26/08/2014 17:36:07, Error: Schannel [36887] - A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
    26/08/2014 01:52:46, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Lothan4\DJ SID (S-1-5-21-4178370440-1027878917-386577218-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    02/09/2014 00:38:43, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft.ZuneVideo.
    01/09/2014 23:54:42, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
    01/09/2014 23:02:25, Error: volmgr [46] - Crash dump initialization failed!
    .
    ==== End Of File ===========================


    DDS.TXT

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17239
    Run by DJ at 0:53:40 on 2014-09-02
    Microsoft Windows 8.1 6.3.9600.0.1252.44.2057.18.3985.1976 [GMT 1:00]
    .
    AV: Ad-Aware Antivirus *Enabled/Updated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Ad-Aware Antivirus *Enabled/Updated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
    C:\Windows\system32\dwm.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
    C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
    C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
    C:\Windows\system32\dashost.exe
    C:\Program Files\Elantech\ETDService.exe
    C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Windows\system32\taskhostex.exe
    C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
    C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Acer\Acer Quick Access\QASvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
    C:\Program Files\Elantech\ETDTouch.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
    C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
    C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
    C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
    C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
    C:\Windows\system32\igfxext.exe
    C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Users\DJ\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
    C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
    C:\Users\DJ\AppData\Local\Akamai\netsession_win.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\ProgramData\FLEXnet\Connect\11\agent.exe
    C:\Users\DJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uSearch Bar = hxxps://uk.yahoo.com?fr=hp-avast&type=avastbcl
    mStart Page = about:blank
    mSearch Bar = hxxps://uk.yahoo.com?fr=hp-avast&type=avastbcl
    uProxyOverride = <local>
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
    BHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
    BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    uRun: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
    uRun: [Google Update] "C:\Users\DJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [BFF0D4EB04144239221D8009CB0C5ABEC6D03539._service_run] "C:\Users\DJ\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    uRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
    uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
    uRun: [Akamai NetSession Interface] "C:\Users\DJ\AppData\Local\Akamai\netsession_win.exe"
    uRun: [HP Photosmart 7520 series (NET)] "C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN38A490H705YY:NW" -scfn "HP Photosmart 7520 series (NET)" -AutoStart 1
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    mRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
    mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mExplorerRun: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
    StartupFolder: C:\Users\DJ\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\DJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\Acrobat Assistant.lnk - C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
    IE: LastPass - C:\Users\DJ\AppData\LocalLow\LastPass\context.html?cmd=lastpass
    IE: LastPass Fill Forms - C:\Users\DJ\AppData\LocalLow\LastPass\context.html?cmd=fillforms
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{10DF7A06-8B4A-4129-9A2C-0A96BC232D15} : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{528ED878-82DE-42EE-9502-541921FF8EBD} : NameServer = 217.171.132.1
    TCP: Interfaces\{E02A42C7-A9F9-4AF2-ADA4-BFB64FB0EEB6} : DHCPNameServer = 192.168.1.254
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    SSODL: WebCheck - <orphaned>
    LSA: Security Packages = ""
    x64-mStart Page = about:blank
    x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
    x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
    x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
    x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
    x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
    x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
    x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
    x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe"
    x64-ExplorerRun: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
    x64-mPolicies-System: PromptOnSecureDesktop = dword:0
    x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
    x64-Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - <orphaned>
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
    x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-7-21 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-7-21 224896]
    R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2014-7-30 39768]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-7-24 786296]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-7-24 348552]
    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-8-28 21184]
    R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2014-8-5 157016]
    R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2013-8-22 76800]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-7-21 1041168]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-7-21 427360]
    R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-8-7 881952]
    R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-7-21 29208]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-7-21 79184]
    R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-7-21 92008]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe [2013-9-7 312448]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-21 50344]
    R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
    R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2013-7-26 2650696]
    R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2013-10-15 311184]
    R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-10-15 101192]
    R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-7-7 72992]
    R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-8-7 342336]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-1-17 169432]
    R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [2014-8-27 706864]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-2 1809720]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-2 860472]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2013-10-15 219752]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-10-15 189912]
    R2 StartMenuService;StartMenu8 Service;C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2014-8-28 72992]
    R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2013-7-19 82128]
    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2013-9-7 34384]
    R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2013-9-7 594120]
    R3 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-7-5 663592]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2013-10-15 370504]
    R3 gzflt;gzflt;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [2014-4-22 150256]
    R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-1-17 169752]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-10-15 449528]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-8-22 27032]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2013-7-26 458960]
    R3 LMDriver;Launch Manager Wireless Driver;C:\Windows\System32\drivers\LMDriver.sys [2013-7-17 21360]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-9-2 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-9-2 122584]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-9-2 64216]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-7-24 313544]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-7-24 523792]
    R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
    R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
    R3 QASvc;Quick Access Service;C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2013-8-2 457768]
    R3 RadioShim;Shim for HID-KMDF Interface layer;C:\Windows\System32\drivers\RadioShim.sys [2013-7-17 14680]
    S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\drivers\mfeelamk.sys [2013-7-24 70600]
    S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-8-7 2152736]
    S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2014-7-21 580232]
    S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2013-8-22 782176]
    S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
    S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2013-8-22 37768]
    S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2013-9-7 89800]
    S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2013-8-22 17624]
    S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2013-9-7 338120]
    S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2013-9-7 116424]
    S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2013-9-7 179432]
    S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2013-9-7 77464]
    S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2013-9-7 137928]
    S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2014-8-5 226304]
    S3 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-7-24 72128]
    S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
    S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
    S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2013-8-22 651248]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-30 111616]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-8-22 39320]
    S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
    S3 lfsvc;Windows Location Framework Service;C:\Windows\System32\svchost.exe -k netsvcs [2013-8-22 37768]
    S3 LSI_SAS3;LSI_SAS3;C:\Windows\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
    S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc63.sys [2013-8-22 87040]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-1 178824]
    S3 ReFS;ReFS;C:\Windows\System32\drivers\refs.sys [2014-8-5 924504]
    S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-8-7 34848]
    S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
    S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2014-7-30 146776]
    S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
    S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2013-8-22 37768]
    S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2014-7-30 57176]
    S3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2013-8-22 26976]
    S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-8-7 23016]
    S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
    S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2014-8-5 123224]
    S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2014-8-5 347880]
    S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
    S3 wmbclass;USB Mobile Broadband Adapter Driver;C:\Windows\System32\drivers\wmbclass.sys [2014-8-5 268288]
    S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2013-8-22 37768]
    S3 WSDScan;WSD Scan Support;C:\Windows\System32\drivers\WSDScan.sys [2013-8-22 23040]
    S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-8-7 23048]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: Applications\winword.exe - HKCR\Unknown\Shell=C:\Windows\System32\OpenWith.exe "%1" [UserChoice] [default=openas]
    .
    =============== Created Last 30 ================
    .
    2014-09-01 23:01:16 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-09-01 23:00:47 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-09-01 23:00:47 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-09-01 23:00:46 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-09-01 23:00:46 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-09-01 23:00:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-01 22:49:23 -------- d-----w- C:\Program Files\Common Files\Lavasoft
    2014-09-01 08:50:56 262312 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10245.bin
    2014-08-30 12:37:55 28672 ----a-w- C:\Windows\System32\bddel.exe
    2014-08-29 20:55:40 -------- d-----w- C:\Users\DJ\AppData\Local\Adobe
    2014-08-28 04:22:59 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
    2014-08-28 04:22:18 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140828052259.dll
    2014-08-28 04:22:13 21184 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
    2014-08-28 04:14:03 4148224 ----a-w- C:\Windows\System32\win32k.sys
    2014-08-28 04:14:03 1336624 ----a-w- C:\Windows\System32\gdi32.dll
    2014-08-28 04:14:02 1064448 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2014-08-26 16:48:32 -------- d-----w- C:\Users\DJ\AppData\Local\CutePDF Writer
    2014-08-26 16:38:39 -------- d-----w- C:\UpdateChromeLinksLogs
    2014-08-26 16:38:27 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
    2014-08-26 16:38:26 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2014-08-26 16:35:46 -------- d-----w- C:\ProgramData\APN
    2014-08-26 16:34:25 -------- d-----w- C:\Program Files (x86)\GPLGS
    2014-08-26 16:33:29 87600 ----a-w- C:\Windows\System32\cpwmon64.dll
    2014-08-26 16:33:26 -------- d-----w- C:\Program Files (x86)\Acro Software
    2014-08-26 14:53:18 -------- d-----w- C:\ProgramData\Visan
    2014-08-26 14:53:18 -------- d-----w- C:\ProgramData\HP Photo Creations
    2014-08-26 14:53:18 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
    2014-08-26 14:53:02 -------- d-----w- C:\Users\DJ\AppData\Roaming\HpUpdate
    2014-08-26 14:52:56 741480 ------w- C:\Windows\System32\HPDiscoPMBC11.dll
    2014-08-26 14:52:18 -------- d-----w- C:\Program Files\HP
    2014-08-26 14:51:51 -------- d-----w- C:\Users\DJ\AppData\Local\HP
    2014-08-26 14:43:08 -------- d-----w- C:\Program Files (x86)\LogMeIn Rescue RC - 124dbc34-1db8-46da-8ab0-a145494dc0f9
    2014-08-26 14:42:29 -------- d-----w- C:\Users\DJ\AppData\Local\LogMeIn Rescue Applet
    2014-08-26 13:40:05 -------- d-----w- C:\Program Files (x86)\Belarc
    2014-08-26 12:46:42 -------- d-----w- C:\Program Files (x86)\Hp
    2014-08-25 22:45:39 -------- d-----w- C:\Users\DJ\AppData\Local\Intel_Corporation
    2014-08-24 21:52:57 -------- d-----w- C:\Users\DJ\AppData\Local\Acer
    2014-08-23 17:55:17 27456 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
    2014-08-23 10:16:06 -------- d-----w- C:\Users\DJ\AppData\Local\Mozilla
    2014-08-23 10:13:23 -------- d-----w- C:\Users\DJ\AppData\Roaming\Nosibay
    2014-08-23 10:13:23 -------- d-----w- C:\Program Files (x86)\MyPC Backup
    2014-08-23 10:12:34 -------- d-----w- C:\Program Files (x86)\focusbase
    2014-08-22 10:20:22 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync
    2014-08-22 10:19:39 -------- d-----w- C:\Program Files (x86)\Common Files\SpeechEngines
    2014-08-22 10:19:39 -------- d-----w- C:\Program Files (x86)\Common Files\L&H
    2014-08-19 08:29:44 -------- d-----w- C:\Windows\SysWow64\spool
    2014-08-16 15:59:13 517528 ----a-w- C:\Windows\System32\dxgi.dll
    2014-08-16 15:59:13 406400 ----a-w- C:\Windows\SysWow64\dxgi.dll
    2014-08-16 15:59:12 2133504 ----a-w- C:\Windows\System32\dwmcore.dll
    2014-08-16 15:59:12 1557848 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2014-08-16 15:59:11 710144 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2014-08-16 15:59:11 1273184 ----a-w- C:\Windows\System32\rpcrt4.dll
    2014-08-16 15:53:40 697856 ----a-w- C:\Windows\System32\aepdu.dll
    2014-08-14 23:09:07 -------- d-----w- C:\Users\DJ\AppData\Roaming\BitTorrent
    2014-08-10 22:45:13 -------- d-----w- C:\Program Files\CCleaner
    2014-08-10 22:12:29 -------- d-----w- C:\AdwCleaner
    2014-08-10 21:40:09 -------- d-----w- C:\Users\DJ\AppData\Roaming\Store
    2014-08-10 21:05:47 -------- d-----w- C:\Users\DJ\AppData\Local\assembly
    2014-08-10 20:30:05 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
    2014-08-10 20:26:36 -------- d-----w- C:\Windows\PCHEALTH
    2014-08-10 20:26:36 -------- d-----w- C:\Program Files\Microsoft SQL Server
    2014-08-10 20:21:15 -------- d-----w- C:\Program Files\Microsoft Analysis Services
    2014-08-10 20:21:15 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    2014-08-10 20:20:57 -------- d-----w- C:\Users\DJ\AppData\Local\Microsoft Help
    2014-08-10 19:17:25 -------- d-----w- C:\Users\DJ\AppData\Local\Akamai
    2014-08-10 14:48:00 -------- d-----w- C:\Users\DJ\AppData\Roaming\Nuance
    2014-08-10 14:44:19 -------- d-sh--w- C:\Users\DJ\AppData\Local\EmieUserList
    2014-08-10 14:44:19 -------- d-sh--w- C:\Users\DJ\AppData\Local\EmieSiteList
    2014-08-10 14:44:00 -------- d-----w- C:\Users\DJ\AppData\Roaming\FLEXnet
    2014-08-10 14:42:50 -------- d-----w- C:\Program Files (x86)\Common Files\IVA
    2014-08-10 14:42:13 -------- d-----w- C:\Program Files (x86)\Common Files\Nuance
    2014-08-10 14:41:19 -------- d-----w- C:\ProgramData\Nuance
    2014-08-10 14:41:19 -------- d-----w- C:\Program Files (x86)\Nuance
    2014-08-10 12:04:55 704480 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-08-10 12:04:55 105440 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-08-10 11:53:19 -------- d-s---w- C:\Windows\System32\CompatTel
    2014-08-10 09:25:28 -------- d-----w- C:\Users\DJ\New folder
    2014-08-08 19:49:17 15824384 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
    2014-08-08 19:48:43 -------- d-----w- C:\Program Files (x86)\LastPass
    2014-08-08 19:15:02 -------- d-----w- C:\Users\DJ\AppData\Local\Skype
    2014-08-08 19:14:53 -------- d-----r- C:\Program Files (x86)\Skype
    2014-08-08 14:20:51 -------- d-----w- C:\ProgramData\Auslogics
    2014-08-08 14:20:46 -------- d-----w- C:\Program Files (x86)\Auslogics
    2014-08-07 21:50:04 -------- d-----w- C:\Program Files\Defraggler
    2014-08-07 21:37:50 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
    2014-08-07 21:21:59 3959384 ----a-w- C:\Windows\System32\MaxxAudioVnN64.dll
    2014-08-07 21:18:22 750752 ----a-w- C:\Windows\System32\IntelWiDiWinNextAgent64.dll
    2014-08-07 21:09:45 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140828052218.dll
    2014-08-07 20:56:50 -------- d-----w- C:\Users\DJ\AppData\Roaming\ProductData
    2014-08-07 20:55:41 -------- d-----w- C:\ProgramData\ProductData
    2014-08-07 20:55:30 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
    2014-08-07 20:55:27 -------- d-----w- C:\ProgramData\IObit
    2014-08-07 20:55:10 -------- d-----w- C:\Program Files (x86)\IObit
    2014-08-07 20:54:02 -------- d-----w- C:\Users\DJ\AppData\Roaming\IObit
    2014-08-07 10:09:59 1018880 ----a-w- C:\Windows\System32\termsrv.dll
    2014-08-05 05:14:06 563200 ----a-w- C:\Windows\System32\drivers\afd.sys
    2014-08-05 05:14:04 3360256 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-08-05 05:14:02 86688 ----a-w- C:\Windows\System32\mrt_map.dll
    2014-08-05 05:14:02 80032 ----a-w- C:\Windows\SysWow64\mrt_map.dll
    2014-08-05 05:14:02 28320 ----a-w- C:\Windows\System32\mrt100.dll
    2014-08-05 05:14:02 26784 ----a-w- C:\Windows\SysWow64\mrt100.dll
    2014-08-05 05:14:01 2752512 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll
    2014-08-05 05:14:00 966144 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
    2014-08-05 05:14:00 834048 ----a-w- C:\Windows\System32\osk.exe
    2014-08-05 05:14:00 779264 ----a-w- C:\Windows\SysWow64\osk.exe
    2014-08-05 05:12:29 201728 ----a-w- C:\Windows\System32\ubpm.dll
    2014-08-05 05:12:28 1705472 ----a-w- C:\Windows\System32\wucltux.dll
    2014-08-05 05:12:27 381440 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
    2014-08-05 05:12:27 190976 ----a-w- C:\Windows\System32\storewuauth.dll
    2014-08-05 05:12:26 35328 ----a-w- C:\Windows\System32\wuapp.exe
    2014-08-05 05:12:26 31232 ----a-w- C:\Windows\SysWow64\wuapp.exe
    2014-08-05 05:12:26 137728 ----a-w- C:\Windows\System32\wuwebv.dll
    2014-08-05 05:12:26 123904 ----a-w- C:\Windows\SysWow64\wuwebv.dll
    2014-08-05 05:11:15 7173120 ----a-w- C:\Windows\System32\Windows.Data.Pdf.dll
    2014-08-05 05:11:14 6645248 ----a-w- C:\Windows\System32\mstscax.dll
    2014-08-05 05:11:12 5104640 ----a-w- C:\Windows\SysWow64\Windows.Data.Pdf.dll
    2014-08-05 05:11:11 8652800 ----a-w- C:\Windows\System32\Windows.UI.Search.dll
    2014-08-05 05:11:04 1308160 ----a-w- C:\Windows\System32\gpsvc.dll
    2014-08-05 05:11:02 5833216 ----a-w- C:\Windows\SysWow64\Windows.UI.Search.dll
    2014-08-05 05:11:02 2688000 ----a-w- C:\Windows\System32\SettingsHandlers.dll
    2014-08-05 05:11:01 765408 ----a-w- C:\Windows\System32\mfmpeg2srcsnk.dll
    2014-08-05 05:11:00 669856 ----a-w- C:\Windows\SysWow64\mfmpeg2srcsnk.dll
    2014-08-05 05:09:37 1975296 ----a-w- C:\Windows\System32\DWrite.dll
    2014-08-05 00:47:27 84992 ----a-w- C:\Windows\System32\drivers\en-US\ntfs.sys.mui
    2014-08-05 00:13:59 834560 ----a-w- C:\Windows\System32\netlogon.dll
    2014-08-05 00:05:38 11742720 ----a-w- C:\Windows\System32\glcndFilter.dll
    2014-08-05 00:05:36 3394384 ----a-w- C:\Windows\System32\WSService.dll
    2014-08-05 00:05:17 630784 ----a-w- C:\Windows\System32\OobeFldr.dll
    2014-08-05 00:05:16 630272 ----a-w- C:\Windows\SysWow64\OobeFldr.dll
    2014-08-05 00:05:12 8946688 ----a-w- C:\Windows\SysWow64\glcndFilter.dll
    2014-08-05 00:05:02 1435304 ----a-w- C:\Windows\System32\sppobjs.dll
    2014-08-05 00:03:58 777728 ----a-w- C:\Windows\System32\SettingSyncCore.dll
    2014-08-05 00:02:59 600576 ----a-w- C:\Windows\SysWow64\SettingSyncCore.dll
    2014-08-05 00:01:59 924504 ----a-w- C:\Windows\System32\drivers\refs.sys
    2014-08-05 00:00:59 544768 ----a-w- C:\Windows\SysWow64\wlidcli.dll
    2014-08-04 23:59:59 54784 ----a-w- C:\Windows\System32\fveskybackup.dll
    2014-08-04 23:59:59 3584 ---ha-w- C:\Windows\SysWow64\ext-ms-win-networking-wcmapi-l1-1-0.dll
    2014-08-04 23:59:59 15360 ----a-w- C:\Windows\System32\finger.exe
    2014-08-04 23:59:57 28160 ----a-w- C:\Windows\SysWow64\f3ahvoas.dll
    2014-08-03 18:26:48 -------- d-----w- C:\Users\DJ\AppData\Local\Deployment
    2014-08-03 18:26:48 -------- d-----w- C:\Users\DJ\AppData\Local\Apps
    2014-08-03 13:45:45 -------- d-----r- C:\Windows\BrowserChoice
    .
    ==================== Find3M ====================
    .
    2014-08-14 08:46:08 233912 ----a-w- C:\Windows\System32\mfps.dll
    2014-08-14 08:39:52 428888 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2014-08-14 08:37:51 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-08-14 08:37:47 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-08-14 08:37:46 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-08-14 08:37:45 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-08-14 08:37:45 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-08-14 08:37:44 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-08-14 08:37:43 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-08-14 08:37:41 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-08-14 08:37:40 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2014-08-07 21:21:59 28343384 ----a-w- C:\Windows\System32\MaxxAudioVnA64.dll
    2014-08-07 21:18:22 2474856 ----a-w- C:\Windows\System32\IntelWiDiVAD64.exe
    2014-08-02 05:44:01 527360 ----a-w- C:\Windows\System32\aeinv.dll
    2014-08-02 03:11:49 918528 ----a-w- C:\Windows\System32\MrmCoreR.dll
    2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
    2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
    2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
    2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-07-21 09:51:39 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2014-07-21 09:51:39 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
    2014-07-21 09:51:39 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2014-07-21 09:51:39 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2014-07-21 09:51:39 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
    2014-07-21 09:51:39 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2014-07-21 09:51:39 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2014-07-21 09:51:38 43152 ----a-w- C:\Windows\avastSS.scr
    2014-07-15 18:16:27 3048880 ----a-w- C:\Windows\System32\WpcMon.exe
    2014-07-15 08:29:16 3118080 ----a-w- C:\Windows\System32\Wpc.dll
    2014-07-15 08:22:59 2861056 ----a-w- C:\Windows\System32\WpcWebSync.dll
    2014-07-15 08:03:50 2344448 ----a-w- C:\Windows\SysWow64\Wpc.dll
    2014-07-12 04:17:55 623616 ----a-w- C:\Windows\System32\MDMAgent.exe
    2014-07-12 02:45:06 161792 ----a-w- C:\Windows\System32\wbem\MDMAppProv.dll
    2014-07-12 02:35:08 418816 ----a-w- C:\Windows\System32\wbem\MDMSettingsProv.dll
    2014-07-10 04:16:37 716800 ----a-w- C:\Windows\System32\SkyDriveTelemetry.dll
    2014-07-10 04:03:58 4756992 ----a-w- C:\Windows\System32\SyncEngine.dll
    2014-07-10 03:33:41 1120256 ----a-w- C:\Windows\System32\SkyDrive.exe
    2014-06-28 07:07:52 385536 ----a-w- C:\Windows\System32\devinv.dll
    2014-06-20 09:38:22 72128 ----a-w- C:\Windows\System32\drivers\cfwids.sys
    2014-06-20 09:31:06 348552 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
    2014-06-20 09:30:38 189912 ----a-w- C:\Windows\System32\mfevtps.exe
    2014-06-20 09:26:02 786296 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
    2014-06-20 09:23:40 523792 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
    2014-06-20 09:21:48 313544 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
    2014-06-20 09:20:54 181704 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
    2014-06-20 09:09:34 70600 ----a-w- C:\Windows\System32\drivers\mfeelamk.sys
    2014-06-09 22:13:27 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
    2014-06-09 22:13:22 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
    2014-06-06 13:04:45 586240 ----a-w- C:\Windows\System32\qedit.dll
    2014-06-06 12:18:07 488960 ----a-w- C:\Windows\SysWow64\qedit.dll
    2014-06-05 14:13:21 216368 ----a-w- C:\Windows\System32\rsaenh.dll
    2014-06-05 13:14:55 189016 ----a-w- C:\Windows\SysWow64\rsaenh.dll
    2014-06-04 09:27:33 114520 ----a-w- C:\Windows\System32\consent.exe
    2014-06-04 05:31:25 356352 ----a-w- C:\Windows\System32\msihnd.dll
    2014-06-04 05:22:06 2790912 ----a-w- C:\Windows\System32\msi.dll
    2014-06-04 04:43:29 281088 ----a-w- C:\Windows\SysWow64\msihnd.dll
    2014-06-04 04:38:43 3304448 ----a-w- C:\Windows\SysWow64\msi.dll
    2014-06-04 02:15:26 2642944 ----a-w- C:\Windows\System32\authui.dll
    2014-06-04 02:14:41 2318336 ----a-w- C:\Windows\SysWow64\authui.dll
    .
    ============= FINISH: 0:54:54.97 ===============
     
    dwjay, Sep 2, 2014
    #1
  2. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ================================

    [​IMG] You're running two AV programs, Avast and Ad-aware .
    You have to uninstall one of them.
    I suggest Ad-aware goes.

    [​IMG] Uninstall Advanced SystemCare.
    Registry cleaners/optimizers are not recommended for several reasons:

    • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

      The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
    • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
    • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
    • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
    • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
    Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download [img=[url]http://www.imgdumper.nl/uploads6/51a5f31352f71/51a5f31352b88-icon_MBAR.png][/url]Malwarebytes Anti-Rootkit to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
     
    broni, Sep 3, 2014
    #2
Thread Status:
Not open for further replies.