Jump to content

rkdownload

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. This to further update that It was not just limited to chrome, instead started happening in IE as well and more frequently with long duration. What I found is that When I install adblock chrome extension it works perfectly. So my question, is something suspicious installed on my laptop which is injecting the ads or the website itself contains those ads? Because I want to make sure that my laptop does not contains any virus//adware, which we so far not able to detect by following above mentioned steps. Thanks & Regards Raj
  2. Random Audio are being played only in Chrome for below mentioned web site as it is injecting ad frame which is not displayed when open the same url in IE (Please see attached picture) URL http://finviz.com/quote.ashx?t=ICLD&ty=c&ta=1&p=d&b=1
  3. It's in chrome. Today this is happening for long duration and more frequently. I even reinstalled it but no luck.
  4. It's still happening. Just a random Audio for a sec I am not even able to figure out what it is. Maybe I should test in other browser just to identify if that's only in chrome
  5. Please find attached Fixlog. As this problem does not happen that frequently. I will keep you updated. Thanks & Regards Raj Fixlog.txt
  6. Please find attached all the generated logs. Thanks Raj Addition.txt FRST.txt AdwCleanerR1.txt JRT.txt
  7. I by mistake, deleted the folder containing all the logs generated while following above mentioned steps. While running FRST64.exe again noticed below mentioned error. Is this normal? should I ignore it? Exception EAccessViolation in module ERUNT.exe at 00003A62. Access violation at address 00403A62 in module 'ERUNT.exe'. Read of address 00000029.
  8. I recreated the log. Even the first log file states in the end "End of Log" Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01Ran by Home (administrator) on HOME-DELL on 29-04-2015 17:50:58Running from C:\SoftwareLoaded Profiles: Home (Available profiles: Home)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe() C:\Program Files\TrueColor\TrueColorALS.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Intel Corporation) C:\Windows\System32\igfxext.exe(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Intel Corporation) C:\Windows\System32\igfxHK.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intel Corporation) C:\Windows\System32\igfxTray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe(ELAN Microelectronic Corp.) C:\Program Files\Elan\USB\ETDUSBCtrl.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(ELAN Microelectronic Corp.) C:\Program Files\Elan\USB\ETDUSBCtrlHelper.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe(Refresher) C:\Refresher Pro 1.3\Refresher PRO.exe(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3090592 2012-06-03] (Dell Inc.)HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppHKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [18785776 2014-04-30] (Entertainment Experience)HKLM\...\Run: [ETDUSBWare] => C:\Program Files\Elan\USB\ETDUSBCtrl.exe [869320 2010-06-18] (ELAN Microelectronic Corp.)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [562264 2014-04-10] (Waves Audio Ltd.)HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395616 2014-09-03] (Citrix Systems, Inc.)HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-09-03] (Citrix Systems, Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-04-23] (Avast Software s.r.o.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)HKLM-x32\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc.exe [101120 2013-07-23] (Waves Audio Ltd.)Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)HKU\S-1-5-21-2657657887-749758827-3473097796-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostartStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-25]ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2014-11-18]ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-23] (Avast Software s.r.o.)ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2657657887-749758827-3473097796-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJBHKU\S-1-5-21-2657657887-749758827-3473097796-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJBHKU\S-1-5-21-2657657887-749758827-3473097796-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieHKU\S-1-5-21-2657657887-749758827-3473097796-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ieSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2657657887-749758827-3473097796-1001 -> DefaultScope {141437DC-2BDE-4D65-8E59-603B7F111F3E} URL = SearchScopes: HKU\S-1-5-21-2657657887-749758827-3473097796-1001 -> {141437DC-2BDE-4D65-8E59-603B7F111F3E} URL = SearchScopes: HKU\S-1-5-21-2657657887-749758827-3473097796-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-23] (Avast Software s.r.o.)BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-29] (Oracle Corporation)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-29] (Oracle Corporation)Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-09-03] (Citrix Systems, Inc.)Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1 FireFox:========FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-09-03] (Citrix Systems, Inc.)FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-29] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-29] (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-29] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-29] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-11]FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-12-12] Chrome: =======CHR HomePage: Default -> CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Entanglement Web App) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-11-18]CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-18]CHR Extension: (TV) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-11-18]CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-18]CHR Extension: (Google Cast) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-11-18]CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-18]CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-12-12]CHR Extension: (Bookmark Manager) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-11]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]CHR Extension: (Poppit!) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-11-18]CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-18]CHR Extension: (Auto Refresh Plus) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-11-18]CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-18]CHR HKU\S-1-5-21-2657657887-749758827-3473097796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-23] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-23] (Avast Software)S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2013-10-14] (Intel Corporation)S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-22] (Intel Corporation)S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)R2 WavesSysSvc; C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe [497664 2014-04-07] (Waves Audio Ltd.)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-23] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-23] (Avast Software s.r.o.)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-23] (Avast Software s.r.o.)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-23] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-23] (Avast Software s.r.o.)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-23] (Avast Software s.r.o.)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-23] (Avast Software s.r.o.)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-23] ()R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-02-03] (Motorola Solutions, Inc.)R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1419064 2014-02-21] (Motorola Solutions, Inc.)R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-14] (Intel Corporation)R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-14] (Intel Corporation)R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [290256 2013-10-14] (Intel Corporation)R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation)R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [187336 2014-05-13] (Intel Corporation)R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()S3 LAN7500; C:\Windows\system32\DRIVERS\lan7500-x64-n630f.sys [96256 2013-04-05] (SMSC)S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-27] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-29] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-05-03] (Intel Corporation)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-08-25] (Microsoft Corporation)R3 ST_Accel; C:\Windows\System32\drivers\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-23] (Avast Software)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-29 17:51 - 2015-04-29 17:51 - 00071349 _____ () C:\Users\Home\Downloads\FRST.txt2015-04-28 17:07 - 2015-04-29 17:51 - 00000000 ____D () C:\FRST2015-04-23 22:13 - 2015-04-23 22:13 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-04-23 22:13 - 2015-04-23 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-04-23 22:13 - 2015-04-23 22:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-04-23 22:13 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-04-23 22:13 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-04-23 22:04 - 2015-04-27 21:02 - 00000000 ____D () C:\AdwCleaner2015-04-23 19:31 - 2015-04-23 19:31 - 00000247 _____ () C:\Windows\system32\2015-04-23-23-31-00.010-aswFe.exe-4500.log2015-04-23 19:23 - 2015-04-23 19:30 - 00000247 _____ () C:\Windows\system32\2015-04-23-23-23-54.077-aswFe.exe-2016.log2015-04-23 19:23 - 2015-04-23 19:23 - 00000197 _____ () C:\Windows\system32\2015-04-23-23-23-51.055-AvastVBoxSVC.exe-4184.log2015-04-23 19:19 - 2015-04-23 19:19 - 00000000 ____D () C:\Windows\%LOCALAPPDATA%2015-04-23 19:10 - 2015-04-23 19:11 - 00000197 _____ () C:\Windows\system32\2015-04-23-23-10-52.049-AvastVBoxSVC.exe-3788.log2015-04-23 19:09 - 2015-04-23 19:10 - 00000197 _____ () C:\Windows\system32\2015-04-23-23-09-56.093-AvastVBoxSVC.exe-468.log2015-04-23 19:07 - 2015-04-23 19:07 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe2015-04-23 19:07 - 2015-04-23 19:07 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr2015-04-17 17:16 - 2015-04-29 17:50 - 00000000 ____D () C:\Software2015-04-15 15:11 - 2015-04-15 15:11 - 00000197 _____ () C:\Windows\system32\2015-04-15-19-11-14.011-AvastVBoxSVC.exe-3220.log2015-04-15 15:06 - 2015-04-15 15:06 - 00000000 ____D () C:\Windows\system32\appraiser2015-04-15 15:04 - 2015-04-15 15:05 - 00000197 _____ () C:\Windows\system32\2015-04-15-19-04-52.008-AvastVBoxSVC.exe-3284.log2015-04-15 06:08 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-04-15 06:08 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2015-04-15 06:08 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll2015-04-15 06:08 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2015-04-15 06:08 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll2015-04-15 06:08 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-04-15 06:08 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-04-15 06:08 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-04-15 06:08 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-04-15 06:08 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-04-15 06:08 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-04-15 06:08 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2015-04-15 06:08 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll2015-04-15 06:08 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2015-04-15 06:08 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2015-04-15 06:08 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe2015-04-15 06:08 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe2015-04-15 06:08 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2015-04-15 06:08 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2015-04-15 06:08 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-04-15 06:08 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll2015-04-15 06:08 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll2015-04-15 06:08 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-04-15 06:08 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-04-15 06:08 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-04-15 06:08 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-04-15 06:08 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-04-15 06:08 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-04-15 06:08 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-04-15 06:08 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-04-15 06:08 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll2015-04-15 06:08 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll2015-04-15 06:08 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-04-15 06:08 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-04-15 06:08 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-04-15 06:08 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-04-15 06:08 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-04-15 06:08 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-04-15 06:08 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-04-15 06:08 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-04-15 06:08 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-04-15 06:08 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-04-15 06:08 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-04-15 06:08 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-04-15 06:08 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-04-15 06:08 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-04-15 06:08 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-04-15 06:08 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-04-15 06:08 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll2015-04-15 06:08 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-04-15 06:08 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-04-15 06:08 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-04-15 06:08 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-04-15 06:08 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll2015-04-15 06:08 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll2015-04-15 06:08 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-04-15 06:08 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-04-15 06:08 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-04-15 06:08 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll2015-04-15 06:08 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-04-15 06:08 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-04-15 06:08 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-04-15 06:08 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-04-15 06:08 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-04-15 06:08 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-04-15 06:08 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys2015-04-15 06:08 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll2015-04-15 06:08 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll2015-04-15 06:08 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys2015-04-15 06:08 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll2015-04-15 06:08 - 2014-12-02 19:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-04-14 19:46 - 2015-04-14 19:46 - 00000197 _____ () C:\Windows\system32\2015-04-14-23-46-54.067-AvastVBoxSVC.exe-1664.log2015-04-14 19:31 - 2015-04-14 19:32 - 00000197 _____ () C:\Windows\system32\2015-04-14-23-31-48.090-AvastVBoxSVC.exe-3244.log2015-04-14 19:09 - 2015-04-14 19:09 - 00000197 _____ () C:\Windows\system32\2015-04-14-23-09-58.057-AvastVBoxSVC.exe-3188.log2015-04-13 13:54 - 2015-04-13 13:55 - 00000197 _____ () C:\Windows\system32\2015-04-13-17-54-59.069-AvastVBoxSVC.exe-5404.log2015-04-11 07:16 - 2015-04-11 07:17 - 00000197 _____ () C:\Windows\system32\2015-04-11-11-16-43.071-AvastVBoxSVC.exe-3604.log2015-04-10 06:39 - 2015-04-10 06:40 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 20132015-04-10 06:39 - 2015-04-10 06:40 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 20132015-04-10 06:32 - 2015-04-10 06:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2015-04-10 06:31 - 2015-04-10 06:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2015-04-10 06:31 - 2015-04-10 06:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2015-04-08 21:43 - 2015-04-08 21:43 - 00000000 ____D () C:\Users\Home\AppData\Roaming\NuGet2015-04-08 21:20 - 2015-04-08 21:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.02015-04-08 21:20 - 2015-04-08 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 20122015-04-08 21:13 - 2015-04-08 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.12015-04-08 21:13 - 2015-04-08 21:13 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits2015-04-08 21:11 - 2015-04-19 10:14 - 00000000 ____D () C:\Users\Home\Documents\Visual Studio 20132015-04-08 21:11 - 2015-04-08 21:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE2015-04-08 21:04 - 2015-04-08 21:04 - 00000000 ____D () C:\Program Files (x86)\AppInsights2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition2015-04-08 20:58 - 2015-04-08 20:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition2015-04-08 20:55 - 2015-04-08 21:06 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit2015-04-08 20:55 - 2015-04-08 20:55 - 00000000 ____D () C:\Program Files\Application Verifier2015-04-08 20:55 - 2015-04-08 20:55 - 00000000 ____D () C:\Program Files (x86)\Application Verifier2015-04-08 20:52 - 2015-04-08 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits2015-04-08 20:49 - 2015-04-08 20:49 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions2015-04-08 20:44 - 2015-04-08 20:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET2015-04-08 20:42 - 2015-04-08 20:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools2015-04-08 20:41 - 2015-04-08 21:05 - 00000000 ____D () C:\Program Files\IIS Express2015-04-08 20:41 - 2015-04-08 21:05 - 00000000 ____D () C:\Program Files (x86)\IIS Express2015-04-08 20:40 - 2015-04-08 20:40 - 00000000 ____D () C:\ProgramData\NuGet2015-04-08 20:40 - 2015-04-08 20:40 - 00000000 ____D () C:\Program Files (x86)\NuGet2015-04-08 20:39 - 2015-04-08 20:39 - 00000000 ____D () C:\Program Files\IIS2015-04-08 20:39 - 2015-04-08 20:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services2015-04-08 20:39 - 2015-04-08 20:39 - 00000000 ____D () C:\Program Files (x86)\IIS2015-04-08 20:37 - 2015-04-08 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression2015-04-08 20:36 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll2015-04-08 20:32 - 2015-04-08 20:36 - 00000000 ____D () C:\Program Files (x86)\Windows Kits2015-04-08 20:32 - 2015-04-08 20:32 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits2015-04-08 20:32 - 2015-04-08 20:32 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop2015-04-08 20:31 - 2015-04-08 20:31 - 00000000 ____D () C:\Windows\symbols2015-04-08 20:31 - 2015-04-08 20:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer2015-04-08 20:24 - 2015-04-08 21:34 - 00000000 ____D () C:\Program Files\Microsoft SQL Server2015-04-08 20:24 - 2015-04-08 21:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server2015-04-08 20:24 - 2015-04-08 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 20132015-04-08 20:24 - 2015-04-08 20:35 - 00000000 ____D () C:\Windows\SysWOW64\10332015-04-08 20:04 - 2015-04-08 21:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.02015-04-08 20:03 - 2015-04-08 20:25 - 00000000 ____D () C:\Windows\system32\10332015-04-08 20:03 - 2015-04-08 20:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf2015-04-08 20:02 - 2015-04-08 21:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs2015-04-08 20:02 - 2015-04-08 20:02 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.02015-04-05 12:04 - 2015-04-19 09:28 - 00000000 ____D () C:\Sample2015-04-04 19:58 - 2015-04-04 19:58 - 00000000 ___SD () C:\Windows\SysWOW64\GWX2015-04-04 19:58 - 2015-04-04 19:58 - 00000000 ___SD () C:\Windows\system32\GWX2015-04-01 16:44 - 2015-04-01 16:44 - 00000000 ____D () C:\Program Files (x86)\Dell Product Registration2015-04-01 05:34 - 2015-04-01 05:34 - 00000197 _____ () C:\Windows\system32\2015-04-01-09-34-27.061-AvastVBoxSVC.exe-3200.log2015-03-31 18:10 - 2015-03-31 18:10 - 00003146 _____ () C:\Windows\System32\Tasks\RtHDVBg_PushButton2015-03-31 17:58 - 2015-03-31 17:58 - 00000197 _____ () C:\Windows\system32\2015-03-31-21-58-37.042-AvastVBoxSVC.exe-4072.log2015-03-30 18:21 - 2015-03-30 18:22 - 00000197 _____ () C:\Windows\system32\2015-03-30-22-21-49.025-AvastVBoxSVC.exe-3896.log2015-03-30 18:10 - 2015-04-13 19:24 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-03-30 18:10 - 2015-04-13 19:24 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-03-30 18:10 - 2015-03-30 18:11 - 00000197 _____ () C:\Windows\system32\2015-03-30-22-10-42.017-AvastVBoxSVC.exe-3180.log2015-03-30 16:51 - 2014-10-28 21:38 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe2015-03-30 16:50 - 2014-10-28 22:17 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe2015-03-30 16:48 - 2014-10-28 21:04 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe2015-03-30 16:47 - 2014-10-28 21:04 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe2015-03-30 16:46 - 2014-10-28 21:58 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe2015-03-30 16:45 - 2014-10-28 21:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe2015-03-30 16:45 - 2014-10-28 21:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe2015-03-30 16:44 - 2014-10-28 22:43 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe2015-03-30 16:43 - 2014-10-28 22:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-29 17:40 - 2015-03-29 20:35 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-04-29 17:17 - 2015-03-29 21:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-04-29 17:00 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru2015-04-29 09:15 - 2014-08-25 08:00 - 01179614 _____ () C:\Windows\WindowsUpdate.log2015-04-29 06:54 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp2015-04-29 06:13 - 2014-11-19 07:07 - 00000000 ____D () C:\ProgramData\softthinks2015-04-29 06:13 - 2014-08-25 08:25 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery2015-04-29 06:09 - 2015-03-29 20:35 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-04-28 17:02 - 2015-03-29 21:34 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2015-04-28 16:23 - 2014-11-24 21:04 - 00000000 ____D () C:\Users\Home\AppData\Local\CrashDumps2015-04-27 21:06 - 2014-08-25 08:35 - 00016974 _____ () C:\Windows\SysWOW64\Gms.log2015-04-27 21:03 - 2013-08-22 10:46 - 00067602 _____ () C:\Windows\setupact.log2015-04-27 21:03 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-04-27 20:19 - 2015-03-29 21:34 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-04-27 20:12 - 2014-03-18 05:44 - 00778368 _____ () C:\Windows\PFRO.log2015-04-27 20:11 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI2015-04-26 22:09 - 2014-11-19 07:01 - 00000000 ____D () C:\Users\Home\AppData\Local\PasswordSafe2015-04-23 22:33 - 2014-11-18 22:30 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2657657887-749758827-3473097796-10012015-04-23 19:08 - 2014-12-11 14:33 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update2015-04-23 19:07 - 2014-12-11 14:33 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys2015-04-23 19:07 - 2014-12-11 14:33 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys2015-04-23 19:07 - 2014-12-11 14:33 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys2015-04-23 19:07 - 2014-12-11 14:33 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys2015-04-23 19:07 - 2014-12-11 14:33 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys2015-04-23 19:07 - 2014-12-11 14:33 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys2015-04-23 19:07 - 2014-12-11 14:33 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2015-04-23 19:07 - 2014-12-11 14:33 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys2015-04-19 10:15 - 2014-11-18 22:25 - 00000000 ____D () C:\Users\Home\AppData\Local\Packages2015-04-19 10:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness2015-04-18 20:22 - 2014-03-18 05:53 - 00915466 _____ () C:\Windows\system32\PerfStringBackup.INI2015-04-17 17:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache2015-04-16 10:43 - 2015-03-29 20:37 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-04-15 21:42 - 2014-11-18 22:25 - 00000000 ____D () C:\Users\Home2015-04-15 15:36 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppCompat2015-04-15 15:06 - 2015-03-13 20:42 - 00000000 ___SD () C:\Windows\system32\CompatTel2015-04-15 06:43 - 2014-11-20 19:18 - 00000000 ____D () C:\Windows\system32\MRT2015-04-15 06:38 - 2014-11-22 11:13 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-04-15 06:38 - 2014-11-20 19:18 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-04-11 22:27 - 2014-08-25 08:27 - 00000000 ____D () C:\Temp2015-04-11 07:15 - 2013-08-22 10:44 - 00439328 _____ () C:\Windows\system32\FNTCACHE.DAT2015-04-11 07:13 - 2014-08-25 08:07 - 00000000 ____D () C:\ProgramData\Package Cache2015-04-11 07:12 - 2014-08-25 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueColor2015-04-11 07:12 - 2014-08-25 08:23 - 00000000 ____D () C:\Program Files\TrueColor2015-04-08 20:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared2015-04-08 20:04 - 2014-08-25 08:16 - 00000000 ____D () C:\Program Files (x86)\MSBuild2015-04-01 16:44 - 2014-08-25 08:34 - 00000000 ____D () C:\Windows\System32\Tasks\Dell2015-04-01 16:44 - 2014-08-25 08:09 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell2015-03-31 18:10 - 2014-08-25 07:52 - 01087759 _____ () C:\Windows\system32\Drivers\rtwavesskdy.dat2015-03-31 18:10 - 2014-08-25 07:52 - 00468858 _____ () C:\Windows\system32\Drivers\RTWAVES60.dat2015-03-31 18:10 - 2014-08-25 07:52 - 00044105 _____ () C:\Windows\system32\Drivers\rtwavesvp3cap.dat2015-03-31 18:10 - 2014-08-25 07:52 - 00031095 _____ () C:\Windows\system32\Drivers\rtwavesEFX.dat2015-03-31 18:10 - 2014-08-25 07:52 - 00010945 _____ () C:\Windows\system32\Drivers\rtwavesMFX.dat2015-03-31 18:10 - 2014-08-25 07:52 - 00002976 _____ () C:\Windows\system32\Drivers\rtwavesmvpss.dat2015-03-31 18:09 - 2014-08-25 07:51 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM2015-03-30 18:06 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData2015-03-30 18:06 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-30 18:06 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2015-03-30 18:06 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories2015-03-30 18:06 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\WinStore2015-03-30 18:06 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender2015-03-30 18:06 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender ==================== Files in the root of some directories ======= 2013-09-17 15:06 - 2014-11-22 10:36 - 0017408 _____ () C:\Program Files\RunAsDate.exe2014-11-23 17:54 - 2014-11-23 17:54 - 0000093 _____ () C:\Users\Home\AppData\Roaming\ARCompanion.log2014-08-25 07:52 - 2014-08-25 07:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP:====================C:\Users\Home\AppData\Local\Temp\Quarantine.exeC:\Users\Home\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-18 08:01 ==================== End Of Log ============================
  9. Dear Members Need help in removing Random Audio Virus. Any help in this direction would be great. I have also attached the requested log files. Thanks In Advance -Raj Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.