Stokkers

Members
  • Content count

    21
  • Joined

  • Last visited

About Stokkers

  • Rank
    New Member

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Wisbech, England
  1. You may be interested in this email I had from AVG on a different problem: From Bruce Sawyer If you have installed Malwarebytes Premium (even a free trial), then it would not be surprising that you are having problems. Only Malwarebytes Anti-Malware (Free) is compatible with AVG because it does not include resident protection. I uninstalled Malwarebytes and ALL my problems disappeared! In fact, my PC is running much quicker. Needless to say, should anyone ask me for a recommendation, I am afraid that I couldnot honestly suggest Malwarebytes. I believe this problem started AFTER installing the upgrade.
  2. I have been trying to follow instructions, taken log, told to do this and that, and haven't a cluse what I am doing, or what to do next! I go from one forum to another and do not know what to do now. I tell you waht, if I AM infected, not program, Malwarebytes, Spybot, CCleaner or AVG has not found it. The only common denominator is Malwarebytes. It keeps telling me I am out of date - reinstall and everything goes OK until I restart my PC. I have now got to the end of my tether and, after several years using MB,I am convinced that I shall be uninstalling the program and hope for the best.
  3. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014 01 Ran by Ken (administrator) on KEN-PC on 25-07-2014 15:57:56 Running from C:\Users\Ken\Downloads Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (ABBYY) C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe (Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE () C:\Windows\System32\GManager.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe () C:\Program Files\Common Files\DesktopUtil\MCTDesktopSvr.exe () C:\Program Files\MCT\VGA0007\Utility\MCTUISvr.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Interactive Brands Inc.) C:\Program Files\PDF Suite 2014\HelperService.exe (Interactive Brands Inc.) C:\Program Files\PDF Suite 2014\ConversionService.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe () C:\Users\Ken\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\CertifiedBrowserService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe () C:\Program Files\AVG Web TuneUp\vprot.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Microsoft Corporation) C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILFE.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILFE.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Corel, Inc.) C:\Program Files\Corel\Corel PaintShop Pro X6\Corel PaintShop Pro.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\.DEFAULT\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-25] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [skyDrive] => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-06-06] (Microsoft Corporation) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) AppInit_DLLs: C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL => C:\Program Files\Amazon\Amazon1ButtonApp\\AmazonExtIE.dll [141120 2014-02-22] (Amazon Inc.) Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://premium.raintoday.co.uk/ Toolbar: HKLM - PDF Suite 2014 Toolbar - {A0B8187A-4FC7-4973-907E-1A25BC8E91A5} - C:\Program Files\PDF Suite 2014\PDFIEPlugin.dll (Interactive Brands Inc.) Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKCU - No Name - {C1BB359F-FCB8-4F0C-9190-065983AF8382} - No File Toolbar: HKCU - No Name - {EE4015C9-30E2-45E6-8E9D-992B8FED39B4} - No File Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll (AVG Secure Search) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419 FF NewTab: hxxp://www.amazon.co.uk/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_uk_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_67fee61789584575ba98643a70dcfec5_39_1006_20140516_GB_ff_nt_sbinstall2 FF DefaultSearchEngine: Amazon FF SearchEngineOrder.1: Amazon FF SelectedSearchEngine: Amazon FF Homepage: https://dub127.mail.live.com/default.aspx?id=64855&owa=1&owasuffix=owa%2f FF Keyword.URL: hxxp://www.amazon.co.uk/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_uk_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-uk-ff-21&tbrId=v1_abb-channel-23_67fee61789584575ba98643a70dcfec5_39_1006_20140516_GB_ff_ab_sbinstall2&query= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\3.1.0\\npsitesafety.dll No File FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Ken\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin HKCU: gamevenus.com/CertifiedBrowser - C:\Users\Ken\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies) FF Plugin ProgramFiles/Appdata: C:\Users\Ken\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml FF Extension: British English Dictionary (Updated) - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\en-gb@flyingtophat.co.uk [2013-10-23] FF Extension: Cookies Manager+ - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2013-09-18] FF Extension: SaveFrom.net helper - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\helper@savefrom.net.xpi [2014-02-08] FF Extension: Lightbeam - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-09-15] FF Extension: English (GB) Language Pack - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2013-09-26] FF Extension: Adblock Plus - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-23] FF Extension: BetterPrivacy - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-09-15] FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-03-26] FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.1.0.6 FF Extension: AVG Web TuneUp - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.1.0.6 [2014-07-07] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR StartupUrls: "hxxp://www.google.com" CHR DefaultSearchKeyword: securesearch CHR DefaultSearchProvider: SecureSearch CHR DefaultSearchURL: http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-14&hsimp=yhs-lavasoft&ent=ch&q={searchTerms} CHR DefaultNewTabURL: CHR Extension: (Docs) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07] CHR Extension: (YouTube) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-23] CHR Extension: (RealDownloader) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-23] CHR Extension: (FindWide Toolbar) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifnkmmomkfpcffhgpbkkijkonhcoemkd [2013-12-24] CHR Extension: (TidyNetwork) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\iioclfomkbdamhihdfgancpaflpmckoh [2013-12-24] CHR Extension: (Google Wallet) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07] CHR Extension: (Gmail) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-23] CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-12-23] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY) R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1432080 2013-10-23] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.) R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1565880 2014-05-21] (Microsoft Corporation) R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-15] (SEIKO EPSON CORPORATION) R2 GManager; C:\Windows\system32\GManager.exe [222584 2011-08-03] () S3 ICVISS; C:\Program Files\Common Files\iCode Systems\VidCap\VISS\ICVISS.exe [180224 2011-09-14] (iCode Systems Limited) [File not signed] R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MCTDesktopSvr; C:\Program Files\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] () R2 MCTUISvr; C:\Program Files\MCT\VGA0007\Utility\MCTUISvr.exe [199296 2011-08-09] () R2 PDF Suite 2014 Helper Service; C:\Program Files\PDF Suite 2014\HelperService.exe [1144184 2013-12-10] (Interactive Brands Inc.) R2 PDF Suite 2014 Service; C:\Program Files\PDF Suite 2014\ConversionService.exe [853368 2013-12-10] (Interactive Brands Inc.) R2 PSI_SVC_2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG) R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-07-14] (AVG) R2 vToolbarUpdater3.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [1814040 2014-07-07] (AVG Secure Search) R2 YouTubeDownloaderConverter; C:\Users\Ken\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\CertifiedBrowserService.exe [104448 2013-07-02] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-07-07] (AVG Technologies) S3 DsAudioDevice_310; C:\Windows\System32\drivers\DsAudioDevice_310.sys [16640 2009-01-08] (Wondershare) [File not signed] S3 emAudio; C:\Windows\System32\drivers\emAudio.sys [24576 2008-04-03] (eMPIA Technology, Inc.) R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation) R3 mctkmd; C:\Windows\system32\drivers\mctkmd.sys [99456 2011-07-28] (Magic Control Technology Corporation) R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr.sys [17024 2011-04-08] (Magic Control Technology Corporation) R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-12-19] () R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software) R3 TW68XX; C:\Windows\System32\Drivers\TW68XX.sys [49440 2010-04-02] (Techwell) [File not signed] S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [583680 2010-08-20] (eMPIA Technology, Inc.) S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [840704 2010-08-20] (eMPIA Technology, Inc.) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation) R3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [27496 2013-01-25] (Wondershare) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 netr28u; system32\DRIVERS\netr28u.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 15:57 - 2014-07-25 15:58 - 00022393 _____ () C:\Users\Ken\Downloads\FRST.txt 2014-07-25 15:57 - 2014-07-25 15:58 - 00000000 ____D () C:\FRST 2014-07-25 15:57 - 2014-07-25 15:57 - 01084416 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe 2014-07-25 08:02 - 2014-07-25 08:02 - 04813544 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup416.exe 2014-07-23 18:55 - 2014-07-23 19:11 - 00000000 ____D () C:\Users\Ken\Documents\Corel VideoStudio Pro 2014-07-23 18:52 - 2014-07-23 18:55 - 00000000 ____D () C:\ProgramData\Protexis 2014-07-23 18:44 - 2014-06-30 02:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-23 18:44 - 2014-06-30 02:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-23 18:42 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-07-23 18:36 - 2014-06-05 15:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel VideoStudio Pro X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel FastFlick X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001003 _____ () C:\Users\Public\Desktop\Corel ScreenCap X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X7 2014-07-23 18:28 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-07-23 18:28 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-07-23 18:28 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-07-23 18:28 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-07-23 18:28 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-07-23 18:28 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-07-23 18:28 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-07-23 18:28 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-07-23 18:28 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-07-23 18:28 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-07-23 18:28 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-07-23 18:28 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-07-23 18:28 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-07-23 18:28 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-07-23 18:28 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-07-23 18:28 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-07-23 18:28 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-07-23 18:28 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-07-23 18:28 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-07-23 18:28 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-07-23 18:28 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-07-23 18:28 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-07-23 18:28 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-07-23 18:28 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-07-23 18:28 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-07-23 18:28 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-07-23 18:28 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-07-23 18:28 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-07-23 18:28 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-07-23 18:28 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-07-23 18:28 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-07-23 18:28 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-07-23 18:28 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-07-23 18:28 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-07-23 18:28 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-07-23 18:28 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-07-23 18:28 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-07-23 18:28 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-07-23 18:28 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-07-23 18:28 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-07-23 18:28 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-07-23 18:28 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-07-23 18:28 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-07-23 18:28 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-07-23 18:28 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-07-23 18:28 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-07-23 18:28 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-07-23 18:28 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-07-23 18:28 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-07-23 18:28 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-07-23 18:28 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-07-23 18:28 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-07-23 18:28 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-07-23 18:28 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-07-23 18:28 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-07-23 18:28 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-07-23 18:28 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-07-23 18:28 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-07-23 18:28 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-07-23 18:28 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-07-23 18:28 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-07-23 18:27 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-07-23 18:27 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-07-23 18:27 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-07-23 18:27 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-07-23 18:27 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-07-23 18:27 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-07-23 18:27 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-07-23 18:27 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-07-23 18:27 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-07-23 17:54 - 2014-07-23 18:19 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB(1).exe 2014-07-23 17:46 - 2014-07-23 18:13 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB.exe 2014-07-22 16:44 - 2014-07-25 15:45 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-22 16:43 - 2014-07-22 16:43 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-07-22 16:43 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-22 16:43 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-22 16:43 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-22 16:42 - 2014-07-22 16:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-21 14:12 - 2014-07-25 15:13 - 00000000 ____D () C:\Users\Ken\AppData\Local\CrashDumps 2014-07-20 14:25 - 2014-07-20 14:25 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\vlc 2014-07-19 05:09 - 2014-07-19 05:09 - 00011734 ____H () C:\Users\Ken\Documents\~WRL0003.tmp 2014-07-17 11:19 - 2014-07-17 11:19 - 00000511 _____ () C:\Users\Ken\Documents\Have a problem.txt 2014-07-17 08:30 - 2014-07-17 08:30 - 00659968 _____ () C:\Users\Ken\Downloads\MicrosoftFixit50195.msi 2014-07-16 21:04 - 2014-07-16 21:05 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-16 21:04 - 2014-07-16 21:04 - 31892616 _____ (Microsoft Corporation) C:\Users\Ken\Downloads\EIE11_EN-US_WOL_WIN7.EXE 2014-07-15 16:17 - 2014-07-15 16:17 - 00134072 _____ () C:\Windows\ColorPic Uninstaller.exe 2014-07-15 16:17 - 2014-07-15 16:17 - 00000995 _____ () C:\Users\Ken\Desktop\ColorPic.lnk 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPic 4.1 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\ColorPic 4.1 2014-07-15 16:16 - 2014-07-15 16:16 - 00593294 _____ () C:\Users\Ken\Downloads\ColorPic.zip 2014-07-15 16:07 - 2014-07-15 16:07 - 00220021 _____ () C:\Users\Ken\Downloads\colorMatch.zip 2014-07-12 20:27 - 2014-07-14 11:26 - 00025400 _____ (AVG) C:\Windows\system32\authuitu.dll 2014-07-10 18:39 - 2014-07-10 21:29 - 00000000 __SHD () C:\Users\Ken\AppData\Roaming\.# 2014-07-09 16:51 - 2014-07-09 16:52 - 00000000 ____D () C:\Program Files\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 02143832 _____ () C:\Users\Ken\Downloads\instsf449.exe 2014-07-09 16:51 - 2014-07-09 16:51 - 00000965 _____ () C:\Users\Ken\Desktop\SpeedFan.lnk 2014-07-09 16:51 - 2014-07-09 16:51 - 00000045 _____ () C:\Windows\system32\initdebug.nfo 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-08 19:49 - 2014-07-08 19:52 - 04278968 _____ () C:\Users\Ken\Downloads\Shaking.wmv 2014-07-07 18:57 - 2014-07-12 23:29 - 00000000 ____D () C:\Users\Ken\Documents\JPD 2014-07-07 12:30 - 2014-07-07 12:30 - 00000000 ____D () C:\Users\Ken\AppData\Local\Adobe 2014-07-06 21:47 - 2014-07-06 21:47 - 00001013 _____ () C:\Users\Ken\Downloads\makdgrid.zip 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Topaz Labs 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Common Files\Topaz Labs 2014-07-04 14:30 - 2014-07-04 14:31 - 84100536 _____ () C:\Users\Ken\Downloads\topazdetail3_setup.exe 2014-07-04 14:29 - 2014-07-05 14:26 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro X6 Script Guide 2014-07-04 14:29 - 2014-07-04 14:29 - 06387728 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PSPX6_ScriptGuide.exe 2014-07-04 14:25 - 2014-07-04 14:26 - 85699664 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\Corel_KPT.exe 2014-07-04 13:13 - 2014-07-23 23:10 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Ulead Systems 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\AppData\Local\Corel PaintShop Pro 2014-07-04 13:11 - 2014-07-04 13:19 - 00001060 _____ () C:\Users\Public\Desktop\Corel PaintShop Pro X6.lnk 2014-07-04 13:11 - 2014-07-04 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6 2014-07-04 13:04 - 2014-07-04 13:06 - 257244424 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PaintShop_Pro_X6_Windows.exe 2014-07-04 12:53 - 2014-07-04 12:53 - 00929416 _____ (CNET Download.com) C:\Users\Ken\Downloads\cbsidlm-cbsi188-Corel_PaintShop_Pro-SEO-10001995.exe 2014-06-30 17:17 - 2014-06-30 17:17 - 00000000 ____D () C:\Users\Ken\Documents\New folder (2) 2014-06-26 20:23 - 2014-06-26 20:23 - 04812672 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup415.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 15:58 - 2014-07-25 15:57 - 00022393 _____ () C:\Users\Ken\Downloads\FRST.txt 2014-07-25 15:58 - 2014-07-25 15:57 - 00000000 ____D () C:\FRST 2014-07-25 15:57 - 2014-07-25 15:57 - 01084416 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe 2014-07-25 15:45 - 2014-07-22 16:44 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-25 15:13 - 2014-07-21 14:12 - 00000000 ____D () C:\Users\Ken\AppData\Local\CrashDumps 2014-07-25 15:12 - 2014-03-26 16:12 - 00000917 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {CEEF286C-285B-42CA-9EB0-369E2BB8C8B5}.job 2014-07-25 15:12 - 2014-03-26 16:12 - 00000731 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {CEEF286C-285B-42CA-9EB0-369E2BB8C8B5}.job 2014-07-25 15:01 - 2014-04-08 17:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-25 15:00 - 2014-03-26 16:00 - 00000917 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {F98982C2-5690-4505-9ABC-D7A9080844AB}.job 2014-07-25 15:00 - 2014-03-26 16:00 - 00000731 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {F98982C2-5690-4505-9ABC-D7A9080844AB}.job 2014-07-25 14:20 - 2013-07-24 12:17 - 00000000 ____D () C:\ProgramData\MFAData 2014-07-25 12:16 - 2014-04-18 14:47 - 00131584 ___SH () C:\Users\Ken\Downloads\Thumbs.db 2014-07-25 08:09 - 2013-07-24 09:35 - 01154819 ____N () C:\Windows\WindowsUpdate.log 2014-07-25 08:04 - 2014-02-14 13:26 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-25 08:04 - 2014-02-14 13:26 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-25 08:02 - 2014-07-25 08:02 - 04813544 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup416.exe 2014-07-24 08:31 - 2009-07-14 05:34 - 00026800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-24 08:31 - 2009-07-14 05:34 - 00026800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-24 08:24 - 2014-02-21 18:03 - 00000000 ___RD () C:\Users\Ken\OneDrive 2014-07-24 08:23 - 2013-08-02 12:27 - 00002764 _____ () C:\Windows\system32\GManager.ini 2014-07-24 08:23 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-23 23:10 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Ulead Systems 2014-07-23 21:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-07-23 19:38 - 2013-07-24 10:03 - 00000000 ____D () C:\Users\Ken\Documents\Manuals 2014-07-23 19:20 - 2009-07-14 05:33 - 00643912 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-23 19:18 - 2014-05-30 21:27 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-23 19:11 - 2014-07-23 18:55 - 00000000 ____D () C:\Users\Ken\Documents\Corel VideoStudio Pro 2014-07-23 18:56 - 2013-07-24 10:14 - 00215760 _____ () C:\Users\Ken\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-23 18:55 - 2014-07-23 18:52 - 00000000 ____D () C:\ProgramData\Protexis 2014-07-23 18:47 - 2013-07-24 09:49 - 00766336 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-23 18:39 - 2013-07-26 13:18 - 00000000 ____D () C:\ProgramData\Corel 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel VideoStudio Pro X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel FastFlick X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001003 _____ () C:\Users\Public\Desktop\Corel ScreenCap X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X7 2014-07-23 18:29 - 2013-07-26 13:18 - 00000000 ____D () C:\Program Files\Corel 2014-07-23 18:27 - 2013-09-03 14:11 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-23 18:19 - 2014-07-23 17:54 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB(1).exe 2014-07-23 18:13 - 2014-07-23 17:46 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB.exe 2014-07-23 09:50 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Computer Info 2014-07-23 09:47 - 2013-07-28 12:30 - 00000000 ____D () C:\Users\Ken\Documents\Facebook 2014-07-23 09:45 - 2013-12-20 17:32 - 00000000 ____D () C:\Users\Ken\Documents\Panasonic 2014-07-23 09:45 - 2013-09-04 12:25 - 00272384 ___SH () C:\Users\Ken\Documents\Thumbs.db 2014-07-22 16:43 - 2014-07-22 16:43 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-07-22 16:42 - 2014-07-22 16:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-22 15:36 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Freerider 2014-07-20 19:35 - 2013-07-24 10:03 - 00000000 ____D () C:\Users\Ken\Documents\MoviePlus X6 2014-07-20 14:25 - 2014-07-20 14:25 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\vlc 2014-07-20 12:14 - 2013-12-24 16:50 - 00000000 ____D () C:\Users\Ken\Documents\Toshiba 2014-07-19 05:09 - 2014-07-19 05:09 - 00011734 ____H () C:\Users\Ken\Documents\~WRL0003.tmp 2014-07-18 08:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-07-17 14:08 - 2009-07-14 05:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-17 13:13 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-17 11:19 - 2014-07-17 11:19 - 00000511 _____ () C:\Users\Ken\Documents\Have a problem.txt 2014-07-17 08:30 - 2014-07-17 08:30 - 00659968 _____ () C:\Users\Ken\Downloads\MicrosoftFixit50195.msi 2014-07-16 21:54 - 2014-04-13 17:18 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2014-07-16 21:05 - 2014-07-16 21:04 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-16 21:04 - 2014-07-16 21:04 - 31892616 _____ (Microsoft Corporation) C:\Users\Ken\Downloads\EIE11_EN-US_WOL_WIN7.EXE 2014-07-15 16:53 - 2014-05-15 11:29 - 00000000 ____D () C:\ProgramData\install_clap 2014-07-15 16:52 - 2013-07-27 16:46 - 00000000 ____D () C:\Users\Ken\AppData\Local\Corel 2014-07-15 16:52 - 2013-07-24 18:31 - 00000000 ____D () C:\Windows\Panther 2014-07-15 16:17 - 2014-07-15 16:17 - 00134072 _____ () C:\Windows\ColorPic Uninstaller.exe 2014-07-15 16:17 - 2014-07-15 16:17 - 00000995 _____ () C:\Users\Ken\Desktop\ColorPic.lnk 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPic 4.1 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\ColorPic 4.1 2014-07-15 16:16 - 2014-07-15 16:16 - 00593294 _____ () C:\Users\Ken\Downloads\ColorPic.zip 2014-07-15 16:09 - 2014-03-18 15:50 - 00000000 ____D () C:\Users\Ken\Documents\Art 2014-07-15 16:07 - 2014-07-15 16:07 - 00220021 _____ () C:\Users\Ken\Downloads\colorMatch.zip 2014-07-14 11:26 - 2014-07-12 20:27 - 00025400 _____ (AVG) C:\Windows\system32\authuitu.dll 2014-07-14 11:26 - 2014-03-25 17:12 - 00035640 _____ (AVG) C:\Windows\system32\uxtuneup.dll 2014-07-14 11:26 - 2014-01-23 15:04 - 00036152 _____ (AVG) C:\Windows\system32\TURegOpt.exe 2014-07-12 23:29 - 2014-07-07 18:57 - 00000000 ____D () C:\Users\Ken\Documents\JPD 2014-07-12 20:26 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Gardening 2014-07-12 08:54 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-11 15:39 - 2014-05-23 17:23 - 00000000 ____D () C:\Users\Ken\Documents\Nathan 2014-07-10 21:29 - 2014-07-10 18:39 - 00000000 __SHD () C:\Users\Ken\AppData\Roaming\.# 2014-07-09 16:52 - 2014-07-09 16:51 - 00000000 ____D () C:\Program Files\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 02143832 _____ () C:\Users\Ken\Downloads\instsf449.exe 2014-07-09 16:51 - 2014-07-09 16:51 - 00000965 _____ () C:\Users\Ken\Desktop\SpeedFan.lnk 2014-07-09 16:51 - 2014-07-09 16:51 - 00000045 _____ () C:\Windows\system32\initdebug.nfo 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-09 14:15 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Bread Maker 2014-07-09 08:01 - 2014-04-08 17:14 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-07-09 08:01 - 2014-04-08 17:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-07-08 20:44 - 2013-08-07 17:21 - 00015872 _____ () C:\Users\Ken\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-08 19:52 - 2014-07-08 19:49 - 04278968 _____ () C:\Users\Ken\Downloads\Shaking.wmv 2014-07-08 18:18 - 2013-07-24 09:47 - 00000000 ____D () C:\Users\Ken\AppData\Local\VirtualStore 2014-07-07 23:00 - 2013-07-24 10:10 - 00000000 ____D () C:\Users\Ken\Documents\Android 2014-07-07 15:03 - 2014-04-29 15:53 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys 2014-07-07 15:03 - 2014-04-29 15:53 - 00000000 _____ () C:\Program Files\Mozilla Firefoxwtu-secure-search.xml 2014-07-07 15:03 - 2014-04-29 15:52 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2014-07-07 14:34 - 2013-07-24 10:09 - 00000000 ____D () C:\Users\Ken\Documents\My Kindle Content 2014-07-07 12:30 - 2014-07-07 12:30 - 00000000 ____D () C:\Users\Ken\AppData\Local\Adobe 2014-07-07 12:29 - 2013-07-24 10:03 - 00000000 ____D () C:\Users\Ken\Documents\Labels 2014-07-06 21:47 - 2014-07-06 21:47 - 00001013 _____ () C:\Users\Ken\Downloads\makdgrid.zip 2014-07-05 14:26 - 2014-07-04 14:29 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro X6 Script Guide 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Topaz Labs 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Common Files\Topaz Labs 2014-07-04 14:31 - 2014-07-04 14:30 - 84100536 _____ () C:\Users\Ken\Downloads\topazdetail3_setup.exe 2014-07-04 14:31 - 2013-07-24 15:51 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Adobe 2014-07-04 14:29 - 2014-07-04 14:29 - 06387728 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PSPX6_ScriptGuide.exe 2014-07-04 14:26 - 2014-07-04 14:25 - 85699664 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\Corel_KPT.exe 2014-07-04 13:19 - 2014-07-04 13:11 - 00001060 _____ () C:\Users\Public\Desktop\Corel PaintShop Pro X6.lnk 2014-07-04 13:19 - 2014-07-04 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\AppData\Local\Corel PaintShop Pro 2014-07-04 13:06 - 2014-07-04 13:04 - 257244424 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PaintShop_Pro_X6_Windows.exe 2014-07-04 12:53 - 2014-07-04 12:53 - 00929416 _____ (CNET Download.com) C:\Users\Ken\Downloads\cbsidlm-cbsi188-Corel_PaintShop_Pro-SEO-10001995.exe 2014-07-04 12:33 - 2013-07-27 16:46 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys 2014-07-04 12:33 - 2013-07-24 10:09 - 00000000 ____D () C:\Users\Ken\Documents\My PSP Files 2014-07-02 16:55 - 2013-07-28 22:12 - 00000000 ____D () C:\Users\Ken\Documents\Kodak 2014-07-01 20:38 - 2013-10-17 15:46 - 00000000 ____D () C:\Users\Ken\Documents\All Recipes 2014-07-01 09:06 - 2014-06-18 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-06-30 17:17 - 2014-06-30 17:17 - 00000000 ____D () C:\Users\Ken\Documents\New folder (2) 2014-06-30 13:09 - 2013-07-24 10:10 - 00000000 ____D () C:\Users\Ken\Documents\PDF Files 2014-06-30 02:40 - 2014-07-23 18:44 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 02:36 - 2014-07-23 18:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-26 20:23 - 2014-06-26 20:23 - 04812672 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup415.exe 2014-06-26 20:23 - 2014-02-14 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Files to move or delete: ==================== C:\Users\Ken\instmsiw.exe C:\Users\Ken\Setup.exe C:\Users\Ken\unicows.dll Some content of TEMP: ==================== C:\Users\Ken\AppData\Local\Temp\air2C56.exe C:\Users\Ken\AppData\Local\Temp\air2D87.exe C:\Users\Ken\AppData\Local\Temp\air4216.exe C:\Users\Ken\AppData\Local\Temp\air92E8.exe C:\Users\Ken\AppData\Local\Temp\airD434.exe C:\Users\Ken\AppData\Local\Temp\burnsetup.exe C:\Users\Ken\AppData\Local\Temp\debutsetup.exe C:\Users\Ken\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\Ken\AppData\Local\Temp\ICReinstall_ConverterLite-1.6.8.exe C:\Users\Ken\AppData\Local\Temp\ICReinstall_EasyConverterPro-0.2.0.0.exe C:\Users\Ken\AppData\Local\Temp\prismsetup_v2.10.exe C:\Users\Ken\AppData\Local\Temp\sfamcc00001.dll C:\Users\Ken\AppData\Local\Temp\sfextra.dll C:\Users\Ken\AppData\Local\Temp\topazfusion2_setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 08:17 ==================== End Of Log ============================ Addition.txt CheckResults.txt
  4. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014 01 Ran by Ken (administrator) on KEN-PC on 25-07-2014 15:57:56 Running from C:\Users\Ken\Downloads Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (ABBYY) C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe (Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE () C:\Windows\System32\GManager.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe () C:\Program Files\Common Files\DesktopUtil\MCTDesktopSvr.exe () C:\Program Files\MCT\VGA0007\Utility\MCTUISvr.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Interactive Brands Inc.) C:\Program Files\PDF Suite 2014\HelperService.exe (Interactive Brands Inc.) C:\Program Files\PDF Suite 2014\ConversionService.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe () C:\Users\Ken\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\CertifiedBrowserService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe () C:\Program Files\AVG Web TuneUp\vprot.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Microsoft Corporation) C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILFE.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILFE.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Corel, Inc.) C:\Program Files\Corel\Corel PaintShop Pro X6\Corel PaintShop Pro.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\.DEFAULT\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-25] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [skyDrive] => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-06-06] (Microsoft Corporation) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-636968676-1336760166-753583706-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION) AppInit_DLLs: C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL => C:\Program Files\Amazon\Amazon1ButtonApp\\AmazonExtIE.dll [141120 2014-02-22] (Amazon Inc.) Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://premium.raintoday.co.uk/ Toolbar: HKLM - PDF Suite 2014 Toolbar - {A0B8187A-4FC7-4973-907E-1A25BC8E91A5} - C:\Program Files\PDF Suite 2014\PDFIEPlugin.dll (Interactive Brands Inc.) Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKCU - No Name - {C1BB359F-FCB8-4F0C-9190-065983AF8382} - No File Toolbar: HKCU - No Name - {EE4015C9-30E2-45E6-8E9D-992B8FED39B4} - No File Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll (AVG Secure Search) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419 FF NewTab: hxxp://www.amazon.co.uk/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_uk_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_67fee61789584575ba98643a70dcfec5_39_1006_20140516_GB_ff_nt_sbinstall2 FF DefaultSearchEngine: Amazon FF SearchEngineOrder.1: Amazon FF SelectedSearchEngine: Amazon FF Homepage: https://dub127.mail.live.com/default.aspx?id=64855&owa=1&owasuffix=owa%2f FF Keyword.URL: hxxp://www.amazon.co.uk/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_uk_display?ie=UTF8&tagbase=bds-p23&tag=bds-p23-serp-uk-ff-21&tbrId=v1_abb-channel-23_67fee61789584575ba98643a70dcfec5_39_1006_20140516_GB_ff_ab_sbinstall2&query= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\3.1.0\\npsitesafety.dll No File FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Ken\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin HKCU: gamevenus.com/CertifiedBrowser - C:\Users\Ken\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies) FF Plugin ProgramFiles/Appdata: C:\Users\Ken\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml FF Extension: British English Dictionary (Updated) - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\en-gb@flyingtophat.co.uk [2013-10-23] FF Extension: Cookies Manager+ - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2013-09-18] FF Extension: SaveFrom.net helper - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\helper@savefrom.net.xpi [2014-02-08] FF Extension: Lightbeam - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-09-15] FF Extension: English (GB) Language Pack - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2013-09-26] FF Extension: Adblock Plus - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-23] FF Extension: BetterPrivacy - C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\emcu7iro.default-1378984542419\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-09-15] FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-03-26] FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.1.0.6 FF Extension: AVG Web TuneUp - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.1.0.6 [2014-07-07] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR StartupUrls: "hxxp://www.google.com" CHR DefaultSearchKeyword: securesearch CHR DefaultSearchProvider: SecureSearch CHR DefaultSearchURL: http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-14&hsimp=yhs-lavasoft&ent=ch&q={searchTerms} CHR DefaultNewTabURL: CHR Extension: (Docs) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07] CHR Extension: (YouTube) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-23] CHR Extension: (RealDownloader) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-23] CHR Extension: (FindWide Toolbar) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifnkmmomkfpcffhgpbkkijkonhcoemkd [2013-12-24] CHR Extension: (TidyNetwork) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\iioclfomkbdamhihdfgancpaflpmckoh [2013-12-24] CHR Extension: (Google Wallet) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-07] CHR Extension: (Gmail) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-23] CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-12-23] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY) R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1432080 2013-10-23] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.) R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1565880 2014-05-21] (Microsoft Corporation) R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-15] (SEIKO EPSON CORPORATION) R2 GManager; C:\Windows\system32\GManager.exe [222584 2011-08-03] () S3 ICVISS; C:\Program Files\Common Files\iCode Systems\VidCap\VISS\ICVISS.exe [180224 2011-09-14] (iCode Systems Limited) [File not signed] R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MCTDesktopSvr; C:\Program Files\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] () R2 MCTUISvr; C:\Program Files\MCT\VGA0007\Utility\MCTUISvr.exe [199296 2011-08-09] () R2 PDF Suite 2014 Helper Service; C:\Program Files\PDF Suite 2014\HelperService.exe [1144184 2013-12-10] (Interactive Brands Inc.) R2 PDF Suite 2014 Service; C:\Program Files\PDF Suite 2014\ConversionService.exe [853368 2013-12-10] (Interactive Brands Inc.) R2 PSI_SVC_2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG) R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-07-14] (AVG) R2 vToolbarUpdater3.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [1814040 2014-07-07] (AVG Secure Search) R2 YouTubeDownloaderConverter; C:\Users\Ken\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\CertifiedBrowserService.exe [104448 2013-07-02] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-07-07] (AVG Technologies) S3 DsAudioDevice_310; C:\Windows\System32\drivers\DsAudioDevice_310.sys [16640 2009-01-08] (Wondershare) [File not signed] S3 emAudio; C:\Windows\System32\drivers\emAudio.sys [24576 2008-04-03] (eMPIA Technology, Inc.) R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation) R3 mctkmd; C:\Windows\system32\drivers\mctkmd.sys [99456 2011-07-28] (Magic Control Technology Corporation) R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr.sys [17024 2011-04-08] (Magic Control Technology Corporation) R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-12-19] () R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software) R3 TW68XX; C:\Windows\System32\Drivers\TW68XX.sys [49440 2010-04-02] (Techwell) [File not signed] S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [583680 2010-08-20] (eMPIA Technology, Inc.) S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [840704 2010-08-20] (eMPIA Technology, Inc.) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation) R3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [27496 2013-01-25] (Wondershare) R3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [27496 2013-01-25] (Wondershare) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 netr28u; system32\DRIVERS\netr28u.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 15:57 - 2014-07-25 15:58 - 00022393 _____ () C:\Users\Ken\Downloads\FRST.txt 2014-07-25 15:57 - 2014-07-25 15:58 - 00000000 ____D () C:\FRST 2014-07-25 15:57 - 2014-07-25 15:57 - 01084416 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe 2014-07-25 08:02 - 2014-07-25 08:02 - 04813544 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup416.exe 2014-07-23 18:55 - 2014-07-23 19:11 - 00000000 ____D () C:\Users\Ken\Documents\Corel VideoStudio Pro 2014-07-23 18:52 - 2014-07-23 18:55 - 00000000 ____D () C:\ProgramData\Protexis 2014-07-23 18:44 - 2014-06-30 02:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-23 18:44 - 2014-06-30 02:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-23 18:42 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-07-23 18:36 - 2014-06-05 15:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel VideoStudio Pro X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel FastFlick X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001003 _____ () C:\Users\Public\Desktop\Corel ScreenCap X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X7 2014-07-23 18:28 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-07-23 18:28 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-07-23 18:28 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-07-23 18:28 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-07-23 18:28 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-07-23 18:28 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-07-23 18:28 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-07-23 18:28 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-07-23 18:28 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-07-23 18:28 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-07-23 18:28 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-07-23 18:28 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-07-23 18:28 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-07-23 18:28 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-07-23 18:28 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-07-23 18:28 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-07-23 18:28 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-07-23 18:28 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-07-23 18:28 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-07-23 18:28 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-07-23 18:28 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-07-23 18:28 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-07-23 18:28 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-07-23 18:28 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-07-23 18:28 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-07-23 18:28 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-07-23 18:28 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-07-23 18:28 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-07-23 18:28 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-07-23 18:28 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-07-23 18:28 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-07-23 18:28 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-07-23 18:28 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-07-23 18:28 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-07-23 18:28 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-07-23 18:28 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-07-23 18:28 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-07-23 18:28 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-07-23 18:28 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-07-23 18:28 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-07-23 18:28 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-07-23 18:28 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-07-23 18:28 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-07-23 18:28 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-07-23 18:28 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-07-23 18:28 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-07-23 18:28 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-07-23 18:28 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-07-23 18:28 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-07-23 18:28 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-07-23 18:28 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-07-23 18:28 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-07-23 18:28 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-07-23 18:28 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-07-23 18:28 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-07-23 18:28 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-07-23 18:28 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-07-23 18:28 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-07-23 18:28 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-07-23 18:28 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-07-23 18:28 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-07-23 18:28 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-07-23 18:28 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-07-23 18:28 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-07-23 18:27 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-07-23 18:27 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-07-23 18:27 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-07-23 18:27 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-07-23 18:27 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-07-23 18:27 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-07-23 18:27 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-07-23 18:27 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-07-23 18:27 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-07-23 17:54 - 2014-07-23 18:19 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB(1).exe 2014-07-23 17:46 - 2014-07-23 18:13 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB.exe 2014-07-22 16:44 - 2014-07-25 15:45 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-22 16:43 - 2014-07-22 16:43 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-07-22 16:43 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-22 16:43 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-22 16:43 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-22 16:42 - 2014-07-22 16:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-21 14:12 - 2014-07-25 15:13 - 00000000 ____D () C:\Users\Ken\AppData\Local\CrashDumps 2014-07-20 14:25 - 2014-07-20 14:25 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\vlc 2014-07-19 05:09 - 2014-07-19 05:09 - 00011734 ____H () C:\Users\Ken\Documents\~WRL0003.tmp 2014-07-17 11:19 - 2014-07-17 11:19 - 00000511 _____ () C:\Users\Ken\Documents\Have a problem.txt 2014-07-17 08:30 - 2014-07-17 08:30 - 00659968 _____ () C:\Users\Ken\Downloads\MicrosoftFixit50195.msi 2014-07-16 21:04 - 2014-07-16 21:05 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-16 21:04 - 2014-07-16 21:04 - 31892616 _____ (Microsoft Corporation) C:\Users\Ken\Downloads\EIE11_EN-US_WOL_WIN7.EXE 2014-07-15 16:17 - 2014-07-15 16:17 - 00134072 _____ () C:\Windows\ColorPic Uninstaller.exe 2014-07-15 16:17 - 2014-07-15 16:17 - 00000995 _____ () C:\Users\Ken\Desktop\ColorPic.lnk 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPic 4.1 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\ColorPic 4.1 2014-07-15 16:16 - 2014-07-15 16:16 - 00593294 _____ () C:\Users\Ken\Downloads\ColorPic.zip 2014-07-15 16:07 - 2014-07-15 16:07 - 00220021 _____ () C:\Users\Ken\Downloads\colorMatch.zip 2014-07-12 20:27 - 2014-07-14 11:26 - 00025400 _____ (AVG) C:\Windows\system32\authuitu.dll 2014-07-10 18:39 - 2014-07-10 21:29 - 00000000 __SHD () C:\Users\Ken\AppData\Roaming\.# 2014-07-09 16:51 - 2014-07-09 16:52 - 00000000 ____D () C:\Program Files\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 02143832 _____ () C:\Users\Ken\Downloads\instsf449.exe 2014-07-09 16:51 - 2014-07-09 16:51 - 00000965 _____ () C:\Users\Ken\Desktop\SpeedFan.lnk 2014-07-09 16:51 - 2014-07-09 16:51 - 00000045 _____ () C:\Windows\system32\initdebug.nfo 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-08 19:49 - 2014-07-08 19:52 - 04278968 _____ () C:\Users\Ken\Downloads\Shaking.wmv 2014-07-07 18:57 - 2014-07-12 23:29 - 00000000 ____D () C:\Users\Ken\Documents\JPD 2014-07-07 12:30 - 2014-07-07 12:30 - 00000000 ____D () C:\Users\Ken\AppData\Local\Adobe 2014-07-06 21:47 - 2014-07-06 21:47 - 00001013 _____ () C:\Users\Ken\Downloads\makdgrid.zip 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Topaz Labs 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Common Files\Topaz Labs 2014-07-04 14:30 - 2014-07-04 14:31 - 84100536 _____ () C:\Users\Ken\Downloads\topazdetail3_setup.exe 2014-07-04 14:29 - 2014-07-05 14:26 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro X6 Script Guide 2014-07-04 14:29 - 2014-07-04 14:29 - 06387728 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PSPX6_ScriptGuide.exe 2014-07-04 14:25 - 2014-07-04 14:26 - 85699664 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\Corel_KPT.exe 2014-07-04 13:13 - 2014-07-23 23:10 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Ulead Systems 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\AppData\Local\Corel PaintShop Pro 2014-07-04 13:11 - 2014-07-04 13:19 - 00001060 _____ () C:\Users\Public\Desktop\Corel PaintShop Pro X6.lnk 2014-07-04 13:11 - 2014-07-04 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6 2014-07-04 13:04 - 2014-07-04 13:06 - 257244424 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PaintShop_Pro_X6_Windows.exe 2014-07-04 12:53 - 2014-07-04 12:53 - 00929416 _____ (CNET Download.com) C:\Users\Ken\Downloads\cbsidlm-cbsi188-Corel_PaintShop_Pro-SEO-10001995.exe 2014-06-30 17:17 - 2014-06-30 17:17 - 00000000 ____D () C:\Users\Ken\Documents\New folder (2) 2014-06-26 20:23 - 2014-06-26 20:23 - 04812672 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup415.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 15:58 - 2014-07-25 15:57 - 00022393 _____ () C:\Users\Ken\Downloads\FRST.txt 2014-07-25 15:58 - 2014-07-25 15:57 - 00000000 ____D () C:\FRST 2014-07-25 15:57 - 2014-07-25 15:57 - 01084416 _____ (Farbar) C:\Users\Ken\Downloads\FRST.exe 2014-07-25 15:45 - 2014-07-22 16:44 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-25 15:13 - 2014-07-21 14:12 - 00000000 ____D () C:\Users\Ken\AppData\Local\CrashDumps 2014-07-25 15:12 - 2014-03-26 16:12 - 00000917 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {CEEF286C-285B-42CA-9EB0-369E2BB8C8B5}.job 2014-07-25 15:12 - 2014-03-26 16:12 - 00000731 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {CEEF286C-285B-42CA-9EB0-369E2BB8C8B5}.job 2014-07-25 15:01 - 2014-04-08 17:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-25 15:00 - 2014-03-26 16:00 - 00000917 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {F98982C2-5690-4505-9ABC-D7A9080844AB}.job 2014-07-25 15:00 - 2014-03-26 16:00 - 00000731 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {F98982C2-5690-4505-9ABC-D7A9080844AB}.job 2014-07-25 14:20 - 2013-07-24 12:17 - 00000000 ____D () C:\ProgramData\MFAData 2014-07-25 12:16 - 2014-04-18 14:47 - 00131584 ___SH () C:\Users\Ken\Downloads\Thumbs.db 2014-07-25 08:09 - 2013-07-24 09:35 - 01154819 ____N () C:\Windows\WindowsUpdate.log 2014-07-25 08:04 - 2014-02-14 13:26 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-25 08:04 - 2014-02-14 13:26 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-25 08:02 - 2014-07-25 08:02 - 04813544 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup416.exe 2014-07-24 08:31 - 2009-07-14 05:34 - 00026800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-24 08:31 - 2009-07-14 05:34 - 00026800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-24 08:24 - 2014-02-21 18:03 - 00000000 ___RD () C:\Users\Ken\OneDrive 2014-07-24 08:23 - 2013-08-02 12:27 - 00002764 _____ () C:\Windows\system32\GManager.ini 2014-07-24 08:23 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-23 23:10 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Ulead Systems 2014-07-23 21:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-07-23 19:38 - 2013-07-24 10:03 - 00000000 ____D () C:\Users\Ken\Documents\Manuals 2014-07-23 19:20 - 2009-07-14 05:33 - 00643912 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-23 19:18 - 2014-05-30 21:27 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-23 19:11 - 2014-07-23 18:55 - 00000000 ____D () C:\Users\Ken\Documents\Corel VideoStudio Pro 2014-07-23 18:56 - 2013-07-24 10:14 - 00215760 _____ () C:\Users\Ken\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-23 18:55 - 2014-07-23 18:52 - 00000000 ____D () C:\ProgramData\Protexis 2014-07-23 18:47 - 2013-07-24 09:49 - 00766336 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-23 18:39 - 2013-07-26 13:18 - 00000000 ____D () C:\ProgramData\Corel 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel VideoStudio Pro X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001008 _____ () C:\Users\Public\Desktop\Corel FastFlick X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00001003 _____ () C:\Users\Public\Desktop\Corel ScreenCap X7.lnk 2014-07-23 18:33 - 2014-07-23 18:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X7 2014-07-23 18:29 - 2013-07-26 13:18 - 00000000 ____D () C:\Program Files\Corel 2014-07-23 18:27 - 2013-09-03 14:11 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-23 18:19 - 2014-07-23 17:54 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB(1).exe 2014-07-23 18:13 - 2014-07-23 17:46 - 1895058984 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\VSX7_Pro_TBYB.exe 2014-07-23 09:50 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Computer Info 2014-07-23 09:47 - 2013-07-28 12:30 - 00000000 ____D () C:\Users\Ken\Documents\Facebook 2014-07-23 09:45 - 2013-12-20 17:32 - 00000000 ____D () C:\Users\Ken\Documents\Panasonic 2014-07-23 09:45 - 2013-09-04 12:25 - 00272384 ___SH () C:\Users\Ken\Documents\Thumbs.db 2014-07-22 16:43 - 2014-07-22 16:43 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-22 16:43 - 2014-07-22 16:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-07-22 16:42 - 2014-07-22 16:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-22 15:36 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Freerider 2014-07-20 19:35 - 2013-07-24 10:03 - 00000000 ____D () C:\Users\Ken\Documents\MoviePlus X6 2014-07-20 14:25 - 2014-07-20 14:25 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\vlc 2014-07-20 12:14 - 2013-12-24 16:50 - 00000000 ____D () C:\Users\Ken\Documents\Toshiba 2014-07-19 05:09 - 2014-07-19 05:09 - 00011734 ____H () C:\Users\Ken\Documents\~WRL0003.tmp 2014-07-18 08:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-07-17 14:08 - 2009-07-14 05:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-17 13:13 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-17 11:19 - 2014-07-17 11:19 - 00000511 _____ () C:\Users\Ken\Documents\Have a problem.txt 2014-07-17 08:30 - 2014-07-17 08:30 - 00659968 _____ () C:\Users\Ken\Downloads\MicrosoftFixit50195.msi 2014-07-16 21:54 - 2014-04-13 17:18 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2014-07-16 21:05 - 2014-07-16 21:04 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-07-16 21:04 - 2014-07-16 21:04 - 31892616 _____ (Microsoft Corporation) C:\Users\Ken\Downloads\EIE11_EN-US_WOL_WIN7.EXE 2014-07-15 16:53 - 2014-05-15 11:29 - 00000000 ____D () C:\ProgramData\install_clap 2014-07-15 16:52 - 2013-07-27 16:46 - 00000000 ____D () C:\Users\Ken\AppData\Local\Corel 2014-07-15 16:52 - 2013-07-24 18:31 - 00000000 ____D () C:\Windows\Panther 2014-07-15 16:17 - 2014-07-15 16:17 - 00134072 _____ () C:\Windows\ColorPic Uninstaller.exe 2014-07-15 16:17 - 2014-07-15 16:17 - 00000995 _____ () C:\Users\Ken\Desktop\ColorPic.lnk 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPic 4.1 2014-07-15 16:17 - 2014-07-15 16:17 - 00000000 ____D () C:\Program Files\ColorPic 4.1 2014-07-15 16:16 - 2014-07-15 16:16 - 00593294 _____ () C:\Users\Ken\Downloads\ColorPic.zip 2014-07-15 16:09 - 2014-03-18 15:50 - 00000000 ____D () C:\Users\Ken\Documents\Art 2014-07-15 16:07 - 2014-07-15 16:07 - 00220021 _____ () C:\Users\Ken\Downloads\colorMatch.zip 2014-07-14 11:26 - 2014-07-12 20:27 - 00025400 _____ (AVG) C:\Windows\system32\authuitu.dll 2014-07-14 11:26 - 2014-03-25 17:12 - 00035640 _____ (AVG) C:\Windows\system32\uxtuneup.dll 2014-07-14 11:26 - 2014-01-23 15:04 - 00036152 _____ (AVG) C:\Windows\system32\TURegOpt.exe 2014-07-12 23:29 - 2014-07-07 18:57 - 00000000 ____D () C:\Users\Ken\Documents\JPD 2014-07-12 20:26 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Gardening 2014-07-12 08:54 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-11 15:39 - 2014-05-23 17:23 - 00000000 ____D () C:\Users\Ken\Documents\Nathan 2014-07-10 21:29 - 2014-07-10 18:39 - 00000000 __SHD () C:\Users\Ken\AppData\Roaming\.# 2014-07-09 16:52 - 2014-07-09 16:51 - 00000000 ____D () C:\Program Files\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 02143832 _____ () C:\Users\Ken\Downloads\instsf449.exe 2014-07-09 16:51 - 2014-07-09 16:51 - 00000965 _____ () C:\Users\Ken\Desktop\SpeedFan.lnk 2014-07-09 16:51 - 2014-07-09 16:51 - 00000045 _____ () C:\Windows\system32\initdebug.nfo 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-09 16:51 - 2014-07-09 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-07-09 14:15 - 2013-07-24 10:02 - 00000000 ____D () C:\Users\Ken\Documents\Bread Maker 2014-07-09 08:01 - 2014-04-08 17:14 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-07-09 08:01 - 2014-04-08 17:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-07-08 20:44 - 2013-08-07 17:21 - 00015872 _____ () C:\Users\Ken\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-08 19:52 - 2014-07-08 19:49 - 04278968 _____ () C:\Users\Ken\Downloads\Shaking.wmv 2014-07-08 18:18 - 2013-07-24 09:47 - 00000000 ____D () C:\Users\Ken\AppData\Local\VirtualStore 2014-07-07 23:00 - 2013-07-24 10:10 - 00000000 ____D () C:\Users\Ken\Documents\Android 2014-07-07 15:03 - 2014-04-29 15:53 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys 2014-07-07 15:03 - 2014-04-29 15:53 - 00000000 _____ () C:\Program Files\Mozilla Firefoxwtu-secure-search.xml 2014-07-07 15:03 - 2014-04-29 15:52 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2014-07-07 14:34 - 2013-07-24 10:09 - 00000000 ____D () C:\Users\Ken\Documents\My Kindle Content 2014-07-07 12:30 - 2014-07-07 12:30 - 00000000 ____D () C:\Users\Ken\AppData\Local\Adobe 2014-07-07 12:29 - 2013-07-24 10:03 - 00000000 ____D () C:\Users\Ken\Documents\Labels 2014-07-06 21:47 - 2014-07-06 21:47 - 00001013 _____ () C:\Users\Ken\Downloads\makdgrid.zip 2014-07-05 14:26 - 2014-07-04 14:29 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro X6 Script Guide 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Topaz Labs 2014-07-04 14:31 - 2014-07-04 14:31 - 00000000 ____D () C:\Program Files\Common Files\Topaz Labs 2014-07-04 14:31 - 2014-07-04 14:30 - 84100536 _____ () C:\Users\Ken\Downloads\topazdetail3_setup.exe 2014-07-04 14:31 - 2013-07-24 15:51 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Adobe 2014-07-04 14:29 - 2014-07-04 14:29 - 06387728 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PSPX6_ScriptGuide.exe 2014-07-04 14:26 - 2014-07-04 14:25 - 85699664 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\Corel_KPT.exe 2014-07-04 13:19 - 2014-07-04 13:11 - 00001060 _____ () C:\Users\Public\Desktop\Corel PaintShop Pro X6.lnk 2014-07-04 13:19 - 2014-07-04 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\Documents\Corel PaintShop Pro 2014-07-04 13:13 - 2014-07-04 13:13 - 00000000 ____D () C:\Users\Ken\AppData\Local\Corel PaintShop Pro 2014-07-04 13:06 - 2014-07-04 13:04 - 257244424 _____ (Acresso Software Inc.) C:\Users\Ken\Downloads\PaintShop_Pro_X6_Windows.exe 2014-07-04 12:53 - 2014-07-04 12:53 - 00929416 _____ (CNET Download.com) C:\Users\Ken\Downloads\cbsidlm-cbsi188-Corel_PaintShop_Pro-SEO-10001995.exe 2014-07-04 12:33 - 2013-07-27 16:46 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys 2014-07-04 12:33 - 2013-07-24 10:09 - 00000000 ____D () C:\Users\Ken\Documents\My PSP Files 2014-07-02 16:55 - 2013-07-28 22:12 - 00000000 ____D () C:\Users\Ken\Documents\Kodak 2014-07-01 20:38 - 2013-10-17 15:46 - 00000000 ____D () C:\Users\Ken\Documents\All Recipes 2014-07-01 09:06 - 2014-06-18 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-06-30 17:17 - 2014-06-30 17:17 - 00000000 ____D () C:\Users\Ken\Documents\New folder (2) 2014-06-30 13:09 - 2013-07-24 10:10 - 00000000 ____D () C:\Users\Ken\Documents\PDF Files 2014-06-30 02:40 - 2014-07-23 18:44 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 02:36 - 2014-07-23 18:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-26 20:23 - 2014-06-26 20:23 - 04812672 _____ (Piriform Ltd) C:\Users\Ken\Downloads\ccsetup415.exe 2014-06-26 20:23 - 2014-02-14 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Files to move or delete: ==================== C:\Users\Ken\instmsiw.exe C:\Users\Ken\Setup.exe C:\Users\Ken\unicows.dll Some content of TEMP: ==================== C:\Users\Ken\AppData\Local\Temp\air2C56.exe C:\Users\Ken\AppData\Local\Temp\air2D87.exe C:\Users\Ken\AppData\Local\Temp\air4216.exe C:\Users\Ken\AppData\Local\Temp\air92E8.exe C:\Users\Ken\AppData\Local\Temp\airD434.exe C:\Users\Ken\AppData\Local\Temp\burnsetup.exe C:\Users\Ken\AppData\Local\Temp\debutsetup.exe C:\Users\Ken\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\Ken\AppData\Local\Temp\ICReinstall_ConverterLite-1.6.8.exe C:\Users\Ken\AppData\Local\Temp\ICReinstall_EasyConverterPro-0.2.0.0.exe C:\Users\Ken\AppData\Local\Temp\prismsetup_v2.10.exe C:\Users\Ken\AppData\Local\Temp\sfamcc00001.dll C:\Users\Ken\AppData\Local\Temp\sfextra.dll C:\Users\Ken\AppData\Local\Temp\topazfusion2_setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 08:17 ==================== End Of Log ============================Addition.txtCheckResults.txt
  5. I am so fed up with Malwarebytes telling me time after time, that my databases are out of date. I have followed the instructiions of how to overcome this problem. Over the last four days, I uninstalled and reinstalled the program. Scanned for malware, viruses and spyware. I am so fed up with these annoyances, because it is taking me away from other tasks, that if someone does NOT come up with a solution, I shall be uninstalling for the last time. I have been using MB for many, many years. A very unhappy user.
  6. Hi daledoc1. Many thanks for your reply Just as an addition, I ran malware, Spyware , AVG on my PC and found nothing suspicious. Going to look into this False Positive thing you mentioned.
  7. Hi all Come across something that is starting to annoy me. Every time I open up one ogf my favourites, Malwarebytes blocks IP 31.222.0.1 which I have traced to be the IP for Net1 GmbH, who are supposed to be a financial institution, based in Germany, with server in Belize. I am not trying to open up this IP, but I think it may have something to do with a pop-up. The way round is to disable Malwarebytes, whic has left me vunerable in the past. Everytime I disable and use the site, I carry out a clean-up after usuing the site. This is on my PC. Right, if I go to the same site on my laptop, I don't get a block from Malwarebytes and just leave things alone, just go through the annoying Pop-ups, which go after 20seconds. However, last Sunday, I went onto the site as usual to watch football and a new pop-up appeared. I could go now further, no matter what I did. This pop-up was telling me that my flash player needed updating. It looked like Adobe, so I tried the update. OMG, my laptop froze and that was it. Closed down and started a clean-up. Two hours later, these were the results: Malwarebyttes - 53 Objects, AVG - 7 Trojans, Spybot - 13 trackers. Now, I had only carried out a clean-up the day before. Can someone explain and advise why I get MB blocking me on my PC, but now on my lappy? Thanks and Happy new Year to you all .
  8. I am in the process of installing and running my programs after reverting back to Win 7 from Win 8, and when trying to run Malwarebytes,I get the following error message: Malwarebytes has stopped working - Check on line for a solution and close the program. After I click on the next button, the program just closes down and that;s it! Should I reinstall the program, or is there something else Ican do? Thanks.
  9. Hi Chris I posted - DDS.txt UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) If this is not correct, please advise which one it it Ken
  10. DDS.txt UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 26/01/2010 22:33:14 System Uptime: 22/01/2011 08:32:12 (5 hours ago) Motherboard: Packard Bell BV | | RC415 Processor: IntelĀ® PentiumĀ® D CPU 3.00GHz | CPU 1 | 3000/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 141 GiB total, 37.004 GiB free. D: is CDROM () E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is FIXED (NTFS) - 466 GiB total, 451.813 GiB free. K: is Removable ==== Disabled Device Manager Items ============= Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318} Description: Microsoft PS/2 Mouse Device ID: ACPI\PNP0F03\4&3860741C&0 Manufacturer: Microsoft Name: Microsoft PS/2 Mouse PNP Device ID: ACPI\PNP0F03\4&3860741C&0 Service: i8042prt Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318} Description: Conexant's BtPCI WDM Video Capture Device ID: ROOT\MEDIA\0000 Manufacturer: IllusionHope Name: Conexant's BtPCI WDM Video Capture PNP Device ID: ROOT\MEDIA\0000 Service: BT848 ==== System Restore Points =================== RP357: 06/01/2011 14:28:04 - Windows Update RP358: 07/01/2011 09:14:50 - Windows Update RP359: 11/01/2011 08:40:11 - Windows Update RP360: 11/01/2011 16:05:15 - Installed PCMSCAN RP362: 12/01/2011 13:05:04 - Quicksys RegDefrag RP363: 12/01/2011 16:45:04 - Removed Google Gears RP364: 12/01/2011 23:33:23 - Windows Update RP365: 14/01/2011 09:14:32 - Windows Update RP366: 18/01/2011 08:31:09 - Windows Update RP367: 20/01/2011 16:03:21 - Removed Drivers For Free. RP369: 20/01/2011 16:15:46 - Installed DirectX RP370: 21/01/2011 08:13:14 - Windows Update ==== Installed Programs ====================== 32 Bit HP CIO Components Installer Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.4.1 AIM 7 Amazon MP3 Downloader 1.0.9 Any DVD Cloner Express 1.1.5 Apple Application Support Apple Mobile Device Support Apple Software Update Belarc Advisor 8.1 Bonjour BufferChm CCleaner CD Recovery Toolbox Free 1.1 Copy Corel Paint Shop Pro Photo X2 D3DX10 deskUNPDF 3 Professional deskUNPDF 3 Standard Destinations DeviceDiscovery DJ_AIO_03_F2200_Software_Min DocProc Download Updater (AOL LLC) DTE DVD-Cloner V8.10 Build 1005 F2200 FileZilla Client 3.3.5.1 FreeOCR 3.0 Google Chrome Google Update Helper GPBaseService2 HP Customer Participation Program 13.0 HP Deskjet F2200 All-In-One Driver Software 13.0 Rel. 3 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Smart Web Printing 4.60 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant i-Catcher 3.0 i-Catcher Console 4.0 Java Auto Updater Java 6 Update 21 Junk Mail filter update KWorld Editing Device Driver KWorld USB 2860 Device Driver Licensing Service Install LightScribe Applications LightScribe Diagnostic Utility LightScribe System Software LightScribe Template Labeler Mahjong Escape Ancient China Malwarebytes' Anti-Malware MarketResearch McAfee SecurityCenter Metamorphosis Design Webmaster's Kit 1.0.6 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Expression Web 2 Microsoft Expression Web 2 MUI (English) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office XP Professional with FrontPage Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Windows Media Video 9 VCM Motorola Driver Installation 3.2.0 Mozilla Firefox (3.6.13) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) OCR Software by I.R.I.S. 13.0 OGA Notifier 2.0.0048.0 OneTouch Software OneTouch USB Driver PCMSCAN Philips Intelligent Agent Philips SPC230NC Webcam PL-2303 USB-to-Serial Promaxx Card Designer QuickTime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.0 Registry Mechanic 10.0 Revo Uninstaller Pro 2.4.3 RunAlyzer Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Serif PagePlus 11 Serif PagePlus 11 Resources Serif PhotoPlus X3 Ship Simulator 2008 Sky Broadband Skype
  11. Hi Have updated MBAM and here is the log: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5570 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 22/01/2011 13:41:46 mbam-log-2011-01-22 (13-41-46).txt Scan type: Quick scan Objects scanned: 152115 Time elapsed: 15 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Now to Run and Post DDS.txt
  12. Thought I had this one sorted out in October, but has come back to haunt me again. It only affects Google at the moment and presents itself as Woofi.info. Hope you can help. I am attaching DDS.txt, Attach.txt and ark.txt Ken ark.txt ark.txt DDS.txt
  13. Wow! Looks like I have a lot of work still to do, as I have mobility problems, I do all my banking and a lot of shopping online, so looks like I am going to be busy over the next day or too. Thank you for all your work and I shall certainly send you a donation via PayPal once I have sorted them out.
  14. At last! Here's the Log File. The Combofix window has shut down, so when can I get my firewall etc back up again? ComboFix.txt
  15. Thanks. Was wondering if you were going to be around today and dare I switch off. Just switched back on again.