Hi all,
Managed to pick up some nasty stuff while trying to find a video converter online. Thought the website was okay and scanned the exe file and it seemed okay, but I'm getting alerts all the time after this. I tried doing a system restore first, but every time it comes up with an error afterwards saying it was not properly done.
Although after the failed system restore, I'm not getting any of those alerts from my antivirus telling me it blocked a potential threat. Browser doesn't seem to be hijacked, I'm not getting redirected anywhere, and computer speed isn't any slower. I just want to make sure everything is okay right now. If you guys could help, that would be great!
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 15/01/2016
Scan Time: 4:49 PM
Logfile: Virus.txt
Administrator: Yes
Version: 2.2.0.1024
Malware Database: v2016.01.15.08
Rootkit Database: v2016.01.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: James
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 355780
Time Elapsed: 11 min, 1 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.MultiPlug, C:\Program Files (x86)\E85049A9-1452833669-0FDB-D893-88A48C83377B, Quarantined, [b83c83b65b3ed660bb20b01b6b98a759],
PUP.Optional.DNSio.BrwsrFlsh, C:\Program Files (x86)\WebDnsio, Quarantined, [47ad73c6287170c671a5299f659d8b75],
Files: 10
PUP.Optional.ConvertAd, C:\Users\James\AppData\Local\Temp\nsv32DC.tmp, Quarantined, [35bf4aeff6a38caae076894ed52cc43c],
Trojan.Agent.BHO, C:\Users\James\AppData\Local\Temp\nsvDCEA.tmp, Quarantined, [f7fdd861e0b9f34373a34e26748dcc34],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Users\James\AppData\Local\Temp\awhD00E.tmp, Quarantined, [e41046f3524782b44357032a50b1e51b],
PUP.Optional.EasyDriverPro, C:\Users\James\AppData\Local\Temp\awhD09C.tmp, Quarantined, [896bb584d9c086b0bb435f6ba75aec14],
PUP.Optional.MyBestOffersToday, C:\Users\James\AppData\Local\Temp\awhD198.tmp, Quarantined, [a54fef4a5049f54106bbdce9fe030df3],
Adware.EoRezo.Gen, C:\Users\James\AppData\Local\Temp\awhD1D7.tmp, Quarantined, [29cb05343d5c0036b92792408879ff01],
PUP.Optional.TrailerTime, C:\Users\James\AppData\Local\Temp\awhD228.tmp, Quarantined, [c52f61d8cacf3303da030ac1e12030d0],
PUP.Optional.MultiPlug, C:\Program Files (x86)\E85049A9-1452833669-0FDB-D893-88A48C83377B\knsb96B3.tmpfs, Quarantined, [b83c83b65b3ed660bb20b01b6b98a759],
PUP.Optional.MultiPlug, C:\Program Files (x86)\E85049A9-1452833669-0FDB-D893-88A48C83377B\Number of results, Quarantined, [b83c83b65b3ed660bb20b01b6b98a759],
PUP.Optional.MultiPlug, C:\Program Files (x86)\E85049A9-1452833669-0FDB-D893-88A48C83377B\vnsg2F0A.tmp, Quarantined, [b83c83b65b3ed660bb20b01b6b98a759],
Physical Sectors: 0
(No malicious items detected)
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18163 BrowserJavaVersion: 10.55.2
Run by James at 17:02:53 on 2016-01-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7967.5454 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Users\James\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\WinMsgBalloonServer.exe
C:\Windows\SysWOW64\WinMsgBalloonClient.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - <orphaned>
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [F.lux] "C:\Users\James\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\James\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
dRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{961576D5-9C0E-4346-8F64-3A3EEA30614E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{961576D5-9C0E-4346-8F64-3A3EEA30614E}\4646D2772747 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9DC48570-B666-4AB8-B311-9A79F390F76D} : DHCPNameServer = 192.168.1.1
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\31v7tnao.default-1411257059566\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\James\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: C:\Users\James\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\James\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll
.
============= SERVICES / DRIVERS ===============
.
R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2012-1-27 280656]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-4 65224]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-9-4 273784]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-6-3 52760]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-7-20 1055560]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2012-7-20 451040]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-5-18 283200]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-1-27 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-27 204288]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2011-5-13 128904]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-4-25 28656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2012-7-20 97648]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-4-25 155304]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-1-14 226440]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-7-3 122072]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-7-3 384728]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-7-3 773848]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-1-8 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-1-8 1773696]
R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-1-15 1513784]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-1-15 1135416]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-1-27 1128952]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-9-5 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-9-5 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-9-5 171928]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-1-27 231440]
R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2014-5-9 224720]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-1-15 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-1-15 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-1-15 63704]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-27 565352]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2015-2-17 237064]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2012-1-27 136000]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2012-1-27 409408]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-1-27 47232]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-7-3 405208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 HP Support Assistant Service;HP Support Assistant Service;"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" --> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 AvastVBoxSvc;AvastVBox COM Service;"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" --> C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [?]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2012-1-27 349736]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-1-27 39464]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-1-14 114688]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2016-01-16 00:01:12 79064 ----a-w- C:\Windows\System32\drivers\onubbstv.sys
2016-01-15 23:49:00 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-01-15 23:48:36 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-01-15 23:48:36 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-01-15 23:48:36 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-01-15 23:48:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-15 10:24:32 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{21923091-06F9-42A3-B5AB-0F95BC37AFA5}\offreg.6132.dll
2016-01-15 08:43:36 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{21923091-06F9-42A3-B5AB-0F95BC37AFA5}\mpengine.dll
2016-01-15 06:38:02 11154520 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2016-01-15 06:27:59 79872 ----a-w- C:\Windows\SysWow64\MP3DMOD.DLL
2016-01-15 06:21:54 405504 ----a-w- C:\Windows\System32\gdi32.dll
2016-01-15 05:53:55 43112 ----a-w- C:\Windows\avastSS.scr
2016-01-15 05:06:11 -------- d-----w- C:\Users\James\AppData\Roaming\CleanBrowser
2016-01-15 04:56:00 -------- d-----w- C:\Users\James\AppData\Local\E85049A9-1452808560-0FDB-D893-88A48C83377B
2016-01-15 01:06:16 -------- d-----w- C:\Users\James\AppData\Roaming\Faasoft Video Converter
2016-01-13 06:05:55 1393152 ----a-w- C:\Windows\System32\WMALFXGFXDSP.dll
2016-01-13 06:05:55 1393152 ----a-w- C:\Windows\System32\WMALFXGFXDSP(115).dll
2016-01-07 04:12:10 -------- d-s---w- C:\Windows\SysWow64\Microsoft
.
==================== Find3M ====================
.
2016-01-15 05:54:39 97648 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys
2016-01-15 05:53:57 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2016-01-15 05:53:57 65224 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2016-01-15 05:53:57 28656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2016-01-15 05:53:57 273784 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2016-01-15 05:53:57 155304 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2016-01-15 05:53:51 1055560 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2016-01-04 08:09:09 796864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-01-04 08:09:09 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-30 19:08:35 5572544 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-12-30 19:08:34 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-12-30 19:08:34 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-12-30 19:05:33 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-12-30 19:02:28 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-12-30 19:02:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-12-30 19:02:28 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-12-30 19:02:17 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-12-30 19:02:13 210432 ----a-w- C:\Windows\System32\wdigest.dll
2015-12-30 19:02:03 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2015-12-30 19:01:56 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2015-12-30 19:01:56 135680 ----a-w- C:\Windows\System32\sspicli.dll
2015-12-30 19:01:55 503808 ----a-w- C:\Windows\System32\srcore.dll
2015-12-30 19:01:55 50176 ----a-w- C:\Windows\System32\srclient.dll
2015-12-30 19:01:14 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-12-30 19:01:12 344064 ----a-w- C:\Windows\System32\schannel.dll
2015-12-30 19:01:10 1214464 ----a-w- C:\Windows\System32\rpcrt4.dll
2015-12-30 19:00:23 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2015-12-30 18:59:11 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2015-12-30 18:59:07 315392 ----a-w- C:\Windows\System32\msv1_0.dll
2015-12-30 18:59:02 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-12-30 18:58:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-12-30 18:58:00 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2015-12-30 18:57:55 729600 ----a-w- C:\Windows\System32\kerberos.dll
2015-12-30 18:57:55 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2015-12-30 18:55:46 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2015-12-30 18:55:45 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2015-12-30 18:55:44 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-12-30 18:47:23 3993536 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-12-30 18:47:23 3938240 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-12-30 18:44:26 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-12-30 18:41:32 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-12-30 18:41:31 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-12-30 18:41:31 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-12-30 18:41:31 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-12-30 18:41:17 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-12-30 18:41:11 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-12-30 18:41:03 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-12-30 18:40:29 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-12-30 18:40:28 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-12-30 18:39:38 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-12-30 18:39:35 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-12-30 18:39:32 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-12-30 18:39:17 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-12-30 18:38:56 552960 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-12-30 18:38:11 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-12-30 17:57:51 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-12-30 17:50:50 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-12-30 17:49:09 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-12-30 17:44:49 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-12-30 17:43:39 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-12-30 17:42:48 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-12-30 17:42:41 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-12-30 17:41:07 30720 ----a-w- C:\Windows\System32\lsass.exe
2015-12-30 17:41:00 112640 ----a-w- C:\Windows\System32\smss.exe
2015-12-30 17:32:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-12-30 17:32:53 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-12-30 17:32:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2015-12-30 17:32:51 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-12-30 17:30:55 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2015-12-30 17:30:40 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-12-30 17:30:40 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-12-30 17:30:40 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-12-30 17:30:40 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-12-12 18:31:10 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-12-12 18:30:59 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-12-12 18:16:29 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-12-12 18:15:46 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-12-12 18:15:40 417792 ----a-w- C:\Windows\System32\html.iec
2015-12-12 18:15:09 571904 ----a-w- C:\Windows\System32\vbscript.dll
2015-12-12 18:14:59 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-12-12 18:07:27 6051328 ----a-w- C:\Windows\System32\jscript9.dll
2015-12-12 18:02:34 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-12-12 18:02:34 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-12-12 18:02:19 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-12-12 17:55:26 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-12-12 17:49:57 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-12-12 17:44:06 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-12-12 17:37:41 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-12-12 17:37:39 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-12-12 17:37:05 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-12-12 17:36:57 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-12-12 17:36:04 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-12-12 17:27:24 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-12-12 17:27:04 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-12-12 17:21:12 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-12-12 17:20:50 2123264 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-12-12 17:14:57 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-12-12 17:09:47 4610560 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-12-12 17:06:02 2487808 ----a-w- C:\Windows\System32\wininet.dll
2015-12-12 17:00:20 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
.
============= FINISH: 17:03:38.83 ===============
Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java 7 Update 55
Java version 32-bit out of Date!
Adobe Flash Player 20.0.0.267
Mozilla Firefox (42.0)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Spybot Teatimer.exe is disabled!
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
Thank you again!
Edited by Computer Problems, 15 January 2016 - 06:24 PM.