Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Security certificate errors for many sites from multiple browsers [Clo

Started by Acporter , Aug 26 2014 09:35 AM

  • This topic is locked This topic is locked

#1
Acporter
Posted 26 August 2014 - 09:35 AM

Acporter

    New Member

  • Member
  • Pip
  • 3 posts

Hi there,

 

Issues experienced as described in topic title.

 

Error mssage displayed in IE9 is:

There is a problem with this website's security certificate.

 

 

The security certificate presented by this website has expired or is not yet valid.

 

 

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. 

 

  We recommend that you close this webpage and do not continue to this website. 

 

Help much appreciated! Please do ask if any other info is required. Here is the log from my OTL quick scan:

 

OTL logfile created on: 26/01/2014 16:39:55 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\a.porter\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.88 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 44.28% Memory free
11.69 Gb Paging File | 9.50 Gb Available in Paging File | 81.29% Paging File free
Paging file location(s): c:\pagefile.sys 8000 8001 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 22.44 Gb Free Space | 20.09% Space Free | Partition Type: NTFS
 
Computer Name: BW-STAFFLAP-109 | User Name: a.porter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/01/26 16:15:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\a.porter\Desktop\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/05/13 13:45:19 | 000,196,512 | ---- | M] () -- C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
MOD - [2010/03/24 20:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/11 09:22:31 | 000,185,280 | ---- | M] (McAfee, Inc.) [Auto | Unknown] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/06/11 09:22:30 | 000,242,448 | ---- | M] () [Auto | Unknown] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2013/04/24 14:16:16 | 001,852,400 | ---- | M] (GlavSoft LLC.) [Auto | Unknown] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV:64bit: - [2012/08/02 11:24:32 | 000,050,280 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Program Files\Microsoft Policy Platform\policyHost.exe -- (lppsvc)
SRV:64bit: - [2012/08/02 11:24:32 | 000,050,280 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Program Files\Microsoft Policy Platform\policyHost.exe -- (lpasvc)
SRV:64bit: - [2012/05/03 04:33:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Unknown] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 01:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/07/12 18:08:17 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/13 13:47:04 | 000,036,864 | ---- | M] (Microsoft) [Auto | Unknown] -- C:\Program Files (x86)\ClickView\ClickView Library\ClickViewDVRRecordService.exe -- (ClickView DVR Record Service)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Unknown] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Unknown] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Unknown] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/02/08 03:18:42 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Unknown] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/01/15 19:08:00 | 000,208,416 | ---- | M] (McAfee, Inc.) [Auto | Unknown] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2013/09/27 16:06:00 | 000,133,152 | ---- | M] (McAfee, Inc.) [Auto | Unknown] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2013/05/14 12:20:43 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Unknown] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/04/10 06:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Unknown] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/28 12:14:40 | 000,277,640 | ---- | M] (Intel Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/12/18 19:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Unknown] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/21 03:00:00 | 001,840,208 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\CCM\CcmExec.exe -- (CcmExec)
SRV - [2012/11/21 03:00:00 | 000,633,952 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\CCM\RemCtrl\CmRcService.exe -- (CmRcService)
SRV - [2012/11/21 03:00:00 | 000,402,000 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\CCM\TSManager.exe -- (smstsmgr)
SRV - [2012/03/21 14:26:04 | 000,580,976 | ---- | M] (SMART Technologies) [Disabled | Unknown] -- C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe -- (SMARTHelperService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Unknown] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/03/20 15:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [Disabled | Unknown] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/11 09:22:31 | 000,782,968 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/06/11 09:22:31 | 000,344,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/06/11 09:22:31 | 000,107,032 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2014/06/11 09:22:30 | 000,311,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/06/11 09:22:30 | 000,180,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/01/26 16:08:19 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2013/08/06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/03/06 17:35:12 | 000,805,088 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/12/12 15:42:28 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/11/21 21:53:36 | 000,026,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\PrepDrv.sys -- (prepdrvr)
DRV:64bit: - [2012/07/02 14:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/05/20 16:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/20 16:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/09 04:06:42 | 000,293,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/05/03 04:33:12 | 002,196,592 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012/03/21 14:26:40 | 000,013,168 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\SMARTMouseFilterx64.sys -- (SMARTMouseFilterx64)
DRV:64bit: - [2012/03/21 14:26:32 | 000,024,944 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\SMARTVTabletPCx64.sys -- (SMARTVTabletPCx64)
DRV:64bit: - [2012/03/21 14:26:30 | 000,016,368 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\SMARTVHidMiniVistaAmd64.sys -- (SMARTVHidMiniVistaAmd64)
DRV:64bit: - [2012/02/20 04:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2011/04/22 12:42:24 | 001,143,400 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/21 03:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 03:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 03:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 03:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 03:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 03:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/21 03:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/03/10 17:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/27 06:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/19 05:03:24 | 001,057,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\rt2870.sys -- (rt2870)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/07/13 23:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Unknown] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.co.uk/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CB 52 CA 93 AE 1A CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ho-proxy2:8080
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@autograph-maths.com/Autograph Player Plugin: C:\Program Files (x86)\Autograph 3.3\WebPlayer\npagraph.dll (Eastmond Publishing Ltd.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2014/06/15 13:01:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/20 10:02:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/05/13 13:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/08/05 08:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/04/10 06:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/10 06:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/10 06:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Earth = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jieopfhnlbjmbpckpdhfdedccdmngdac\1.6_0\
CHR - Extension: Google Wallet = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\a.porter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20140611102312.dll (McAfee, Inc.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20140611102317.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKCU..\Run: [Yperfo] C:\Users\a.porter\AppData\Local\Temp\Ozupuh\yperfo.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Security present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SQM present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UseDefaultTile = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 1 = "\\bw-apps.learners.bc.local\PC_Usage$\LogEntry.exe" "\\bw-apps.learners.bc.local\PC_Usage$\LogFiles" "\\bw-apps.learners.bc.local\PC_Usage$\LogArgs.dat"
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DefaultLogonDomain = STAFF
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ShutdownSessionTimeout = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceRunOnStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentProgForNewUserInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: PreventItemCreationInUsersFilesFolder = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoRedock = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Wallpaper = c:\windows\barnfield\wallpaper\wallpaper.jpg ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 1
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1390752136337 (MUCatalogWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = learners.bc.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{000E7112-99DB-4464-AE76-7CE94E872EDB}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{296503B9-F04D-4E8A-9D77-1BED3072B342}: DhcpNameServer = 10.114.0.20 10.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66B8D68F-1409-4ACF-88FF-AABC843FE8A0}: DhcpNameServer = 10.114.0.20 10.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{936C0E69-B1BF-4673-B94A-3B73316D9985}: DhcpNameServer = 10.114.0.20 10.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E9F4B80-00D7-4926-A515-3B3161F1E965}: DhcpNameServer = 10.114.0.40 10.2.0.3 10.114.0.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDBEE528-D258-410C-950A-DD6FCA2593B9}: DhcpNameServer = 10.114.0.20 10.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5610DDA-8151-4209-B0AC-334756805516}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/25 13:25:49 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2014/07/27 15:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/07/27 15:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/07/27 15:25:55 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Store
[2014/07/27 15:25:44 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Nosibay
[2014/07/27 15:24:30 | 000,000,000 | ---D | C] -- C:\Quarantine
[2014/07/27 15:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\005
[2014/07/27 15:23:28 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\globalUpdate
[2014/07/27 15:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/07/27 15:17:39 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\BitTorrent
[2014/07/14 17:08:09 | 000,000,000 | R--D | C] -- C:\Users\a.porter\OneDrive
[2014/07/14 17:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2014/07/12 17:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/06/11 08:53:25 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Skype
[2014/06/11 08:53:23 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Skype
[2014/06/11 08:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/06/11 08:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/06/11 08:53:19 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/06/11 08:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/05/29 21:39:39 | 000,000,000 | ---D | C] -- C:\Test2
[2014/05/29 21:39:24 | 000,000,000 | ---D | C] -- C:\Test
[2014/05/27 15:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2014/05/05 19:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2014/04/27 18:02:10 | 000,000,000 | RH-D | C] -- C:\Users\a.porter\AppData\Roaming\SecuROM
[2014/04/27 17:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2014/04/27 17:15:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Electronic Arts
[2014/04/27 14:01:53 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2014/04/27 10:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2014/04/27 10:55:52 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Origin
[2014/04/27 10:55:51 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Origin
[2014/04/27 10:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014/04/27 10:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2014/04/27 10:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014/04/27 10:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2014/04/03 12:58:10 | 000,241,432 | ---- | C] (MainConcept AG) -- C:\Windows\SysWow64\mpegin.dll
[2014/04/03 10:48:59 | 000,000,000 | ---D | C] -- C:\Users\a.porter\.idlerc
[2014/04/03 10:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
[2014/04/03 10:46:26 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\.distlib
[2014/04/03 10:45:49 | 000,000,000 | ---D | C] -- C:\Python34
[2014/04/03 10:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickView
[2014/04/03 10:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ClickView
[2014/04/01 18:37:43 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\dvdcss
[2014/04/01 18:11:40 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\vlc
[2014/04/01 18:10:19 | 000,000,000 | ---D | C] -- C:\Users\a.porter\.thumb
[2014/03/29 10:23:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/03/29 10:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/03/28 18:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2014/03/28 18:31:29 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Audacity
[2014/03/28 18:30:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2014/03/28 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Programs
[2014/03/16 18:24:08 | 002,733,056 | ---- | C] (Python Software Foundation) -- C:\Windows\SysWow64\python34.dll
[2014/03/16 18:23:10 | 000,102,400 | ---- | C] (Python Software Foundation) -- C:\Windows\py.exe
[2014/03/16 18:23:08 | 000,102,912 | ---- | C] (Python Software Foundation) -- C:\Windows\pyw.exe
[2014/03/15 19:42:13 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Sega
[2014/03/08 17:00:30 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Apple Computer
[2014/03/08 17:00:17 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Apple Computer
[2014/02/23 15:22:54 | 000,000,000 | ---D | C] -- C:\My Documents
[2014/02/23 15:22:53 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\SMART Technologies Inc
[2014/02/23 15:22:53 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\SMART Technologies Inc
[2014/02/23 15:22:51 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\SMART Technologies
[2014/02/23 15:22:45 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\SMART Technologies
[2014/02/23 15:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014/02/21 14:29:24 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Qwizdom
[2014/02/21 14:29:24 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Microsoft_Corporation
[2014/02/21 14:29:20 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Qwizdom
[2014/02/20 10:30:03 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\assembly
[2014/02/20 10:30:00 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Deployment
[2014/02/20 10:30:00 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Apps
[2014/02/20 10:29:58 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Macromedia
[2014/02/20 06:59:00 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Apple
[2014/02/17 17:08:47 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2014/02/17 12:58:34 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Adobe
[2014/02/16 20:21:39 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\3909
[2014/02/16 13:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2014/02/16 13:34:19 | 000,000,000 | R--D | C] -- C:\Users\a.porter\SkyDrive
[2014/02/16 13:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/02/16 13:08:52 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Daedalic Entertainment
[2014/02/16 13:08:13 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Electronic Arts
[2014/02/16 13:05:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014/02/16 12:33:47 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\library_dir
[2014/02/16 12:33:28 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Raptr
[2014/02/14 19:29:53 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Adobe
[2014/02/14 19:28:52 | 000,000,000 | ---D | C] -- C:\Users\a.porter\Desktop\APPS
[2014/02/14 17:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/02/14 17:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/02/14 17:09:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014/02/14 17:06:21 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Google
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\AppData\Local\Temporary Internet Files
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\Templates
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\Start Menu
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\SendTo
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\Recent
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\PrintHood
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\NetHood
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\My Documents
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\Local Settings
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\AppData\Local\History
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\Cookies
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\Application Data
[2014/02/14 12:46:04 | 000,000,000 | -HSD | C] -- C:\Users\a.porter\AppData\Local\Application Data
[2014/02/14 12:46:02 | 000,000,000 | --SD | C] -- C:\Users\a.porter\AppData\Roaming\Microsoft
[2014/02/14 12:46:02 | 000,000,000 | RH-D | C] -- C:\Users\a.porter\Videos
[2014/02/14 12:46:02 | 000,000,000 | RH-D | C] -- C:\Users\a.porter\Pictures
[2014/02/14 12:46:02 | 000,000,000 | RH-D | C] -- C:\Users\a.porter\Music
[2014/02/14 12:46:02 | 000,000,000 | RH-D | C] -- C:\Users\a.porter\Documents
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\Searches
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\Saved Games
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\Links
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\Favorites
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\Downloads
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\Desktop
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\Contacts
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/02/14 12:46:02 | 000,000,000 | R--D | C] -- C:\Users\a.porter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/14 12:46:02 | 000,000,000 | -H-D | C] -- C:\Users\a.porter\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/02/14 12:46:02 | 000,000,000 | -H-D | C] -- C:\Users\a.porter\AppData
[2014/02/14 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\TightVNC
[2014/02/14 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Temp
[2014/02/14 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Microsoft Help
[2014/02/14 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\Microsoft
[2014/02/14 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\McAfee
[2014/02/14 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Macromedia
[2014/02/14 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\Identities
[2014/01/26 16:15:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\a.porter\Desktop\OTL.exe
[2014/01/26 15:55:55 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/26 15:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/01/26 15:55:35 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/01/26 15:55:35 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/01/26 15:55:35 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/26 15:55:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/01/26 15:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/26 12:03:01 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/24 12:02:07 | 000,056,832 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
[2014/01/24 12:02:07 | 000,056,320 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
[2014/01/17 19:51:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/25 21:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/22 15:23:48 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/07/27 15:29:20 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/07/27 15:27:57 | 000,001,690 | ---- | M] () -- C:\Windows\SysWow64\${LOGFILE}
[2014/07/27 15:26:59 | 000,000,004 | ---- | M] () -- C:\end
[2014/07/27 15:24:41 | 000,001,862 | ---- | M] () -- C:\Users\a.porter\Desktop\Search.lnk
[2014/07/12 16:47:17 | 002,387,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/12 16:46:11 | 000,002,293 | ---- | M] () -- C:\Users\Public\Desktop\ClickView Library Manager.lnk
[2014/06/17 17:27:23 | 000,001,508 | ---- | M] () -- C:\Users\a.porter\Desktop\BWA - CLICK IF YOU HAVE NO DRIVE MAPPINGS.lnk
[2014/06/17 17:27:23 | 000,001,476 | ---- | M] () -- C:\Users\a.porter\Desktop\My LRC.lnk
[2014/06/17 17:27:23 | 000,001,176 | ---- | M] () -- C:\Users\a.porter\Desktop\Service Desk.lnk
[2014/06/17 17:27:23 | 000,001,146 | ---- | M] () -- C:\Users\a.porter\Desktop\StudentNet.lnk
[2014/06/17 13:04:33 | 000,039,623 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/06/11 09:22:31 | 000,782,968 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2014/06/11 09:22:31 | 000,344,176 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2014/06/11 09:22:31 | 000,185,280 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2014/06/11 09:22:31 | 000,121,896 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\MfeOtlkAddin.dll
[2014/06/11 09:22:31 | 000,107,032 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2014/06/11 09:22:31 | 000,011,208 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2014/06/11 09:22:30 | 000,311,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2014/06/11 09:22:30 | 000,180,272 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2014/06/11 09:22:29 | 000,094,080 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysWow64\MfeOtlkAddin.dll
[2014/06/11 09:22:29 | 000,025,088 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysWow64\MFEOtlk.dll
[2014/06/11 08:53:20 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/06/06 22:28:26 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/06 22:28:26 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014/05/21 14:12:28 | 000,001,220 | ---- | M] () -- C:\Windows\SysNative\ricdb.ini
[2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/12 07:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/27 14:01:26 | 000,447,752 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2014/04/18 16:32:03 | 000,001,279 | ---- | M] () -- C:\Users\a.porter\Desktop\Conversation bot.py
[2014/04/04 07:52:34 | 000,001,983 | ---- | M] () -- C:\Users\a.porter\Desktop\ClickView Player.lnk
[2014/04/03 12:58:10 | 000,241,432 | ---- | M] (MainConcept AG) -- C:\Windows\SysWow64\mpegin.dll
[2014/03/29 11:19:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2014/03/28 12:07:42 | 000,770,754 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/20 11:21:35 | 000,001,141 | ---- | M] () -- C:\Users\a.porter\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/03/16 18:24:08 | 002,733,056 | ---- | M] (Python Software Foundation) -- C:\Windows\SysWow64\python34.dll
[2014/03/16 18:23:10 | 000,102,400 | ---- | M] (Python Software Foundation) -- C:\Windows\py.exe
[2014/03/16 18:23:08 | 000,102,912 | ---- | M] (Python Software Foundation) -- C:\Windows\pyw.exe
[2014/02/16 13:29:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/02/14 12:46:59 | 000,001,447 | ---- | M] () -- C:\Users\a.porter\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/14 12:46:45 | 000,001,916 | ---- | M] () -- C:\Users\a.porter\Desktop\ForSkills.lnk
[2014/02/14 12:46:45 | 000,001,508 | ---- | M] () -- C:\Users\a.porter\Desktop\BWA - ICT Rooms Printer fix for STAFF.lnk
[2014/02/14 12:46:45 | 000,001,142 | ---- | M] () -- C:\Users\a.porter\Desktop\ProMonitor.lnk
[2014/02/14 12:46:45 | 000,001,132 | ---- | M] () -- C:\Users\a.porter\Desktop\BWA Frog.lnk
[2014/02/14 12:46:44 | 000,001,916 | ---- | M] () -- C:\Users\a.porter\Desktop\My BlueNet.lnk
[2014/02/14 12:46:44 | 000,001,914 | ---- | M] () -- C:\Users\a.porter\Desktop\My bluePOINT.lnk
[2014/02/14 12:46:44 | 000,001,186 | ---- | M] () -- C:\Users\a.porter\Desktop\My Webmail.lnk
[2014/02/14 12:46:44 | 000,001,154 | ---- | M] () -- C:\Users\a.porter\Desktop\StaffNET.lnk
[2014/02/14 12:46:44 | 000,001,099 | ---- | M] () -- C:\Users\a.porter\Desktop\MS Word 2010.lnk
[2014/02/14 12:46:43 | 000,001,106 | ---- | M] () -- C:\Users\a.porter\Desktop\MS PowerPoint 2010.lnk
[2014/02/14 12:46:43 | 000,001,099 | ---- | M] () -- C:\Users\a.porter\Desktop\MS Outlook 2010.lnk
[2014/02/14 12:46:43 | 000,001,087 | ---- | M] () -- C:\Users\a.porter\Desktop\MS Publisher 2010.lnk
[2014/02/14 12:46:43 | 000,001,087 | ---- | M] () -- C:\Users\a.porter\Desktop\MS Excel 2010.lnk
[2014/02/14 12:46:43 | 000,001,075 | ---- | M] () -- C:\Users\a.porter\Desktop\MS Picture Manager.lnk
[2014/02/14 12:46:42 | 000,001,900 | ---- | M] () -- C:\Users\a.porter\Desktop\Barnfield Website.lnk
[2014/02/14 12:46:42 | 000,001,894 | ---- | M] () -- C:\Users\a.porter\Desktop\Internet Explorer.lnk
[2014/02/14 12:46:42 | 000,001,871 | ---- | M] () -- C:\Users\a.porter\Desktop\Mozilla Firefox.lnk
[2014/02/14 12:46:42 | 000,001,158 | ---- | M] () -- C:\Users\a.porter\Desktop\BWA Portal.lnk
[2014/02/14 12:46:42 | 000,001,106 | ---- | M] () -- C:\Users\a.porter\Desktop\MS Access 2010.lnk
[2014/02/14 12:46:41 | 000,002,342 | ---- | M] () -- C:\Users\a.porter\Desktop\Support Info.lnk
[2014/02/14 12:46:30 | 000,013,456 | RHS- | M] () -- C:\Users\a.porter\ntuser.pol
[2014/01/28 15:41:07 | 000,000,153 | ---- | M] () -- C:\Windows\sims.ini
[2014/01/26 16:15:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\a.porter\Desktop\OTL.exe
[2014/01/26 16:11:42 | 000,785,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/26 16:11:42 | 000,669,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/26 16:11:42 | 000,126,858 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/26 16:09:50 | 000,000,586 | ---- | M] () -- C:\Windows\SMSCFG.ini
[2014/01/26 16:08:24 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/26 16:08:19 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/26 16:08:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/26 16:07:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/26 16:07:10 | 000,019,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 16:07:10 | 000,019,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 15:55:43 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/27 15:29:20 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/07/27 15:27:46 | 000,001,690 | ---- | C] () -- C:\Windows\SysWow64\${LOGFILE}
[2014/07/27 15:25:58 | 000,000,004 | ---- | C] () -- C:\end
[2014/07/27 15:24:41 | 000,001,862 | ---- | C] () -- C:\Users\a.porter\Desktop\Search.lnk
[2014/07/12 16:46:11 | 000,002,293 | ---- | C] () -- C:\Users\Public\Desktop\ClickView Library Manager.lnk
[2014/06/11 08:53:20 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/06/11 08:51:43 | 000,001,508 | ---- | C] () -- C:\Users\a.porter\Desktop\BWA - CLICK IF YOU HAVE NO DRIVE MAPPINGS.lnk
[2014/05/11 14:24:33 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/14 18:56:27 | 000,001,279 | ---- | C] () -- C:\Users\a.porter\Desktop\Conversation bot.py
[2014/04/04 07:52:34 | 000,001,983 | ---- | C] () -- C:\Users\a.porter\Desktop\ClickView Player.lnk
[2014/03/29 11:19:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2014/03/28 18:30:48 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014/03/28 18:30:48 | 000,000,876 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2014/03/20 11:21:35 | 000,001,141 | ---- | C] () -- C:\Users\a.porter\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/03/13 18:59:56 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/16 13:29:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/02/14 12:46:59 | 000,001,447 | ---- | C] () -- C:\Users\a.porter\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/14 12:46:45 | 000,001,916 | ---- | C] () -- C:\Users\a.porter\Desktop\ForSkills.lnk
[2014/02/14 12:46:45 | 000,001,508 | ---- | C] () -- C:\Users\a.porter\Desktop\BWA - ICT Rooms Printer fix for STAFF.lnk
[2014/02/14 12:46:45 | 000,001,146 | ---- | C] () -- C:\Users\a.porter\Desktop\StudentNet.lnk
[2014/02/14 12:46:45 | 000,001,142 | ---- | C] () -- C:\Users\a.porter\Desktop\ProMonitor.lnk
[2014/02/14 12:46:45 | 000,001,132 | ---- | C] () -- C:\Users\a.porter\Desktop\BWA Frog.lnk
[2014/02/14 12:46:44 | 000,001,916 | ---- | C] () -- C:\Users\a.porter\Desktop\My BlueNet.lnk
[2014/02/14 12:46:44 | 000,001,914 | ---- | C] () -- C:\Users\a.porter\Desktop\My bluePOINT.lnk
[2014/02/14 12:46:44 | 000,001,476 | ---- | C] () -- C:\Users\a.porter\Desktop\My LRC.lnk
[2014/02/14 12:46:44 | 000,001,186 | ---- | C] () -- C:\Users\a.porter\Desktop\My Webmail.lnk
[2014/02/14 12:46:44 | 000,001,176 | ---- | C] () -- C:\Users\a.porter\Desktop\Service Desk.lnk
[2014/02/14 12:46:44 | 000,001,154 | ---- | C] () -- C:\Users\a.porter\Desktop\StaffNET.lnk
[2014/02/14 12:46:44 | 000,001,099 | ---- | C] () -- C:\Users\a.porter\Desktop\MS Word 2010.lnk
[2014/02/14 12:46:43 | 000,001,106 | ---- | C] () -- C:\Users\a.porter\Desktop\MS PowerPoint 2010.lnk
[2014/02/14 12:46:43 | 000,001,099 | ---- | C] () -- C:\Users\a.porter\Desktop\MS Outlook 2010.lnk
[2014/02/14 12:46:43 | 000,001,087 | ---- | C] () -- C:\Users\a.porter\Desktop\MS Publisher 2010.lnk
[2014/02/14 12:46:43 | 000,001,087 | ---- | C] () -- C:\Users\a.porter\Desktop\MS Excel 2010.lnk
[2014/02/14 12:46:43 | 000,001,075 | ---- | C] () -- C:\Users\a.porter\Desktop\MS Picture Manager.lnk
[2014/02/14 12:46:42 | 000,001,900 | ---- | C] () -- C:\Users\a.porter\Desktop\Barnfield Website.lnk
[2014/02/14 12:46:42 | 000,001,894 | ---- | C] () -- C:\Users\a.porter\Desktop\Internet Explorer.lnk
[2014/02/14 12:46:42 | 000,001,871 | ---- | C] () -- C:\Users\a.porter\Desktop\Mozilla Firefox.lnk
[2014/02/14 12:46:42 | 000,001,158 | ---- | C] () -- C:\Users\a.porter\Desktop\BWA Portal.lnk
[2014/02/14 12:46:42 | 000,001,106 | ---- | C] () -- C:\Users\a.porter\Desktop\MS Access 2010.lnk
[2014/02/14 12:46:41 | 000,002,342 | ---- | C] () -- C:\Users\a.porter\Desktop\Support Info.lnk
[2014/02/14 12:46:30 | 000,013,456 | RHS- | C] () -- C:\Users\a.porter\ntuser.pol
[2014/02/14 12:46:03 | 000,001,453 | ---- | C] () -- C:\Users\a.porter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/02/14 12:46:03 | 000,001,419 | ---- | C] () -- C:\Users\a.porter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/02/14 12:46:03 | 000,000,290 | ---- | C] () -- C:\Users\a.porter\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/02/14 12:46:03 | 000,000,272 | ---- | C] () -- C:\Users\a.porter\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/01/26 15:55:43 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/19 14:50:15 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013/06/05 09:20:43 | 000,000,586 | ---- | C] () -- C:\Windows\SMSCFG.ini
[2013/05/14 13:31:57 | 000,000,030 | ---- | C] () -- C:\Windows\TEXTEASE.INI
[2013/05/14 12:53:55 | 000,000,269 | ---- | C] () -- C:\Windows\exampro32.ini
[2013/05/14 12:53:54 | 000,536,576 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2013/05/14 12:53:54 | 000,000,478 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2013/05/14 12:03:45 | 000,000,153 | ---- | C] () -- C:\Windows\sims.ini
[2013/05/14 12:01:58 | 000,770,754 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/13 15:01:54 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2013/05/13 10:57:51 | 000,039,623 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/12/12 15:41:24 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/12 15:38:16 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/12 15:38:16 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/12/12 15:38:16 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/12/12 15:38:14 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 03:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 03:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/02/16 20:21:39 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\3909
[2014/06/10 20:59:37 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\Audacity
[2014/01/26 12:03:10 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\BitTorrent
[2014/02/16 12:33:47 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\library_dir
[2014/05/25 16:57:02 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\Origin
[2014/02/21 14:29:24 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\Qwizdom
[2014/01/26 12:04:59 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\Raptr
[2014/03/15 19:42:13 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\Sega
[2014/02/23 15:22:51 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\SMART Technologies
[2014/02/23 15:22:53 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\SMART Technologies Inc
[2014/07/27 15:32:48 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\Store
[2013/05/13 09:01:16 | 000,000,000 | ---D | M] -- C:\Users\a.porter\AppData\Roaming\TightVNC
 
========== Purity Check ==========
 
 

< End of report >


Edited by Acporter, 26 August 2014 - 09:45 AM.

  • 0

Advertisements

#2
DanoNH
Posted 26 August 2014 - 12:16 PM

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,155 posts

Hello [USER] and welcome to Geeks to Go! :welcome:

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  ALL staff here at Geeks To Go are volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.

I am currently in training, so there will be another person reviewing my work.  This may cause a bit of a delay in my responses, but on the positive side, you will have two sets of eyes reviewing your logs instead of one... :cool:
 

  • Please note that you should have Administrator rights to perform any fixes. Also note that multiple identity PC’s (family PC’s) can present a different problem; please tell me if your PC has more than one individual’s setting, but continue with the fix.
  • Before we proceed, you may wish to print these instructions for easy reference during the fix, although please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
  • Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.  If you get stuck or have questions, please stop and ask so I can help you.
  • Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.

OK, with that said,  now we can get started...

 

 

I will need a little time to consult with my colleagues on this, but I will get back to you as soon as possible.


  • 0

#3
DanoNH
Posted 27 August 2014 - 08:16 AM

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,155 posts

Hi Acporter,

 

Please check your system clock settings:

  1. Click on the time and date in the notification area in the bottom right-hand corner of your screen.
  2. Click on “Change date and time settings …”
  3. See if the clock is set right and change it if need be.

Next

 

I have some questions for you.  Please answer them as best as you can:

  1. Did you find anything amiss with the clock settings?
  2. When did you download the version of OTL you used for posting your original log?
  3. What is the make/model of this laptop?
  4. How old is the laptop?
  5. Is this a work or school issued laptop?

 

Next

 

Fix with OTL

 

IMPORTANT: This fix is specific to the computer and user being helped in this thread, and UNDER NO CIRCUMSTANCES SHOULD BE RUN ON ANOTHER COMPUTER.  Doing so can render your computer unbootable.  If you are experiencing malware issues, please read this topic and follow the instructions. If the problems still occur then please copy and paste (not attach) the logs in your reply.
 

  • Download OTL to your Desktop
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Copy all of the following text in the quote box, and paste it into the Custom Scans/Fixes box at the bottom:

    :OTL

    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

    O4 - HKLM..\Run: []  File not found

    [2014/07/27 15:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\005
    [2014/07/27 15:23:28 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\globalUpdate
    [2014/07/27 15:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate

    [2014/07/12 17:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

     

    :Commands

    [EMPTYTEMP]

  • Now click on the Run Fix button at the top.
  • Let the program run unhindered, reboot when it is done.
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL. If you can't find it, try looking in C:\_OTL\MovedFiles.

 

 

Next

 

Please report back the answers to my questions (please retain the numbering), let me know if you'd like BitTorrent removed, and post the OTL fix log contents in your reply.

 


  • 0

#4
Acporter
Posted 27 August 2014 - 09:12 AM

Acporter

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

1. Did you find anything amiss with the clock settings?

    Yes! Stupdly thought I had checked ths but in fact was set to January instead of August. Problem seems to have resloved itself.

 

2. When did you download the version of OTL you used for posting your original log?

    Just yesterday.

 

3. What is the make/model of this laptop?

    Stone.

 

4. How old is the laptop?

    3 months

 

5. Is this a work or school issued laptop?

    Yes

 

Do you still recommend I run the OTL fix?

 

Thanks

 

Adam


Edited by Acporter, 27 August 2014 - 09:13 AM.

  • 0

#5
DanoNH
Posted 27 August 2014 - 09:21 AM

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,155 posts

Do you want that BitTorrent P2P software removed?


  • 0

#6
Acporter
Posted 27 August 2014 - 09:56 AM

Acporter

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Yes please!


  • 0

#7
DanoNH
Posted 27 August 2014 - 12:03 PM

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,155 posts

OK, thanks, Adam.  I'm glad we were able to fix your certificate issue with the clock settings.  :thumbsup:

 

I've added the traces of BitTorrent to the OTL fix.  I'd also like to give your system a couple of other quick checks while we're at it...

 

First

 

Fix with OTL

 

IMPORTANT: This fix is specific to the computer and user being helped in this thread, and UNDER NO CIRCUMSTANCES SHOULD BE RUN ON ANOTHER COMPUTER.  Doing so can render your computer unbootable.  If you are experiencing malware issues, please read this topic and follow the instructions. If the problems still occur then please copy and paste (not attach) the logs in your reply.
 

  • Download OTL to your Desktop
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Copy all of the following text in the quote box, and paste it into the Custom Scans/Fixes box at the bottom:

    :OTL

    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

    O4 - HKLM..\Run: []  File not found

    [2014/07/27 15:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\005
    [2014/07/27 15:23:28 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Local\globalUpdate
    [2014/07/27 15:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate

    [2014/07/12 17:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

    [2014/07/27 15:17:39 | 000,000,000 | ---D | C] -- C:\Users\a.porter\AppData\Roaming\BitTorrent

     

    :Commands

    [EMPTYTEMP]

  • Now click on the Run Fix button at the top.
  • Let the program run unhindered, reboot when it is done.
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL. If you can't find it, try looking in C:\_OTL\MovedFiles.

 

 

Next

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.

 

 

Next

 

I see you have Malwarebytes' Anti-Malware installed.  It would be good to run a scan of your system with it.  It's not evident what version you have, so let's get a new copy:

 

Install and Run Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from Here or Here
 

  • Double Click the downloaded mbam-setup-x.x.x.xxxx.exe to install the application.  (x.x.x.xxxx represents the current version number).
     
  • During installation, make sure uncheck Enable free trial of Malwarebytes Anti-Malware Premium, then click Finish.  You can always upgrade later ;) :
    MBAM1_zps65d773c0.png
     
  • If an update is found, it will download and install the latest updates automatically:
    MBAM2_zps52e3211b.png
     
  • Now select the Settings tab, and check the box next to Scan for rootkits:
    MBAM3_zps83324155.png
     
  • Go back to the Dashboard tab, and click the Scan Now button:
    MBAM4_zpse3cd4a79.png
     
  • The scan may take some time to finish,so please be patient.
    MBAM5_zps36d7537b.png
     
  • When the scan is complete, it will show you the results.  (This one is clean):
    MBAM65_zpsb0aa143c.png
     
  • Make sure that everything is checked, and click Quarantine All (or similar).
     
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.  (See Extra Note below)  If the log doesn't open, select View detailed log in the Scan tab:
    MBAM7_zps782405f0.png
     
  • The log is automatically saved by MBAM and can be viewed by going to the History tab and clicking on Application Logs:
    MBAM9_zps1f87702b.png
     
  • Choose the latest Scan Log, and click on the View button:
    MBAM10_zps5a48f689.png
     
  • In the bottom of the Scanning History Log window that opens, you can click on Export > Save to Text file (*.txt).  Save the report to your Desktop.
    MBAM8_zpsad402941.png
     
  • Copy & Paste the entire contents of the report log in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

*** In your next reply, I need you to Copy&Paste the contents of the MBAM log file.

 

 

Next

 

There should have been an Extras.txt created on your Desktop when you first ran OTL.    Please also post the contents of that log so we can be sure you're clean of malware while you're here.  ;)

 

So, in your next response, please post the contents of the following logs:

  1. OTL fix,
  2. Security Check,
  3. Malwarebytes scan, and
  4. Extras.txt

 

 

 


  • 0

#8
Essexboy
Posted 03 September 2014 - 06:35 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP