bluefishbeagle
2014-01-13, 18:56
My problem is a pop up using IE windows 8 system:
I've run Malware bytes and Spybot (my antivirus program) both normal and safe mode with no resolution.
The popup box usually appears in the top of my screen but no always. It's for the most part square and will contain advertisements for some product I've recently browsed. However sometimes it says:
"Your PC performance is Poor."
"Make your PC run Faster!"
"Problems have been detected with your Flash Player version."
"To view the video you need to upgrade Adobe Flash Player"
"Catch the Roach for an opportunity to win an iPad 2!"
This popup follow me from site to site , window to window howbeit somewhat delayed, it always comes back.
*************************************************************************************************
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Ed at 9:33:35 on 2014-01-13
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8071.6373 [GMT -6:00]
.
AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\dwm.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
C:\windows\system32\DptfParticipantProcessorService.exe
C:\windows\system32\DptfPolicyConfigTDPService.exe
C:\windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\Lenovo Transition.exe
C:\ProgramData\YogaSmartSwicth\yogaserver.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Seattle Avionics\Data Manager\DataManager.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://lenovo13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: AccelerateTab: {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Adblock: {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [Seattle Avionics Data Manager] C:\Program Files (x86)\Seattle Avionics\Data Manager\DataManager.exe /HideAtStart
mRun: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
StartupFolder: C:\Users\Ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MOTION~1.LNK - C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
IE: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CEDCAA18-D7F1-47B2-B29B-877DB1070E6D} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
x64-Run: [DptfPolicyLpmServiceHelper] C:\windows\System32\DptfPolicyLpmServiceHelper.exe
x64-Run: [BtServer] "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
x64-Run: [SynLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [Lenovo Transition] C:\Program Files (x86)\Lenovo\Lenovo Transition\Lenovo Transition.exe -HIDE
x64-Run: [yogaserver] C:\ProgramData\YogaSmartSwicth\yogaserver.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2013-2-1 39008]
R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2013-8-25 63776]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe [2013-2-1 51200]
R2 DptfParticipantProcessorService;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application;C:\windows\System32\DptfParticipantProcessorService.exe [2012-8-17 29056]
R2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application;C:\windows\System32\DptfPolicyConfigTDPService.exe [2012-8-17 30592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-2-1 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-1 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-24 418376]
R2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [2013-10-7 230920]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-10-7 69640]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-8-25 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-8-25 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-8-25 171928]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-1 364416]
R2 ymc;ymc;C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe [2013-2-1 27216]
R3 acpials;ALS Sensor Filter;C:\windows\System32\Drivers\acpials.sys [2012-7-25 9728]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-9-10 266240]
R3 BthA2DP;Bluetooth Stereo;C:\windows\System32\Drivers\BthA2DP.sys [2013-7-26 117632]
R3 BthHFAud;Bluetooth Hands-Free;C:\windows\System32\Drivers\BthHfAud.sys [2013-7-24 30720]
R3 BthHFSrv;Bluetooth Handsfree Service;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-7-26 29696]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 DptfDevPch;DptfDevPch;C:\windows\System32\Drivers\DptfDevPch.sys [2012-8-17 96064]
R3 DptfDevProc;DptfDevProc;C:\windows\System32\Drivers\DptfDevProc.sys [2012-8-17 228672]
R3 DptfManager;DptfManager;C:\windows\System32\Drivers\DptfManager.sys [2012-8-17 361792]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-8-26 342528]
R3 leymc;leymc Service;C:\windows\System32\Drivers\leymc.sys [2013-2-1 17240]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2013-7-24 25928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-2-1 315536]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\windows\System32\Drivers\RtkBtfilter.sys [2013-2-1 696464]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\windows\System32\Drivers\rtwlanu.sys [2013-2-1 1574032]
R3 SensorsAlsDriver;UMDF Reflector service for SensorsAlsDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SensorsHIDClassDriver;UMDF Reflector service for SensorsHIDClassDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SensorsServiceDriver;UMDF Reflector service for SensorsServiceDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-26 44344]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S2 CxAudMsg;Conexant Audio Message Service;C:\windows\System32\CxAudMsg64.exe [2013-2-1 201376]
S2 DptfPolicyLpmService;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application;C:\windows\System32\DptfPolicyLpmService.exe [2012-8-17 36224]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-24 701512]
S2 SecureUpdateSvc;SecureUpdate;C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2013-7-26 2472272]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\windows\System32\Drivers\BrSerIb.sys [2012-9-10 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\windows\System32\Drivers\BrUsbSib.sys [2012-9-10 21872]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]
S3 JeppDrive;JeppDrive Service;C:\windows\System32\Drivers\JeppDrive.sys [2013-7-29 28504]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-8-20 204568]
S3 vm332avs;Lenovo Camera2;C:\windows\System32\Drivers\vm332avs.sys [2013-2-1 981112]
S3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-7-26 23552]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2013-2-1 102376]
.
=============== Created Last 30 ================
.
2014-01-13 14:21:31 -------- d-----w- C:\windows\pss
2014-01-12 15:13:18 257624 ----a-w- C:\windows\System32\unrar64.dll
2014-01-12 15:13:17 218200 ----a-w- C:\windows\SysWow64\unrar.dll
2014-01-12 15:13:14 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2014-01-06 13:21:15 -------- d-----w- C:\Users\Ed\AppData\Roaming\LavasoftStatistics
2014-01-06 06:01:52 -------- d-----w- C:\Users\Ed\AppData\Roaming\SecureSearch
2014-01-06 06:01:40 -------- d-----w- C:\Program Files (x86)\Lavasoft
2013-12-28 06:19:31 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-21 13:04:16 -------- d-----w- C:\Users\Ed\AppData\Local\Conexant
2013-12-20 13:22:31 -------- d-----w- C:\SD 8gb
2013-12-19 02:31:54 -------- d-----w- C:\windows\Downloaded Installations
2013-12-18 20:59:28 -------- d-----w- C:\ProgramData\IObit
2013-12-16 10:32:55 23350272 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-16 10:32:54 22615040 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 17:05:19 78304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-14 17:05:19 694240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2013-11-23 06:43:58 420864 ----a-w- C:\windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-11-06 23:18:57 4036608 ----a-w- C:\windows\System32\win32k.sys
2013-11-01 05:38:21 312320 ----a-w- C:\windows\System32\msieftp.dll
2013-11-01 03:49:24 273408 ----a-w- C:\windows\SysWow64\msieftp.dll
2013-10-25 06:19:22 2241536 ----a-w- C:\windows\System32\wininet.dll
2013-10-25 06:19:12 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\windows\System32\jscript9.dll
2013-10-25 04:45:11 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-10-19 05:45:45 62976 ----a-w- C:\windows\System32\imagehlp.dll
2013-10-19 04:04:07 59392 ----a-w- C:\windows\SysWow64\imagehlp.dll
.
============= FINISH: 9:33:45.75 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-13 10:25:26
-----------------------------
10:25:26.088 OS Version: Windows x64 6.2.9200
10:25:26.088 Number of processors: 4 586 0x3A09
10:25:26.088 ComputerName: PLANECOMPUTER UserName: Ed
10:25:26.088 Initialze error 1
10:42:08.515 AVAST engine defs: 14011300
10:53:42.322 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000040
10:53:42.322 Disk 0 Vendor: SAMSUNG_MZMPC128HBFU-000L1 CXM13L1Q Size: 122104MB BusType: 11
10:53:42.322 Disk 0 MBR read successfully
10:53:42.322 Disk 0 MBR scan
10:53:42.338 Disk 0 unknown MBR code
10:53:42.338 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
10:53:42.338 Disk 0 scanning C:\windows\system32\drivers
10:53:42.338 Service scanning
10:53:42.900 Modules scanning
10:53:42.900 Disk 0 trace - called modules:
10:53:42.900 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll storahci.sys
10:53:42.900 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007954060]
10:53:42.916 3 CLASSPNP.SYS[fffff88000a15e0a] -> nt!IofCallDriver -> \Device\00000040[0xfffffa8006bcf770]
10:53:42.916 AVAST engine scan C:\windows
10:53:42.916 AVAST engine scan C:\windows\system32
10:53:42.916 AVAST engine scan C:\windows\system32\drivers
10:53:42.931 AVAST engine scan C:\Users\Ed
10:53:42.931 AVAST engine scan C:\ProgramData
10:53:42.931 Scan finished successfully
10:53:56.382 Disk 0 MBR has been saved successfully to "C:\Users\Ed\Desktop\MBR.dat"
10:53:56.382 The log file has been saved successfully to "C:\Users\Ed\Desktop\aswMBR.txt"
I've run Malware bytes and Spybot (my antivirus program) both normal and safe mode with no resolution.
The popup box usually appears in the top of my screen but no always. It's for the most part square and will contain advertisements for some product I've recently browsed. However sometimes it says:
"Your PC performance is Poor."
"Make your PC run Faster!"
"Problems have been detected with your Flash Player version."
"To view the video you need to upgrade Adobe Flash Player"
"Catch the Roach for an opportunity to win an iPad 2!"
This popup follow me from site to site , window to window howbeit somewhat delayed, it always comes back.
*************************************************************************************************
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Ed at 9:33:35 on 2014-01-13
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8071.6373 [GMT -6:00]
.
AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\dwm.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
C:\windows\system32\DptfParticipantProcessorService.exe
C:\windows\system32\DptfPolicyConfigTDPService.exe
C:\windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\Lenovo Transition.exe
C:\ProgramData\YogaSmartSwicth\yogaserver.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Seattle Avionics\Data Manager\DataManager.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://lenovo13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: AccelerateTab: {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Adblock: {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [Seattle Avionics Data Manager] C:\Program Files (x86)\Seattle Avionics\Data Manager\DataManager.exe /HideAtStart
mRun: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
StartupFolder: C:\Users\Ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MOTION~1.LNK - C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
IE: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CEDCAA18-D7F1-47B2-B29B-877DB1070E6D} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
x64-Run: [DptfPolicyLpmServiceHelper] C:\windows\System32\DptfPolicyLpmServiceHelper.exe
x64-Run: [BtServer] "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
x64-Run: [SynLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [Lenovo Transition] C:\Program Files (x86)\Lenovo\Lenovo Transition\Lenovo Transition.exe -HIDE
x64-Run: [yogaserver] C:\ProgramData\YogaSmartSwicth\yogaserver.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2013-2-1 39008]
R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2013-8-25 63776]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe [2013-2-1 51200]
R2 DptfParticipantProcessorService;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application;C:\windows\System32\DptfParticipantProcessorService.exe [2012-8-17 29056]
R2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application;C:\windows\System32\DptfPolicyConfigTDPService.exe [2012-8-17 30592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-2-1 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-1 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-24 418376]
R2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [2013-10-7 230920]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-10-7 69640]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-8-25 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-8-25 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-8-25 171928]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-1 364416]
R2 ymc;ymc;C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe [2013-2-1 27216]
R3 acpials;ALS Sensor Filter;C:\windows\System32\Drivers\acpials.sys [2012-7-25 9728]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-9-10 266240]
R3 BthA2DP;Bluetooth Stereo;C:\windows\System32\Drivers\BthA2DP.sys [2013-7-26 117632]
R3 BthHFAud;Bluetooth Hands-Free;C:\windows\System32\Drivers\BthHfAud.sys [2013-7-24 30720]
R3 BthHFSrv;Bluetooth Handsfree Service;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2013-7-26 29696]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 DptfDevPch;DptfDevPch;C:\windows\System32\Drivers\DptfDevPch.sys [2012-8-17 96064]
R3 DptfDevProc;DptfDevProc;C:\windows\System32\Drivers\DptfDevProc.sys [2012-8-17 228672]
R3 DptfManager;DptfManager;C:\windows\System32\Drivers\DptfManager.sys [2012-8-17 361792]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-8-26 342528]
R3 leymc;leymc Service;C:\windows\System32\Drivers\leymc.sys [2013-2-1 17240]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2013-7-24 25928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-2-1 315536]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\windows\System32\Drivers\RtkBtfilter.sys [2013-2-1 696464]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\windows\System32\Drivers\rtwlanu.sys [2013-2-1 1574032]
R3 SensorsAlsDriver;UMDF Reflector service for SensorsAlsDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SensorsHIDClassDriver;UMDF Reflector service for SensorsHIDClassDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SensorsServiceDriver;UMDF Reflector service for SensorsServiceDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-26 44344]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S2 CxAudMsg;Conexant Audio Message Service;C:\windows\System32\CxAudMsg64.exe [2013-2-1 201376]
S2 DptfPolicyLpmService;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application;C:\windows\System32\DptfPolicyLpmService.exe [2012-8-17 36224]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-24 701512]
S2 SecureUpdateSvc;SecureUpdate;C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [2013-7-26 2472272]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\windows\System32\Drivers\BrSerIb.sys [2012-9-10 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\windows\System32\Drivers\BrUsbSib.sys [2012-9-10 21872]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]
S3 JeppDrive;JeppDrive Service;C:\windows\System32\Drivers\JeppDrive.sys [2013-7-29 28504]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-8-20 204568]
S3 vm332avs;Lenovo Camera2;C:\windows\System32\Drivers\vm332avs.sys [2013-2-1 981112]
S3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-7-26 23552]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2013-2-1 102376]
.
=============== Created Last 30 ================
.
2014-01-13 14:21:31 -------- d-----w- C:\windows\pss
2014-01-12 15:13:18 257624 ----a-w- C:\windows\System32\unrar64.dll
2014-01-12 15:13:17 218200 ----a-w- C:\windows\SysWow64\unrar.dll
2014-01-12 15:13:14 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2014-01-06 13:21:15 -------- d-----w- C:\Users\Ed\AppData\Roaming\LavasoftStatistics
2014-01-06 06:01:52 -------- d-----w- C:\Users\Ed\AppData\Roaming\SecureSearch
2014-01-06 06:01:40 -------- d-----w- C:\Program Files (x86)\Lavasoft
2013-12-28 06:19:31 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-21 13:04:16 -------- d-----w- C:\Users\Ed\AppData\Local\Conexant
2013-12-20 13:22:31 -------- d-----w- C:\SD 8gb
2013-12-19 02:31:54 -------- d-----w- C:\windows\Downloaded Installations
2013-12-18 20:59:28 -------- d-----w- C:\ProgramData\IObit
2013-12-16 10:32:55 23350272 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-16 10:32:54 22615040 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 17:05:19 78304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-14 17:05:19 694240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2013-11-23 06:43:58 420864 ----a-w- C:\windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-11-06 23:18:57 4036608 ----a-w- C:\windows\System32\win32k.sys
2013-11-01 05:38:21 312320 ----a-w- C:\windows\System32\msieftp.dll
2013-11-01 03:49:24 273408 ----a-w- C:\windows\SysWow64\msieftp.dll
2013-10-25 06:19:22 2241536 ----a-w- C:\windows\System32\wininet.dll
2013-10-25 06:19:12 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\windows\System32\jscript9.dll
2013-10-25 04:45:11 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-10-19 05:45:45 62976 ----a-w- C:\windows\System32\imagehlp.dll
2013-10-19 04:04:07 59392 ----a-w- C:\windows\SysWow64\imagehlp.dll
.
============= FINISH: 9:33:45.75 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-13 10:25:26
-----------------------------
10:25:26.088 OS Version: Windows x64 6.2.9200
10:25:26.088 Number of processors: 4 586 0x3A09
10:25:26.088 ComputerName: PLANECOMPUTER UserName: Ed
10:25:26.088 Initialze error 1
10:42:08.515 AVAST engine defs: 14011300
10:53:42.322 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000040
10:53:42.322 Disk 0 Vendor: SAMSUNG_MZMPC128HBFU-000L1 CXM13L1Q Size: 122104MB BusType: 11
10:53:42.322 Disk 0 MBR read successfully
10:53:42.322 Disk 0 MBR scan
10:53:42.338 Disk 0 unknown MBR code
10:53:42.338 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
10:53:42.338 Disk 0 scanning C:\windows\system32\drivers
10:53:42.338 Service scanning
10:53:42.900 Modules scanning
10:53:42.900 Disk 0 trace - called modules:
10:53:42.900 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll storahci.sys
10:53:42.900 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007954060]
10:53:42.916 3 CLASSPNP.SYS[fffff88000a15e0a] -> nt!IofCallDriver -> \Device\00000040[0xfffffa8006bcf770]
10:53:42.916 AVAST engine scan C:\windows
10:53:42.916 AVAST engine scan C:\windows\system32
10:53:42.916 AVAST engine scan C:\windows\system32\drivers
10:53:42.931 AVAST engine scan C:\Users\Ed
10:53:42.931 AVAST engine scan C:\ProgramData
10:53:42.931 Scan finished successfully
10:53:56.382 Disk 0 MBR has been saved successfully to "C:\Users\Ed\Desktop\MBR.dat"
10:53:56.382 The log file has been saved successfully to "C:\Users\Ed\Desktop\aswMBR.txt"