Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer running extremely slowly, possibly infected [Solved]


  • This topic is locked This topic is locked

#1
LKJ1

LKJ1

    New Member

  • Member
  • Pip
  • 9 posts
Hello,
My computer has slowed down to an absolute crawl, nearly to the point of being unusable. It gets immediately burdened down to 100% usage in task manager when I open up Google Chrome or attempt to play video. It seems like it starts up from a shutdown normally, but is bogged down within 2-3 minutes and then can barely be used. One symptom if it helps at all: when I try to load up a new webpage, it will briefly show me a snapshot of a prior page before going ahead and trying to load the next one.

The graphics adapter, in what I imagine is a separate issue, seems to be flaming out slowly but surely. My computer is periodically freezing, after which point it often won't fully start up again until I let it sit for a while. When it comes back the adapter is often messed up and will tell me in Device Manager that it's not working. One time it found and downloaded an updated driver, but that hasn't helped long-term.

Here's my OTL log:
OTL logfile created on: 5/20/2013 9:18:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Leif\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 45.26% Memory free
6.49 Gb Paging File | 4.56 Gb Available in Paging File | 70.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.53 Gb Total Space | 23.79 Gb Free Space | 31.92% Space Free | Partition Type: NTFS

Computer Name: THELAPTOP | User Name: Leif | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/20 20:08:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Leif\Downloads\OTL.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/04 06:03:11 | 000,882,520 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2012/11/13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/09 04:57:07 | 000,390,096 | ---- | M] () -- C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 04:57:05 | 004,050,896 | ---- | M] () -- C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 04:56:15 | 000,598,480 | ---- | M] () -- C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 04:56:14 | 000,124,368 | ---- | M] () -- C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 04:56:13 | 001,606,096 | ---- | M] () -- C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011/10/05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2012/07/11 14:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/07/20 19:55:26 | 000,594,712 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (nicconfigsvc)
SRV - [2013/05/15 07:21:44 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/02/11 21:00:26 | 000,002,560 | ---- | M] () [Auto | Stopped] -- C:\Windows\Runservice.exe -- (LicCtrlService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/27 14:48:14 | 000,014,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/28 19:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/09 17:19:38 | 000,085,280 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\oz776x64.sys -- (guardian2)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/01/09 19:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...D-BD1A4BEE5AA3}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...D-BD1A4BEE5AA3}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...D-BD1A4BEE5AA3}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AC C6 66 12 98 44 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...D-BD1A4BEE5AA3}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Leif\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Leif\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)


[2013/05/13 23:50:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/13 23:50:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Leif\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook Colour Changer = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam\1.3.1_0\
CHR - Extension: Google Search = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: imgur Extension by Metronomik = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\2.0.4_0\
CHR - Extension: Facebook Disconnect = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_0\
CHR - Extension: AdBlock = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: avast! Online Security = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: Gmail = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Drive = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook Colour Changer = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam\1.3.1_0\
CHR - Extension: Google Search = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: imgur Extension by Metronomik = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\2.0.4_0\
CHR - Extension: Facebook Disconnect = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_0\
CHR - Extension: AdBlock = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: avast! Online Security = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: Gmail = C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/05/05 21:26:47 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UseDefaultTile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{489E2F97-98AD-4FAF-8E06-7C94D7CE61F0}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/19 21:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/05/19 21:41:26 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/05/19 21:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/05/19 10:43:15 | 000,000,000 | ---D | C] -- C:\dell
[2013/05/19 02:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2013/05/19 02:35:44 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2013/05/19 02:32:24 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Roaming\PCDr
[2013/05/18 21:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2013/05/18 21:31:48 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2013/05/18 20:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2013/05/18 20:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/05/18 19:53:16 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2013/05/18 19:53:06 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Local\Deployment
[2013/05/18 19:53:06 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Local\Apps
[2013/05/17 20:59:19 | 000,000,000 | ---D | C] -- C:\8e44f19aa6b1e6f3dd12941843e40a
[2013/05/17 17:02:45 | 000,000,000 | ---D | C] -- C:\a87326e228b9b4b893
[2013/05/13 22:34:28 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Roaming\AVG2013
[2013/05/13 22:27:31 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Local\AVG SafeGuard toolbar
[2013/05/13 22:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/05/13 22:26:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/05/13 22:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/05/13 22:22:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/05/13 22:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2013/05/13 21:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2013/05/13 21:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2013/05/13 21:56:45 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Roaming\Shark007
[2013/05/13 21:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007
[2013/05/13 21:56:38 | 003,554,304 | ---- | C] (x264vfw project) -- C:\Windows\SysNative\x264vfw.dll
[2013/05/13 21:56:38 | 000,361,472 | ---- | C] (fccHandler) -- C:\Windows\SysNative\aacacm.acm
[2013/05/13 21:56:38 | 000,180,736 | ---- | C] (fccHandler) -- C:\Windows\SysNative\ac3acm.acm
[2013/05/13 21:56:37 | 001,929,216 | ---- | C] (xy-VSFilter Team) -- C:\Windows\SysNative\VSFilter.dll
[2013/05/13 21:56:37 | 000,124,909 | ---- | C] (Open Source Software community project) -- C:\Windows\SysNative\pthreadGC2.dll
[2013/05/13 21:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Shark007
[2013/05/06 23:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/05/06 23:34:54 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/05/06 23:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/05/06 23:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/05/05 21:29:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/05 21:26:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/05/05 12:21:38 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/05/05 12:16:21 | 000,038,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfiark.sys
[2013/05/05 12:08:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/05/05 12:00:00 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Roaming\Ad-Aware Antivirus
[2013/05/04 11:33:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/04 11:32:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/29 00:22:20 | 000,000,000 | ---D | C] -- C:\Users\Leif\AppData\Roaming\BitTorrent
[2013/04/28 20:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/04/23 20:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/04/23 18:41:35 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/23 18:41:13 | 000,000,000 | ---D | C] -- C:\JRT

========== Files - Modified Within 30 Days ==========

[2013/05/20 21:41:05 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/20 21:29:49 | 000,786,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/20 21:29:49 | 000,665,554 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/20 21:29:49 | 000,123,330 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/20 21:24:33 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/20 21:24:33 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/20 21:21:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/20 21:05:06 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1007UA.job
[2013/05/20 20:58:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1000UA.job
[2013/05/20 20:45:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1001UA.job
[2013/05/20 20:02:46 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/20 20:02:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/20 20:02:28 | 2615,767,040 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/20 19:45:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1001Core.job
[2013/05/20 17:58:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1000Core.job
[2013/05/20 12:05:08 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1007Core.job
[2013/05/19 23:29:34 | 000,001,087 | ---- | M] () -- C:\Windows\wininit.ini
[2013/05/19 21:42:45 | 000,002,177 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/05/17 21:33:55 | 000,012,978 | ---- | M] () -- C:\Users\Leif\AppData\Roaming\nvModes.001
[2013/05/17 21:04:03 | 000,779,128 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/16 20:23:44 | 363,204,764 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/05/14 21:39:05 | 005,232,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/12 03:11:23 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/05/06 23:34:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/05/05 21:26:47 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/05/05 13:13:55 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/05 13:13:55 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/01 19:33:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/04/27 12:00:20 | 000,532,027 | ---- | M] () -- C:\Users\Leif\Documents\Progressive coupon.pdf

========== Files Created - No Company Name ==========

[2013/05/19 23:29:32 | 000,001,087 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/19 21:42:45 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/05/19 21:42:45 | 000,002,177 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/05/16 20:23:44 | 363,204,764 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/05/13 21:56:42 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2013/05/13 21:56:38 | 002,231,296 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm
[2013/05/13 21:56:38 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2013/05/13 21:56:38 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013/05/13 21:56:37 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2013/05/12 03:10:38 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/05/06 23:34:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013/05/05 13:13:55 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/05/05 13:13:55 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/05/05 12:44:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/05/05 12:30:44 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/04/27 12:00:19 | 000,532,027 | ---- | C] () -- C:\Users\Leif\Documents\Progressive coupon.pdf
[2012/02/11 21:00:27 | 000,002,209 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys
[2012/02/11 21:00:26 | 000,048,640 | ---- | C] () -- C:\Windows\mmfs.dll
[2012/02/11 21:00:26 | 000,002,560 | ---- | C] () -- C:\Windows\Runservice.exe
[2012/01/18 18:39:53 | 000,007,599 | ---- | C] () -- C:\Users\Leif\AppData\Local\Resmon.ResmonCfg
[2012/01/15 03:12:29 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/01/15 03:12:29 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/12/08 17:46:19 | 000,012,978 | ---- | C] () -- C:\Users\Leif\AppData\Roaming\nvModes.001
[2011/12/08 12:21:38 | 000,012,978 | ---- | C] () -- C:\Users\Leif\AppData\Roaming\nvModes.dat

========== ZeroAccess Check ==========

[2012/09/20 18:15:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/05 12:57:56 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\Ad-Aware Antivirus
[2013/02/03 15:07:51 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\AVG
[2013/05/13 22:34:28 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\AVG2013
[2012/07/29 13:29:19 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\calibre
[2012/06/17 13:43:32 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/07/22 04:05:57 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\CometPlayer
[2012/09/14 18:54:56 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\Hyperdesktop
[2010/11/28 18:35:02 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\onOne Software
[2012/05/28 14:14:11 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\Orbit
[2013/05/19 02:32:36 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\PCDr
[2013/03/15 07:06:36 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\Process Hacker 2
[2012/05/26 21:55:38 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\ProgSense
[2013/05/13 21:56:45 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\Shark007
[2013/05/07 20:51:01 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\tigerplayer
[2013/02/03 15:00:59 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\TuneUp Software
[2013/01/16 02:30:30 | 000,000,000 | ---D | M] -- C:\Users\Leif\AppData\Roaming\Wizards of the Coast

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello LKJ1,

Welcome to Geekstogo.

Firstly, please uninstall SuperAntiSpyware and Spybot Search and Destroy as they will interfere with the running of our tools. You can reinstall them when you are finished although you might like to consider installing only one as the are likely to be conflicting with each other.

After that

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. In your case the 64bit one will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Finally in this post

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
So when you return please post
  • FRST.txt
  • checkup.txt

  • 0

#3
LKJ1

LKJ1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-05-2013
Ran by Leif (administrator) on 28-05-2013 23:40:46
Running from C:\Users\Leif\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(BitTorrent Inc.) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Leif\Desktop\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [15960096 2009-03-06] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [82464 2009-03-06] (NVIDIA Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_E37A51403E0901EFADCF5F905F031FF1] "C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-05-23] (Google Inc.)
HKCU\...\Run: [Google Update] "C:\Users\Leif\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-31] (Google Inc.)
HKCU\...\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED [882520 2013-05-04] (BitTorrent Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\Brandon\...\Run: [Google Update] "C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-05-29] (Google Inc.)
HKU\Mcx1-THELAPTOP\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation)
HKU\Olivia\...\Run: [AdobeUpdater] "C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe" [x]
HKU\Olivia\...\Run: [Google Update] "C:\Users\Olivia\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-06-20] (Google Inc.)
HKU\Olivia\...\Run: [AdobeBridge] [x]
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...D-BD1A4BEE5AA3}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...D-BD1A4BEE5AA3}
HKLM-x32 SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
HKCU SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-05-2013
Ran by Leif (administrator) on 28-05-2013 23:49:53
Running from C:\Users\Leif\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(BitTorrent Inc.) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Leif\Desktop\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [15960096 2009-03-06] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [82464 2009-03-06] (NVIDIA Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_E37A51403E0901EFADCF5F905F031FF1] "C:\Users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-05-23] (Google Inc.)
HKCU\...\Run: [Google Update] "C:\Users\Leif\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-31] (Google Inc.)
HKCU\...\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED [882520 2013-05-04] (BitTorrent Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\Brandon\...\Run: [Google Update] "C:\Users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-05-29] (Google Inc.)
HKU\Mcx1-THELAPTOP\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation)
HKU\Olivia\...\Run: [AdobeUpdater] "C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe" [x]
HKU\Olivia\...\Run: [Google Update] "C:\Users\Olivia\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-06-20] (Google Inc.)
HKU\Olivia\...\Run: [AdobeBridge] [x]
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...D-BD1A4BEE5AA3}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...D-BD1A4BEE5AA3}
HKLM-x32 SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
HKCU SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...D-BD1A4BEE5AA3}
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Drive) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (imgur Extension by Metronomik) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\2.0.4_0
CHR Extension: (Facebook Disconnect) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_0
CHR Extension: (Pandora) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0
CHR Extension: (AdBlock) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0
CHR Extension: (avast! Online Security) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.7_0
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0
CHR Extension: (Gmail) - C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-06-01] (Adobe Systems)
S2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-02-11] ()
R2 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [594712 2007-07-20] (Dell Inc.)
S2 STacSV; C:\Windows\system32\STacSV64.exe [x]

==================== Drivers (Whitelisted) ====================

R3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85280 2009-09-09] (O2Micro)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]
S3 STHDA; system32\drivers\stwrt64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-28 23:23 - 2013-05-28 23:25 - 00017045 ____A C:\Users\Leif\Desktop\Addition.txt
2013-05-28 23:21 - 2013-05-28 23:22 - 00890839 ____A C:\Users\Leif\Desktop\SecurityCheck.exe
2013-05-28 23:20 - 2013-05-28 23:20 - 00000000 ___DC C:\FRST
2013-05-28 23:19 - 2013-05-28 23:19 - 01915774 ____A (Farbar) C:\Users\Leif\Desktop\FRST64.exe
2013-05-20 21:56 - 2013-05-20 21:56 - 00093816 ____A C:\Users\Leif\Downloads\Extras.Txt
2013-05-20 21:53 - 2013-05-20 23:07 - 00073884 ____A C:\Users\Leif\Downloads\OTL.Txt
2013-05-20 20:08 - 2013-05-20 20:08 - 00602112 ____A (OldTimer Tools) C:\Users\Leif\Downloads\OTL.exe
2013-05-20 18:53 - 2013-05-28 23:48 - 00004200 ____A C:\Windows\setupact.log
2013-05-20 17:33 - 2013-05-20 17:34 - 00042856 ____A C:\Users\Leif\Downloads\Personal.xlsx
2013-05-19 23:29 - 2013-05-19 23:29 - 00001087 ____A C:\Windows\wininit.ini
2013-05-19 21:40 - 2013-05-28 23:34 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-05-19 21:29 - 2013-05-19 21:34 - 55454464 ____A (Safer-Networking Ltd. ) C:\Users\Leif\Downloads\SpybotSD2.exe
2013-05-19 16:38 - 2013-05-19 16:48 - 00588075 ____A (Safer-Networking Ltd. ) C:\Users\Leif\Downloads\Unconfirmed 198598.crdownload
2013-05-19 10:43 - 2013-05-19 10:43 - 00000000 ___DC C:\dell
2013-05-19 02:36 - 2013-05-19 02:36 - 00000000 ____D C:\ProgramData\PCDr
2013-05-19 02:35 - 2013-05-19 04:16 - 00000000 ____D C:\Program Files\Dell Support Center
2013-05-19 02:32 - 2013-05-19 02:32 - 00000000 ____D C:\Users\Leif\AppData\Roaming\PCDr
2013-05-19 02:31 - 2013-05-19 02:31 - 00038984 ____A (Dell Computer Corporation) C:\Users\Leif\Downloads\DellPCDiagnostics.exe
2013-05-18 20:56 - 2013-05-18 22:21 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-05-18 20:55 - 2013-05-18 20:56 - 05102984 ____A (McAfee, Inc.) C:\Users\Leif\Downloads\McAfeeSetup.exe
2013-05-18 20:35 - 2013-05-18 20:35 - 00000000 ____D C:\ProgramData\APN
2013-05-18 20:27 - 2013-05-18 20:27 - 01611344 ____A (InstallX, LLC) C:\Users\Leif\Downloads\coretemp_1236.exe
2013-05-18 19:53 - 2013-05-18 19:56 - 00000000 ____D C:\Users\Leif\AppData\Local\Deployment
2013-05-18 19:53 - 2013-05-18 19:53 - 00010774 ____A C:\Users\Leif\Downloads\dellsystemdetect.application
2013-05-18 19:53 - 2013-05-18 19:53 - 00000000 ____D C:\Users\Leif\AppData\Local\Apps\2.0
2013-05-18 18:43 - 2013-05-18 18:44 - 00000000 ____D C:\Users\Leif\Downloads\Lincoln (2012)
2013-05-18 09:03 - 2013-05-19 13:47 - 00000000 ____D C:\Users\Leif\Downloads\Anna Karenina (2012)
2013-05-18 09:03 - 2013-05-18 09:11 - 00000000 ____D C:\Users\Leif\Downloads\Season 01
2013-05-17 20:59 - 2013-05-17 20:59 - 00000000 ___DC C:\8e44f19aa6b1e6f3dd12941843e40a
2013-05-17 17:02 - 2013-05-17 23:33 - 00000000 ___DC C:\a87326e228b9b4b893
2013-05-16 20:24 - 2013-05-16 20:24 - 01290368 ____A C:\Windows\Minidump\051613-51620-01.dmp
2013-05-16 20:23 - 2013-05-16 20:23 - 363204764 ____A C:\Windows\MEMORY.DMP
2013-05-14 20:53 - 2013-04-05 02:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-14 20:53 - 2013-04-05 02:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-14 20:53 - 2013-04-05 02:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-14 20:53 - 2013-04-05 01:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-14 20:53 - 2013-04-05 01:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-14 20:53 - 2013-04-05 00:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-14 20:53 - 2013-04-05 00:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-14 20:52 - 2013-04-05 02:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-14 20:52 - 2013-04-05 02:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-14 20:52 - 2013-04-05 02:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-14 20:52 - 2013-04-05 01:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-14 20:52 - 2013-04-05 01:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-14 20:52 - 2013-04-05 01:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-14 20:52 - 2013-04-04 23:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 20:52 - 2013-04-04 23:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-14 20:45 - 2013-04-10 02:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 20:45 - 2013-04-10 02:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 20:45 - 2013-04-09 23:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 20:45 - 2013-03-19 01:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 20:45 - 2013-03-19 01:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 20:45 - 2013-02-27 02:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 20:45 - 2013-02-27 01:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 20:45 - 2013-02-27 01:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 20:45 - 2013-02-27 01:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 20:45 - 2013-02-27 01:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 20:45 - 2013-02-27 00:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 20:45 - 2013-02-27 00:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 20:45 - 2013-02-27 00:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-14 20:45 - 2011-02-03 07:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-14 09:03 - 2013-05-14 09:03 - 00003584 ____A C:\Users\Mcx1-THELAPTOP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-14 00:12 - 2013-05-19 19:28 - 00000000 ____D C:\users\Mcx1-THELAPTOP
2013-05-14 00:12 - 2013-05-14 00:12 - 00000020 ___SH C:\Users\Mcx1-THELAPTOP\ntuser.ini
2013-05-14 00:12 - 2013-01-31 09:31 - 00000000 ____D C:\Users\Mcx1-THELAPTOP\AppData\Roaming\TuneUp Software
2013-05-14 00:12 - 2012-06-28 22:03 - 00000000 ____D C:\Users\Mcx1-THELAPTOP\AppData\Local\Google
2013-05-14 00:12 - 2012-06-15 19:23 - 00000000 ____D C:\Users\Mcx1-THELAPTOP\AppData\LocalGoogle
2013-05-14 00:12 - 2010-05-27 11:50 - 00000000 ____D C:\Users\Mcx1-THELAPTOP\AppData\Local\Microsoft Help
2013-05-14 00:12 - 2010-05-24 21:36 - 00000000 ____D C:\Users\Mcx1-THELAPTOP\AppData\Roaming\Macromedia
2013-05-13 22:34 - 2013-05-13 22:34 - 00000000 ____D C:\Users\Leif\AppData\Roaming\AVG2013
2013-05-13 22:27 - 2013-05-13 22:27 - 00000000 ____D C:\Users\Leif\AppData\Local\AVG SafeGuard toolbar
2013-05-13 22:26 - 2013-05-13 23:51 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-05-13 22:26 - 2013-05-13 22:26 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-05-13 22:22 - 2013-05-13 23:29 - 00000000 ____D C:\ProgramData\AVG2013
2013-05-13 22:11 - 2013-05-13 22:13 - 00000000 ____D C:\Users\Leif\Downloads\Game Of Thrones Season 1 - Complete
2013-05-13 22:01 - 2013-05-13 23:51 - 00000000 ____D C:\Program Files (x86)\Win7codecs
2013-05-13 21:57 - 2013-05-13 21:57 - 00000000 ____D C:\ProgramData\Win7codecs
2013-05-13 21:56 - 2013-05-13 23:50 - 00000000 ____D C:\Program Files\Shark007
2013-05-13 21:56 - 2013-05-13 21:56 - 00000000 ____D C:\Users\Leif\AppData\Roaming\Shark007
2013-05-13 21:56 - 2013-05-13 21:56 - 00000000 ____D C:\ProgramData\Shark007
2013-05-13 21:56 - 2013-04-17 19:01 - 01929216 ____A (xy-VSFilter Team) C:\Windows\System32\VSFilter.dll
2013-05-13 21:56 - 2013-04-05 21:27 - 02231296 ____A C:\Windows\System32\ac3filter.acm
2013-05-13 21:56 - 2013-03-17 10:22 - 03554304 ____A (x264vfw project) C:\Windows\System32\x264vfw.dll
2013-05-13 21:56 - 2012-12-13 23:59 - 00127488 ____A C:\Windows\System32\ff_vfw.dll
2013-05-13 21:56 - 2012-07-21 12:55 - 00180736 ____A (fccHandler) C:\Windows\System32\ac3acm.acm
2013-05-13 21:56 - 2012-07-21 12:54 - 00361472 ____A (fccHandler) C:\Windows\System32\aacacm.acm
2013-05-13 21:56 - 2012-07-17 15:21 - 00206336 ____A C:\Windows\System32\unrar64.dll
2013-05-13 21:56 - 2011-12-07 20:37 - 00148992 ____A ( ) C:\Windows\System32\lagarith.dll
2013-05-13 21:56 - 2009-01-22 22:51 - 00124909 ____A (Open Source Software community project) C:\Windows\System32\pthreadGC2.dll
2013-05-13 21:56 - 2007-02-05 17:05 - 00000038 ____A C:\Windows\AviSplitter.INI
2013-05-13 20:21 - 2013-05-13 20:22 - 00192325 ____A C:\Users\Leif\Downloads\[isoHunt] WrestleMania 1 To 26.torrent
2013-05-12 03:10 - 2013-05-12 03:11 - 00000362 _RASH C:\ProgramData\ntuser.pol
2013-05-06 23:34 - 2013-05-13 23:50 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-06 23:34 - 2013-05-06 23:34 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-06 23:34 - 2013-05-01 19:33 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-06 23:33 - 2013-05-11 10:33 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-05 13:13 - 2013-05-05 13:13 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-05 13:13 - 2013-05-05 13:13 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-05 13:13 - 2013-05-05 13:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-05 13:13 - 2013-05-05 13:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-05 13:13 - 2013-05-05 13:13 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-05 13:13 - 2013-05-05 13:13 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-05 13:13 - 2013-05-05 13:13 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-05 13:13 - 2013-05-05 13:13 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-05 13:13 - 2013-05-05 13:13 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-05 13:12 - 2013-05-05 13:12 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 13:09 - 2013-05-05 13:21 - 00008882 ____A C:\Windows\IE10_main.log
2013-05-05 12:44 - 2012-07-26 00:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-05-05 12:44 - 2012-07-26 00:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2013-05-05 12:44 - 2012-07-25 22:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2013-05-05 12:44 - 2012-06-02 10:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-05-05 12:31 - 2012-12-16 13:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-05-05 12:31 - 2012-12-16 10:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-05-05 12:31 - 2012-12-16 10:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-05-05 12:31 - 2012-12-16 10:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-05-05 12:30 - 2012-07-25 23:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2013-05-05 12:30 - 2012-07-25 23:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2013-05-05 12:30 - 2012-07-25 23:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2013-05-05 12:30 - 2012-07-25 23:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2013-05-05 12:30 - 2012-07-25 23:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2013-05-05 12:30 - 2012-07-25 22:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2013-05-05 12:30 - 2012-07-25 22:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2013-05-05 12:30 - 2012-06-02 10:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-05-05 12:27 - 2013-04-12 10:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-05 12:27 - 2013-03-19 02:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-05 12:27 - 2013-03-19 01:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-05-05 12:27 - 2013-03-19 01:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-05-05 12:27 - 2013-03-19 01:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-05-05 12:27 - 2013-03-19 00:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-05-05 12:27 - 2013-03-18 23:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-05-05 12:26 - 2013-02-12 00:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-05 12:26 - 2013-01-24 02:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-05-05 12:21 - 2013-05-05 12:21 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-05-05 12:16 - 2013-02-11 12:28 - 00038456 ____A (GFI Software) C:\Windows\System32\Drivers\gfiark.sys
2013-05-05 12:00 - 2013-05-05 12:57 - 00000000 ____D C:\Users\Leif\AppData\Roaming\Ad-Aware Antivirus
2013-05-04 11:33 - 2013-05-08 00:19 - 00000000 ____D C:\Qoobox
2013-05-04 11:32 - 2013-05-05 21:25 - 00000000 ____D C:\Windows\erdnt
2013-04-29 00:22 - 2013-05-28 23:49 - 00000000 ____D C:\Users\Leif\AppData\Roaming\BitTorrent
2013-04-28 20:14 - 2013-04-28 20:14 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus

==================== One Month Modified Files and Folders =======

2013-05-28 23:49 - 2013-04-29 00:22 - 00000000 ____D C:\Users\Leif\AppData\Roaming\BitTorrent
2013-05-28 23:49 - 2010-06-20 14:15 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-28 23:48 - 2013-05-20 18:53 - 00004200 ____A C:\Windows\setupact.log
2013-05-28 23:48 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-28 23:44 - 2010-04-08 22:47 - 01531506 ____A C:\Windows\WindowsUpdate.log
2013-05-28 23:44 - 2009-07-14 01:13 - 00786514 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-28 23:44 - 2009-07-14 00:45 - 00013792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-28 23:44 - 2009-07-14 00:45 - 00013792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-28 23:41 - 2010-06-20 14:15 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-28 23:34 - 2013-05-19 21:40 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-05-28 23:34 - 2012-09-20 18:14 - 00166346 ____A C:\Windows\PFRO.log
2013-05-28 23:31 - 2012-03-11 02:59 - 00000000 ____D C:\Users\Leif\Documents\Visual Studio 2005
2013-05-28 23:25 - 2013-05-28 23:23 - 00017045 ____A C:\Users\Leif\Desktop\Addition.txt
2013-05-28 23:22 - 2013-05-28 23:21 - 00890839 ____A C:\Users\Leif\Desktop\SecurityCheck.exe
2013-05-28 23:21 - 2012-06-14 03:53 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-28 23:20 - 2013-05-28 23:20 - 00000000 ___DC C:\FRST
2013-05-28 23:19 - 2013-05-28 23:19 - 01915774 ____A (Farbar) C:\Users\Leif\Desktop\FRST64.exe
2013-05-28 23:05 - 2011-12-07 23:38 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1007UA.job
2013-05-28 22:58 - 2010-05-29 17:30 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1000UA.job
2013-05-28 22:45 - 2010-08-09 21:50 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1001UA.job
2013-05-28 21:34 - 2011-12-08 00:08 - 00000000 ____D C:\Users\Leif\AppData\Roaming\Skype
2013-05-28 20:06 - 2012-10-15 04:11 - 00000000 ____D C:\Users\Leif\AppData\Local\POG
2013-05-28 20:02 - 2013-04-14 02:09 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-05-28 19:45 - 2010-08-09 21:50 - 00000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1001Core.job
2013-05-28 17:58 - 2010-05-29 17:30 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1000Core.job
2013-05-27 12:05 - 2011-12-07 23:38 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1007Core.job
2013-05-21 09:36 - 2010-12-19 14:12 - 00779128 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-20 23:24 - 2009-07-14 01:08 - 00032534 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-20 23:07 - 2013-05-20 21:53 - 00073884 ____A C:\Users\Leif\Downloads\OTL.Txt
2013-05-20 21:56 - 2013-05-20 21:56 - 00093816 ____A C:\Users\Leif\Downloads\Extras.Txt
2013-05-20 20:08 - 2013-05-20 20:08 - 00602112 ____A (OldTimer Tools) C:\Users\Leif\Downloads\OTL.exe
2013-05-20 17:34 - 2013-05-20 17:33 - 00042856 ____A C:\Users\Leif\Downloads\Personal.xlsx
2013-05-20 16:59 - 2012-09-20 00:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-05-20 08:28 - 2013-04-23 20:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-05-19 23:29 - 2013-05-19 23:29 - 00001087 ____A C:\Windows\wininit.ini
2013-05-19 21:34 - 2013-05-19 21:29 - 55454464 ____A (Safer-Networking Ltd. ) C:\Users\Leif\Downloads\SpybotSD2.exe
2013-05-19 19:29 - 2011-11-29 02:15 - 00000000 ____D C:\users\Leif
2013-05-19 19:28 - 2013-05-14 00:12 - 00000000 ____D C:\users\Mcx1-THELAPTOP
2013-05-19 19:28 - 2011-12-17 05:23 - 00000000 ____D C:\Users\Leif\AppData\Roaming\vlc
2013-05-19 19:28 - 2010-04-08 23:04 - 00000000 ____D C:\users\Olivia
2013-05-19 19:28 - 2010-04-08 22:47 - 00000000 ____D C:\users\Brandon
2013-05-19 19:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-05-19 19:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2013-05-19 16:48 - 2013-05-19 16:38 - 00588075 ____A (Safer-Networking Ltd. ) C:\Users\Leif\Downloads\Unconfirmed 198598.crdownload
2013-05-19 13:47 - 2013-05-18 09:03 - 00000000 ____D C:\Users\Leif\Downloads\Anna Karenina (2012)
2013-05-19 10:43 - 2013-05-19 10:43 - 00000000 ___DC C:\dell
2013-05-19 04:16 - 2013-05-19 02:35 - 00000000 ____D C:\Program Files\Dell Support Center
2013-05-19 02:36 - 2013-05-19 02:36 - 00000000 ____D C:\ProgramData\PCDr
2013-05-19 02:36 - 2011-11-29 02:15 - 00000000 ____D C:\Users\Leif\AppData\Roaming\Dell
2013-05-19 02:32 - 2013-05-19 02:32 - 00000000 ____D C:\Users\Leif\AppData\Roaming\PCDr
2013-05-19 02:31 - 2013-05-19 02:31 - 00038984 ____A (Dell Computer Corporation) C:\Users\Leif\Downloads\DellPCDiagnostics.exe
2013-05-18 22:21 - 2013-05-18 20:56 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-05-18 22:21 - 2012-06-26 18:59 - 00000000 ____D C:\ProgramData\McAfee
2013-05-18 20:56 - 2013-05-18 20:55 - 05102984 ____A (McAfee, Inc.) C:\Users\Leif\Downloads\McAfeeSetup.exe
2013-05-18 20:35 - 2013-05-18 20:35 - 00000000 ____D C:\ProgramData\APN
2013-05-18 20:27 - 2013-05-18 20:27 - 01611344 ____A (InstallX, LLC) C:\Users\Leif\Downloads\coretemp_1236.exe
2013-05-18 19:56 - 2013-05-18 19:53 - 00000000 ____D C:\Users\Leif\AppData\Local\Deployment
2013-05-18 19:53 - 2013-05-18 19:53 - 00010774 ____A C:\Users\Leif\Downloads\dellsystemdetect.application
2013-05-18 19:53 - 2013-05-18 19:53 - 00000000 ____D C:\Users\Leif\AppData\Local\Apps\2.0
2013-05-18 18:44 - 2013-05-18 18:43 - 00000000 ____D C:\Users\Leif\Downloads\Lincoln (2012)
2013-05-18 09:11 - 2013-05-18 09:03 - 00000000 ____D C:\Users\Leif\Downloads\Season 01
2013-05-18 07:57 - 2012-06-22 08:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-17 23:33 - 2013-05-17 17:02 - 00000000 ___DC C:\a87326e228b9b4b893
2013-05-17 21:33 - 2011-12-08 17:46 - 00012978 ____A C:\Users\Leif\AppData\Roaming\nvModes.001
2013-05-17 20:59 - 2013-05-17 20:59 - 00000000 ___DC C:\8e44f19aa6b1e6f3dd12941843e40a
2013-05-16 20:24 - 2013-05-16 20:24 - 01290368 ____A C:\Windows\Minidump\051613-51620-01.dmp
2013-05-16 20:24 - 2012-02-21 11:54 - 00000000 ____D C:\Windows\Minidump
2013-05-16 20:23 - 2013-05-16 20:23 - 363204764 ____A C:\Windows\MEMORY.DMP
2013-05-15 07:21 - 2012-06-14 03:53 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-15 07:21 - 2011-09-21 22:52 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-15 01:22 - 2011-07-28 21:24 - 00000000 ____D C:\Windows\rescache
2013-05-14 21:39 - 2009-07-14 00:45 - 05232176 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-14 21:06 - 2010-05-25 17:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-14 20:56 - 2010-05-25 16:59 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-14 09:03 - 2013-05-14 09:03 - 00003584 ____A C:\Users\Mcx1-THELAPTOP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-14 00:12 - 2013-05-14 00:12 - 00000020 ___SH C:\Users\Mcx1-THELAPTOP\ntuser.ini
2013-05-13 23:51 - 2013-05-13 22:26 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-05-13 23:51 - 2013-05-13 22:01 - 00000000 ____D C:\Program Files (x86)\Win7codecs
2013-05-13 23:51 - 2012-11-01 19:40 - 00000000 ____D C:\Users\Leif\Downloads\NES Emulator and 758 Roms (Kingdom-games by KloWn)
2013-05-13 23:51 - 2012-01-15 06:15 - 00000000 ____D C:\ProgramData\MFAData
2013-05-13 23:51 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-13 23:50 - 2013-05-13 21:56 - 00000000 ____D C:\Program Files\Shark007
2013-05-13 23:50 - 2013-05-06 23:34 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-13 23:50 - 2013-03-30 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-05-13 23:50 - 2013-03-15 07:02 - 00000000 ____D C:\Program Files\Process Hacker 2
2013-05-13 23:50 - 2013-03-14 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-13 23:29 - 2013-05-13 22:22 - 00000000 ____D C:\ProgramData\AVG2013
2013-05-13 23:21 - 2013-03-30 15:22 - 00000000 ____D C:\Users\Leif\AppData\Local\Avg2013
2013-05-13 22:34 - 2013-05-13 22:34 - 00000000 ____D C:\Users\Leif\AppData\Roaming\AVG2013
2013-05-13 22:27 - 2013-05-13 22:27 - 00000000 ____D C:\Users\Leif\AppData\Local\AVG SafeGuard toolbar
2013-05-13 22:26 - 2013-05-13 22:26 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-05-13 22:13 - 2013-05-13 22:11 - 00000000 ____D C:\Users\Leif\Downloads\Game Of Thrones Season 1 - Complete
2013-05-13 21:57 - 2013-05-13 21:57 - 00000000 ____D C:\ProgramData\Win7codecs
2013-05-13 21:56 - 2013-05-13 21:56 - 00000000 ____D C:\Users\Leif\AppData\Roaming\Shark007
2013-05-13 21:56 - 2013-05-13 21:56 - 00000000 ____D C:\ProgramData\Shark007
2013-05-13 20:22 - 2013-05-13 20:21 - 00192325 ____A C:\Users\Leif\Downloads\[isoHunt] WrestleMania 1 To 26.torrent
2013-05-12 10:14 - 2013-03-16 14:31 - 00077824 ____A C:\Users\Leif\Downloads\Sheepulator3point1.xls
2013-05-12 03:11 - 2013-05-12 03:10 - 00000362 _RASH C:\ProgramData\ntuser.pol
2013-05-12 03:10 - 2009-07-13 23:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2013-05-11 10:33 - 2013-05-06 23:33 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-11 10:21 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-05-11 10:18 - 2011-12-08 00:23 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-05-11 10:17 - 2010-07-17 23:14 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-05-11 10:14 - 2012-04-29 20:06 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-05-08 00:19 - 2013-05-04 11:33 - 00000000 ____D C:\Qoobox
2013-05-07 20:51 - 2012-07-06 02:17 - 00000000 ____D C:\Users\Leif\AppData\Roaming\tigerplayer
2013-05-06 23:49 - 2012-04-29 20:06 - 00000000 ____D C:\Program Files\WinRAR
2013-05-06 23:34 - 2013-05-06 23:34 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-05 23:47 - 2011-11-29 02:15 - 00111112 ____A C:\Users\Leif\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-05 21:26 - 2009-07-13 22:34 - 90882048 ____A C:\Windows\System32\config\SOFTWARE.bak
2013-05-05 21:26 - 2009-07-13 22:34 - 14942208 ____A C:\Windows\System32\config\SYSTEM.bak
2013-05-05 21:26 - 2009-07-13 22:34 - 04845568 ____A C:\Windows\System32\config\DEFAULT.bak
2013-05-05 21:26 - 2009-07-13 22:34 - 00135168 ____A C:\Windows\System32\config\SAM.bak
2013-05-05 21:26 - 2009-07-13 22:34 - 00032768 ____A C:\Windows\System32\config\SECURITY.bak
2013-05-05 21:26 - 2009-07-13 22:34 - 00000215 ____A C:\Windows\system.ini
2013-05-05 21:25 - 2013-05-04 11:32 - 00000000 ____D C:\Windows\erdnt
2013-05-05 13:24 - 2010-04-08 23:32 - 00000000 ____D C:\Windows\Panther
2013-05-05 13:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-05 13:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-05 13:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-05 13:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-05 13:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-05 13:21 - 2013-05-05 13:09 - 00008882 ____A C:\Windows\IE10_main.log
2013-05-05 13:13 - 2013-05-05 13:13 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-05 13:13 - 2013-05-05 13:13 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-05 13:13 - 2013-05-05 13:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-05 13:13 - 2013-05-05 13:13 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-05 13:13 - 2013-05-05 13:13 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-05 13:13 - 2013-05-05 13:13 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-05 13:13 - 2013-05-05 13:13 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-05 13:13 - 2013-05-05 13:13 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-05 13:13 - 2013-05-05 13:13 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-05 13:13 - 2013-05-05 13:13 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-05 13:13 - 2013-05-05 13:13 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-05 13:12 - 2013-05-05 13:12 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 13:12 - 2013-05-05 13:12 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 12:57 - 2013-05-05 12:00 - 00000000 ____D C:\Users\Leif\AppData\Roaming\Ad-Aware Antivirus
2013-05-05 12:21 - 2013-05-05 12:21 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-05-05 12:08 - 2012-03-25 13:24 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-05-05 12:08 - 2011-12-08 00:08 - 00000000 ____D C:\ProgramData\Skype
2013-05-04 13:06 - 2011-11-29 02:15 - 00000000 ____D C:\Users\Leif\AppData\Local\VirtualStore
2013-05-04 06:03 - 2012-11-01 19:39 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2013-05-02 02:06 - 2010-04-08 23:15 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-05-01 19:33 - 2013-05-06 23:34 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-04-28 20:14 - 2013-04-28 20:14 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-24 02:21

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-05-2013
Ran by Leif at 2013-05-28 23:23:27 Run:
Running from C:\Users\Leif\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Setup (Version: 1.0)
Amazon Kindle
BitTorrent (Version: 7.8.0.29626)
Core Temp 1.0 RC5 (Version: 1.0)
Dell Support Center (Version: 3.2.6032.125)
Dell System Detect (Version: 4.0.5.6)
doubleTwist (Version: 3.2.1.14961)
Eraser 6.0.8.2273 (Version: 6.0.2273)
FennecFox (Version: 1.0.25)
Google Chrome (Version: 27.0.1453.94)
Google Drive (Version: 1.9.4536.8202)
Google Update Helper (Version: 1.3.21.145)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
Internet Explorer Toolbar 4.8 by SweetPacks (Version: 4.8.0000)
IU Secure Configuration Wizard for Windows 7 (Version: 1.1.3.0)
Macromedia Extension Manager (Version: 1.7.240)
Macromedia Flash 8 Video Encoder (Version: 1.00.0000)
Magic Online (Version: 3.00.0000)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MpcStar 5.4 (Version: 5.4)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetBeans IDE 7.0 (Version: 7.0)
NVIDIA Drivers (Version: 1.3)
Process Hacker 2.30 (r5267) (Version: 2.30.0.5267)
QuickSet (Version: 8.2.14)
Security Task Manager 1.8g (Version: 1.8g)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.3 (Version: 6.3.105)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC (Version: 1.0.0.0)
VLC media player 2.0.6 (Version: 2.0.6)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 5.00 beta 2 (64-bit) (Version: 5.00.2)
x64 Components v4.1.1 (Version: 4.1.1)

==================== Restore Points =========================

27-05-2013 20:29:59 Scheduled Checkpoint
28-05-2013 08:30:13 Windows Update

==================== Faulty Device Manager Devices =============

Name: Broadcom NetXtreme 57xx Gigabit Controller
Description: Broadcom NetXtreme 57xx Gigabit Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2013 08:46:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: SDTray.exe, version: 2.0.12.127, time stamp: 0x50a24635
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x03464010
Faulting process id: 0xa9c
Faulting application start time: 0xSDTray.exe0
Faulting application path: SDTray.exe1
Faulting module path: SDTray.exe2
Report Id: SDTray.exe3

Error: (05/19/2013 07:20:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.


Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (05/18/2013 09:18:58 PM) (Source: MsiInstaller) (User: TheLaptop)
Description: Product: Shared C Run-time for x64 -- Error 1704. An installation for Microsoft .NET Framework 4.5 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (05/13/2013 09:58:56 PM) (Source: MsiInstaller) (User: TheLaptop)
Description: Product: Win7codecs -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (05/13/2013 09:58:33 PM) (Source: MsiInstaller) (User: TheLaptop)
Description: Product: Win7codecs -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (05/13/2013 09:58:32 PM) (Source: MsiInstaller) (User: TheLaptop)
Description: Product: Win7codecs -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (05/13/2013 09:58:30 PM) (Source: MsiInstaller) (User: TheLaptop)
Description: Product: Win7codecs -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (05/13/2013 09:58:29 PM) (Source: MsiInstaller) (User: TheLaptop)
Description: Product: Win7codecs -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (05/11/2013 10:23:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Wacom Virtual Hid Driver.

System Error:
The system cannot find the file specified.
.

Error: (05/11/2013 10:23:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Wacom Mouse Filter Driver.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (05/28/2013 05:08:58 PM) (Source: Service Control Manager) (User: )
Description: The SigmaTel Audio Service service failed to start due to the following error:
%%2

Error: (05/28/2013 05:08:55 PM) (Source: Service Control Manager) (User: )
Description: The LicCtrl Service service failed to start due to the following error:
%%5

Error: (05/28/2013 05:07:06 PM) (Source: Service Control Manager) (User: )
Description: The Dell Internal Network Card Power Management service terminated unexpectedly. It has done this 1 time(s).

Error: (05/28/2013 04:53:05 PM) (Source: Service Control Manager) (User: )
Description: The SigmaTel Audio Service service failed to start due to the following error:
%%2

Error: (05/28/2013 04:53:00 PM) (Source: Service Control Manager) (User: )
Description: The LicCtrl Service service failed to start due to the following error:
%%5

Error: (05/28/2013 09:41:25 AM) (Source: Service Control Manager) (User: )
Description: The Dell Internal Network Card Power Management service terminated unexpectedly. It has done this 1 time(s).

Error: (05/27/2013 11:52:10 PM) (Source: Service Control Manager) (User: )
Description: The SigmaTel Audio Service service failed to start due to the following error:
%%2

Error: (05/27/2013 11:52:05 PM) (Source: Service Control Manager) (User: )
Description: The LicCtrl Service service failed to start due to the following error:
%%5

Error: (05/27/2013 11:44:48 PM) (Source: Service Control Manager) (User: )
Description: The Dell Internal Network Card Power Management service terminated unexpectedly. It has done this 1 time(s).

Error: (05/27/2013 11:44:21 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (07/19/2010 11:11:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-05-05 21:24:58.917
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 21:24:58.729
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 21:24:58.542
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 21:24:58.355
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 21:17:24.410
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 21:17:24.223
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 21:17:24.051
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 21:17:23.864
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 13:38:33.593
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-05 13:38:33.359
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 3326.12 MB
Available physical RAM: 1369.26 MB
Total Pagefile: 6650.43 MB
Available Pagefile: 4294.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.53 GB) (Free:23.83 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: C239C239)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Results of screen317's Security Check version 0.99.64
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 11.7.700.202
Adobe Reader XI
Google Chrome 26.0.1410.64
Google Chrome 27.0.1453.94
Google Chrome Plugins...
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello LKJ1,

I am curious, has there been any change in your machine since you uninstalled SAS and Spybot Search and Destroy? Tell me when you come back.

For now

Please download Farbar Service Scanner and run.

  • Make sure the following options are checked:


  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Other Services

[*]Press Scan
[*]A log (FSS.txt) will be created in the same directory the tool is run.
[*]Copy and paste the log back here.
[/list]
  • 0

#5
LKJ1

LKJ1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
No improvement or change that I can notice since uninstalling SAS/Spybot.

Farbar Service Scanner Version: 25-05-2013
Ran by Leif (administrator) on 29-05-2013 at 23:39:36
Running from "C:\Users\Leif\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Google.com is offline
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello LKJ1,

I see this in Farbars Recovery Scan log.

==================== Faulty Device Manager Devices =============

Name: Broadcom NetXtreme 57xx Gigabit Controller
Description: Broadcom NetXtreme 57xx Gigabit Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


It's one of the reasons I asked you to run Farbars Services Scan to see if anything there wasn't working correctly. It all looked okay but I am still left wondering whether this being disabled is causing your problem. Go to Control Panel > Device Manager (set your Control Panel to large icons - top right for easy access to Device Manager) and check out what it says. If necessary Enable the Device to see if that helps with your problem.

Next

It looks like you have run ComboFix at some stage. It would be good to see a log from it to see what, if anything, it found.

Click on Start > Search programs and files and navigate to:

:\Qoobox folder (most likely C:\Qoobox\ComboFix.txt) and pasting the contents of the text file back here.

Note: ComboFix.txt are numbered so if there was more than one run for instance you might find C:\Qoobox\ComboFix2.txt. etc.

Copy and paste the contents back here.

Finally in this post

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

  • 0

#7
LKJ1

LKJ1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Enabling the Broadcom device didn't make a noticeable difference. The computer is crawling pretty badly.

Unfortunately there doesn't seem to be a combofix.txt anywhere on my computer. I put out a search for the whole thing.

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=33eaae205465824d8493ec5b849b7199
# engine=13977
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-06-03 12:10:40
# local_time=2013-06-03 08:10:40 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 0 121804890 0 0
# scanned=136438
# found=0
# cleaned=0
# scan_time=25947
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=33eaae205465824d8493ec5b849b7199
# engine=14009
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-06-06 01:02:04
# local_time=2013-06-06 09:02:04 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 0 122067174 0 0
# scanned=228499
# found=0
# cleaned=0
# scan_time=7600
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Unfortunately there doesn't seem to be a combofix.txt anywhere on my computer.


Let's do this then.

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#9
LKJ1

LKJ1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
ComboFix 13-06-06.04 - Leif 06/06/2013 20:26:07.4.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3326.2092 [GMT -4:00]
Running from: c:\users\Leif\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\boost_interprocess\20130520080240.375199
.
.
((((((((((((((((((((((((( Files Created from 2013-05-07 to 2013-06-07 )))))))))))))))))))))))))))))))
.
.
2013-06-07 01:02 . 2013-06-07 01:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-06-07 01:02 . 2013-06-07 01:02 -------- d-----w- c:\users\Olivia\AppData\Local\temp
2013-06-07 01:02 . 2013-06-07 01:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-07 01:02 . 2013-06-07 01:02 -------- d-----w- c:\users\Brandon\AppData\Local\temp
2013-06-06 07:45 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D8762850-74E5-4348-B3D6-4EF2806C3BAD}\mpengine.dll
2013-05-30 04:48 . 2013-05-30 04:48 -------- d-----w- c:\program files (x86)\ESET
2013-05-29 03:20 . 2013-05-29 03:20 -------- dc----w- C:\FRST
2013-05-20 01:40 . 2013-05-29 03:34 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-05-19 14:43 . 2013-05-19 14:43 -------- dc----w- C:\dell
2013-05-19 06:36 . 2013-05-19 06:36 -------- d-----w- c:\programdata\PCDr
2013-05-19 06:35 . 2013-05-19 08:16 -------- d-----w- c:\program files\Dell Support Center
2013-05-19 06:32 . 2013-05-19 06:32 -------- d-----w- c:\users\Leif\AppData\Roaming\PCDr
2013-05-19 01:31 . 2013-05-19 01:36 -------- d-----w- c:\program files\Core Temp
2013-05-19 00:56 . 2013-05-19 02:21 -------- d-----w- c:\program files\Common Files\McAfee
2013-05-19 00:35 . 2013-05-19 00:35 -------- d-----w- c:\programdata\APN
2013-05-18 23:53 . 2013-05-18 23:56 -------- d-----w- c:\users\Leif\AppData\Local\Deployment
2013-05-18 23:53 . 2013-05-18 23:53 -------- d-----w- c:\users\Leif\AppData\Local\Apps
2013-05-18 00:59 . 2013-05-18 00:59 -------- dc----w- C:\8e44f19aa6b1e6f3dd12941843e40a
2013-05-17 21:02 . 2013-05-18 03:33 -------- dc----w- C:\a87326e228b9b4b893
2013-05-17 20:50 . 2013-05-17 20:50 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-05-17 20:49 . 2013-05-17 20:49 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-05-15 00:52 . 2013-04-05 06:50 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-05-15 00:45 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-14 04:12 . 2013-05-19 23:28 -------- d-----w- c:\users\Mcx1-THELAPTOP
2013-05-14 02:34 . 2013-05-14 02:34 -------- d-----w- c:\users\Leif\AppData\Roaming\AVG2013
2013-05-14 02:27 . 2013-05-14 02:27 -------- d-----w- c:\users\Leif\AppData\Local\AVG SafeGuard toolbar
2013-05-14 02:26 . 2013-05-14 02:26 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-05-14 02:26 . 2013-05-14 03:51 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2013-05-14 02:26 . 2013-05-14 03:51 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar
2013-05-14 02:22 . 2013-05-14 03:29 -------- d-----w- c:\programdata\AVG2013
2013-05-14 02:01 . 2013-05-14 03:51 -------- d-----w- c:\program files (x86)\Win7codecs
2013-05-14 01:57 . 2013-05-14 01:57 -------- d-----w- c:\programdata\Win7codecs
2013-05-14 01:56 . 2013-05-14 01:56 -------- d-----w- c:\users\Leif\AppData\Roaming\Shark007
2013-05-14 01:56 . 2013-05-14 01:56 -------- d-----w- c:\programdata\Shark007
2013-05-14 01:56 . 2013-04-06 01:27 2231296 ----a-w- c:\windows\system32\ac3filter.acm
2013-05-14 01:56 . 2013-03-17 14:22 3554304 ----a-w- c:\windows\system32\x264vfw.dll
2013-05-14 01:56 . 2012-07-21 16:55 180736 ----a-w- c:\windows\system32\ac3acm.acm
2013-05-14 01:56 . 2012-07-21 16:54 361472 ----a-w- c:\windows\system32\aacacm.acm
2013-05-14 01:56 . 2012-07-17 19:21 206336 ----a-w- c:\windows\system32\unrar64.dll
2013-05-14 01:56 . 2011-12-08 00:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2013-05-14 01:56 . 2013-05-14 03:50 -------- d-----w- c:\program files\Shark007
2013-05-14 01:56 . 2013-04-17 23:01 1929216 ----a-w- c:\windows\system32\VSFilter.dll
2013-05-14 01:56 . 2012-12-14 03:59 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2013-05-14 01:56 . 2009-01-23 02:51 124909 ----a-w- c:\windows\system32\pthreadGC2.dll
2013-05-12 07:14 . 2013-05-12 07:14 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-05-12 07:13 . 2013-05-12 07:13 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-05-12 07:12 . 2013-05-12 07:12 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-05-12 07:12 . 2013-05-12 07:12 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 11:21 . 2012-06-14 07:53 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 11:21 . 2011-09-22 02:52 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 00:56 . 2010-05-25 20:59 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-05 17:13 . 2013-05-05 17:13 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-05 17:13 . 2013-05-05 17:13 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-05 17:13 . 2013-05-05 17:13 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-05 17:13 . 2013-05-05 17:13 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-05 17:13 . 2013-05-05 17:13 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-05 17:13 . 2013-05-05 17:13 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-05 17:13 . 2013-05-05 17:13 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-05 17:13 . 2013-05-05 17:13 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-05 17:13 . 2013-05-05 17:13 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-05 17:13 . 2013-05-05 17:13 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-05 17:13 . 2013-05-05 17:13 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-05 17:13 . 2013-05-05 17:13 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-05 17:13 . 2013-05-05 17:13 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-05 17:13 . 2013-05-05 17:13 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-05 17:13 . 2013-05-05 17:13 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-05 17:13 . 2013-05-05 17:13 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-05 17:13 . 2013-05-05 17:13 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-05 17:13 . 2013-05-05 17:13 441856 ----a-w- c:\windows\system32\html.iec
2013-05-05 17:13 . 2013-05-05 17:13 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-05 17:13 . 2013-05-05 17:13 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-05 17:13 . 2013-05-05 17:13 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-05 17:13 . 2013-05-05 17:13 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-05 17:13 . 2013-05-05 17:13 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-05 17:13 . 2013-05-05 17:13 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-05 17:13 . 2013-05-05 17:13 235008 ----a-w- c:\windows\system32\url.dll
2013-05-05 17:13 . 2013-05-05 17:13 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-05 17:13 . 2013-05-05 17:13 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-05 17:13 . 2013-05-05 17:13 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-05 17:13 . 2013-05-05 17:13 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-05 17:13 . 2013-05-05 17:13 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-05 17:13 . 2013-05-05 17:13 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-05 17:13 . 2013-05-05 17:13 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-05 17:13 . 2013-05-05 17:13 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-05 17:13 . 2013-05-05 17:13 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-05 17:13 . 2013-05-05 17:13 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-05 17:13 . 2013-05-05 17:13 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-05 17:13 . 2013-05-05 17:13 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-05 17:13 . 2013-05-05 17:13 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-05 17:13 . 2013-05-05 17:13 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-05 17:13 . 2013-05-05 17:13 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-05 17:13 . 2013-05-05 17:13 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-05 17:13 . 2013-05-05 17:13 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-05 17:13 . 2013-05-05 17:13 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-05 17:13 . 2013-05-05 17:13 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-05 17:13 . 2013-05-05 17:13 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-05 17:13 . 2013-05-05 17:13 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-05 17:13 . 2013-05-05 17:13 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-05 17:13 . 2013-05-05 17:13 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-05 17:13 . 2013-05-05 17:13 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-05 17:12 . 2013-05-05 17:12 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-05 17:12 . 2013-05-05 17:12 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-05 17:12 . 2013-05-05 17:12 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-05 17:12 . 2013-05-05 17:12 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-05 17:12 . 2013-05-05 17:12 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-05 17:12 . 2013-05-05 17:12 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-05 17:12 . 2013-05-05 17:12 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-05 17:12 . 2013-05-05 17:12 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-05 17:12 . 2013-05-05 17:12 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-05 17:12 . 2013-05-05 17:12 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-05 17:12 . 2013-05-05 17:12 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-05 17:12 . 2013-05-05 17:12 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-05-05 17:12 . 2013-05-05 17:12 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-05 17:12 . 2013-05-05 17:12 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-05 17:12 . 2013-05-05 17:12 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-05 17:12 . 2013-05-05 17:12 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-05-05 17:12 . 2013-05-05 17:12 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-05-05 17:12 . 2013-05-05 17:12 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-05 17:12 . 2013-05-05 17:12 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-05-05 17:12 . 2013-05-05 17:12 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-05-05 17:12 . 2013-05-05 17:12 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-05 17:12 . 2013-05-05 17:12 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-05-05 17:12 . 2013-05-05 17:12 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-05-05 17:12 . 2013-05-05 17:12 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-05-05 17:12 . 2013-05-05 17:12 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-05-05 17:12 . 2013-05-05 17:12 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-05 17:12 . 2013-05-05 17:12 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-05-05 17:12 . 2013-05-05 17:12 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-05-05 17:12 . 2013-05-05 17:12 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-05-05 17:12 . 2013-05-05 17:12 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-05-05 17:12 . 2013-05-05 17:12 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-05-05 17:12 . 2013-05-05 17:12 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-05-05 17:12 . 2013-05-05 17:12 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E37A51403E0901EFADCF5F905F031FF1"="c:\users\Leif\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-05-29 825808]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2013-05-04 882520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"UseDefaultTile"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe;c:\windows\runservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys;c:\windows\SYSNATIVE\drivers\iPodDrv.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 11:21]
.
2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-20 16:35]
.
2013-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-20 16:35]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1000Core.job
- c:\users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-29 21:30]
.
2013-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1000UA.job
- c:\users\Brandon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-29 21:30]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1001Core.job
- c:\users\Olivia\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 16:35]
.
2013-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1001UA.job
- c:\users\Olivia\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 16:35]
.
2013-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1007Core.job
- c:\users\Leif\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-08 00:53]
.
2013-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2843535265-2569411029-2803410035-1007UA.job
- c:\users\Leif\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-08 00:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 20:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 20:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 20:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 20:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 15960096]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 82464]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={91D6AD56-BC39-11E2-AAED-BD1A4BEE5AA3}
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={91D6AD56-BC39-11E2-AAED-BD1A4BEE5AA3}
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.254
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
AddRemove-Ad-Aware Browsing Protection - c:\programdata\Ad-Aware Browsing Protection\uninstall.exe
AddRemove-Toolbar Cleaner - c:\program files (x86)\Toolbar Cleaner\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&[email protected]^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB]
"1"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,d6,9f,52,ce,23,dc,1a,
c2
"2"=hex:d1,c8,c3,5e,08,10,b9,8f,1e,fd,a6,7c,f5,6d,b0,f3,a6,71,8f,f8,ab,bd,bd,
76,64,10,04,f0,92,77,f9,20
"3"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,ac,98,11,9b,be,95,83,
07,ae,ba,7e,d8,e6,d6,56,50,c4,dc,bb,7b,18,78,a4,de,04,5c,25,4e,9f,d7,39,6d
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&[email protected]^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\0ECC3A43B9416605BEB3AE7E61B07718]
"1"=hex:47,e4,6c,02,68,b4,3b,2b,30,11,db,3c,35,63,21,d4,11,b1,7e,c5,ed,aa,8e,
1a,42,2c,55,e0,34,81,ae,ca
"2"=hex:ff,46,a9,cd,53,d2,ef,98
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,3c,25,e7,95,a9,cd,5a,04,d8,11,f9,4b,18,84,5b,
68,32,26,87,43,3a,f6,ad,36,08,05,cc,98,27,65,d0,68
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&[email protected]^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\7BF9E831E71B650D9FD9ADA9E13AF2CA]
"1"=hex:47,e4,6c,02,68,b4,3b,2b,30,11,db,3c,35,63,21,d4,11,b1,7e,c5,ed,aa,8e,
1a,3b,92,af,55,30,f0,da,a7
"2"=hex:03,13,8a,80,bd,85,45,8e
"3"=hex:dd,cb,21,1e,e7,c6,f9,38,4e,f6,95,01,ca,de,8c,72,47,1e,85,e5,01,22,72,
1d,8b,65,c1,ff,f7,60,3f,20,66,97,ab,a6,c9,61,24,c2,fa,d4,08,7b,03,4f,82,e8,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:47,e4,6c,02,68,b4,3b,2b,30,11,db,3c,35,63,21,d4,11,b1,7e,c5,ed,aa,8e,
1a,3b,4c,a5,6a,61,cc,97,0a,ef,ea,4c,5f,5e,2a,77,04,bd,0d,fb,7c,9b,f7,22,50,\
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,3c,25,e7,95,a9,cd,5a,04,0a,ef,ab,a3,bc,d5,ff,
d9,5f,e7,cb,5e,09,e4,0e,eb,84,1a,55,8c,ca,0a,7c,04
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:2b,9c,e6,05,8f,cf,67,1a,e0,1d,15,74,cf,44,69,c7,30,4e,92,1a,47,c3,9a,
85,ec,3d,06,41,65,2a,70,a0,69,5a,ea,9c,a8,76,fd,fe,ad,a6,bf,62,e8,f7,91,b7,\
"13"=hex:66,65,f7,13,d6,af,bb,e9,19,d4,4c,0b,86,07,ce,13,1c,f2,eb,f7,57,6e,cc,
2e
"14"=hex:ba,85,02,1c,74,a4,05,40
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:6d,64,18,e2,4e,f0,ef,7b,26,a3,9f,74,e7,82,77,a1
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:bf,13,a5,b4,8f,cf,cd,a5,a7,43,27,8d,5b,1e,bb,59,47,00,f7,39,7e,3c,70,
0c,0f,a1,cc,ae,ca,01,08,2a,fa,05,61,b6,d0,f4,d1,42,fa,9c,1e,d1,3e,8b,93,2f,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-06 21:27:08
ComboFix-quarantined-files.txt 2013-06-07 01:27
.
Pre-Run: 25,528,025,088 bytes free
Post-Run: 25,417,265,152 bytes free
.
- - End Of File - - 366E3B140B292450486FEA7979057F32
  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
  • 0

Advertisements


#11
LKJ1

LKJ1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.06.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Leif :: THELAPTOP [administrator]

6/6/2013 9:54:40 PM
mbam-log-2013-06-06 (21-54-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 297189
Time elapsed: 21 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
How is your machine now?
  • 0

#13
LKJ1

LKJ1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Really no better, unfortunately.

To help give a better picture: the computer seems to overheat somewhat easily. I took a gas duster to it but it didn't seem to do much to curb the problem. When I shut it down overnight and boot it up cold in the morning it usually works quickly enough for a short time, but not really for a long time. I'm hoping it's not purely a hardware issue, but there's a chance it could be.
  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Let's see if this makes a difference.

Please download AdwCleaner from here to your desktop
  • Click on the green downward facing arrow on the right to commence download.
  • Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this.

On reboot a log will be produced please post that back here.
  • 0

#15
LKJ1

LKJ1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
# AdwCleaner v2.302 - Logfile created 06/07/2013 at 17:25:14
# Updated 06/06/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Leif - THELAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Leif\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843
Key Deleted : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={91D6AD56-BC39-11E2-AAED-BD1A4BEE5AA3} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10043&barid={91D6AD56-BC39-11E2-AAED-BD1A4BEE5AA3} --> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.110

File : C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Olivia\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Leif\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1384 octets] - [06/02/2013 18:25:38]
AdwCleaner[R2].txt - [1119 octets] - [18/04/2013 16:45:03]
AdwCleaner[R3].txt - [3681 octets] - [07/06/2013 17:19:58]
AdwCleaner[S1].txt - [1301 octets] - [18/04/2013 16:06:55]
AdwCleaner[S2].txt - [607 octets] - [18/04/2013 16:50:10]
AdwCleaner[S3].txt - [1239 octets] - [18/04/2013 17:02:55]
AdwCleaner[S4].txt - [3585 octets] - [07/06/2013 17:25:14]

########## EOF - C:\AdwCle aner[S4].txt - [3645 octets] ##########
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP