Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Antivirus Programs do not respond (HELP)

Started by JakeGallant , Aug 20 2013 02:17 PM

  • Please log in to reply

#1
JakeGallant
Posted 20 August 2013 - 02:17 PM

JakeGallant

    New Member

  • Member
  • Pip
  • 1 posts
I am not entirely sure of how this problem arose, this is a relatively new Dell XPS 15. The suspected virus/malware prevents me from accessing my Mcafee security center and essentially disabled my firewall. Thinking it was just a problem with Mcafee i uninstalled in using a specified Mcafee uninstall program as there seemed no other way to get rid of it. But after downloading another antivirus program (AVG) i learned that it prevents me from accessing any antivirus program. Any help with this issue would be greatly appreciated as ive grown very frustrated with my brand new laptop.

As instructed here is a copy of the OTL scan i just ran.

OTL logfile created on: 8/20/2013 4:08:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jake\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.90 Gb Total Physical Memory | 13.35 Gb Available Physical Memory | 84.00% Memory free
31.79 Gb Paging File | 29.05 Gb Available in Paging File | 91.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684.96 Gb Total Space | 616.79 Gb Free Space | 90.05% Space Free | Partition Type: NTFS

Computer Name: JAKES-PC | User Name: Jake | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/20 16:07:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jake\Downloads\OTL.exe
PRC - [2013/07/25 13:40:02 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2013/07/24 20:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/16 10:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/01/27 18:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 23:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2012/01/26 23:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/11 19:05:00 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/11/17 12:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/10/01 18:55:28 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009/06/24 18:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/20 07:44:56 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\812ec1c77a1cb0fd7b2a67adeb994244\System.ServiceModel.Web.ni.dll
MOD - [2013/08/20 07:26:21 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\65af8f3de167c79ce19a3094aea30096\System.WorkflowServices.ni.dll
MOD - [2013/08/20 07:25:57 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c8ebe1bcee19f2a9ae9331eb860a3748\System.IdentityModel.ni.dll
MOD - [2013/08/20 07:25:56 | 017,477,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7325e254b75c1bc559633857d1ff867f\System.ServiceModel.ni.dll
MOD - [2013/08/20 07:21:13 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8dc1c182cd1f10cd2abcfecd01fe9eeb\System.Web.ni.dll
MOD - [2013/08/18 05:02:34 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
MOD - [2013/08/18 05:02:34 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\1327ad2637aab17189c5461fbf30dc19\SMDiagnostics.ni.dll
MOD - [2013/08/18 05:02:32 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\245d1e603b9f9a15d8934c4f1bbe55ee\System.Xml.Linq.ni.dll
MOD - [2013/08/18 05:02:30 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\9e38ddbb3a90cc3e782a0640788b1fcb\System.Core.ni.dll
MOD - [2013/08/18 05:02:27 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/08/18 05:02:10 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\930e99b2f62cea8c4aa070527d15f748\PresentationFramework.ni.dll
MOD - [2013/08/18 05:02:02 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/18 05:01:57 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/18 05:01:55 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\585b8f6cc7ba86886462d0dc9753c98f\PresentationCore.ni.dll
MOD - [2013/08/18 05:01:49 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/18 05:01:45 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/18 05:01:43 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/18 05:01:42 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/18 05:01:39 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/24 20:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/24 20:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/24 20:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/24 20:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/24 20:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/24 20:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2012/01/26 23:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/02/19 01:37:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/11/25 00:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 12:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/19 13:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/07/26 18:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/25 13:40:02 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/16 10:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/11 20:04:58 | 000,248,304 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010/11/25 07:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 07:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/10 01:32:38 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/06/14 07:40:22 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV:64bit: - [2013/03/21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/19 13:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/02/19 13:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/02/19 13:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/02/18 09:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/09/04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/19 01:37:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/22 02:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/17 10:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/13 10:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/11/30 15:02:54 | 000,412,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 06:23:18 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 18:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/08/20 15:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/07/26 22:41:28 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/07/12 20:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010/03/19 05:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 15:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 06:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FB 75 98 67 CB 9D CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: i-beta = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd\0.1.3_0\
CHR - Extension: Gmail = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.233.167.167 24.233.167.168
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6517D8B2-6577-4F56-860B-F300AD2EBA41}: DhcpNameServer = 24.233.167.167 24.233.167.168
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/20 16:00:41 | 000,000,000 | ---D | C] -- C:\FRST
[2013/08/20 14:04:46 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\AVG2013
[2013/08/20 14:02:32 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\TuneUp Software
[2013/08/20 14:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/08/20 14:01:22 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/08/20 14:01:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/08/20 14:00:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/08/20 13:50:20 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\MFAData
[2013/08/20 13:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/08/20 13:50:20 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Avg2013
[2013/08/20 13:43:45 | 000,182,752 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2013/08/20 13:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/08/20 12:14:28 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\SpeedyPC Software
[2013/08/20 12:14:28 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\DriverCure
[2013/08/20 12:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013/08/20 11:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2013/08/20 11:22:10 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\MigWiz
[2013/08/20 10:20:49 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Malwarebytes
[2013/08/20 10:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/20 10:20:13 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Programs
[2013/08/20 10:17:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/08/20 10:14:14 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Google
[2013/08/20 10:11:38 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Roxio
[2013/08/20 10:11:32 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Adobe
[2013/08/20 10:11:23 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/08/20 10:11:23 | 000,000,000 | R--D | C] -- C:\Users\Jake\Searches
[2013/08/20 10:11:23 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/08/20 10:11:23 | 000,000,000 | -H-D | C] -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/08/20 10:11:17 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Identities
[2013/08/20 10:11:16 | 000,000,000 | R--D | C] -- C:\Users\Jake\Contacts
[2013/08/20 10:11:14 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\VirtualStore
[2013/08/20 10:10:43 | 000,000,000 | --SD | C] -- C:\Users\Jake\AppData\Roaming\Microsoft
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Videos
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Saved Games
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Pictures
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Music
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Links
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Favorites
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Downloads
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Documents
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\Desktop
[2013/08/20 10:10:43 | 000,000,000 | R--D | C] -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\AppData\Local\Temporary Internet Files
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Templates
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Start Menu
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\SendTo
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Recent
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\PrintHood
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\NetHood
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Documents\My Videos
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Documents\My Pictures
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Documents\My Music
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\My Documents
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Local Settings
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\AppData\Local\History
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Cookies
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\Application Data
[2013/08/20 10:10:43 | 000,000,000 | -HSD | C] -- C:\Users\Jake\AppData\Local\Application Data
[2013/08/20 10:10:43 | 000,000,000 | -H-D | C] -- C:\Users\Jake\AppData
[2013/08/20 10:10:43 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Temp
[2013/08/20 10:10:43 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\SoftThinks
[2013/08/20 10:10:43 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\Microsoft
[2013/08/20 10:10:43 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Media Center Programs
[2013/08/19 22:42:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/19 03:00:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/08/18 16:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/08/18 16:10:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013/08/18 15:55:45 | 000,019,392 | ---- | C] (Dll-Files.com) -- C:\Windows\SysNative\roboot64.exe
[2013/08/18 15:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013/08/18 15:42:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/08/18 15:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2013/08/18 15:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Elder Scrolls V Skyrim
[2013/08/18 04:54:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/08/18 04:54:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/08/18 03:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/08/18 03:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/08/18 03:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/08/17 20:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2013/08/17 19:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/08/17 18:30:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/08/17 18:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-beta
[2013/08/17 18:24:12 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013/08/17 18:24:03 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2013/08/17 18:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/08/17 18:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/08/17 18:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/08/17 17:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/08/17 16:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/08/17 16:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/08/16 20:04:35 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2013/08/16 18:40:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/08/16 18:31:43 | 000,000,000 | ---D | C] -- C:\McAfeePromo
[2013/08/16 18:14:59 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2013/08/16 16:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\support.com
[2013/08/16 16:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\supportsoft
[2013/08/16 16:54:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\supportdotcom
[2013/08/16 16:54:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\supportdotcom
[2013/08/16 16:46:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

========== Files - Modified Within 30 Days ==========

[2013/08/20 16:10:23 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/20 16:10:23 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/20 15:57:46 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/20 15:57:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/20 15:57:32 | 4211,736,574 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/20 15:40:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/20 14:02:32 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/08/20 13:33:36 | 000,001,413 | ---- | M] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/20 12:11:17 | 000,000,055 | ---- | M] () -- C:\Users\Jake\AppData\Roaming\mbam.context.scan
[2013/08/20 10:30:19 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/20 10:30:19 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/20 10:30:19 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/20 10:17:43 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/08/20 10:14:21 | 000,002,285 | ---- | M] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/19 22:42:22 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/18 04:56:29 | 000,322,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/18 03:50:34 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/08/18 03:50:34 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/08/18 01:09:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/08/17 16:42:13 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/16 18:45:39 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/08/16 18:45:39 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/08/16 18:34:35 | 000,027,746 | ---- | M] () -- C:\ProgramData\xportnchk.ini

========== Files Created - No Company Name ==========

[2013/08/20 14:02:32 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/08/20 13:33:36 | 000,001,413 | ---- | C] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/08/20 12:11:17 | 000,000,055 | ---- | C] () -- C:\Users\Jake\AppData\Roaming\mbam.context.scan
[2013/08/20 10:17:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/08/20 10:17:43 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/08/20 10:11:32 | 000,002,285 | ---- | C] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/20 10:11:32 | 000,001,419 | ---- | C] () -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/08/20 10:10:43 | 000,000,290 | ---- | C] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/08/20 10:10:43 | 000,000,272 | ---- | C] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/08/18 04:02:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/08/18 03:50:34 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/08/18 03:50:34 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/08/18 03:23:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/08/18 01:09:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/08/17 18:24:00 | 000,001,311 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2013/08/17 18:23:53 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2013/08/17 18:22:49 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/17 16:42:13 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/17 16:35:56 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/17 16:35:56 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/16 18:39:55 | 4211,736,574 | -HS- | C] () -- C:\hiberfil.sys
[2013/08/16 17:16:50 | 000,027,746 | ---- | C] () -- C:\ProgramData\xportnchk.ini
[2013/02/13 04:36:50 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2013/02/13 04:36:48 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013/02/13 04:36:47 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2013/02/13 04:35:32 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2013/02/13 03:10:45 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2012/02/27 11:15:32 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/20 14:04:46 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\AVG2013
[2013/08/20 12:14:28 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\DriverCure
[2013/08/20 12:14:28 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\SpeedyPC Software
[2013/08/20 14:02:32 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >

Edited by JakeGallant, 20 August 2013 - 02:20 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP