Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC suddenly keeps freezing. After reboot, it works ok for a few minut

Started by roachklip , Oct 26 2013 04:17 PM

  • This topic is locked This topic is locked

#1
roachklip
Posted 26 October 2013 - 04:17 PM

roachklip

    Member

  • Member
  • PipPip
  • 45 posts
Hello.

My PC recently started freezing to the point that i have to do a hard shutdown and after it reboots, it will work ok but only for a few minutes. Then, it quickly starts freezing up again until nothing works.

Also, sometimes after a reboot, if i don't touch it for 5 hours or so, it will seem to run fine until another reboot, and then it will start freezing up again. :(

I've run Spybot S&D and Malwarebytes and both found zero problems so i'm not sure if i have a virus or not. :confused:

Here is my OTL log:





OTL logfile created on: 10/26/2013 5:58:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.97 Gb Total Physical Memory | 5.54 Gb Available Physical Memory | 69.60% Memory free
15.93 Gb Paging File | 12.98 Gb Available in Paging File | 81.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.82 Gb Total Space | 284.16 Gb Free Space | 30.99% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/26 17:57:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL(1).exe
PRC - [2013/10/21 18:49:54 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/09/30 21:06:29 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/06/27 12:15:06 | 000,173,192 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/02/19 03:41:44 | 012,805,888 | ---- | M] (www.BitComet.com) -- C:\Program Files (x86)\BitComet\BitComet.exe
PRC - [2013/02/15 18:23:34 | 014,731,776 | ---- | M] (GARMIN Corp.) -- C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
PRC - [2013/01/15 16:12:18 | 000,595,144 | ---- | M] (Murray Hurps Software Pty Ltd) -- C:\Program Files (x86)\Ad Muncher\AdMunch.exe
PRC - [2012/11/26 14:34:12 | 001,329,304 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/08/28 17:02:50 | 002,214,280 | ---- | M] (Auslogics) -- C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
PRC - [2012/01/17 17:15:44 | 000,331,608 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
PRC - [2012/01/04 19:02:02 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
PRC - [2012/01/04 19:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
PRC - [2010/12/28 04:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe
PRC - [2010/08/04 14:44:24 | 000,266,240 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
PRC - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/07 01:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/06/09 12:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/02/28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [1999/10/27 09:01:00 | 000,409,660 | ---- | M] (NEATO LLC.) -- C:\Program Files (x86)\MediaFACE\CDFACE32.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/21 18:49:53 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/09 04:05:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/09 04:05:29 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/09/30 21:06:28 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/11 10:11:27 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3d075c3b7d099aca217beecac1f66b4b\System.Web.Services.ni.dll
MOD - [2013/08/15 03:37:32 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/15 03:30:09 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 03:29:54 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 03:29:46 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/12 03:30:02 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/02/09 13:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2010/02/09 13:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2010/02/09 13:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2010/02/09 13:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2010/02/09 13:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/09/11 14:05:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2004/05/24 17:01:00 | 000,118,784 | ---- | M] () -- C:\Windows\SysWOW64\lfkodak.dll
MOD - [2004/05/24 17:00:00 | 000,338,944 | ---- | M] () -- C:\Windows\SysWOW64\lffpx7.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/26 14:34:12 | 001,329,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/06/09 12:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/31 18:01:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/10/21 18:49:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/27 12:15:06 | 000,173,192 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/13 14:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/17 17:22:02 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Expat Shield\bin\EXPATTrayService.exe -- (ExpatTrayService)
SRV - [2012/01/17 17:15:44 | 000,331,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe -- (ExpatShieldService)
SRV - [2012/01/04 19:02:02 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -- (ExpatWd)
SRV - [2012/01/04 19:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe -- (ExpatSrv)
SRV - [2010/12/28 04:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Running] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010/08/04 14:44:24 | 000,266,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010/03/22 20:05:40 | 000,960,992 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 23:39:21 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/12 00:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/23 15:47:42 | 000,057,904 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2012/10/23 08:24:14 | 000,189,208 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2012/10/23 08:24:14 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2012/10/23 08:24:12 | 000,211,344 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/10/23 08:24:12 | 000,149,592 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/04 19:01:56 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2012/01/04 19:01:54 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/11 01:11:00 | 001,924,096 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/27 14:40:40 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/29 18:31:18 | 000,142,848 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tinspusb.sys -- (USBTINSP)
DRV:64bit: - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/10/24 01:49:46 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/10/07 08:49:28 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2009/10/07 08:47:46 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/07 08:45:38 | 000,271,640 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 22:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 08:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2008/07/29 05:47:00 | 001,075,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV:64bit: - [2008/05/15 02:28:00 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2007/01/19 18:24:24 | 000,025,312 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{75954489-180E-4E39-9395-0E954E4EBDE5}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{DC407881-FCD1-44D0-87F9-42090C2505B0}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{51FD6F31-C0A7-440B-FB7E-82A5FFE11EEA}: "URL" = http://www.bing.com/...017&form=ZGAIDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: browserprotect%40browserprotect.com:1.1.3
FF - prefs.js..extensions.enabledAddons: %7BB042753D-F57E-4e8e-A01B-7379A6D4CEFB%7D:1.35
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..keyword.URL: "google"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/20 12:26:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/30 21:06:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/12 07:18:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/01/16 09:29:03 | 000,000,000 | ---D | M]

[2010/03/23 22:45:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2013/09/26 16:53:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions
[2012/11/30 16:41:02 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013/05/17 07:40:35 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2011/03/22 15:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2011/09/27 08:27:05 | 000,000,000 | ---D | M] (Disconnect) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\[email protected]
[2010/05/04 23:17:30 | 000,000,000 | ---D | M] (FfvB - vBulletin Management for Firefox) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\[email protected]
[2013/01/06 14:52:51 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\[email protected]
[2013/07/19 17:31:32 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\[email protected]
[2012/10/28 16:52:49 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\[email protected]
[2012/12/11 09:42:19 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013/01/06 09:50:00 | 000,002,838 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\searchplugins\amazon-distro.xml
[2013/09/30 21:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/09/30 21:06:19 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013/09/30 21:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/30 21:06:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/01/12 04:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/03/24 15:36:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old

========== Chrome ==========

CHR - default_search_provider: Amazon (Enabled)
CHR - default_search_provider: search_url = http://www.amazon.co...y={searchTerms}
CHR - default_search_provider: suggest_url = http://suggestquerie...}&output=chrome,
CHR - homepage: http://www.amazon.co...06_US_cr_sp_OC1
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Owner\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Fast save = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocjilmecckaddkddknbfgjampibkhh\1.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Instagram for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\3.2.2_0\
CHR - Extension: Instagram for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\4.5.1_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/10/01 19:29:47 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll (AnchorFree Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Ad Muncher] C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKCU..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [EPSON Stylus Photo R340 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_SEFBD.tmp" /EF "HKCU" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{081B0E74-3E2F-4B25-80B4-0635BD5A76D3}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F75A2444-E552-41D4-9D00-80A326784665}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3699a8c0-267b-11e2-bf93-0025648444ff}\Shell - "" = AutoRun
O33 - MountPoints2\{3699a8c0-267b-11e2-bf93-0025648444ff}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O33 - MountPoints2\{54fa610e-5e8b-11df-8dda-0025648444ff}\Shell\AutoRun\command - "" = L:\autorun.exe
O33 - MountPoints2\{54fa610e-5e8b-11df-8dda-0025648444ff}\Shell\phone\command - "" = L:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/23 09:31:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Bob James - Discography
[2013/10/22 10:51:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Luther Barnes - Best
[2013/10/21 14:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/10/21 14:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/10/21 14:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013/10/21 14:18:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/10/21 14:17:46 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/10/21 14:17:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013/10/21 14:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/10/21 14:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/10/21 14:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/10/21 14:15:15 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/10/21 14:03:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/10/16 11:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/16 11:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/13 13:08:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AUDIO-10-13-13
[2013/10/08 13:37:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Justin_Timberlake-The_2020_Experience_2_of_2-2013
[2013/10/07 18:57:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\MSO fix
[2013/09/30 21:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/03/23 22:21:06 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Owner\AppData\Roaming\DataSafeDotNet.exe

========== Files - Modified Within 30 Days ==========

[2013/10/26 17:32:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b.job
[2013/10/26 17:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/26 16:47:28 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/26 16:47:28 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/26 07:07:40 | 000,730,596 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/26 07:07:40 | 000,627,104 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/26 07:07:40 | 000,107,420 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/26 03:32:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6.job
[2013/10/25 08:30:16 | 000,000,821 | ---- | M] () -- C:\Windows\CDFACE32.INI
[2013/10/24 16:41:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/24 16:40:58 | 2119,946,239 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/21 17:15:57 | 000,743,538 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/21 16:13:36 | 001,562,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/15 21:52:06 | 035,811,328 | ---- | M] () -- C:\Users\Owner\Desktop\Microsoft Toolkit 2.4.9.exe
[2013/10/07 09:27:38 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/02 02:19:38 | 002,966,102 | ---- | M] () -- C:\Users\Owner\Desktop\01. King Push.mp3
[2013/09/29 16:32:02 | 000,170,703 | ---- | M] () -- C:\Users\Owner\Desktop\Watts(1).pdf
[2013/09/28 07:35:33 | 000,005,880 | ---- | M] () -- C:\Users\Owner\Desktop\mug-shot-133235551.jpg

========== Files Created - No Company Name ==========

[2013/10/21 17:15:57 | 000,743,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/21 13:59:33 | 1266,438,144 | ---- | C] () -- C:\Users\Owner\Desktop\SW_DVD5_Office_Professional_Plus_2010w_SP1_W32_English_CORE_MLF_X17-76748.ISO
[2013/10/16 18:09:19 | 001,057,251 | ---- | C] () -- C:\Users\Owner\Desktop\Tariq_Nasheed_-_The_Art_Of_Mackin.pdf
[2013/10/16 07:10:08 | 035,811,328 | ---- | C] () -- C:\Users\Owner\Desktop\Microsoft Toolkit 2.4.9.exe
[2013/10/10 03:27:35 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b.job
[2013/10/10 03:27:34 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6.job
[2013/10/07 19:38:15 | 037,803,008 | ---- | C] () -- C:\Users\Owner\Documents\Microsoft Toolkit 2.4.3 Final.exe
[2013/10/02 10:53:42 | 002,966,102 | ---- | C] () -- C:\Users\Owner\Desktop\01. King Push.mp3
[2013/09/29 16:32:28 | 000,170,703 | ---- | C] () -- C:\Users\Owner\Desktop\Watts(1).pdf
[2013/09/28 07:35:31 | 000,005,880 | ---- | C] () -- C:\Users\Owner\Desktop\mug-shot-133235551.jpg
[2013/06/14 14:42:44 | 000,000,118 | ---- | C] () -- C:\Windows\wininit.ini
[2013/03/11 10:37:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2013/01/15 16:14:19 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/11/19 21:16:46 | 000,000,031 | ---- | C] () -- C:\Windows\Viewer.INI
[2011/02/17 09:06:59 | 000,021,504 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/26 23:23:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/17 18:02:24 | 000,000,326 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2010/03/24 17:29:14 | 000,001,024 | ---- | C] () -- C:\Users\Owner\.rnd

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/05 23:32:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Aura4You
[2012/02/27 11:19:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2013/10/26 18:10:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitComet
[2013/01/06 01:49:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Broad Intelligence
[2011/12/13 20:29:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/01/30 12:36:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DMCache
[2013/10/21 17:09:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox
[2010/07/04 18:01:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/08/14 21:20:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EAC
[2011/11/24 15:55:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ESET
[2013/05/21 18:56:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GARMIN
[2011/01/16 17:18:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GrabIt
[2013/01/30 12:52:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IDM
[2012/12/12 12:03:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IrfanView
[2010/04/13 19:19:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2013/10/15 21:21:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MediaMonkey
[2013/10/21 17:15:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mjusbsp
[2010/07/16 21:47:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MusicNet
[2011/06/17 14:24:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
[2011/03/22 15:01:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2011/05/25 12:02:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PCDr
[2011/08/02 21:46:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PhotoScape
[2011/01/06 17:19:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Rovio
[2011/12/03 09:34:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Swhst
[2010/06/09 10:42:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Teleca
[2010/10/17 18:02:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2012/11/29 22:30:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:96D0C06F

< End of report >

Edited by roachklip, 26 October 2013 - 04:25 PM.

  • 0

Advertisements

#2
emeraldnzl
Posted 29 October 2013 - 01:37 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello roachklip,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
roachklip
Posted 29 October 2013 - 04:09 PM

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Hello and thank you VERY much!


here is my FRST log and my Addition log:







Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013
Ran by Owner (administrator) on OWNER-PC on 29-10-2013 18:03:17
Running from C:\Users\Owner\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
() C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Auslogics) C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(GARMIN Corp.) C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6325936 2012-11-26] (ESET)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [EPSON Stylus Photo R340 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_SEFBD.tmp" /EF "HKCU"
HKCU\...\Run: [ANT Agent] - C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14731776 2013-02-15] (GARMIN Corp.)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xFF000000
MountPoints2: {3699a8c0-267b-11e2-bf93-0025648444ff} - F:\TL-Bootstrap.exe
MountPoints2: {54fa610e-5e8b-11df-8dda-0025648444ff} - L:\autorun.exe
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad Muncher] - C:\Program Files (x86)\Ad Muncher\AdMunch.exe [595144 2013-01-15] (Murray Hurps Software Pty Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {51FD6F31-C0A7-440B-FB7E-82A5FFE11EEA} URL = http://www.bing.com/...017&form=ZGAIDF
SearchScopes: HKCU - {75954489-180E-4E39-9395-0E954E4EBDE5} URL =
SearchScopes: HKCU - {DC407881-FCD1-44D0-87F9-42090C2505B0} URL =
BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll (AnchorFree Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.17 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.17 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\searchplugins\amazon-distro.xml
FF Extension: Disconnect - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\[email protected]
FF Extension: FfvB - vBulletin Management for Firefox - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\[email protected]
FF Extension: Garmin Communicator - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: BitComet 视频下载器 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
FF Extension: No Name - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
FF Extension: browserprotect - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\[email protected]
FF Extension: SkipScreen - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\[email protected]
FF Extension: testpilot - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\[email protected]
FF Extension: No Name - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.amazon.com/websearch/ref=bit_bds-p18_serp_cr_us_display?ie=UTF8&tagbase=bds-p18&tbrId=v1_abb-channel-18_047dfc700cf4400fb2f9796890d892bc_18_38_20130106_US_cr_sp_OC1
CHR RestoreOnStartup: "hxxp://www.amazon.com/websearch/ref=bit_bds-p18_serp_cr_us_display?ie=UTF8&tagbase=bds-p18&tbrId=v1_abb-channel-18_047dfc700cf4400fb2f9796890d892bc_18_38_20130106_US_cr_sp_OC1"
CHR DefaultSearchURL: (Amazon) - http://www.amazon.co...y={searchTerms}
CHR DefaultSuggestURL: (Amazon) - http://suggestquerie...}&output=chrome
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (BitCometAgent) - C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll (BitComet)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll No File
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Google Talk Plugin) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle Broadcaster Plugin) - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (Fast save) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocjilmecckaddkddknbfgjampibkhh\1.1_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Instagram for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\3.2.2_0
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1329304 2012-11-26] (ESET)
R2 ExpatShieldService; C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [331608 2012-01-17] ()
S3 ExpatTrayService; C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-17] ()
R2 ExpatWd; C:\Program Files (x86)\Expat Shield\bin\hsswd.exe [329544 2012-01-04] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] ()

==================== Drivers (Whitelisted) ====================

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [211344 2012-10-23] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [149592 2012-10-23] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [189208 2012-10-23] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2012-10-23] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [57904 2012-11-23] (ESET)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-29 18:02 - 2013-10-29 18:02 - 00000000 ____D C:\FRST
2013-10-29 18:01 - 2013-10-29 18:01 - 01956538 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2013-10-29 15:20 - 2013-10-29 15:35 - 00000600 _____ C:\Windows\PFRO.log
2013-10-29 10:08 - 2013-10-29 16:02 - 00000224 _____ C:\Windows\setupact.log
2013-10-29 10:08 - 2013-10-29 10:08 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 08:50 - 2013-10-29 08:50 - 04379048 _____ (Piriform Ltd) C:\Users\Owner\Downloads\ccsetup407.exe
2013-10-26 23:15 - 2013-10-27 00:54 - 263825150 _____ C:\Users\Owner\Downloads\John_McLaughlin_-_Mahavishnu_1984.zip
2013-10-26 23:09 - 2013-10-26 23:21 - 141683633 _____ C:\Users\Owner\Downloads\32304-320-1018.rar
2013-10-26 21:01 - 2013-10-26 21:10 - 108704118 _____ C:\Users\Owner\Downloads\3.23.91.1018.rar
2013-10-26 17:57 - 2013-10-26 17:57 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Downloads\OTL(1).exe
2013-10-26 17:12 - 2013-10-26 17:27 - 177423946 _____ C:\Users\Owner\Downloads\Soulparlor--Evoluzion-(TDR11-003)-WEB-2011-OMA.rar
2013-10-26 17:08 - 2013-10-26 17:10 - 164481905 _____ C:\Users\Owner\Downloads\Various – Break Beat Nation Vol.1.rar
2013-10-26 14:55 - 2013-10-26 14:57 - 124396581 _____ C:\Users\Owner\Downloads\Scream- chad wackerman.rar
2013-10-26 14:28 - 2013-10-26 15:46 - 239463250 _____ C:\Users\Owner\Downloads\LM9qiw5HKwlRszrGsIg7zYIjlwpy1IMHPXeXT6ikRRI.rar
2013-10-26 07:19 - 2013-10-26 07:22 - 132794576 _____ C:\Users\Owner\Downloads\Robert Glasper - Black Radio 2 [1](1).zip
2013-10-25 17:06 - 2013-10-25 17:07 - 31011020 _____ C:\Users\Owner\Downloads\Robert Glasper - Black Radio 2 [1].zip.part
2013-10-25 17:06 - 2013-10-25 17:06 - 00000000 _____ C:\Users\Owner\Downloads\Robert Glasper - Black Radio 2 [1].zip
2013-10-23 10:23 - 2013-10-23 11:02 - 141396376 _____ C:\Users\Owner\Downloads\BOFNOB320.rar
2013-10-23 09:38 - 2013-10-23 11:02 - 1014335287 _____ C:\Users\Owner\Downloads\Restoran.rar
2013-10-23 09:31 - 2013-10-23 09:32 - 00000000 ____D C:\Users\Owner\Desktop\Bob James - Discography
2013-10-22 10:51 - 2013-10-22 10:55 - 00000000 ____D C:\Users\Owner\Desktop\Luther Barnes - Best
2013-10-21 17:15 - 2013-10-21 17:15 - 00743538 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-21 16:37 - 2013-10-29 15:36 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2013-10-21 14:18 - 2013-10-21 14:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-10-21 14:17 - 2013-10-21 14:17 - 00000000 ____D C:\Windows\PCHEALTH
2013-10-21 14:17 - 2013-10-21 14:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-10-21 14:16 - 2013-10-21 14:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-10-21 14:15 - 2013-10-21 14:15 - 00000000 __RHD C:\MSOCache
2013-10-21 14:15 - 2013-10-21 14:15 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-21 14:15 - 2013-10-21 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-21 14:03 - 2013-10-21 14:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-21 13:59 - 2011-09-25 05:28 - 1266438144 _____ C:\Users\Owner\Desktop\SW_DVD5_Office_Professional_Plus_2010w_SP1_W32_English_CORE_MLF_X17-76748.ISO
2013-10-21 13:17 - 2013-10-21 13:34 - 995693084 _____ C:\Users\Owner\Downloads\MSO32VL.rar
2013-10-21 13:07 - 2013-10-21 13:57 - 00000024 _____ C:\ScrubRetValFile.txt
2013-10-16 11:49 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 11:49 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-16 11:49 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-16 11:49 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 11:48 - 2013-10-16 11:49 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 11:45 - 2013-10-16 12:10 - 79136486 _____ C:\Users\Owner\Downloads\Cypress_Hill-Till_Death_Do_Us_Part-2004-RNS.rar
2013-10-16 11:11 - 2013-10-16 11:57 - 140553521 _____ C:\Users\Owner\Downloads\ivgjjzonetelechargemen.zip
2013-10-16 07:10 - 2013-10-15 21:52 - 35811328 _____ C:\Users\Owner\Desktop\Microsoft Toolkit 2.4.9.exe
2013-10-15 21:58 - 2013-10-15 22:07 - 34907146 _____ C:\Users\Owner\Downloads\Microsoft Toolkit 2.4.9.rar
2013-10-13 13:08 - 2013-10-29 12:06 - 00000000 ____D C:\Users\Owner\Documents\AUDIO-10-13-13
2013-10-12 14:04 - 2013-10-12 14:05 - 94086928 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\msert.exe
2013-10-10 03:27 - 2013-10-29 17:32 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b.job
2013-10-10 03:27 - 2013-10-29 16:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6.job
2013-10-10 03:27 - 2013-10-10 03:27 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b
2013-10-10 03:27 - 2013-10-10 03:27 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6
2013-10-09 13:14 - 2013-10-09 13:14 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-10-09 03:27 - 2013-09-22 19:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 03:27 - 2013-09-22 19:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 03:27 - 2013-09-22 19:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 03:27 - 2013-09-22 18:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 03:27 - 2013-09-22 18:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 03:27 - 2013-09-22 18:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 03:27 - 2013-09-22 18:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 03:27 - 2013-09-22 18:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 03:27 - 2013-09-20 23:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 03:27 - 2013-09-20 23:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 03:27 - 2013-09-20 22:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 03:27 - 2013-09-20 22:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-08 22:18 - 2013-09-13 21:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-08 22:18 - 2013-09-07 22:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-08 22:18 - 2013-09-07 22:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-08 22:18 - 2013-09-07 22:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-08 22:18 - 2013-09-04 08:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-08 22:18 - 2013-09-04 08:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-08 22:18 - 2013-09-04 08:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-08 22:18 - 2013-09-04 08:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-08 22:18 - 2013-09-04 08:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-08 22:18 - 2013-09-04 08:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-08 22:18 - 2013-09-04 08:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-08 22:18 - 2013-08-28 22:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-08 22:18 - 2013-08-28 22:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-08 22:18 - 2013-08-28 22:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-08 22:18 - 2013-08-28 22:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-08 22:18 - 2013-08-28 22:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-08 22:18 - 2013-08-28 21:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-08 22:18 - 2013-08-28 21:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-08 22:18 - 2013-08-28 21:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-08 22:18 - 2013-08-28 21:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-08 22:18 - 2013-08-28 21:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-08 22:18 - 2013-08-28 21:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-08 22:18 - 2013-08-28 20:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-08 22:18 - 2013-08-28 20:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-08 22:18 - 2013-08-28 20:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-08 22:18 - 2013-08-28 20:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-08 22:18 - 2013-08-27 21:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-08 22:18 - 2013-08-27 21:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-08 22:18 - 2013-08-01 08:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-08 22:18 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 22:18 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 22:18 - 2013-07-12 06:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-08 22:18 - 2013-07-12 06:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-08 22:18 - 2013-07-04 08:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-08 22:18 - 2013-07-04 08:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-08 22:18 - 2013-07-04 08:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-08 22:18 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-08 22:18 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-08 22:18 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-08 22:18 - 2013-07-04 06:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-08 22:18 - 2013-07-03 00:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-08 22:18 - 2013-07-03 00:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-08 22:18 - 2013-06-25 18:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-08 22:18 - 2013-06-06 01:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-08 22:18 - 2013-06-06 01:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-08 22:18 - 2013-06-06 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-08 22:18 - 2013-06-06 01:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-08 22:18 - 2013-06-06 00:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-08 22:18 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-08 22:18 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-08 22:18 - 2013-06-05 23:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-08 22:18 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-08 22:18 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-08 13:37 - 2013-10-08 13:37 - 00000000 ____D C:\Users\Owner\Desktop\Justin_Timberlake-The_2020_Experience_2_of_2-2013
2013-10-07 20:50 - 2013-10-07 20:57 - 87720522 _____ C:\Users\Owner\Downloads\Acro_Jazz_Laboratories_-_UNRAPPED_2_(2013)-NF_72786.rar
2013-10-07 20:04 - 2013-10-29 15:45 - 01673086 _____ C:\Windows\WindowsUpdate.log
2013-10-07 19:38 - 2013-05-29 13:18 - 37803008 _____ C:\Users\Owner\Documents\Microsoft Toolkit 2.4.3 Final.exe
2013-10-07 18:57 - 2013-10-07 19:08 - 00000000 ____D C:\Users\Owner\Desktop\MSO fix
2013-10-07 09:27 - 2013-10-07 09:27 - 04369632 _____ (Piriform Ltd) C:\Users\Owner\Downloads\ccsetup406.exe
2013-10-04 07:34 - 2013-10-04 10:52 - 603794531 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part8.rar
2013-10-03 17:19 - 2013-10-03 23:06 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part7.rar
2013-10-03 07:39 - 2013-10-03 13:26 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part6.rar
2013-10-02 16:06 - 2013-10-02 21:52 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part5.rar
2013-10-02 07:18 - 2013-10-02 13:06 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part4.rar
2013-10-01 21:28 - 2013-10-02 03:16 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part3.rar
2013-10-01 14:44 - 2013-10-01 15:46 - 482566439 _____ C:\Users\Owner\Downloads\Do Or Die-Victory 2000 CDRip FLAC.rar
2013-10-01 13:54 - 2013-10-01 19:42 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part1.rar
2013-10-01 08:01 - 2013-10-01 11:08 - 567082556 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part8.rar
2013-09-30 23:04 - 2013-10-01 04:53 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part7.rar
2013-09-30 21:06 - 2013-10-01 07:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-30 17:15 - 2013-09-30 23:02 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part6.rar
2013-09-30 11:10 - 2013-09-30 16:57 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part5.rar
2013-09-29 21:27 - 2013-09-30 03:21 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part4(1).rar
2013-09-29 18:48 - 2013-09-29 19:22 - 72738668 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part4.rar.part
2013-09-29 18:48 - 2013-09-29 18:48 - 00000000 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part4.rar
2013-09-29 12:26 - 2013-09-29 18:15 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part3.rar

==================== One Month Modified Files and Folders =======

2013-10-29 18:02 - 2013-10-29 18:02 - 00000000 ____D C:\FRST
2013-10-29 18:01 - 2013-10-29 18:01 - 01956538 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2013-10-29 17:32 - 2013-10-10 03:27 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b.job
2013-10-29 17:15 - 2012-04-16 20:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-29 16:50 - 2013-10-10 03:27 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6.job
2013-10-29 16:02 - 2013-10-29 10:08 - 00000224 _____ C:\Windows\setupact.log
2013-10-29 15:45 - 2013-10-07 20:04 - 01673086 _____ C:\Windows\WindowsUpdate.log
2013-10-29 15:40 - 2009-07-14 00:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 15:40 - 2009-07-14 00:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 15:36 - 2013-10-21 16:37 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2013-10-29 15:35 - 2013-10-29 15:20 - 00000600 _____ C:\Windows\PFRO.log
2013-10-29 15:35 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 14:42 - 2012-07-11 07:56 - 00056501 _____ C:\Users\Owner\Documents\BillzNew.xlsx
2013-10-29 12:40 - 2012-01-30 10:10 - 02172928 ___SH C:\Users\Owner\Desktop\Thumbs.db
2013-10-29 12:40 - 2010-03-24 11:50 - 00000808 _____ C:\Windows\CDFACE32.INI
2013-10-29 12:33 - 2010-03-24 18:00 - 00000000 ____D C:\Users\Owner\AppData\Roaming\BitComet
2013-10-29 12:17 - 2010-03-24 10:36 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Winamp
2013-10-29 12:06 - 2013-10-13 13:08 - 00000000 ____D C:\Users\Owner\Documents\AUDIO-10-13-13
2013-10-29 12:06 - 2012-04-22 19:55 - 00000000 ____D C:\Users\Owner\AppData\Roaming\MediaMonkey
2013-10-29 12:04 - 2010-03-24 15:18 - 00000000 ____D C:\Users\Owner\Desktop\mediafaces@
2013-10-29 10:08 - 2013-10-29 10:08 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 10:07 - 2013-05-21 15:08 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-10-29 08:56 - 2010-03-26 08:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-29 08:51 - 2013-03-06 10:28 - 00000983 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-29 08:51 - 2010-03-26 10:14 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-10-29 08:50 - 2013-10-29 08:50 - 04379048 _____ (Piriform Ltd) C:\Users\Owner\Downloads\ccsetup407.exe
2013-10-28 23:14 - 2009-07-14 01:13 - 00730596 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-28 23:06 - 2013-01-15 16:14 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-10-28 09:05 - 2010-03-24 15:19 - 00000000 ____D C:\Users\Owner\Desktop\Album Images@
2013-10-27 15:42 - 2010-04-04 20:28 - 00000000 ____D C:\Users\Owner\Documents\Dox
2013-10-27 00:54 - 2013-10-26 23:15 - 263825150 _____ C:\Users\Owner\Downloads\John_McLaughlin_-_Mahavishnu_1984.zip
2013-10-26 23:21 - 2013-10-26 23:09 - 141683633 _____ C:\Users\Owner\Downloads\32304-320-1018.rar
2013-10-26 21:10 - 2013-10-26 21:01 - 108704118 _____ C:\Users\Owner\Downloads\3.23.91.1018.rar
2013-10-26 18:16 - 2012-01-03 11:03 - 00082628 _____ C:\Users\Owner\Downloads\Extras.Txt
2013-10-26 18:15 - 2012-01-03 11:02 - 00113956 _____ C:\Users\Owner\Downloads\OTL.Txt
2013-10-26 17:57 - 2013-10-26 17:57 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Downloads\OTL(1).exe
2013-10-26 17:27 - 2013-10-26 17:12 - 177423946 _____ C:\Users\Owner\Downloads\Soulparlor--Evoluzion-(TDR11-003)-WEB-2011-OMA.rar
2013-10-26 17:10 - 2013-10-26 17:08 - 164481905 _____ C:\Users\Owner\Downloads\Various – Break Beat Nation Vol.1.rar
2013-10-26 15:46 - 2013-10-26 14:28 - 239463250 _____ C:\Users\Owner\Downloads\LM9qiw5HKwlRszrGsIg7zYIjlwpy1IMHPXeXT6ikRRI.rar
2013-10-26 14:57 - 2013-10-26 14:55 - 124396581 _____ C:\Users\Owner\Downloads\Scream- chad wackerman.rar
2013-10-26 07:22 - 2013-10-26 07:19 - 132794576 _____ C:\Users\Owner\Downloads\Robert Glasper - Black Radio 2 [1](1).zip
2013-10-25 17:07 - 2013-10-25 17:06 - 31011020 _____ C:\Users\Owner\Downloads\Robert Glasper - Black Radio 2 [1].zip.part
2013-10-25 17:06 - 2013-10-25 17:06 - 00000000 _____ C:\Users\Owner\Downloads\Robert Glasper - Black Radio 2 [1].zip
2013-10-24 15:53 - 2010-03-23 18:21 - 00000000 ____D C:\Users\Owner
2013-10-23 11:02 - 2013-10-23 10:23 - 141396376 _____ C:\Users\Owner\Downloads\BOFNOB320.rar
2013-10-23 11:02 - 2013-10-23 09:38 - 1014335287 _____ C:\Users\Owner\Downloads\Restoran.rar
2013-10-23 09:32 - 2013-10-23 09:31 - 00000000 ____D C:\Users\Owner\Desktop\Bob James - Discography
2013-10-22 10:55 - 2013-10-22 10:51 - 00000000 ____D C:\Users\Owner\Desktop\Luther Barnes - Best
2013-10-21 23:58 - 2012-05-20 23:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-21 23:49 - 2009-07-13 22:34 - 00000499 _____ C:\Windows\win.ini
2013-10-21 18:50 - 2010-03-26 08:39 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe
2013-10-21 18:49 - 2012-04-16 20:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-21 18:49 - 2012-04-16 20:23 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-21 18:49 - 2011-06-21 13:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-21 17:15 - 2013-10-21 17:15 - 00743538 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-21 17:15 - 2010-05-15 18:56 - 00000000 ____D C:\Users\Owner\AppData\Roaming\mjusbsp
2013-10-21 17:12 - 2010-07-26 17:12 - 00000000 ____D C:\Users\Owner\AppData\Local\Google
2013-10-21 17:09 - 2013-05-02 22:43 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Dropbox
2013-10-21 17:08 - 2010-01-15 23:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-21 16:13 - 2009-07-14 00:45 - 01562896 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-21 14:29 - 2012-05-21 00:06 - 00000000 ____D C:\Windows\AutoKMS
2013-10-21 14:25 - 2010-11-27 13:00 - 00600904 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-21 14:18 - 2013-10-21 14:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-10-21 14:18 - 2009-07-14 03:45 - 00000000 ____D C:\Windows\ShellNew
2013-10-21 14:18 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-10-21 14:17 - 2013-10-21 14:17 - 00000000 ____D C:\Windows\PCHEALTH
2013-10-21 14:17 - 2013-10-21 14:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-10-21 14:17 - 2013-10-21 14:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-21 14:17 - 2010-01-15 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-10-21 14:17 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-21 14:16 - 2013-10-21 14:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-10-21 14:15 - 2013-10-21 14:15 - 00000000 __RHD C:\MSOCache
2013-10-21 14:15 - 2013-10-21 14:15 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-21 14:15 - 2013-10-21 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-21 13:57 - 2013-10-21 13:07 - 00000024 _____ C:\ScrubRetValFile.txt
2013-10-21 13:34 - 2013-10-21 13:17 - 995693084 _____ C:\Users\Owner\Downloads\MSO32VL.rar
2013-10-16 12:10 - 2013-10-16 11:45 - 79136486 _____ C:\Users\Owner\Downloads\Cypress_Hill-Till_Death_Do_Us_Part-2004-RNS.rar
2013-10-16 11:57 - 2013-10-16 11:11 - 140553521 _____ C:\Users\Owner\Downloads\ivgjjzonetelechargemen.zip
2013-10-16 11:49 - 2013-10-16 11:48 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 11:49 - 2010-01-15 23:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-15 22:07 - 2013-10-15 21:58 - 34907146 _____ C:\Users\Owner\Downloads\Microsoft Toolkit 2.4.9.rar
2013-10-15 21:52 - 2013-10-16 07:10 - 35811328 _____ C:\Users\Owner\Desktop\Microsoft Toolkit 2.4.9.exe
2013-10-13 11:43 - 2010-01-16 01:26 - 00000000 ____D C:\Windows\Panther
2013-10-12 14:05 - 2013-10-12 14:04 - 94086928 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\msert.exe
2013-10-10 03:27 - 2013-10-10 03:27 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b
2013-10-10 03:27 - 2013-10-10 03:27 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6
2013-10-09 13:14 - 2013-10-09 13:14 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-10-09 07:50 - 2012-07-30 10:13 - 00000000 ____D C:\Users\Owner\Documents\AUDIO-12-12-12
2013-10-09 04:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-10-09 03:12 - 2013-08-15 03:01 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 03:06 - 2010-03-23 22:31 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-08 13:37 - 2013-10-08 13:37 - 00000000 ____D C:\Users\Owner\Desktop\Justin_Timberlake-The_2020_Experience_2_of_2-2013
2013-10-08 07:50 - 2013-10-16 11:49 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-16 11:49 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-16 11:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-16 11:49 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-07 20:57 - 2013-10-07 20:50 - 87720522 _____ C:\Users\Owner\Downloads\Acro_Jazz_Laboratories_-_UNRAPPED_2_(2013)-NF_72786.rar
2013-10-07 19:08 - 2013-10-07 18:57 - 00000000 ____D C:\Users\Owner\Desktop\MSO fix
2013-10-07 16:48 - 2010-04-26 16:24 - 00000000 ____D C:\Windows\pss
2013-10-07 16:48 - 2010-03-23 18:21 - 00000000 ___RD C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-07 16:40 - 2013-05-02 22:47 - 00000000 ___RD C:\Users\Owner\Dropbox
2013-10-07 09:27 - 2013-10-07 09:27 - 04369632 _____ (Piriform Ltd) C:\Users\Owner\Downloads\ccsetup406.exe
2013-10-07 09:23 - 2012-04-11 07:12 - 00000000 ____D C:\Users\Guest
2013-10-07 09:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-10-05 08:22 - 2010-05-02 19:59 - 00007135 _____ C:\Users\Owner\Documents\HTML.txt
2013-10-04 10:52 - 2013-10-04 07:34 - 603794531 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part8.rar
2013-10-03 23:06 - 2013-10-03 17:19 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part7.rar
2013-10-03 13:26 - 2013-10-03 07:39 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part6.rar
2013-10-02 21:52 - 2013-10-02 16:06 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part5.rar
2013-10-02 13:06 - 2013-10-02 07:18 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part4.rar
2013-10-02 03:16 - 2013-10-01 21:28 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part3.rar
2013-10-01 22:17 - 2012-08-06 09:40 - 00000000 ____D C:\Users\Owner\Desktop\Joker - The Vision (4AD [EAD3131A]) WEB - 2011
2013-10-01 19:42 - 2013-10-01 13:54 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART2.part1.rar
2013-10-01 15:46 - 2013-10-01 14:44 - 482566439 _____ C:\Users\Owner\Downloads\Do Or Die-Victory 2000 CDRip FLAC.rar
2013-10-01 11:08 - 2013-10-01 08:01 - 567082556 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part8.rar
2013-10-01 07:00 - 2013-09-30 21:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 07:00 - 2010-03-23 22:45 - 00000000 ____D C:\Users\Owner\AppData\Local\Mozilla
2013-10-01 04:53 - 2013-09-30 23:04 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part7.rar
2013-09-30 23:02 - 2013-09-30 17:15 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part6.rar
2013-09-30 16:57 - 2013-09-30 11:10 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part5.rar
2013-09-30 03:21 - 2013-09-29 21:27 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part4(1).rar
2013-09-29 19:22 - 2013-09-29 18:48 - 72738668 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part4.rar.part
2013-09-29 18:48 - 2013-09-29 18:48 - 00000000 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part4.rar
2013-09-29 18:15 - 2013-09-29 12:26 - 1059061760 _____ C:\Users\Owner\Downloads\108etrfffff4gf_LOSSLESS_PART1.part3.rar

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3892.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-21 00:26

==================== End Of Log ============================








Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-10-2013
Ran by Owner at 2013-10-29 18:04:58
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

Ad Muncher v4.93.33707 (x32)
Adobe Download Assistant (x32 Version: 1.0.6)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Photoshop 7.0 (x32 Version: 7.0)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Apple Application Support (x32 Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.754.0)
Aura Software Manager 1.0.3 (x32)
Auslogics BoostSpeed (x32 Version: 5.4)
Bigasoft MKV Converter 3.7.18.4668 (x32)
Bing Desktop (x32 Version: 1.3.174.0)
BitComet 1.35 (x32 Version: 1.35)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.07)
CDex - Open Source Digital Audio CD Extractor (x32 Version: 1.70.4.2009)
Cozi (x32 Version: 1.0.4323.24051)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell DataSafe Online (x32 Version: 1.2.0011)
Dell Dock (Version: 2.0.0)
Dell Driver Download Manager (HKCU Version: 2.1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Digital Line Detect (x32 Version: 1.21)
DivX Setup (x32 Version: 2.6.1.22)
EPSON Printer Software
ESET Online Scanner v3 (x32)
ESET Smart Security (Version: 6.0.306.0)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3)
Expat Shield 2.25 (x32 Version: 2.25)
Fellowes/NEATO MediaFACE (x32)
ffdshow v1.1.3516 [2010-07-25] (x32 Version: 1.1.3516.0)
FileHippo.com Update Checker (x32)
Free Studio version 4.7 (x32)
Garmin ANT Agent (Version: 2.3.4)
Garmin City Navigator North America NT 2013.20 Update (x32 Version: 16.20.0.0)
Garmin Communicator Plugin (x32 Version: 4.0.4)
Garmin Communicator Plugin x64 (Version: 4.0.4)
Garmin Training Center (x32 Version: 3.6.5)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Garmin WebUpdater (x32 Version: 2.5.6)
Google Chrome (x32 Version: 30.0.1599.101)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Earth Pro (x32 Version: 4.2.180.1134)
Google Update Helper (x32 Version: 1.3.21.165)
GoToAssist 8.0.0.514 (x32)
GrabIt 1.7.2 Beta 4 (build 997) (x32)
Hauppauge TV Tuner Diagnostics (1.2.7076) (x32 Version: 1.2.7076)
HCW85 Driver Installer (x32 Version: 2.1.27205)
HijackThis 1.99.1 (x32 Version: 1.99.1)
HTC Driver Installer (x32 Version: 2.0.7.018)
HTC Sync (x32 Version: 2.0.35)
iCloud (Version: 2.1.2.8)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IrfanView (remove only) (x32 Version: 4.32)
iTunes (Version: 11.0.2.26)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Logitech Vid HD (x32 Version: 7.2 (7240))
Logitech Webcam Software (Version: 12.10.1113)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MediaCoder x64 0.8.18.5345 (Version: 0.8.18.5345)
MediaMonkey 4.0 (x32 Version: 4.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Works (x32 Version: 9.7.0621)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
My Dell (Version: 3.4.6308.28)
Nero 8 (x32 Version: 8.3.85)
neroxml (x32 Version: 1.0.0)
NETGEAR WNA1100 N150 Wireless USB Adapter (x32 Version: 1.0.0.133)
Octoshape add-in for Adobe Flash Player (HKCU)
ooVoo (x32 Version: 3.0.4039)
Opera 12.11 (x32 Version: 12.11.1661)
PhotoScape (x32)
PowerDVD DX (x32 Version: 8.3.5424)
QuickTime (x32 Version: 7.73.80.64)
RAR Password Cracker (x32 Version: 4.12)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911)
Roxio Burn (x32 Version: 1.01)
SE-MediaPlayer 1.8.1.81 (x32)
Skype™ 5.10 (x32 Version: 5.10.116)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Uninstall 1.0.0.1 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Veetle TV 0.9.17 (x32 Version: 0.9.17)
Winamp (x32 Version: 5.623 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Windows 7 Codec Pack 2.6.1 (x32)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (Version: 02/06/2007 3.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
Xvid Video Codec (x32 Version: 1.3.2)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-13 22:34 - 2012-10-01 19:29 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0B56842F-453F-4E33-8883-200F40AF61BF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-10-21] ()
Task: {13108C52-6151-4BF9-A6D4-B22F8F4AABB0} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-05] (PC-Doctor, Inc.)
Task: {2D869224-C9A8-47D0-A0D8-E576F0B77A77} - System32\Tasks\Auslogics\BoostSpeed\Integrator\Start On Owner Logon => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe [2012-08-28] (Auslogics)
Task: {3199E631-600E-4421-B720-7AA4FB6A6FFA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3A0E618B-9899-41E4-869C-7A508E2CBEDF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4225481566-4259467513-3732442124-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3C7DD2C6-D370-4401-92B1-28D30C428965} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3EEAC7C1-DE7B-463F-AD74-944B2300F6D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {55F9AE63-4355-40D3-B424-4B44721631C2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4225481566-4259467513-3732442124-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5C0F775D-D0AC-4491-9D8B-5072D4E70B84} - System32\Tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-26] (Google Inc.)
Task: {7EC969FB-6F77-40C9-B610-B6AC1CCE68BB} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-05] (PC-Doctor, Inc.)
Task: {8827E131-73CF-4ADB-A565-29D625C40A3F} - System32\Tasks\Auslogics\BoostSpeed\Integrator\Scan and Repair => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe [2012-08-28] (Auslogics)
Task: {998C60DB-EABF-4C2A-B775-B7430F6091FC} - System32\Tasks\{A40CE8D7-02FE-48D3-B723-742AF6E06F51} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {A4C5E5ED-6675-4A81-BCD8-A364950EA52D} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {EF3FD4A9-60D6-4B18-9EB5-7D31493B7024} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-21] (Adobe Systems Incorporated)
Task: {F5DBF75E-EB93-4C66-BA7E-1463649BFF6A} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {F85466A7-4FAE-413B-944A-315989B22B9C} - System32\Tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-26] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-03-24 20:16 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-03-29 22:34 - 2009-03-29 22:34 - 00280143 _____ () C:\Program Files (x86)\Expat Shield\bin\libidn-11.dll
2009-03-27 16:02 - 2009-03-27 16:02 - 01554920 _____ () C:\Program Files (x86)\Expat Shield\bin\libeay32.dll
2009-03-27 16:02 - 2009-03-27 16:02 - 00332254 _____ () C:\Program Files (x86)\Expat Shield\bin\libssl32.dll
2012-07-02 17:51 - 2010-03-10 14:50 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2010-02-09 13:34 - 2010-02-09 13:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-09-11 14:05 - 2009-09-11 14:05 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 13:34 - 2010-02-09 13:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 13:34 - 2010-02-09 13:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 13:34 - 2010-02-09 13:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2013-09-30 21:06 - 2013-09-30 21:06 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2013 04:02:30 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.db for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.

Program: Host Process for Windows Services
File: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.db

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/29/2013 04:02:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000006
Fault offset: 0x000000000001d859
Faulting process id: 0xb4
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3

Error: (10/29/2013 04:00:59 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.db for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.

Program: Host Process for Windows Services
File: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.db

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/29/2013 04:00:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000006
Fault offset: 0x000000000001d859
Faulting process id: 0xec8
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3

Error: (10/29/2013 03:56:34 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.db for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.

Program: Host Process for Windows Services
File: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.db

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/29/2013 03:56:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000006
Fault offset: 0x000000000001d859
Faulting process id: 0x390
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3

Error: (10/29/2013 00:06:43 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/29/2013 00:06:43 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=3800}. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/28/2013 01:12:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/28/2013 01:11:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 06:00:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 05:59:50 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (10/29/2013 05:59:50 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.


Microsoft Office Sessions:
=========================
Error: (10/29/2013 04:02:30 PM) (Source: Application Error)(User: )
Description: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.dbHost Process for Windows ServicesC00001853

Error: (10/29/2013 04:02:30 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc0000006000000000001d859b401ced4e1966e3bcdC:\Windows\System32\svchost.exec:\windows\system32\sysmain.dll0a2a4726-40d5-11e3-802d-0025648444ff

Error: (10/29/2013 04:00:59 PM) (Source: Application Error)(User: )
Description: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.dbHost Process for Windows ServicesC00001853

Error: (10/29/2013 04:00:59 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc0000006000000000001d859ec801ced4e15fff8449C:\Windows\System32\svchost.exec:\windows\system32\sysmain.dlld3fe362a-40d4-11e3-802d-0025648444ff

Error: (10/29/2013 03:56:34 PM) (Source: Application Error)(User: )
Description: C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4225481566-4259467513-3732442124-1000.dbHost Process for Windows ServicesC00001853

Error: (10/29/2013 03:56:34 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc0000006000000000001d85939001ced4ddfb7df7d7C:\Windows\System32\svchost.exec:\windows\system32\sysmain.dll362bf30f-40d4-11e3-802d-0025648444ff

Error: (10/29/2013 00:06:43 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (10/29/2013 00:06:43 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
3800

Error: (10/28/2013 01:12:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/28/2013 01:11:09 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe


CodeIntegrity Errors:
===================================
Date: 2013-01-05 10:58:06.703
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-01-05 10:58:06.672
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 8156.98 MB
Available physical RAM: 5721.47 MB
Total Pagefile: 16312.15 MB
Available Pagefile: 13679 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.82 GB) (Free:280.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 686C5D9F)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=917 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#4
emeraldnzl
Posted 29 October 2013 - 04:21 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello roachklip,

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#5
roachklip
Posted 29 October 2013 - 04:56 PM

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
ok.

here is my JRT log:




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Owner on Tue 10/29/2013 at 18:42:04.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\rightclick"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Program Files (x86)\bearshare applications"
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2D152830-BE5C-42A3-9F19-0D92D56114C4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5A8F891C-A635-4718-9011-6900F9E0694F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E2559041-8A50-493F-87B7-DA42F079CA67}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EF675208-C806-40DE-8F99-4517D77A87A2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FE776DCA-BA9F-4E25-8163-E09884528933}



~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\ijyi154v.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\ijyi154v.default\extensions\[email protected]
Successfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\ijyi154v.default\prefs.js

user_pref("extensions.5051c9f134819.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,sear
user_pref("extensions.AMAZONNEW_NS_PH.searchconf", "{\n \"google\" : {\n \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n \"rankometer\
user_pref("extensions.browserprotect.urlBarExceptions", "hxxp://www.google.com;hxxp://search.yahoo.com;hxxp://search.live.com;hxxp://en.wikipedia.org;chrome://*;chrome://brows
user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir)/.*|hxxp://.*depositfiles.com/(([a-z]{2})/files/|auth-).*|hxxp://(www.)*di
Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\ijyi154v.default\minidumps [305 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/29/2013 at 18:50:01.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#6
emeraldnzl
Posted 29 October 2013 - 04:59 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello roachklip,

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#7
roachklip
Posted 29 October 2013 - 05:41 PM

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
ok..here is my combofix log:



ComboFix 13-10-29.02 - Owner 10/29/2013 19:10:43.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8157.5795 [GMT -4:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6308\AddOnDownloaded\2c784c13-702f-431e-a492-e9dddd757b25.dll
c:\programdata\PCDr\6308\AddOnDownloaded\3cc3b539-b998-4728-8055-1201221a38d4.dll
c:\programdata\PCDr\6308\AddOnDownloaded\66858fdf-b35c-4b24-a074-915d56b3871b.dll
c:\programdata\PCDr\6308\AddOnDownloaded\704dfeb5-9129-4d88-8096-7f3bc80eb1ec.dll
c:\programdata\PCDr\6308\AddOnDownloaded\8fab1a01-d6b6-4640-ac86-c3ddd583c840.dll
c:\programdata\PCDr\6308\AddOnDownloaded\9d97f346-8efc-4e33-9c3b-3eef6c324e61.dll
c:\programdata\PCDr\6308\AddOnDownloaded\b96b7bbd-964e-47f1-9323-f48f460042bf.dll
c:\programdata\PCDr\6308\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
c:\programdata\PCDr\6308\AddOnDownloaded\fc470dbb-846d-42d3-bb0a-6363a559f3fb.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-09-28 to 2013-10-29 )))))))))))))))))))))))))))))))
.
.
2013-10-29 23:23 . 2013-10-29 23:23 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-10-29 23:23 . 2013-10-29 23:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-29 22:42 . 2013-10-29 22:42 -------- d-----w- c:\windows\ERUNT
2013-10-29 22:02 . 2013-10-29 22:02 -------- d-----w- C:\FRST
2013-10-21 18:18 . 2013-10-21 18:18 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-10-21 18:17 . 2013-10-21 18:17 -------- d-----w- c:\windows\PCHEALTH
2013-10-21 18:17 . 2013-10-21 18:17 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2013-10-21 18:16 . 2013-10-21 18:16 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-10-21 18:15 . 2013-10-21 18:15 -------- d-----w- c:\program files\Microsoft Office
2013-10-21 18:15 . 2013-10-21 18:15 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-10-21 18:15 . 2013-10-21 18:15 -------- d-----r- C:\MSOCache
2013-10-16 15:49 . 2013-10-16 15:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-16 15:49 . 2013-10-08 11:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-09 17:14 . 2013-10-09 17:14 17813896 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-10-09 02:18 . 2013-06-06 05:50 41472 ----a-w- c:\windows\system32\lpk.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-21 22:49 . 2012-04-17 00:23 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-21 22:49 . 2011-06-21 17:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 07:06 . 2010-03-24 02:31 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-09-03 18:35 . 2010-05-16 12:53 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-09 02:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-11 11:49 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-11 11:49 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-11 11:49 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-11 11:49 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-11 11:49 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-11 11:49 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-11 11:49 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-11 11:49 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-11 11:49 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-11 11:49 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-11 11:49 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-11 11:49 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-11 11:49 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 11:49 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 11:49 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 11:49 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
2012-01-04 23:02 233288 ----a-w- c:\program files (x86)\Expat Shield\HssIE\ExpatIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ANT Agent"="c:\program files (x86)\Garmin\ANT Agent\ANT Agent.exe" [2013-02-15 14731776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2013-01-15 595144]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-9-4 113664]
Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2010-3-26 50688]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys;c:\windows\SYSNATIVE\DRIVERS\athrxusb.sys [x]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe;c:\program files (x86)\BitComet\tools\BitCometService.exe [x]
R3 ExpatTrayService;Expat Shield Tray Service;c:\program files (x86)\Expat Shield\bin\ExpatTrayService.EXE;c:\program files (x86)\Expat Shield\bin\ExpatTrayService.EXE [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files (x86)\NETGEAR\WNA1100\jswpsapi.exe;c:\program files (x86)\NETGEAR\WNA1100\jswpsapi.exe [x]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USBTINSP;TI-Nspire™ Handheld or TI Network Bridge Device Driver;c:\windows\system32\DRIVERS\tinspusb.sys;c:\windows\SYSNATIVE\DRIVERS\tinspusb.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 ExpatShieldService;Expat Shield Service;c:\program files (x86)\Expat Shield\bin\openvpnas.exe;c:\program files (x86)\Expat Shield\bin\openvpnas.exe [x]
S2 ExpatSrv;Expat Shield Routing Service;c:\program files (x86)\Expat Shield\HssWPR\hsssrv.exe;c:\program files (x86)\Expat Shield\HssWPR\hsssrv.exe [x]
S2 ExpatWd;Expat Shield Monitoring Service;c:\program files (x86)\Expat Shield\bin\hsswd.exe;c:\program files (x86)\Expat Shield\bin\hsswd.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 WSWNA1100;WSWNA1100;c:\program files (x86)\NETGEAR\WNA1100\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNA1100\WifiSvc.exe [x]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-16 08:32 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 22:49]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec58a305b34e6.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-26 21:12]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cec58a30886f0b.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-26 21:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
2012-01-04 23:02 287048 ----a-w- c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-26 6325936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.co.uk/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - google
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Owner\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4225481566-4259467513-3732442124-1000_Classes\Wow6432Node\CLSID\{132dc333-cf19-4ec4-b1fc-a0e86b667e16}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000001
"Therad"=dword:00000002
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-4225481566-4259467513-3732442124-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):d8,74,7c,b6,ed,d3,df,1a,e4,bb,fa,4c,49,56,87,10,a3,0e,0f,8d,28,
ec,e5,fb,1f,f7,b9,d3,23,bb,84,c0,65,f4,ab,f1,d2,dc,10,a6,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]
"Key"="http://schemas.micro...documents/2003"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SysWOW64\IoctlSvc.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
.
**************************************************************************
.
Completion time: 2013-10-29 19:32:39 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-29 23:32
.
Pre-Run: 300,674,383,872 bytes free
Post-Run: 300,550,402,048 bytes free
.
- - End Of File - - 9B89C71F7ED96A5B6364D080EF2BDD51
CDB4DE4BBD714F152979DA2DCBEF57EB
  • 0

#8
emeraldnzl
Posted 29 October 2013 - 06:53 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 0

#9
roachklip
Posted 29 October 2013 - 07:02 PM

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Here is my checkup log:




Results of screen317's Security Check version 0.99.75
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET Smart Security 6.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
HijackThis 1.99.1
JavaFX 2.1.1
Java 7 Update 45
Adobe Flash Player 11.9.900.117
Adobe Reader XI
Mozilla Firefox (24.0)
Google Chrome 30.0.1599.101
Google Chrome 30.0.1599.69
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Spybot Teatimer.exe is disabled!
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
  • 0

#10
emeraldnzl
Posted 29 October 2013 - 07:05 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again roachklip,

Please run a free on line scan with BitDefender Online Scanner

  • Click the green Start Scanner button
  • Click the green Scan Now button and wait a few seconds until a request appears from Bitdefender
  • Accept the plugin installation
  • Restart your browser in Administation mode if requested
  • Click the green Scan Now button again
  • Accept the eula agreement if asked
  • The scan should start. It will be relatively quick.
  • Click View report (note: this is not the green button - Free download - just click on the words View report under the black button "Get QuickScan for your website")
  • Notepad will open with a log
  • Save to your desktop
  • Copy and paste the report back here and tell me how your machine is now.

  • 0

Advertisements

#11
roachklip
Posted 29 October 2013 - 07:37 PM

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
hi emeraldnzl!

here is my Bitdefender log, and bad news, my PC is still freezing up. :(







QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Tue Oct 29 21:27:28 2013
Machine ID: 523F81A0



No infection found.
-------------------



Processes
---------
IoctlSvc Application 1708 C:\Windows\SysWOW64\IoctlSvc.exe
Ad Muncher 4836 C:\Program Files (x86)\Ad Muncher\AdMunch.exe
Adobe Acrobat Update Service 1492 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Bing Desktop 1728 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
BoostSpeed 3156 C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
DataSafeOnline 4800 C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
Dock Login Service 1000 C:\Program Files\Dell\DellDock\DockLogin.exe
ESET Smart Security 1800 C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
Firefox 7756 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Garmin ANT Agent™ 4276 C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
hsssrv.exe 1884 C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
hsswd.exe 1912 C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
Java™ Platform SE Auto Updater 4848 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Logitech Webcam Software 1992 C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
Malwarebytes Anti-Malware 2024 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
Microsoft Office 2010 7244 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
MobileDeviceService 1676 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Nero BackItUp 1280 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
openvpnas.exe 1860 C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
RAID Event Monitor 1332 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
RAID Monitor 2324 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
Spybot - Search & Destroy 2384 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
Wifi Service 2200 C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
Windows® Internet Explorer 7480 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Windows® Internet Explorer 7852 C:\Program Files (x86)\Internet Explorer\iexplore.exe
(verified) Microsoft® Visual Studio .NET 1152 C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(verified) Yahoo! AutoUpdater 2240 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


Network activity
----------------
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 74.125.227.248
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 74.125.227.248
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 173.194.64.95
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 173.194.64.95
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 37.59.67.149
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 37.59.67.149
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 37.59.67.149
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 74.125.227.197
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 173.194.64.155
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 173.194.46.11
Process AdMunch.exe (4836) connected on port 80 (HTTP) --> 173.194.46.4
Process iexplore.exe (7480) connected on port 443 (HTTP over SSL) --> 74.125.227.248
Process iexplore.exe (7480) connected on port 443 (HTTP over SSL) --> 74.125.227.244
Process iexplore.exe (7480) connected on port 443 (HTTP over SSL) --> 74.125.227.239
Process iexplore.exe (7480) connected on port 443 (HTTP over SSL) --> 74.125.227.231
Process iexplore.exe (7480) connected on port 443 (HTTP over SSL) --> 74.125.227.239
Process firefox.exe (7756) connected on port 443 (HTTP over SSL) --> 173.194.115.43



Autoruns and critical files
---------------------------
Ad Muncher C:\Program Files (x86)\Ad Muncher\AdMunch.exe
Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Adobe Systems, Inc. Adobe Gamma Loader C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe® Flash® Player Update Service C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
DataSafeOnline C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
Digital Line Detection C:\Program Files (x86)\Digital Line Detect\DLG.exe
ESET Smart Security C:\Program Files\ESET\ESET Smart Security\egui.exe
Garmin ANT Agent™ C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
Java™ Platform SE Auto Updater C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft® Windows Mobile® Device Cente C:\Windows\WindowsMobile\wmdc.exe
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
RAID Event Monitor C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
Realtek HD Audio Manager C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Seagate Launcher M:\setup.exe
(verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


Browser plugins
---------------
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
BitComet Extension C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash\components\IBitCometExtension.dll
BitComet Extension C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
BitCometAgent C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
BitCometBHO C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
DivX Plus Web Player C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
DivX Plus Web Player HTML5 <video> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
DivX VOD Helper Plug-in C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
ExpatIE.dll C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
Garmin Communicator Plug-In C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
Garmin Communicator Plug-In C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
Java Deployment Toolkit 7.0.450.18 C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
Java™ Platform SE 7 U45 C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
Java™ Platform SE 7 U45 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
Java™ Platform SE 7 U45 C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 c:\program files (x86)\microsoft office\office14\urlredir.dll
Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32_11_9_900_117.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
QuickTime Plug-in 7.7.3 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.3 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.3 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.3 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.3 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.3 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.3 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
RealNetworks™ Chrome Background Exte C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
RealPlayer™ HTML5VideoShim Plug-In ( C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
Skype Toolbars c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
Veetle Broadcaster Plugin C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
Veetle TV Core C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
Veetle TV Player C:\Program Files (x86)\Veetle\Player\npvlc.dll
Winamp Application Detector C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
Windows Live Messenger Companion C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Windows® Internet Explorer c:\windows\syswow64\ieframe.dll
Yahoo Application State Plugin C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


Scan
----
MD5: 9cc547fa992be6033b1ffc9c1a9a2be9 C:\Program Files (x86)\Ad Muncher\AdMunch.exe
MD5: ec2f3f5094fef62ff6d95b58bfbd02a8 C:\Program Files (x86)\Ad Muncher\AM32-33707.dll
MD5: 380f9a643a149b9030142e7171efa91b C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
MD5: 21eff9554fb9640a09ef9a94313f69a8 C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\aushelper.dll
MD5: 55478ea70df5f040acf9b9faebe52c12 C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\AxComponents20.bpl
MD5: b673ac8499f4104c8e79c6d838b84b8a C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
MD5: 4b738ad61392ecf135eca59b5c8e94df C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\commonforms.dll
MD5: 3f5180d5f217d79bff4e201d92df5879 C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\helper.dll
MD5: 8c14b755f9ccfa8831e6516b103b9cce C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\Localizer.dll
MD5: 02f6ebedda1ab521d33409f9670d0358 C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\rtl160.bpl
MD5: 6f32bbdf873d34de9c3c125286c68319 C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\vcl160.bpl
MD5: 612d277fcafdaa88d3c891b4a6fea539 C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\vclimg160.bpl
MD5: 7455fe2a83979f90705062160f98a96d C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
MD5: f0879e255885374d4c4c65a2d64bed60 C:\Program Files (x86)\BitComet\tools\BitCometService.exe
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: d3316f6e3c011435f36e3d6e49b3196c C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: adda5e1951b90d3d23c56d3cf0622adc C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: c2ff17734176cd15221c10044ef0ba1a C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
MD5: 60c079cb2150760263d1fe5ff6218961 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: f6fd367c9eaaedf90cd7a7952ae0b336 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: af54247f97ccf3539de7505c09972ff9 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: ef8cd3c64ee9c08980d6d06ccce46c68 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: ff9831030678c7b6d70bac00f68f8976 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: a3609397ef273b03295dbb10274be12c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 18301b40411b2108076ab685b4e4b6dc C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 78865abc5f5d13190f8b35bd9044714a C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: c28fd3b37b6f18751c99e6022a2a9782 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 64894527838c86454e2f378ff39fa336 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.DLL
MD5: a56ccbbfccedce2fd9c69fed24e035e3 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 4fe5c6d40664ae07be5105874357d2ed C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 4327cf9a9d0864ca0ffc97fcda97315a C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 24665b221424ffd7b71f0d2c398f2f4f C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: 5b6e8e09be6401a7e022f52fdfcb2ff8 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MD5: e1095a89eb4bfca2ab2f4e1f2ba56612 C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
MD5: 6d113e9c1210dfa7cba6f92a226c0748 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\1033\MSOINTL.DLL
MD5: e9901a7e569c4156fda69f5c9356b8ed C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MD5: 3b10a516d8fba8c6a227374861baf29e C:\Program Files (x86)\Common Files\Microsoft Shared\office14\mso.dll
MD5: a1cfdef143b1b4047e0fd3510f85de97 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL
MD5: 4c0da2b69f8de16e97fcec0e19312923 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\riched20.dll
MD5: 347a51f65a83530f04002f46201a1ad4 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\USP10.DLL
MD5: 1d9c3d7a1f8838e6280fa3f7d1fe4ed8 C:\Program Files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
MD5: 6bf01e200063d7274f3af06d226671f5 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
MD5: da579734b4375740efee86ffdfed57a7 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\wlidcli.DLL
MD5: 9d4a1690af93f233e15380398bec7431 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: eba1b4bf2e2375abdadedb649f283541 C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
MD5: 38c5900a501c3ac64521656278e37864 C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MD5: 35a5c7ad281231c1dea6751a63268de5 C:\Program Files (x86)\Dell DataSafe Online\BuEng.dll
MD5: e8420094cf108385a2f7b2f20437c64b C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
MD5: 637e9eea864ce9c5778e3c4358b1e0d1 C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MD5: 7fc86aa321f35120a051e7c13cb26991 C:\Program Files (x86)\Dell DataSafe Online\OlbEng.dll
MD5: 2ef42b77565da9d46f74ba08306811b4 C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MD5: 3c58d3f375b32e15e4afc796d1b141f1 C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MD5: 471d7266ad659f79ae0281693f9ccd12 C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MD5: f03ffc962e18f36a922e61f96be09925 C:\Program Files (x86)\Digital Line Detect\DLG.exe
MD5: b938c1ae3adce166190895685b0beb0d C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
MD5: bc8ab9aa21934b663a07f79f7efa0123 C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
MD5: a66a630e101e7b5cf0946f34935660cc C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
MD5: c73830c0aa60bd62cbd16b45da7d87fd C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
MD5: 564bab77cd96ce0e3fd5bbcdded142df C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
MD5: 1cd292e65d973d7ee568811aac8d9e44 C:\Program Files (x86)\Expat Shield\bin\libcurl.dll
MD5: 661b770bc4cb72ee4e4b17c5a62b994f C:\Program Files (x86)\Expat Shield\bin\libeay32.dll
MD5: 21c2b1b55d24fbff03ecfb9788c0bb77 C:\Program Files (x86)\Expat Shield\bin\libidn-11.dll
MD5: df49cc0f2a00fa5cd2c79abd9c269796 C:\Program Files (x86)\Expat Shield\bin\libssl32.dll
MD5: 6c5b729c5934e2d8ec0bd6762aae9251 C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
MD5: fc5dc35c04a8d2ccea54131be967d590 C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
MD5: 2cfea9c337b699aca38487e8a7438f35 C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
MD5: da4e83fe6f229c7108ef5e9671b29260 C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
MD5: 15d6efed817ce145ff05a9829050d547 C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
MD5: 14733ddb3663a16b9fd911ae6fd24033 C:\Program Files (x86)\Garmin\ANT Agent\DSI_SiUSBXp_3_1.DLL
MD5: 7550fc1ade982582d5920bea6430e3d4 C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
MD5: cfaf7b67c78d09d79688aedca3d090e2 C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
MD5: fc4c561550e5407ffa29d4f6c69b272f C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\IAAMon_ENU.dll
MD5: 15c42334805b711fbf0c788a1d751528 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
MD5: 984bdac9f4fc9993ce8d3a7d7da3e9a5 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
MD5: 1f5cba6c1a646c5e719f065f6751d815 C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MD5: 20f5f3df7480b8cdf4ce5fc9d390752e C:\Program Files (x86)\Internet Explorer\IEShims.dll
MD5: d6b7ddb68436f13c3cae2b92524f1fec C:\Program Files (x86)\Internet Explorer\iexplore.exe
MD5: f00a0ef5835e1b96f783d617f1948704 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: f1cd6e22e5ae5ceeb7712e546a5fc853 C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
MD5: 78964b1dd1264b8d66fbe08f5944868f C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
MD5: bf38660a9125935658cfa3e53fdc7d65 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
MD5: 6768c724599214e4f9add9f8ff5097eb C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
MD5: 9db03d7693c4a9f9336f4fe746f8885a C:\Program Files (x86)\Java\jre7\bin\ssv.dll
MD5: ef39cccc9ad927a25334ae0b41a8a343 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
MD5: 9275f02bea644f43a459e316a932658f C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
MD5: 65085456fd9a74d7f1a999520c299ecb C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
MD5: e0d7732f2d2e24b2db3f67b6750295b8 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
MD5: 676ccc08d9e9a3f4ca39cb04e97048df C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MD5: 572b3225fd8c1d6c741bee61e8edc5de C:\Program Files (x86)\Microsoft Office\Office14\1033\wwintl.dll
MD5: 53eb8ca63cafc4f07424cd76b58903d1 C:\Program Files (x86)\Microsoft Office\Office14\css7Data0009.dll
MD5: 079fdd266fa8f5c93974528fcbe6538b C:\Program Files (x86)\Microsoft Office\Office14\gfx.dll
MD5: 7a7eca157a0747637512e8c02b8350ea C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
MD5: 660c8e78b94f483e44b0243a774a4746 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
MD5: a729ecf8e670558dfa3bc260c02126c4 C:\Program Files (x86)\Microsoft Office\Office14\mscss7en.dll
MD5: 7a48223093a2b6fecb00e4360c71dcc2 C:\Program Files (x86)\Microsoft Office\Office14\msproof7.dll
MD5: f20d562ecce0115d69ae918eb9168da9 C:\Program Files (x86)\Microsoft Office\Office14\oart.dll
MD5: fd41ecec831c4d85e6fd42a6d5ec1b57 C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\1033\MSGR3EN.DLL
MD5: c5dd903eb57afb76368689f85a8b25d3 C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\MSSP7EN.DLL
MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 c:\program files (x86)\microsoft office\office14\urlredir.dll
MD5: d6264e83183e3e3d96f9b05aabe5e347 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
MD5: bef5aefef1eddcd388837b50a565bc91 C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll
MD5: 4af6b0ccd9974a69df2c91301370b381 C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
MD5: 46cd0225cb4034f56d2eeba950e6cf0a C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
MD5: a9182ce59cfc56f9c1dde8b3c0ae8378 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MD5: 0f77540203f9b331dc4fda4123330f01 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MD5: b7d4270e5ec8aebc7d3a9d8ea9121378 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MD5: 18fc46e6fd43a677af58012b102b8a66 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MD5: 172968c1302a2a16e90e985a74d3851d C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MD5: 09a942074f0fc762a8b5c23b9797dba2 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MD5: 03e9314004f504a14a61c3d364b62f66 C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MD5: 35c4e1e9f67a59f0b9a2a3b06502f7e2 C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MD5: 107bc188698bfa88b4404d88d9c33c10 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MD5: d86f17e1bcbb70193f8c303157ff3619 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MD5: 0383a25d0433516ca14918d3779acfd8 C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
MD5: 69aa47f09aa281c7d3c7716ca7e283b4 C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 419680fce774976fd752eb425d91aedf C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: f950066f07ad4952b291bf712ba40367 C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
MD5: 7b22e33f0f082c7f101a1e873c8bd8d3 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MD5: d7fbd0f0db1a368cdbd93a105d237ff1 C:\Program Files (x86)\Mozilla Firefox\xul.dll
MD5: 3829485a8ddeb1264ea9814f2aaf3270 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\LBFC.dll
MD5: 19ae1ec46e151a779280e4ebbf657ab6 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NB.dll
MD5: d6b4793fd5bb8fb3f94ad9886e624d13 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBHDMgr.dll
MD5: 40d7d0a208ee863bca8d89e299216f15 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
MD5: 201aa055acaf259b537619d351974265 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NeroAPIGlueLayerUnicode.dll
MD5: cf9ba304b8047b9582d72d9bfef42eae C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe
MD5: 2b628efb95b1f02cb4c81006ea3cf807 C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
MD5: 35a20217c4d06d1d36a3addfd8ce58c2 C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
MD5: 2a7b91d64a39a08fa0927eaf89205fff c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: f07af60b152221472fbdb2fecec4896d C:\Program Files (x86)\Skype\Updater\Updater.exe
MD5: 0970903f18b47f9f09691a7b2472b60d C:\Program Files (x86)\Veetle\Player\npvlc.dll
MD5: 408b0c7752c63f602fdd9d8ee04c15f3 C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
MD5: 30740221c0ae535da3fa7228c1c5a826 C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
MD5: 47bdbce3e2d819b17ab9fa4539b9df71 C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
MD5: 4ce9dac1518ff7e77bd213e6394b9d77 C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
MD5: 5b239ff33aeaffc5983aaad4dbf9c87f C:\Program Files (x86)\Windows Live\Installer\wlshim.dll
MD5: ac421a44de902f2627f1e63793ed89cd C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
MD5: 3856e8add648bc2dfeb07406c7f25804 C:\Program Files (x86)\Windows Live\Shared\UXCalendar.dll
MD5: f0d369b57b0b0b00d4e146f0f53fb86c C:\Program Files (x86)\Windows Live\Shared\uxcontacts.dll
MD5: e680a55e9488921fc487616f4ede7797 C:\Program Files (x86)\Windows Live\Shared\UXCore.dll
MD5: cc9e4d197143738bd868282e76ff6731 C:\Program Files (x86)\Windows Live\Shared\WLDCore.dll
MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: a35679e56e78091e1042a2d7adbf2958 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
MD5: 28ad5e311996a34025cfb07e131058dd C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 7e47c328fc4768cb8beafbcfafa70362 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MD5: 0840abbbdf438691ee65a20040635cbe C:\Program Files\Dell\DellDock\DockLogin.exe
MD5: 509dc499d0d0ddd18d1ba3a9516f6c4c C:\Program Files\ESET\ESET Smart Security\egui.exe
MD5: e95ab781773870bd68abe1ae1b57a8ac C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
MD5: 0fb3004fbe091e3c088699716667d54c C:\Program Files\ESET\ESET Smart Security\x86\ekrnAmon.dll
MD5: 52276111e466b1b09ff70c89db54a532 C:\Program Files\ESET\ESET Smart Security\x86\ekrnDmon.dll
MD5: b42c4f2dc07d78243c1f5757adb5aad4 C:\Program Files\ESET\ESET Smart Security\x86\ekrnEmon.dll
MD5: b7ec974d87a0ec914c1838ffd636e07c C:\Program Files\ESET\ESET Smart Security\x86\ekrnEpfw.dll
MD5: 8307fd0ee878bd92a63f44f435c92c30 C:\Program Files\ESET\ESET Smart Security\x86\ekrnHips.dll
MD5: 9efefcb149e2333d3fd42cd28694a187 C:\Program Files\ESET\ESET Smart Security\x86\ekrnMailPlugins.dll
MD5: 6320c8fccc9ba3846cdf22c5cf16005b C:\Program Files\ESET\ESET Smart Security\x86\ekrnParental.dll
MD5: ca98e7b18b97c8c344bf3e7aa454c616 C:\Program Files\ESET\ESET Smart Security\x86\ekrnScan.dll
MD5: 0f6fecb26917c20ec4f210697fd4c0c4 C:\Program Files\ESET\ESET Smart Security\x86\ekrnSmon.dll
MD5: 4ae4b527900174bb68bc879dd55576cf C:\Program Files\ESET\ESET Smart Security\x86\ekrnUpdate.dll
MD5: 0644f36ee3d8677faff163b7718b6259 C:\Program Files\ESET\ESET Smart Security\x86\updater.dll
MD5: 4effc8ff6d349e971e94b1c670c0c66a C:\Program Files\iPod\bin\iPodService.exe
MD5: 3ac22a3dfa8a050e35f0e3cd99d0cdf2 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
MD5: 901a91a3527f4f5212cf6b03c21dad82 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MD5: 7cbb1d4d13dc62d7f529d87151fd3cd3 C:\Program Files\Windows Defender\mpsvc.dll
MD5: 06c8fa1cf39de6a735b54d906ba791c6 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: 1e345f2a2d95da3190596e691cde9342 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
MD5: 10737b44923217bc0e67d26a9fc1f0aa C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
MD5: 2645990c521342dcd08963d2df6cd0d2 C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
MD5: da4e83fe6f229c7108ef5e9671b29260 C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
MD5: 0053db7adb956f1943cde130225947cc C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash\components\IBitCometExtension.dll
MD5: 420d055f9f779caef309824538458e68 C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ijyi154v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
MD5: dd502a2e7b85ea7a3814c1034e6c23d3 C:\Windows\AppPatch\AcGenral.DLL
MD5: 7e067d5c3ef2bb87b3e07dcd61286390 C:\Windows\AppPatch\AcWow64.DLL
MD5: 33a77d477ef9d7a5c65a950129df2e47 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MD5: 555f35af3b56eaae367d767b9e2f1e8b C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MD5: 6c885dd270446b351257ff0216ab1586 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MD5: 827b991962ec24e73bf0f2ab22d5ba8f C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MD5: 9964217da30f2a01c66a23beb4c3ca01 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3d075c3b7d099aca217beecac1f66b4b\System.Web.Services.ni.dll
MD5: 33e8be80f5a3cbd4166c482b4e2c72b2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MD5: 4fd693d4b9aa64ee32baa9b8d9956acf C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MD5: d144849e9b48a7dfb942281ed7edb1c1 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 09a116fb06c5e362ef8938d29cdab27b C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 37b6eba4e783a0b25f3fe05ef86722cb C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 972dcc74d4cdcb64086e7cfacbdb74cb C:\Windows\Microsoft.NET\Framework\v2.0.50727\wminet_utils.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: b53bbeb3a90030adcd8fcec26ab0e65b C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: cfcd9edb4b54653b767ebdf722ba8309 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 4810bdb223adbef09c6a96153f7b9987 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: 05635e9f41c3ed112e48b06a039c0b3d C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: ca9bf20c89804ddf90b77186e9c4053d C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: 6ab46ceebd62287b3cac9cabf35c0b31 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: c1b384335b462d49d44a36eef3d84458 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 9bb5788e5403adb0fbec56c12fdf01f6 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: e1364901e2db1d50069b3c7d3167d788 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: c204a714c587e5935d93818357c5f2f1 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: ab19dc0b708cfda06567b1428d5ebe16 C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: 4d338a4961c16ce062725508a43392ad C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 1f89ee12d56d833d0bf4b8070d213a27 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: f8664c3b4a7365773312eae6593e7525 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 6f482e6ba305ab471d0baf728bc75310 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 541f08d2a39affbd938c76137407d286 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: 9ceba869447b1e338631db05493c21ce C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: c74df35f56ca85075060ed2a715d776a C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 5ea6870fe09f75d92e26a2614a756659 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: b28490ac5caabf0bf796a49946300f67 C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 65e14c022a7e3a70c7fd2627ef75b4d6 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: c7280f39f0e4ed5ddb97630b59c1a804 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: e515b51caa7ce378ca9419ee9b07cd2f C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 232e3a49a5897afda0881f3d2a1ad98a C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: 46237f5c64ca4638024e341be2ad1d19 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: ccba7f264a5259df5f6915cbefc453c9 C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: c3566123385c8ff53bffe4d7413f6290 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
MD5: ff41cf91302c9c12bc2abd41989ddeb5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: 7b851a8018b1ea00a69707a390004884 C:\Windows\system32\cryptnet.dll
MD5: 7ca1becea5de2643addad32670e7a4c9 C:\Windows\system32\cryptsvc.dll
MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\cryptui.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 9ff8f684bacf326082e5562f7c104a79 C:\Windows\system32\d2d1.dll
MD5: 3c1936a12c62254f914a01bbc6a8dc69 C:\Windows\system32\d3d10_1.dll
MD5: d4212ab475a3b25ec4df574536c3edc5 C:\Windows\system32\d3d10_1core.dll
MD5: 6de66fe7c526637e74cd066461c7c871 C:\Windows\system32\d3d11.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: 162d247e995eaebf3ef4289069e1111c C:\Windows\system32\DEVRTL.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: 81f6c1ae23b1c493d9e996c3103915d7 C:\Windows\system32\dhcpcsvc6.DLL
MD5: 5e08ac958be05247ff1539e0d1ce7905 C:\Windows\system32\DINPUT8.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
MD5: 1c0e369575f387460e2a5f28269b2cc4 C:\Windows\system32\DWrite.dll
MD5: d4f264fe23f8953d840904418220c15e C:\Windows\system32\dxgi.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: 1e8d06aae74fed674c1156b3fea911c2 C:\Windows\system32\faultrep.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: 8f5eaaf76a6811332a8c67db0d4c395f C:\Windows\system32\ieframe.dll
MD5: 5e775f0c365f01a8a7382bbefc4a53a5 C:\Windows\system32\IEUI.dll
MD5: a648ab50a6fe18002c762674f4e0f41c C:\Windows\system32\igd10umd32.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: bf7ddbe14fa4b68aab6a3c78ef5c96b8 C:\Windows\system32\inetmib1.dll
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\iphlpapi.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\System32\MMDevApi.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d C:\Windows\SYSTEM32\MSCOREE.DLL
MD5: a7221924181c8eb92b64c5a2d888bea5 C:\Windows\system32\MSHTML.dll
MD5: a6c29db53eca94fa8591c5388d604b82 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: c225e5307d8d4982a1687f2702c37c78 C:\Windows\system32\msls31.dll
MD5: c5a99a4c0dc9f0f5a95ba0c83d30a549 C:\Windows\System32\mstask.dll
MD5: e94c583cde2348950155f2af2876f34d C:\Windows\system32\mswsock.dll
MD5: 21d3a18769ec2c4e56756d04e989a221 C:\Windows\System32\msxml3.dll
MD5: eaadd6e47ed2a7003ace1793b98cf63f C:\Windows\System32\msxml6.dll
MD5: bf6d6ed5fadceee885bd0144ecf1ba27 C:\Windows\system32\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\Windows\system32\NETAPI32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 0ba65122ffa7e37564ee86422dbf7ae8 C:\Windows\system32\NLAapi.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\Windows\system32\ntshrui.dll
MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\Windows\system32\odbc32.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\OLEPRO32.DLL
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: e98278865e8daba21cfe5fe4be34210a C:\Windows\system32\PortableDeviceApi.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\propsys.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 102cf6879887bbe846a00c459e6d4abc C:\Windows\system32\RichEd20.DLL
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\SAMCLI.DLL
MD5: a42e7748be906434c5fd17161d168c20 C:\Windows\system32\SCHEDCLI.DLL
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: a113afeed3159a1ed52d78cb0226006d C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: 2c4a87ca8c00e98efdcfa2e8ec9a3503 C:\Windows\system32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: 75e8ebd7040ce238684333f97014762a C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\system32\webio.dll
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\system32\wer.dll
MD5: 5b2e4e90c04fb9ae9f2c5e99ff59b283 C:\Windows\system32\WindowsCodecs.dll
MD5: 62a6eb5771580cae445804389f3f7432 C:\Windows\system32\windowscodecsext.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9419abf3163b6f0e3ad3dd2b381c879f C:\Windows\system32\WinSCard.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\system32\ws2_32.dll
MD5: a8cdf3768604ff95b54669e20053d569 C:\Windows\system32\WSCAPI.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\system32\XmlLite.dll
MD5: d67472125471784de7147946eda25feb C:\Windows\syswow64\ADVAPI32.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\comdlg32.dll
MD5: ae8eb083b050e17a7d6eb5e28aecddd6 C:\Windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
MD5: 8f5eaaf76a6811332a8c67db0d4c395f c:\windows\syswow64\ieframe.dll
MD5: 122b216b091d06f672cc8d331128fb06 C:\Windows\syswow64\iertutil.dll
MD5: b2db6aba2e292235749b80a9c3dfa867 C:\Windows\syswow64\imagehlp.dll
MD5: 875e4e0661f3a5994df9e5e3a0a4f96b C:\Windows\SysWOW64\IoctlSvc.exe
MD5: 5a847e98eaf032928e67ee52de08952d C:\Windows\SysWOW64\jscript9.dll
MD5: 365a5034093ad9e04f433046c4cdf6ab C:\Windows\syswow64\kernel32.dll
MD5: 1b7343c3765638d4d17cb925f84f8abe C:\Windows\syswow64\KERNELBASE.dll
MD5: cc23295da8f7b5c53f93804d2f5d30eb C:\Windows\syswow64\LPK.dll
MD5: 01d09c1b51b74590fbfac5ed908e5e95 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_9_900_117.ocx
MD5: a283108e14f3970432c21af4c0cb1bce C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 4bf70b35b943bd73bd6e13eb7c1ba4b3 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: 4c1e16b9a53102c8d6fba587cbcb95de C:\Windows\SysWOW64\msv1_0.DLL
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\syswow64\msvcrt.dll
MD5: a2b0924d50f4435fd389499047ce553a C:\Windows\SysWOW64\ntdll.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
MD5: 4dc999ced9429939d75682ebd7d48901 C:\Windows\syswow64\RPCRT4.dll
MD5: af78f66116814fdd6677cebd73035cdd C:\Windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
MD5: e02781d4871844dcd30df1d69a650f78 C:\Windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
MD5: bfb26890612fb8ae8b0463ebebe84b7e C:\Windows\syswow64\SspiCli.dll
MD5: 61dc3f2be3093fe22cd717260946d7ad C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: b7230010d97787af3d25e4c82f2b06b9 C:\Windows\syswow64\USP10.dll
MD5: e4feb264b47360b7296aea4e052f88d8 C:\Windows\syswow64\WININET.dll
MD5: 68eaaedf0365168b804e8728368fa946 C:\Windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: a55e7d0d873b2c97585b3b5926ac6ade C:\Windows\WindowsMobile\rapimgr.dll
MD5: 8bda6db43aa54e8bb5e0794541ddc209 C:\Windows\WindowsMobile\wcescomm.dll
MD5: 233a10d4b3f6897899112e4ec60f1906 C:\Windows\WindowsMobile\wmdc.exe
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: 75f5e1fe8d55cf8e577e0ec5f2290d3f C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: 84174ca0e190bb9d1efd0f005fe13b35 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\gdiplus.dll
MD5: 83ac83e93d62980f1fbbb6580d87a197 M:\setup.exe


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.02 MB sent, 1.21 KB recvd
Scanned 493 files and modules - 255 seconds

==============================================================================
  • 0

#12
emeraldnzl
Posted 29 October 2013 - 07:51 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

and bad news, my PC is still freezing up


Your logs look clean of malware now so we need to look for another cause. There are application errors there that might relate to missing system files.

Let's do this:

Please run Chkdsk:

  • Right click on the Start > Open Windows Explorer.
  • Select the hard drive letter (usually local disk C) for which you want to run the Chkdsk utility.
  • Right-click on the driver letter and select Properties > Tools.
  • Under the Error-Checking section of the window, click the Check Now button. If you have User Account Controls enabled, a window will pop up asking permission to continue. Click Continue.
  • Click to have Chkdsk Automatically fix file system errors and to Scan for and attempt recovery of bad sectors.
  • Click Start.
  • Chkdsk might take a very long time to run, depending on the number of files and folders, the size of the volume, disk performance, and available system resources (such as processor and memory).

Chkdsk will not run if the drive you wish to check is in use. You will requested to schedule Chkdsk. Click Schedule Check Disk, it then will run the next time you boot your computer. Shut down your computer and then turn it back on, Chkdsk will run.

For further information on running chkdsk in Win 7 go here.
  • 0

#13
roachklip
Posted 30 October 2013 - 07:52 AM

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Good morning!

after running the Chkdsk which took about 10 hours to complete, it looks as if that program fixed my freezing problem! :thumbsup:

Thank You!! :)

Edited by roachklip, 30 October 2013 - 10:14 AM.

  • 0

#14
emeraldnzl
Posted 30 October 2013 - 12:13 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello roachklip,

it looks as if that program fixed my freezing problem!


Good news. :thumbsup:

We have a couple of last steps to perform and then you're all set.Posted Image

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

  • Go to Start > Programs > Accessories and click on Run
  • Copy and paste the the bolded text below in the box then hit OK

    Combofix /Uninstall

    Posted Image
Step 2
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
Any other tools remaining may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0

#15
roachklip
Posted 30 October 2013 - 03:13 PM

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Thank you very much emeraldnzl!

I cleaned up and everything is still working smoothly!

one quick question... did i have any viruses or anything malicious?

Thanks again! :thumbsup:
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP