Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I think I'm infected with the zero access virus-Help [Solved]


  • This topic is locked This topic is locked

#1
281RMJ

281RMJ

    Member

  • Member
  • PipPip
  • 13 posts
I have a Toshiba Satellite laptop that runs windows7 home. After logging on I would get the constant white screen. I tried safe mode and it would immediately restart. I saw another post that used frst64. The log file from the frst file is as follows.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2013 01
Ran by SYSTEM on MININT-7R6VV7I on 22-11-2013 10:28:28
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] ()
HKLM\...\Run: [VDownloader] - C:\Program Files\VDownloader\VDownloader.exe [881664 2012-07-17] (Vitzo)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe [3218792 2010-08-17] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] - C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-07-26] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [DATAMNGR] - C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe [1899448 2012-10-22] (Bandoo Media Inc)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DigidesignMMERefresh] - C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-05-04] (Avid Technology, Inc.)
HKU\DanTheMan\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2012-12-10] (BitTorrent, Inc.)
HKU\DanTheMan\...\Run: [DriverScanner] - C:\Program Files (x86)\Uniblue\DriverScanner\Launcher.exe [338296 2011-09-05] (Uniblue Systems Limited)
HKU\DanTheMan\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-07-19] (Google Inc.)
HKU\DanTheMan\...\Run: [Shop To Win] - C:\Program Files (x86)\Shop To Win\ShopToWin.exe [2219008 2012-05-02] (Jackpot Rewards)
HKU\DanTheMan\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe [12008296 2011-03-02] (Adobe Systems, Inc.)
HKU\DanTheMan\...\Run: [Google Update] - C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-17] (Google Inc.)
HKU\DanTheMan\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKU\DanTheMan\...\Run: [InstallIQUpdater] - C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe [1179648 2011-10-11] (W3i, LLC)
HKU\DanTheMan\...\Winlogon: [Shell] explorer.exe,C:\Users\DanTheMan\AppData\Roaming\cache.dat [117760 2011-11-16] () <==== ATTENTION
AppInit_DLLs: C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll [1528760 2012-10-22] (Bandoo Media Inc)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll [1185208 2012-10-22] (Bandoo Media Inc)

==================== Services (Whitelisted) =================

S2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)
S2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-05-04] (Avid Technology, Inc.)
S3 digiSPTIService; C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe [159744 2008-12-03] (Digidesign, A Division of Avid Technology, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] ()
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] ()
S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132056 2012-11-21] (Symantec Corporation)
S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)
S2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)
S2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-06-14] (Wajam)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] ()
S2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\ \...\???\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

S1 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [25244 2009-10-05] (Adaptec)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [1157240 2011-11-30] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2011-12-16] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2011-12-16] (Symantec Corporation)
S3 gbxavs; C:\Windows\System32\Drivers\gbxavs.sys [357968 2011-07-07] (Native Instruments GmbH)
S3 gbxusb_svc; C:\Windows\System32\Drivers\gbxusb.sys [68688 2011-07-07] (Native Instruments GmbH)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120111.003\IDSvia64.sys [488568 2011-12-10] (Symantec Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120111.018\ENG64.SYS [117880 2011-12-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120111.018\EX64.SYS [2048632 2011-12-16] (Symantec Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
S3 PRESONUS_AUDIOBOX_MIDI; C:\Windows\System32\drivers\psabusbm.sys [37496 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_USB; C:\Windows\System32\Drivers\psabusbu.sys [462968 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_WDM; C:\Windows\System32\drivers\psabusba.sys [50808 2009-12-04] (Ploytec GmbH)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-12-13] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-22 10:28 - 2013-11-22 10:28 - 00000000 ____D C:\FRST
2013-11-21 16:22 - 2013-11-21 16:22 - 00000000 ____D C:\Windows\Temp05EF05A9-1375-4327-175F-B12CA9BD7E15-Signatures
2013-11-21 09:31 - 2013-11-21 09:31 - 00000000 ____D C:\Windows\Temp1E8D64CA-5074-F8B9-9669-AD54B4C0262E-Signatures
2013-11-10 23:09 - 2013-11-10 23:09 - 00496288 _____ C:\Windows\Minidump\111113-20046-01.dmp
2013-11-10 22:35 - 2013-11-10 22:35 - 00498328 _____ C:\Windows\Minidump\111113-20623-01.dmp
2013-11-10 16:08 - 2013-11-10 16:08 - 00442632 _____ C:\Windows\Minidump\111013-20701-01.dmp
2013-11-10 09:40 - 2013-11-10 09:40 - 00506536 _____ C:\Windows\Minidump\111013-20638-01.dmp
2013-11-10 03:14 - 2013-11-10 03:14 - 00506392 _____ C:\Windows\Minidump\111013-44990-01.dmp
2013-11-10 03:01 - 2013-11-10 03:01 - 00000000 ____D C:\Windows\Temp19119A66-ECE5-16C3-0D36-FF3051727CC2-Signatures
2013-11-09 21:36 - 2013-11-09 21:36 - 00442728 _____ C:\Windows\Minidump\110913-21247-01.dmp
2013-11-09 15:04 - 2013-11-09 15:04 - 00442624 _____ C:\Windows\Minidump\110913-20638-01.dmp
2013-11-09 08:31 - 2013-11-09 08:31 - 00506272 _____ C:\Windows\Minidump\110913-18408-01.dmp
2013-11-09 01:53 - 2013-11-09 01:53 - 00532216 _____ C:\Windows\Minidump\110913-19312-01.dmp
2013-11-09 01:45 - 2013-11-09 01:45 - 00000000 ____D C:\Windows\Temp8CAB040F-B135-15B9-4644-A64794D8CBAD-Signatures
2013-11-09 01:45 - 2013-11-09 01:45 - 00000000 ____D C:\e0bb54a30b3096dc1e
2013-11-08 19:19 - 2013-11-08 19:19 - 00444176 _____ C:\Windows\Minidump\110813-20872-01.dmp
2013-11-08 12:47 - 2013-11-08 12:47 - 00468392 _____ C:\Windows\Minidump\110813-20529-01.dmp
2013-11-08 06:09 - 2013-11-08 06:09 - 00000000 ____D C:\Windows\TempF5254778-AC34-470C-F5A2-08AB70053793-Signatures
2013-11-08 06:02 - 2013-11-08 06:02 - 00442712 _____ C:\Windows\Minidump\110813-22105-01.dmp
2013-11-07 23:30 - 2013-11-07 23:30 - 00462408 _____ C:\Windows\Minidump\110813-23743-01.dmp
2013-11-07 10:26 - 2013-11-07 10:26 - 00442632 _____ C:\Windows\Minidump\110713-27315-01.dmp
2013-11-07 10:12 - 2013-09-04 04:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-11-07 10:12 - 2013-09-04 04:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-11-07 10:12 - 2013-09-04 04:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-11-07 10:12 - 2013-09-04 04:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-11-07 10:12 - 2013-09-04 04:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-11-07 10:12 - 2013-09-04 04:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-11-07 10:12 - 2013-09-04 04:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-11-07 03:37 - 2013-09-22 07:43 - 17833984 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-11-07 03:37 - 2013-09-22 07:01 - 10926080 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-11-07 03:37 - 2013-09-22 06:42 - 02312704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-11-07 03:37 - 2013-09-22 06:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-11-07 03:37 - 2013-09-22 06:33 - 01494528 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-11-07 03:37 - 2013-09-22 06:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-11-07 03:37 - 2013-09-22 06:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-11-07 03:37 - 2013-09-22 06:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-11-07 03:37 - 2013-09-22 06:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-11-07 03:37 - 2013-09-22 06:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-07 03:37 - 2013-09-22 06:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-11-07 03:37 - 2013-09-22 06:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-11-07 03:37 - 2013-09-22 06:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-07 03:37 - 2013-09-22 06:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-11-07 03:37 - 2013-09-22 06:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-11-07 03:37 - 2013-09-22 06:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-11-07 03:37 - 2013-09-22 02:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-07 03:37 - 2013-09-22 02:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-07 03:37 - 2013-09-22 02:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-07 03:37 - 2013-09-22 02:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-07 03:37 - 2013-09-22 02:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-07 03:37 - 2013-09-22 02:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-07 03:37 - 2013-09-22 02:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-07 03:37 - 2013-09-22 02:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-07 03:37 - 2013-09-22 02:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-07 03:37 - 2013-09-22 02:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-07 03:37 - 2013-09-22 02:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-07 03:37 - 2013-09-22 02:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-07 03:37 - 2013-09-22 02:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-07 03:37 - 2013-09-22 02:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-07 03:37 - 2013-09-22 02:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-07 03:37 - 2013-09-22 01:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-07 03:20 - 2013-11-07 03:20 - 00000000 ____D C:\Windows\TempD52D1B30-7C02-B05A-C61F-877AC7B8F37B-Signatures
2013-11-07 03:13 - 2013-11-07 03:13 - 00442624 _____ C:\Windows\Minidump\110713-41808-01.dmp
2013-11-06 20:42 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-11-06 20:42 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2013-11-06 20:42 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-11-06 20:41 - 2013-09-13 17:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-11-06 20:41 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-11-06 20:41 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-11-06 20:41 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-06 20:41 - 2013-08-28 18:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-11-06 20:41 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-11-06 20:41 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2013-11-06 20:41 - 2013-08-28 18:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-11-06 20:41 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2013-11-06 20:41 - 2013-08-28 17:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-06 20:41 - 2013-08-28 17:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-06 20:41 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-06 20:41 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-06 20:41 - 2013-08-28 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-06 20:41 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-06 20:41 - 2013-08-28 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-06 20:41 - 2013-08-28 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-06 20:41 - 2013-08-28 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-06 20:41 - 2013-08-28 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-06 20:41 - 2013-08-27 17:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-11-06 20:41 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-11-06 20:41 - 2013-08-01 18:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-11-06 20:41 - 2013-08-01 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-11-06 20:41 - 2013-08-01 17:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-11-06 20:41 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-11-06 20:41 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-11-06 20:41 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-11-06 20:41 - 2013-07-25 18:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-11-06 20:41 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-11-06 20:41 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-11-06 20:41 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-11-06 20:41 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-11-06 20:41 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2013-11-06 20:41 - 2013-07-12 02:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2013-11-06 20:41 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2013-11-06 20:41 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2013-11-06 20:41 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-11-06 20:41 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-11-06 20:41 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2013-11-06 20:41 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-11-06 20:41 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2013-11-06 20:41 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-11-06 20:41 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-11-06 20:41 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-11-06 20:41 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-11-06 20:41 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-11-06 20:41 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-11-06 20:41 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-11-06 20:41 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-11-06 20:41 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-11-06 20:41 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-11-06 20:41 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-11-06 20:40 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2013-11-06 20:40 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-11-06 20:40 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-11-06 20:40 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-06 20:01 - 2013-11-06 20:01 - 50053120 _____ C:\Program Files (x86)\GUT976B.tmp
2013-11-06 20:01 - 2013-11-06 20:01 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-06 20:01 - 2013-11-06 20:01 - 00000000 ____D C:\Program Files (x86)\GUM975A.tmp

==================== One Month Modified Files and Folders =======

2013-11-22 10:28 - 2013-11-22 10:28 - 00000000 ____D C:\FRST
2013-11-21 18:47 - 2013-09-04 23:57 - 00000004 _____ C:\Users\DanTheMan\AppData\Roaming\cache.ini
2013-11-21 18:47 - 2011-12-16 12:07 - 00000348 _____ C:\Windows\Tasks\DriverScanner.job
2013-11-21 18:47 - 2011-12-12 16:45 - 00000000 ____D C:\Users\DanTheMan\AppData\Roaming\uTorrent
2013-11-21 18:47 - 2011-07-19 06:26 - 01757421 _____ C:\Windows\WindowsUpdate.log
2013-11-21 18:34 - 2012-08-12 16:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-21 18:18 - 2013-01-01 13:54 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA.job
2013-11-21 18:13 - 2011-07-19 06:59 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-21 16:43 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-21 16:43 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-21 16:40 - 2009-07-13 21:13 - 00779116 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-21 16:35 - 2011-07-19 06:59 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-21 16:34 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-21 16:34 - 2009-07-13 20:51 - 00083147 _____ C:\Windows\setupact.log
2013-11-21 16:24 - 2010-11-20 19:47 - 00060038 _____ C:\Windows\PFRO.log
2013-11-21 16:22 - 2013-11-21 16:22 - 00000000 ____D C:\Windows\Temp05EF05A9-1375-4327-175F-B12CA9BD7E15-Signatures
2013-11-21 16:22 - 2012-05-01 00:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-21 16:22 - 2011-12-13 19:25 - 00002141 _____ C:\Windows\epplauncher.mif
2013-11-21 16:22 - 2011-12-13 18:49 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-21 16:12 - 2011-12-12 21:23 - 00000000 ____D C:\Users\DanTheMan\AppData\Local\CrashDumps
2013-11-21 09:41 - 2012-06-19 20:23 - 00000000 ____D C:\Users\DanTheMan\AppData\Roaming\Skype
2013-11-21 09:40 - 2013-09-01 04:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-21 09:40 - 2012-06-19 20:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-21 09:31 - 2013-11-21 09:31 - 00000000 ____D C:\Windows\Temp1E8D64CA-5074-F8B9-9669-AD54B4C0262E-Signatures
2013-11-10 23:09 - 2013-11-10 23:09 - 00496288 _____ C:\Windows\Minidump\111113-20046-01.dmp
2013-11-10 23:09 - 2012-03-28 05:02 - 527669887 _____ C:\Windows\MEMORY.DMP
2013-11-10 23:09 - 2012-03-28 05:02 - 00000000 ____D C:\Windows\Minidump
2013-11-10 22:35 - 2013-11-10 22:35 - 00498328 _____ C:\Windows\Minidump\111113-20623-01.dmp
2013-11-10 16:08 - 2013-11-10 16:08 - 00442632 _____ C:\Windows\Minidump\111013-20701-01.dmp
2013-11-10 09:40 - 2013-11-10 09:40 - 00506536 _____ C:\Windows\Minidump\111013-20638-01.dmp
2013-11-10 03:14 - 2013-11-10 03:14 - 00506392 _____ C:\Windows\Minidump\111013-44990-01.dmp
2013-11-10 03:01 - 2013-11-10 03:01 - 00000000 ____D C:\Windows\Temp19119A66-ECE5-16C3-0D36-FF3051727CC2-Signatures
2013-11-10 02:56 - 2013-01-01 13:54 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core.job
2013-11-09 21:36 - 2013-11-09 21:36 - 00442728 _____ C:\Windows\Minidump\110913-21247-01.dmp
2013-11-09 15:04 - 2013-11-09 15:04 - 00442624 _____ C:\Windows\Minidump\110913-20638-01.dmp
2013-11-09 08:31 - 2013-11-09 08:31 - 00506272 _____ C:\Windows\Minidump\110913-18408-01.dmp
2013-11-09 01:53 - 2013-11-09 01:53 - 00532216 _____ C:\Windows\Minidump\110913-19312-01.dmp
2013-11-09 01:45 - 2013-11-09 01:45 - 00000000 ____D C:\Windows\Temp8CAB040F-B135-15B9-4644-A64794D8CBAD-Signatures
2013-11-09 01:45 - 2013-11-09 01:45 - 00000000 ____D C:\e0bb54a30b3096dc1e
2013-11-08 19:19 - 2013-11-08 19:19 - 00444176 _____ C:\Windows\Minidump\110813-20872-01.dmp
2013-11-08 12:47 - 2013-11-08 12:47 - 00468392 _____ C:\Windows\Minidump\110813-20529-01.dmp
2013-11-08 06:09 - 2013-11-08 06:09 - 00000000 ____D C:\Windows\TempF5254778-AC34-470C-F5A2-08AB70053793-Signatures
2013-11-08 06:02 - 2013-11-08 06:02 - 00442712 _____ C:\Windows\Minidump\110813-22105-01.dmp
2013-11-07 23:30 - 2013-11-07 23:30 - 00462408 _____ C:\Windows\Minidump\110813-23743-01.dmp
2013-11-07 10:26 - 2013-11-07 10:26 - 00442632 _____ C:\Windows\Minidump\110713-27315-01.dmp
2013-11-07 03:53 - 2009-07-13 20:45 - 05006000 _____ C:\Windows\System32\FNTCACHE.DAT
2013-11-07 03:52 - 2013-05-19 00:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-07 03:52 - 2013-05-19 00:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-07 03:47 - 2011-12-16 02:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-07 03:35 - 2011-12-13 18:50 - 00773332 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-07 03:20 - 2013-11-07 03:20 - 00000000 ____D C:\Windows\TempD52D1B30-7C02-B05A-C61F-877AC7B8F37B-Signatures
2013-11-07 03:13 - 2013-11-07 03:13 - 00442624 _____ C:\Windows\Minidump\110713-41808-01.dmp
2013-11-06 20:35 - 2012-08-12 16:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-06 20:34 - 2013-08-31 01:35 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-11-06 20:34 - 2012-08-12 16:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-06 20:34 - 2012-01-06 20:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-06 20:08 - 2011-07-19 06:59 - 00003908 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-06 20:08 - 2011-07-19 06:59 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-06 20:02 - 2013-05-18 17:33 - 00001942 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-06 20:01 - 2013-11-06 20:01 - 50053120 _____ C:\Program Files (x86)\GUT976B.tmp
2013-11-06 20:01 - 2013-11-06 20:01 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-06 20:01 - 2013-11-06 20:01 - 00000000 ____D C:\Program Files (x86)\GUM975A.tmp
2013-11-06 19:59 - 2013-05-18 17:30 - 00000000 _____ C:\END
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install

Files to move or delete:
====================
C:\Users\DanTheMan\AppData\Roaming\cache.dat
C:\Users\DanTheMan\AppData\Roaming\cache.ini


Some content of TEMP:
====================
C:\Users\DanTheMan\AppData\Local\Temp\AdbeRdr1011_en_US.exe
C:\Users\DanTheMan\AppData\Local\Temp\contentDATs.exe
C:\Users\DanTheMan\AppData\Local\Temp\DefaultAssets.exe
C:\Users\DanTheMan\AppData\Local\Temp\DefaultOfflineContent.exe
C:\Users\DanTheMan\AppData\Local\Temp\imdc.exe
C:\Users\DanTheMan\AppData\Local\Temp\installhelper.dll
C:\Users\DanTheMan\AppData\Local\Temp\install_reader10_en_air_gtbp_chra_aih.exe
C:\Users\DanTheMan\AppData\Local\Temp\PCCU_Installer.exe
C:\Users\DanTheMan\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\DanTheMan\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\DanTheMan\AppData\Local\Temp\The_Weather_Channel_Application.exe
C:\Users\DanTheMan\AppData\Local\Temp\tmp129C.tmp.exe
C:\Users\DanTheMan\AppData\Local\Temp\tmp7227.tmp.exe
C:\Users\DanTheMan\AppData\Local\Temp\tmpD36F.tmp.exe
C:\Users\DanTheMan\AppData\Local\Temp\utt1F77.tmp.exe
C:\Users\DanTheMan\AppData\Local\Temp\wajam_install.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

6
Restore point made on: 2013-09-04 21:00:25
Restore point made on: 2013-11-07 03:19:24
Restore point made on: 2013-11-08 06:08:26
Restore point made on: 2013-11-09 01:58:49
Restore point made on: 2013-11-21 09:30:51
Restore point made on: 2013-11-21 16:22:37

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4043.86 MB
Available physical RAM: 3415.7 MB
Total Pagefile: 4042.06 MB
Available Pagefile: 3431.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: (TI106136W0E) (Fixed) (Total:452.82 GB) (Free:249.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (USB DISK) (Removable) (Total:0.97 GB) (Free:0.86 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 95469684)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=17)

========================================================
Disk: 2 (Size: 998 MB) (Disk ID: 41DE3542)
Partition 1: (Not Active) - (Size=997 MB) - (Type=06)


LastRegBack: 2012-11-26 02:32

==================== End Of Log ============================
  • 0

Advertisements


#2
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Welcome to GeeksToGo, 281RMJ

My name is Machiavelli and I'll try to fix your PC problems. If you are in SafeMode then print my instructions! Removing Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do, just ask me! Please stay in contact with me until the problem is fixed.

Posted Image

Posted Image

!NOTE! Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts. :)
  • 0

#3
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Thanks for the reply Makiavelli. I attached FRST log file on the previous post. I don't have a fixlist file to continue from where I am. I am using an alternate computer so that I can leave my laptop in command prompt. The information I have I was using from someone that posted to have a similar problem as I am having.

Edited by 281RMJ, 22 November 2013 - 12:31 PM.

  • 0

#4
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
 

Part I) Warning


 

In your logs I see a Backdoor. That means that your machine is infected with some nasty files which can steal some information. It is difficult to tell whether or not any data has been stolen and finding out which is true instead of doing countermeasures is unproductive. In this light, for your safety, assume that your log-in details and other information have been accessed by another source.
Below are the steps that you should administer:
  • Please disconnect from the Internet! Also don't use it while we are cleaning the infected machine. This is especially true when you are using the computer in question for online banking and other sites that require sensitive and personal information.
  • It is strongly advised that you change your passwords on a clean PC and notify the bank immediately to watch out for suspicious transactions.
I can try to clean the infection but I have to say your computer is very likely compromised and that there is no way to be sure your computer can ever again be trusted.Experts in the security community believe that a reformat and re-installation of the operating system is the best solution. Please peruse the following if you would like to know more:
Now - you decide if you want to reformat the PC or to cleaning the PC. Think of it and choose the best solution for you! Let me know of your decision. If you decide to go through the proceed, please proceed with the following steps.

 

Part II) Fixing the issue


 

FRST Fix

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it on the flash drive as fixlist.txt

HKLM\...\Run: [] - [x]
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKU\DanTheMan\...\Run: [Shop To Win] - C:\Program Files (x86)\Shop To Win\ShopToWin.exe [2219008 2012-05-02] (Jackpot Rewards)
HKU\DanTheMan\...\Run: [InstallIQUpdater] - C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe [1179648 2011-10-11] (W3i, LLC)
HKU\DanTheMan\...\Winlogon: [Shell] explorer.exe,C:\Users\DanTheMan\AppData\Roaming\cache.dat [117760 2011-11-16] () <==== ATTENTION
AppInit_DLLs: C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll [1528760 2012-10-22] (Bandoo Media Inc)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll [1185208 2012-10-22] (Bandoo Media Inc)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-06-14] (Wajam)
S2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\ \...\???\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
2013-11-06 19:59 - 2013-05-18 17:30 - 00000000 _____ C:\END
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Shop To Win
C:\Program Files (x86)\W3i
C:\Program Files (x86)\Search Results Toolbar
C:\PROGRA~2\SEARCH~1\Datamngr
C:\Program Files (x86)\Wajam
C:\Program Files (x86)\Google\Desktop\Install
C:\Users\DanTheMan\AppData\Roaming\cache.dat
C:\Users\DanTheMan\AppData\Roaming\cache.ini


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system


On Vista or Windows 7: Now please enter System Recovery Options.

On Windows XP: Now please boot into the PE (Preinstallation Environment) disk.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will generate a log on the flashdrive (Fixlog.txt) please post it in your reply.

Question

Can you boot again?
  • 0

#5
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I decided not reformat the hard drive and continue with the fix. I changed all my passwords from my other computer and contacted my bank about the issue to have my account placed on alert for unusual activity. I rebooted my laptop and it is on the logon screen.
Here is the fixlog::
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-11-2013 01
Ran by SYSTEM at 2013-11-22 13:22:18 Run:1
Running from G:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
HKLM\...\Run: [] - [x]
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKU\DanTheMan\...\Run: [Shop To Win] - C:\Program Files (x86)\Shop To Win\ShopToWin.exe [2219008 2012-05-02] (Jackpot Rewards)
HKU\DanTheMan\...\Run: [InstallIQUpdater] - C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe [1179648 2011-10-11] (W3i, LLC)
HKU\DanTheMan\...\Winlogon: [Shell] explorer.exe,C:\Users\DanTheMan\AppData\Roaming\cache.dat [117760 2011-11-16] () <==== ATTENTION
AppInit_DLLs: C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll [1528760 2012-10-22] (Bandoo Media Inc)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll [1185208 2012-10-22] (Bandoo Media Inc)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-06-14] (Wajam)
S2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\ \...\???\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
2013-11-06 19:59 - 2013-05-18 17:30 - 00000000 _____ C:\END
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Shop To Win
C:\Program Files (x86)\W3i
C:\Program Files (x86)\Search Results Toolbar
C:\PROGRA~2\SEARCH~1\Datamngr
C:\Program Files (x86)\Wajam
C:\Program Files (x86)\Google\Desktop\Install
C:\Users\DanTheMan\AppData\Roaming\cache.dat
C:\Users\DanTheMan\AppData\Roaming\cache.ini
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully.
HKU\DanTheMan\Software\Microsoft\Windows\CurrentVersion\Run\\Shop To Win => Value deleted successfully.
HKU\DanTheMan\Software\Microsoft\Windows\CurrentVersion\Run\\InstallIQUpdater => Value deleted successfully.
HKU\DanTheMan\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
WajamUpdater => Service deleted successfully.
*etadpug => Service deleted successfully.
C:\END => Moved successfully.
C:\Program Files (x86)\Ask.com => Moved successfully.
C:\Program Files (x86)\Shop To Win => Moved successfully.
C:\Program Files (x86)\W3i => Moved successfully.
C:\Program Files (x86)\Search Results Toolbar => Moved successfully.
"C:\PROGRA~2\SEARCH~1\Datamngr" => File/Directory not found.
C:\Program Files (x86)\Wajam => Moved successfully.
C:\Program Files (x86)\Google\Desktop\Install => Moved successfully.
C:\Users\DanTheMan\AppData\Roaming\cache.dat => Moved successfully.
C:\Users\DanTheMan\AppData\Roaming\cache.ini => Moved successfully.

==== End of Fixlog ====
  • 0

#6
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts

I rebooted my laptop and it is on the logon screen.

Does that mean you can boot normally? And can you log in?
  • 0

#7
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Yes, I can log in. Uniblue DriverScanner popped up. Make changes yes or no? selected no. Anything else?

Edited by 281RMJ, 22 November 2013 - 05:24 PM.

  • 0

#8
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts

Uniblue DriverScanner popped up. make changes yes or no?

What do you exactly mean?

 

IMPORTANT I see, you have one or more P2P (Person to Person) programs installed.

1.) You have following P2P program installed: uTorrent
2.) If you download files from non-documented sources per a P2P File sharing Program, you can expect a infection of malware. That isn't good for your PC. A long time ago File-sharing with P2P programs like UTorrent was fairly safe. But at this time it isn't true any more. Of course you can use P2P programs at your own risk, but that is maybe your source of your infection. It would be nice if you read this here. So after reading the text you will recognize why you shouldn't have them.
3.) Please read this reports about the danger of P2P Programs:
4.) I would recommend that you uninstall the above. That would be nice. If you like to uninstall the P2P Program, you can do it via Start >> Control Panel >> Add or Remove Programs
5.) If you want to keep the program on your computer , don't use it while we are fixing your computer!

 

FRST Fix

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

AdwCleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1


  • Right-click on AdwCleaner.exe and select Run as administrator.
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.

Note: The log can also be found in here: C:\AdwCleaner\

JRT Scan

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Farbar Recovery Scan Tool (FRST)

  • Run FRST.
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Question

How is your Computer running? Any issues?

Attached Files


  • 0

#9
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Thank you so much for your help. I still haven't connected my laptop to the internet because I got a scam call from someone claiming to be Microsoft. My laptop seems to running fine with no problems that I know of. I uninstalled utorrent and did as you instructed here are the files::
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-11-2013 01
Ran by DanTheMan at 2013-11-23 08:42:29 Run:2
Running from E:\
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client
*****************

"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\en-US" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started.
"C:\Program Files\Microsoft Security Client\Backup" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\DbgHelp.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\Drivers" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\en-us" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\EppManifest.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\mpevmsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MpOAv.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MSESysprep.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MsMpEng.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\msseces.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\msseoobe.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\msseooberes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\MsseWat.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\NisLog.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\NisSrv.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\NisWFP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\Setup.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\SetupRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\shellext.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\sqmapi.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\SymSrv.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\SymSrv.yes" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed.


The system needs a manual reboot.

==== End of Fixlog ====
# AdwCleaner v3.012 - Report created 23/11/2013 at 09:02:41
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : DanTheMan - DANTHEMAN-PC
# Running from : C:\Users\DanTheMan\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\TheBflix
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\uTorrentBar
Folder Deleted : C:\Users\DanTheMan\AppData\Local\Conduit
Folder Deleted : C:\Users\DanTheMan\AppData\Local\Ilivid
Folder Deleted : C:\Users\DanTheMan\AppData\Local\Wajam
Folder Deleted : C:\Users\DanTheMan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\DanTheMan\AppData\LocalLow\ilividtoolbarguid
Folder Deleted : C:\Users\DanTheMan\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\DanTheMan\AppData\LocalLow\TheBflix
Folder Deleted : C:\Users\DanTheMan\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\DanTheMan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\DanTheMan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\DanTheMan\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\DanTheMan\Documents\ShopToWin
Folder Deleted : C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\ilividtoolbarguid
Folder Deleted : C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Folder Deleted : C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjakmojkcnhgipgkkbiempkfdndcnlah
Folder Deleted : C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
File Deleted : C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\searchplugins\web-search.xml
File Deleted : C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\user.js
File Deleted : C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
File Deleted : C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hjakmojkcnhgipgkkbiempkfdndcnlah
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100683.FCTB000100683Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100683.FCTB000100683Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100683.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100683.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100683.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100683.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Updater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80F6C4AD-D66E-4F2C-B85B-C6CE48979FD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23664D93-8A53-4B19-89AC-F3BD4BDAEE55}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F34C9277-6577-4DFF-B2D7-7D58092F272F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividtoolbarguid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ShopToWin
Key Deleted : HKCU\Software\Surf Canyon
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\torch
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Restore]

-\\ Mozilla Firefox v16.0.2 (en-US)

[ File : C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF06CDEE3-7C28-4C3A-AAEC-EAD2B1619C76&SSPV=");
Line Deleted : user_pref("extensions.509ecf7ad3db3.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement('script');sc[...]
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "06bf2dff00000000000000266cd0568a");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15574");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110795&tt=3412_8");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110795&tt=3412_8&babsrc=NT_ss&mntrId=06bf2dff00000000000000266cd0568a");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.64:33:49");
Line Deleted : user_pref("extensions.dynconff.cache.search.conduit.com.content", "<package expire=\"3600\" message=\"Empty\"></package>");
Line Deleted : user_pref("extensions.dynconff.cache.search.conduit.com.expires", "1385164159377");
Line Deleted : user_pref("extensions.sahtb.searchEngineNameCurrent", "Conduit Search");
Line Deleted : user_pref("extensions.sahtb.searchEngineNameOriginal", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.sahtb.searchEngineNameSAH", "Web Search");
Line Deleted : user_pref("extensions.sahtb.url.prefs.data", "<ToolbarPrefs>\r\n <XMLVersion Number=\"{bdd09e8b-8dee-478c-9f4e-0db5e30597cc}\" />\r\n <AnalyticsURL URL=\"hxxp://www.google-analytics.com/__utm.gif?utmw[...]
Line Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=4373986834434738&o=APN10645&q=");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup
Deleted : search_url

*************************

AdwCleaner[R0].txt - [22986 octets] - [23/11/2013 09:01:11]
AdwCleaner[S0].txt - [22069 octets] - [23/11/2013 09:02:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22130 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by DanTheMan on Sat 11/23/2013 at 9:11:27.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{652853ad-5592-4231-88c6-706613a52e61}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-784218189-4065130257-2341892420-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup(1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup(1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup(1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup(1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{91D452DB-E031-4370-8029-1ACCF5431814}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{652853AD-5592-4231-88C6-706613A52E61}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\DanTheMan\AppData\LocalLow\FCTB000100683
Failed to delete: [Folder] "C:\ProgramData\ammyy"
Successfully deleted: [Folder] "C:\Users\DanTheMan\AppData\Roaming\w3i, llc"
Successfully deleted: [Folder] "C:\Users\DanTheMan\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\social privacy"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{0681F3CA-18D0-4412-93A0-9199294FEAED}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{0A8F18C5-F32A-4582-84B2-F2563BDA64A7}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{1DE3CF0D-AEC9-4FF7-BA9C-211F7FE06323}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{2C015954-0720-4FDA-8DE6-A5DE854AA216}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{2F789107-9B62-46A9-89AD-C8A40724BF36}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{464B870C-8AC4-411E-AFDC-FBD641B66944}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{4788483B-4C58-41C5-BDAD-69B62952B091}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{496DDA4D-003E-49C3-B946-CDDD8C325900}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{5A1CDD89-01A7-4F2C-A800-2A55E54825ED}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{74E40D42-FFFC-48B2-A824-B1CA8E6CECF6}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{910A9795-44FF-43F0-A3E8-D9122C142456}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{9E1D31BB-9F41-4402-9FE0-C96721BB17F4}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{A6DCCF70-CCB0-4149-B721-50EE3229C818}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{AB1EE343-CADE-490B-8A41-D9E83B62B644}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{AD2863F6-1B61-4440-A9A6-60E8529508E1}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{B07DF3D2-E604-457D-90A3-2F6C86FAA8C6}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{B419DF0E-DD1E-4715-BBE8-0120C94E07D7}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{BDA8F7EA-381B-47AC-B75F-5B0A88CED233}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{BFB16753-FA85-4F81-B235-D3AD6B184D30}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{D04BDE93-F342-4B1A-8BF9-9B96DA0678D1}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{D950DF02-3C59-422A-9EE6-ED41FE8E148E}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{DFA62999-4B9A-4118-ADA1-5EE7FEBC7CB7}
Successfully deleted: [Empty Folder] C:\Users\DanTheMan\appdata\local\{DFFFA945-9D78-4A39-8899-020AC0A837F3}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\DanTheMan\AppData\Roaming\mozilla\firefox\profiles\rqai0fss.default\prefs.js

user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"370\" /><GlobalSuppresses><s u=\".cab\" g=\"13\" i=\"1342\" /><s u=\".eot\"
Emptied folder: C:\Users\DanTheMan\AppData\Roaming\mozilla\firefox\profiles\rqai0fss.default\minidumps [39 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\DanTheMan\appdata\local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Successfully deleted: [Folder] C:\Users\DanTheMan\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 11/23/2013 at 9:26:30.61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2013 01
Ran by DanTheMan (administrator) on DANTHEMAN-PC on 23-11-2013 09:38:04
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avid Technology, Inc.) C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
() C:\Program Files (x86)\Social Privacy DNS\dnswatch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Updater) C:\ProgramData\Updater\updater.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [481656 2013-11-19] (Updater)
MountPoints2: E - E:\Install.exe
HKLM-x32\...\Run: [dnsshield] - C:\Program Files (x86)\Social Privacy DNS\dnswatch.exe [148480 2013-11-13] ()
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [481656 2013-11-19] (Updater)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-22] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
URLSearchHook: HKCU - Default Value = {086e63ec-0830-bb34-e51e-716c6eda635f}
URLSearchHook: HKCU - FCToolbarURLSearchHook Class - {086e63ec-0830-bb34-e51e-716c6eda635f} - C:\Program Files (x86)\Shop to Win 36\Helper.dll ()
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9A71687E-1E7A-4DDE-96FF-D16D78B1859B} URL = http://search.yahoo....51,17118,0,18,0
SearchScopes: HKCU - {BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10} URL = http://www.bing.com/...eferrer:source}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Social Privacy - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp64.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Shop to Win - {028E5C1E-E93A-FBA4-F949-AFB8EC7A5B86} - C:\Program Files (x86)\Shop to Win 36\Shop to Win 36.dll (Shop To Win, LLC)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Social Privacy - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8E7FC2C5-81B5-405B-97D2-51B393EBCAB7}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{96F2D705-7341-47CF-9BDC-EF5A6DD8D385}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\DanTheMan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\DanTheMan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: vitzo.com/VDownloader - C:\Program Files\VDownloader\Addons\npVDownloader.dll No File
FF Extension: ScorpionSaver - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: Tube Dimmer - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: ShopAtHome.com Toolbar - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: 509ecf7ad3d08 - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: youtube2mp3 - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: No Name - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\{806215f3-1fe9-5c04-f5dd-1617f7bae315}.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\VDownloader\Addons\FireFox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Social Privacy\FF\

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Search Results) - http://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Babylon ToolBar) - C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR Plugin: (nphelper scriptable example plugin) - C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo\1.2_0\nphelper.dll No File
CHR Plugin: (Wajam) - C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00C2\u2122 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (VDownloader) - C:\Program Files\VDownloader\Addons\npVDownloader.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Social Privacy) - C:\Users\DANTHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0
CHR Extension: (Scorpion Saver) - C:\Users\DANTHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0
CHR HKLM-x32\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-22] (AVAST Software)
R2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-05-05] (Avid Technology, Inc.)
S3 digiSPTIService; C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe [159744 2008-12-03] (Digidesign, A Division of Avid Technology, Inc.)
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [511480 2013-10-31] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

S1 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [25244 2009-10-05] (Adaptec)
R2 aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [38984 2013-11-22] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [84328 2013-11-22] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-22] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1032416 2013-11-22] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [409832 2013-11-22] (AVAST Software)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [65264 2013-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-22] ()
S3 gbxavs; C:\Windows\System32\Drivers\gbxavs.sys [357968 2011-07-07] (Native Instruments GmbH)
S3 gbxusb_svc; C:\Windows\System32\Drivers\gbxusb.sys [68688 2011-07-07] (Native Instruments GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 PRESONUS_AUDIOBOX_MIDI; C:\Windows\System32\drivers\psabusbm.sys [37496 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_USB; C:\Windows\System32\Drivers\psabusbu.sys [462968 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_WDM; C:\Windows\System32\drivers\psabusba.sys [50808 2009-12-04] (Ploytec GmbH)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
U4 WajamUpdater;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-23 09:11 - 2013-11-23 09:11 - 00000000 ____D C:\windows\ERUNT
2013-11-23 09:01 - 2013-11-23 09:04 - 00000000 ____D C:\AdwCleaner
2013-11-23 08:46 - 2013-11-23 09:06 - 00000112 _____ C:\windows\setupact.log
2013-11-23 08:46 - 2013-11-23 08:46 - 00000000 _____ C:\windows\setuperr.log
2013-11-23 07:29 - 2013-11-23 07:30 - 00000000 ____D C:\windows\Temp2C03EFF6-1920-FF92-EDAF-6244EFE7D18C-Signatures
2013-11-22 17:37 - 2013-11-22 17:37 - 00000000 ____D C:\Users\DanTheMan\AppData\Roaming\AVAST Software
2013-11-22 17:34 - 2013-11-23 07:30 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-11-22 17:34 - 2013-11-22 17:34 - 01032416 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00409832 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2013-11-22 17:34 - 2013-11-22 17:34 - 00205320 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00084328 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00065776 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00065264 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2013-11-22 17:34 - 2013-11-22 17:34 - 00038984 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00001977 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-22 17:33 - 2013-11-22 17:33 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-22 17:32 - 2013-11-22 17:33 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-22 16:46 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\ProgramData\Updater
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\ProgramData\RHelpers
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Program Files (x86)\sp
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Program Files (x86)\Social Privacy DNS
2013-11-22 16:41 - 2013-11-22 16:41 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-22 16:41 - 2013-11-22 16:41 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-22 16:41 - 2013-11-22 16:41 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-22 16:41 - 2013-11-22 16:41 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-22 16:41 - 2013-11-22 16:41 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-22 16:41 - 2013-11-22 16:41 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-22 16:41 - 2013-11-22 16:41 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-22 16:41 - 2013-11-22 16:41 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-22 16:41 - 2013-11-22 16:41 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-22 16:41 - 2013-11-22 16:41 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-22 16:41 - 2013-11-22 16:41 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-22 16:40 - 2013-11-22 16:46 - 00007784 _____ C:\windows\IE11_main.log
2013-11-22 16:39 - 2013-11-22 16:39 - 00000000 ____D C:\windows\Temp1EFEC91A-6825-5B94-A982-4BBCDD89F599-Signatures
2013-11-22 16:33 - 2013-11-22 16:33 - 00001068 _____ C:\windows\Synaptics.log
2013-11-22 16:12 - 2013-11-22 16:12 - 00000000 ____D C:\windows\Temp46AC38B7-0AAD-DDAA-03D4-EF582C437C90-Signatures
2013-11-22 16:07 - 2013-11-22 16:09 - 00000000 ____D C:\windows\system32\MRT
2013-11-22 16:07 - 2013-11-07 16:00 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-22 16:04 - 2013-11-22 16:04 - 00000000 ____D C:\windows\pss
2013-11-22 14:42 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-22 14:42 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-22 14:42 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-22 14:42 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-22 14:42 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-22 14:42 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-22 14:42 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-22 14:42 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-22 14:42 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-22 14:42 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-22 14:42 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-22 14:42 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-22 14:42 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-22 14:42 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-22 14:42 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-22 14:42 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-22 14:42 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-22 14:42 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-22 14:42 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-22 14:42 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-22 14:42 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-22 14:42 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-22 14:42 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-22 14:42 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-22 14:42 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-22 14:42 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-22 14:42 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-22 14:42 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-22 14:42 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-22 14:42 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-22 14:24 - 2013-11-22 14:24 - 00000000 ____D C:\Users\DanTheMan\AppData\Roaming\Malwarebytes
2013-11-22 14:24 - 2013-11-22 14:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-22 13:55 - 2013-11-22 13:55 - 00000000 ____D C:\windows\Temp1431E82F-B848-4210-F6F5-A7E2955E27C2-Signatures
2013-11-22 12:28 - 2013-11-23 08:42 - 00000000 ____D C:\FRST
2013-11-21 18:22 - 2013-11-21 18:22 - 00000000 ____D C:\windows\Temp05EF05A9-1375-4327-175F-B12CA9BD7E15-Signatures
2013-11-21 11:31 - 2013-11-21 11:31 - 00000000 ____D C:\windows\Temp1E8D64CA-5074-F8B9-9669-AD54B4C0262E-Signatures
2013-11-10 05:01 - 2013-11-10 05:01 - 00000000 ____D C:\windows\Temp19119A66-ECE5-16C3-0D36-FF3051727CC2-Signatures
2013-11-09 03:45 - 2013-11-09 03:45 - 00000000 ____D C:\windows\Temp8CAB040F-B135-15B9-4644-A64794D8CBAD-Signatures
2013-11-09 03:45 - 2013-11-09 03:45 - 00000000 ____D C:\e0bb54a30b3096dc1e
2013-11-08 08:09 - 2013-11-08 08:09 - 00000000 ____D C:\windows\TempF5254778-AC34-470C-F5A2-08AB70053793-Signatures
2013-11-07 12:12 - 2013-09-04 06:12 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-11-07 12:12 - 2013-09-04 06:11 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-11-07 12:12 - 2013-09-04 06:11 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-11-07 12:12 - 2013-09-04 06:11 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-11-07 12:12 - 2013-09-04 06:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-11-07 12:12 - 2013-09-04 06:11 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2013-11-07 12:12 - 2013-09-04 06:11 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-11-07 05:20 - 2013-11-07 05:20 - 00000000 ____D C:\windows\TempD52D1B30-7C02-B05A-C61F-877AC7B8F37B-Signatures
2013-11-06 22:42 - 2013-08-04 20:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2013-11-06 22:42 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-11-06 22:42 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-11-06 22:41 - 2013-09-07 20:30 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-11-06 22:41 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2013-11-06 22:41 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2013-11-06 22:41 - 2013-08-28 20:17 - 05549504 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-11-06 22:41 - 2013-08-28 20:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-11-06 22:41 - 2013-08-28 20:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2013-11-06 22:41 - 2013-08-28 20:16 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-11-06 22:41 - 2013-08-28 20:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2013-11-06 22:41 - 2013-08-28 19:51 - 03969472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-11-06 22:41 - 2013-08-28 19:51 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-11-06 22:41 - 2013-08-28 19:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-11-06 22:41 - 2013-08-28 19:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2013-11-06 22:41 - 2013-08-28 19:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-11-06 22:41 - 2013-08-28 19:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2013-11-06 22:41 - 2013-08-28 18:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-11-06 22:41 - 2013-08-28 18:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-11-06 22:41 - 2013-08-28 18:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-11-06 22:41 - 2013-08-28 18:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-11-06 22:41 - 2013-08-27 19:21 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-11-06 22:41 - 2013-08-01 20:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2013-11-06 22:41 - 2013-08-01 20:13 - 01161216 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-11-06 22:41 - 2013-08-01 20:13 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-11-06 22:41 - 2013-08-01 19:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 19:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-11-06 22:41 - 2013-08-01 18:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2013-11-06 22:41 - 2013-08-01 18:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 18:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 18:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-11-06 22:41 - 2013-08-01 18:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-11-06 22:41 - 2013-07-25 20:24 - 14172672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-11-06 22:41 - 2013-07-25 20:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-11-06 22:41 - 2013-07-25 19:55 - 12872704 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-11-06 22:41 - 2013-07-25 19:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-11-06 22:41 - 2013-07-12 04:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-11-06 22:41 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-11-06 22:41 - 2013-07-12 04:40 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2013-11-06 22:41 - 2013-07-04 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2013-11-06 22:41 - 2013-07-04 06:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2013-11-06 22:41 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2013-11-06 22:41 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2013-11-06 22:41 - 2013-07-04 04:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2013-11-06 22:41 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-11-06 22:41 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-11-06 22:41 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-11-06 22:41 - 2013-06-05 23:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2013-11-06 22:41 - 2013-06-05 23:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2013-11-06 22:41 - 2013-06-05 23:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2013-11-06 22:41 - 2013-06-05 23:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-11-06 22:41 - 2013-06-05 22:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2013-11-06 22:41 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2013-11-06 22:41 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2013-11-06 22:41 - 2013-06-05 21:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-11-06 22:41 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-11-06 22:41 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-11-06 22:40 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2013-11-06 22:40 - 2013-08-01 06:09 - 00983488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-11-06 22:40 - 2013-07-20 04:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-06 22:40 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-06 22:01 - 2013-11-06 22:01 - 50053120 _____ C:\Program Files (x86)\GUT976B.tmp
2013-11-06 22:01 - 2013-11-06 22:01 - 00000000 ____D C:\Program Files (x86)\GUM975A.tmp

==================== One Month Modified Files and Folders =======

2013-11-23 09:36 - 2011-07-19 08:26 - 01205900 _____ C:\windows\WindowsUpdate.log
2013-11-23 09:34 - 2012-08-12 18:14 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-23 09:18 - 2013-01-01 15:54 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA.job
2013-11-23 09:13 - 2011-07-19 08:59 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-23 09:13 - 2009-07-13 22:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-23 09:13 - 2009-07-13 22:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-23 09:11 - 2013-11-23 09:11 - 00000000 ____D C:\windows\ERUNT
2013-11-23 09:11 - 2009-07-13 23:13 - 00779116 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-23 09:06 - 2013-11-23 08:46 - 00000112 _____ C:\windows\setupact.log
2013-11-23 09:06 - 2011-07-19 08:59 - 00000908 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-23 09:06 - 2009-07-13 23:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-23 09:04 - 2013-11-23 09:01 - 00000000 ____D C:\AdwCleaner
2013-11-23 09:02 - 2011-12-16 14:09 - 00000000 ____D C:\ProgramData\Uniblue
2013-11-23 08:46 - 2013-11-23 08:46 - 00000000 _____ C:\windows\setuperr.log
2013-11-23 08:42 - 2013-11-22 12:28 - 00000000 ____D C:\FRST
2013-11-23 08:38 - 2011-04-11 00:12 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-23 07:37 - 2012-03-28 07:02 - 00000000 ____D C:\windows\Minidump
2013-11-23 07:30 - 2013-11-23 07:29 - 00000000 ____D C:\windows\Temp2C03EFF6-1920-FF92-EDAF-6244EFE7D18C-Signatures
2013-11-23 07:30 - 2013-11-22 17:34 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-11-23 07:30 - 2011-12-13 21:25 - 00002141 _____ C:\windows\epplauncher.mif
2013-11-23 07:29 - 2013-01-01 15:54 - 00000872 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core.job
2013-11-23 01:21 - 2009-07-13 21:20 - 00000000 ____D C:\windows\rescache
2013-11-22 21:24 - 2011-12-12 20:34 - 00001424 _____ C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-22 21:21 - 2010-11-20 21:47 - 00927038 _____ C:\windows\PFRO.log
2013-11-22 18:27 - 2009-07-13 21:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-22 17:37 - 2013-11-22 17:37 - 00000000 ____D C:\Users\DanTheMan\AppData\Roaming\AVAST Software
2013-11-22 17:34 - 2013-11-22 17:34 - 01032416 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00409832 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2013-11-22 17:34 - 2013-11-22 17:34 - 00205320 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00084328 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00065776 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00065264 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2013-11-22 17:34 - 2013-11-22 17:34 - 00038984 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-11-22 17:34 - 2013-11-22 17:34 - 00001977 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-22 17:33 - 2013-11-22 17:33 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-22 17:33 - 2013-11-22 17:32 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-22 16:55 - 2011-12-12 23:23 - 00000000 ____D C:\Users\DanTheMan\AppData\Local\CrashDumps
2013-11-22 16:49 - 2012-10-28 20:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-22 16:46 - 2013-11-22 16:40 - 00007784 _____ C:\windows\IE11_main.log
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\ProgramData\Updater
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\ProgramData\RHelpers
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\Program Files\Level Quality Watcher
2013-11-22 16:45 - 2013-11-22 16:45 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
2013-11-22 16:45 - 2011-12-15 09:33 - 00000000 ____D C:\Users\DanTheMan\AppData\Local\Adobe
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Program Files (x86)\sp
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Program Files (x86)\Social Privacy DNS
2013-11-22 16:44 - 2012-08-12 18:14 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-22 16:44 - 2012-08-12 18:14 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-11-22 16:44 - 2012-01-06 22:16 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-22 16:41 - 2013-11-22 16:41 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-22 16:41 - 2013-11-22 16:41 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-22 16:41 - 2013-11-22 16:41 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-22 16:41 - 2013-11-22 16:41 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-22 16:41 - 2013-11-22 16:41 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-22 16:41 - 2013-11-22 16:41 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-22 16:41 - 2013-11-22 16:41 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-22 16:41 - 2013-11-22 16:41 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-22 16:41 - 2013-11-22 16:41 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-22 16:41 - 2013-11-22 16:41 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-22 16:41 - 2013-11-22 16:41 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-22 16:41 - 2013-11-22 16:41 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-22 16:41 - 2013-11-22 16:41 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-22 16:40 - 2012-05-01 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-22 16:40 - 2011-12-13 20:49 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-22 16:39 - 2013-11-22 16:39 - 00000000 ____D C:\windows\Temp1EFEC91A-6825-5B94-A982-4BBCDD89F599-Signatures
2013-11-22 16:33 - 2013-11-22 16:33 - 00001068 _____ C:\windows\Synaptics.log
2013-11-22 16:18 - 2011-07-19 09:00 - 00000000 ____D C:\ProgramData\Norton
2013-11-22 16:16 - 2012-06-19 22:23 - 00000000 ____D C:\Users\DanTheMan\AppData\Roaming\Skype
2013-11-22 16:14 - 2011-12-16 04:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-22 16:12 - 2013-11-22 16:12 - 00000000 ____D C:\windows\Temp46AC38B7-0AAD-DDAA-03D4-EF582C437C90-Signatures
2013-11-22 16:10 - 2009-07-13 20:34 - 00000499 _____ C:\windows\win.ini
2013-11-22 16:09 - 2013-11-22 16:07 - 00000000 ____D C:\windows\system32\MRT
2013-11-22 16:04 - 2013-11-22 16:04 - 00000000 ____D C:\windows\pss
2013-11-22 15:28 - 2012-08-22 03:50 - 00000000 ____D C:\Program Files\VDownloader
2013-11-22 15:01 - 2011-07-19 08:54 - 00000000 ____D C:\Program Files (x86)\TOSHIBA Corporation
2013-11-22 15:01 - 2011-04-11 00:16 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2013-11-22 15:01 - 2011-04-11 00:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-22 15:01 - 2011-04-11 00:13 - 00000000 ____D C:\Program Files\TOSHIBA
2013-11-22 14:24 - 2013-11-22 14:24 - 00000000 ____D C:\Users\DanTheMan\AppData\Roaming\Malwarebytes
2013-11-22 14:24 - 2013-11-22 14:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-22 13:55 - 2013-11-22 13:55 - 00000000 ____D C:\windows\Temp1431E82F-B848-4210-F6F5-A7E2955E27C2-Signatures
2013-11-21 18:22 - 2013-11-21 18:22 - 00000000 ____D C:\windows\Temp05EF05A9-1375-4327-175F-B12CA9BD7E15-Signatures
2013-11-21 11:40 - 2013-09-01 06:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-21 11:40 - 2012-06-19 22:22 - 00000000 ____D C:\ProgramData\Skype
2013-11-21 11:35 - 2011-12-12 20:34 - 00000000 ___RD C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-21 11:35 - 2011-12-12 20:34 - 00000000 ___RD C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-21 11:31 - 2013-11-21 11:31 - 00000000 ____D C:\windows\Temp1E8D64CA-5074-F8B9-9669-AD54B4C0262E-Signatures
2013-11-10 05:01 - 2013-11-10 05:01 - 00000000 ____D C:\windows\Temp19119A66-ECE5-16C3-0D36-FF3051727CC2-Signatures
2013-11-09 03:45 - 2013-11-09 03:45 - 00000000 ____D C:\windows\Temp8CAB040F-B135-15B9-4644-A64794D8CBAD-Signatures
2013-11-09 03:45 - 2013-11-09 03:45 - 00000000 ____D C:\e0bb54a30b3096dc1e
2013-11-08 08:09 - 2013-11-08 08:09 - 00000000 ____D C:\windows\TempF5254778-AC34-470C-F5A2-08AB70053793-Signatures
2013-11-07 16:00 - 2013-11-22 16:07 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-07 05:53 - 2009-07-13 22:45 - 05006000 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-07 05:52 - 2013-05-19 02:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-07 05:52 - 2013-05-19 02:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-07 05:35 - 2011-12-13 20:50 - 00773332 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-07 05:20 - 2013-11-07 05:20 - 00000000 ____D C:\windows\TempD52D1B30-7C02-B05A-C61F-877AC7B8F37B-Signatures
2013-11-06 22:34 - 2013-08-31 03:35 - 17813896 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2013-11-06 22:08 - 2011-07-19 08:59 - 00003908 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-06 22:08 - 2011-07-19 08:59 - 00003656 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-06 22:01 - 2013-11-06 22:01 - 50053120 _____ C:\Program Files (x86)\GUT976B.tmp
2013-11-06 22:01 - 2013-11-06 22:01 - 00000000 ____D C:\Program Files (x86)\GUM975A.tmp

Some content of TEMP:
====================
C:\Users\DanTheMan\AppData\Local\Temp\nsa2936.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsa2EB4.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsa7393.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsf7057.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsk6D69.exe
C:\Users\DanTheMan\AppData\Local\Temp\nskFA0C.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsu2BD5.exe
C:\Users\DanTheMan\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-23 01:13

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-11-2013 01
Ran by DanTheMan at 2013-11-23 09:39:56
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
AS: Microsoft Security Essentials (Enabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Photoshop CS5.1 (x32 Version: 12.1)
Adobe Reader X MUI (x32 Version: 10.0.0)
Apple Application Support (x32 Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (x32 Version: 2.1.3.127)
ASIO4ALL (x32 Version: 2.10)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.1.42)
Audacity 2.0 (x32)
AudioBox USB driver
avast! Free Antivirus (x32 Version: 9.0.2008)
Avid Audio Drivers (x64) (Version: 8.0.4)
Avid EDL Manager (x32 Version: 27.0.3)
Avid FilmScribe (x32 Version: 27.0.3)
Avid Log Exchange (x32 Version: 27.0.3)
Avid Media Composer (x32 Version: 5.0.3)
Avid MediaLog (x32 Version: 27.0.3)
Bejeweled 3 (x32 Version: 2.2.0.97)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Common (x32 Version: 14.0.0.342)
Conexant HD Audio (Version: 8.54.1.0)
Contents (x32 Version: 14.0.0.342)
Corel VideoStudio Pro X4 (x32 Version: 14.0.0.342)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DeviceIO (x32 Version: 14.0.0.342)
Digidesign Audio Drivers 8.0 (x32 Version: 8.0)
Digidesign Pro Tools Creative Collection 8.0 (x32 Version: 8.0)
Digidesign Pro Tools LE 8.0 (x32 Version: 8.0)
FATE - The Traitor Soul (x32 Version: 2.2.0.95)
FL Studio 10 (x32)
Free DigiRack Plug-Ins 8.0 (x32 Version: 8.0)
Free Mp3 Wma Converter V 2.2 (x32 Version: 2.2.0.0)
Google Chrome (x32 Version: 30.0.1599.101)
Google Talk Plugin (x32 Version: 4.5.3.14917)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
GTA San Andreas (x32 Version: 1.00.00001)
ICA (x32 Version: 14.0.0.342)
IL Download Manager (x32)
Intel® Management Engine Components (x32 Version: 7.0.0.1144)
Intel® Processor Graphics (x32 Version: 8.15.10.2353)
Intel® Rapid Storage Technology (x32 Version: 10.1.0.1008)
Interlok driver setup x64 (Version: 5.8.5)
IPM_VS_Pro (x32 Version: 13.0)
ISCOM (x32 Version: 14.0.0.342)
iTunes (Version: 10.7.0.21)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
[email protected] 1.0 (x32 Version: 1.0)
LAME v3.99.3 (for Windows) (x32)
Magic ISO Maker v5.5 (build 0265) (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
MetaSync (x32 Version: 27.0.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office XP Professional with FrontPage (x32 Version: 10.0.6626.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 16.0.2 (x86 en-US) (x32 Version: 16.0.2)
Mozilla Maintenance Service (x32 Version: 16.0.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.1.0.002)
Native Instruments Abbey Road 60s Drums Vintage (x32)
Native Instruments Controller Editor (Version: 1.4.3.891)
Native Instruments Controller Editor (x32)
Native Instruments Guitar Rig 5 (Version: 5.0.0.2354)
Native Instruments Guitar Rig 5 (x32)
Native Instruments Guitar Rig Elements for Maschine (Version: 1.0.0.001)
Native Instruments Guitar Rig Elements for Maschine (x32)
Native Instruments Komplete Elements Mk2 (Version: 8.0.0.003)
Native Instruments Komplete Elements Mk2 (x32)
Native Instruments Kontakt 5 (Version: 5.0.0.5133)
Native Instruments Kontakt 5 (x32)
Native Instruments Kontakt Elements Selection R2 (Version: 1.1.0.003)
Native Instruments Kontakt Elements Selection R2 (x32)
Native Instruments Maschine (Version: 1.7.2.7746)
Native Instruments Maschine (x32)
Native Instruments Maschine Controller (Version: 3.0.1.648)
Native Instruments Maschine Controller (x32)
Native Instruments Maschine Mikro (Version: 3.0.2.664)
Native Instruments Maschine Mikro (x32)
Native Instruments Reaktor 5 (Version: 5.7.0.264)
Native Instruments Reaktor 5 (x32)
Native Instruments Reaktor Elements Selection (Version: 1.1.0.003)
Native Instruments Reaktor Elements Selection (x32)
Native Instruments Reaktor Spark R2 (Version: 1.1.0.004)
Native Instruments Reaktor Spark R2 (x32)
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Service Center (x32)
PDF Settings CS5 (x32 Version: 10.0)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
Polar Bowler (x32 Version: 2.2.0.95)
PowerISO (x32)
PreSonus Studio One 2 x64 (Version: 2.0.0.16617)
PureHD (x32 Version: 14.0.0.342)
QuickTime (x32 Version: 7.55.90.70)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30124)
Realtek WLAN Driver (x32 Version: 2.00.0016)
Reason 5.0 (x32 Version: 5.0)
ScorpionSaver (x32 Version: 1.0.0.0)
Screwlab Pro (x32)
Sentinel Protection Installer 7.4.0 (x32 Version: 7.4.0)
Setup (x32 Version: 14.0.0.342)
Share (x32 Version: 14.0.0.342)
Share64 (Version: 14.0.0.342)
Skype Launcher (x32 Version: 2.01)
Skype™ 6.10 (x32 Version: 6.10.104)
SmartSound Common Data (x32 Version: 1.1.0)
SmartSound Quicktracks 5 (x32 Version: 5.1.6)
Social Privacy (x32)
Social Privacy DNS (x32)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Tom Clancy's Splinter Cell (x32 Version: 2.2.0.97)
Toshiba App Place (x32 Version: 1.0.6.3)
TOSHIBA Application Installer (x32 Version: 9.0.1.1)
TOSHIBA Assist (x32 Version: 4.02.02)
Toshiba Book Place (x32 Version: 2.2.6775)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Bulletin Board (x32 Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Face Recognition (x32 Version: 3.1.8.64)
TOSHIBA Hardware Setup (x32 Version: 2.1.0.1)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7)
Toshiba Laptop Checkup (x32 Version: 2.0.10.26)
TOSHIBA Media Controller (x32 Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (x32 Version: 1.0.6.1)
Toshiba Online Backup (x32 Version: 2.0.0.25)
TOSHIBA Quality Application (x32 Version: 1.0.3)
TOSHIBA Recovery Media Creator (x32 Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA ReelTime (x32 Version: 1.7.17.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (x32 Version: 1.1.0)
TOSHIBA Service Station (x32 Version: 2.1.52)
TOSHIBA Supervisor Password (x32 Version: 2.1.0.1)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Value Added Package (x32 Version: 1.5.4.64)
TOSHIBA Web Camera Application (x32 Version: 2.0.0.19)
TOSHIBA Wireless LAN Indicator (x32 Version: 1.0.3)
ToshibaRegistration (x32 Version: 1.0.4)
Tube Dimmer (x32 Version: 2.6.49)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
Updater (x32 Version: 2.6.49)
VIO (x32 Version: 14.0.0.342)
VirtualDJ LE Lite (DJ2GO) (x32 Version: 7.0.3)
VSClassic (x32 Version: 14.0.0.342)
VSPro (x32 Version: 14.0.0.342)
WildTangent Games (x32 Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.4.16)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Encoder 9 Series (x32 Version: 9.00.2980)
Windows Media Encoder 9 Series (x32)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
Zuma's Revenge (x32 Version: 2.2.0.97)

==================== Restore Points =========================

05-09-2013 05:00:01 Scheduled Checkpoint
07-11-2013 11:18:52 Windows Update
08-11-2013 14:07:49 Windows Update
09-11-2013 09:58:12 Windows Update
21-11-2013 17:29:59 Windows Update
22-11-2013 00:22:24 Windows Update
22-11-2013 19:54:12 Windows Update
22-11-2013 21:01:10 Removed Amazon Links
22-11-2013 21:02:49 Removed BabylonObjectInstaller
22-11-2013 21:53:43 Removed Java™ 6 Update 20
22-11-2013 21:56:48 Removed InstallIQ Updater
22-11-2013 21:57:51 Removed Bonjour
22-11-2013 22:06:16 Windows Update
22-11-2013 22:39:19 Windows Update
22-11-2013 23:33:20 avast! antivirus system restore point
23-11-2013 13:29:30 Windows Update
23-11-2013 14:37:35 Removed Java 7 Update 7

==================== Hosts content: ==========================

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {17DB6548-5669-45E6-AC9F-FC6D176618E3} - \BackgroundContainer Startup Task No Task File
Task: {248CA66F-48A5-43CC-8CB8-8EA044F11E52} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4A3162EE-E010-4BAB-8B7C-420B60832E2C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core => C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: {6A4CC197-D8A6-4BC5-AD6F-5C0A9C3DEFD0} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {6DC948EE-CBBA-40CF-B39D-2DEC97DEB04B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22] (Adobe Systems Incorporated)
Task: {7E42A5A1-03D0-43C5-9934-AB85BED53BCF} - System32\Tasks\AdobeAAMUpdater-1.0-DanTheMan-PC-DanTheMan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {957EF16B-407B-4FFA-A74D-80E157EAD973} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-19] (Google Inc.)
Task: {9F53F1BB-AFEA-446A-B40D-49772D3767D7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-22] (AVAST Software)
Task: {A6477773-2491-4D0C-A8B4-D1794FC1B0D2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B548B1E0-B4CC-4D90-A174-1F47B698E7DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-19] (Google Inc.)
Task: {CBE9A44C-EEF4-4260-821D-384C5891D2DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA => C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core.job => C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA.job => C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-04-04 20:18 - 2011-04-04 20:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-18 18:18 - 2010-11-18 18:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2010-12-08 16:42 - 2010-12-08 16:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 17:23 - 2010-10-20 17:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-12-13 10:59 - 2011-03-02 14:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-11-22 21:24 - 2013-11-22 04:15 - 02147840 _____ () C:\Program Files\AVAST Software\Avast\defs\13112200\algo.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-22 17:33 - 2013-11-22 17:34 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:1Kim3c4qWajzMIwIpy8etlgdr
AlternateDataStreams: C:\ProgramData\Microsoft:3KtP3GJmjH1tGcj9Y2cIoDL5vGnT3
AlternateDataStreams: C:\Users\DanTheMan\Cookies:f8yI37PjhVrH2zkJfsXkVr273Z
AlternateDataStreams: C:\Users\DanTheMan\Cookies:nadgMuSfR1zRH4ZqrtcBGhRbnDid
AlternateDataStreams: C:\Users\DanTheMan\Local Settings:mnyziougTbBQxvumfAFAg1
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local:mnyziougTbBQxvumfAFAg1
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Application Data:mnyziougTbBQxvumfAFAg1
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\BXlPSSCNDc:vlGnyY7uqybkqcJGAQE1Pn
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\j042nLKTZFW:ph8bj5ULzAcW0Ke606hRen
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Temp:DaHJw5lZ2qp09sRZIS3WSSY
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Temp:I7GNyQ0r0f6rCe6XeB0xaL
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Temporary Internet Files:sr3Gxm48xmdZseSFS9OV8i

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Description: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192Ce
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (11/23/2013 09:36:28 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 107.2.0.0

Update Source: %NT AUTHORITY51

Update Stage: 4.2.0223.00

Source Path: 4.2.0223.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/23/2013 09:36:28 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.157.1127.0

Update Source: %NT AUTHORITY51

Update Stage: 4.2.0223.00

Source Path: 4.2.0223.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/23/2013 09:36:28 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.157.1127.0

Update Source: %NT AUTHORITY51

Update Stage: 4.2.0223.00

Source Path: 4.2.0223.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/23/2013 09:36:28 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.157.1127.0

Update Source: %NT AUTHORITY59

Update Stage: 4.2.0223.00

Source Path: 4.2.0223.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 4043.86 MB
Available physical RAM: 2700.5 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 6666.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (TI106136W0E) (Fixed) (Total:452.82 GB) (Free:267.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (USB DISK) (Removable) (Total:0.97 GB) (Free:0.97 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 95469684)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=17)

========================================================
Disk: 1 (Size: 998 MB) (Disk ID: 41DE3542)
Partition 1: (Not Active) - (Size=997 MB) - (Type=06)

==================== End Of Log ============================
  • 0

#10
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I notice that even though my laptop has not been connected to the internet it wants to install an update on restart. I can't find what this update is. It seems to be the same one for the past few days, since disconnecting the internet. Ignore it?
  • 0

Advertisements


#11
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
FRST Fix

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Farbar Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

OTL Scan

  • Download OTL to your Desktop
  • Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image box in OTL. To do that:
    • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

      netsvcs
      BASESERVICES
      %SYSTEMDRIVE%\*.exe
      /md5start
      services.*
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      qmgr.dll
      winsock.*
      /md5stop
      dir "%systemdrive%\*" /S /A:L /C
      CREATERESTOREPOINT

  • Open Posted Image on the desktop. To do that:
    • XP users: Double click on the OTL icon.
    • Vista / 7 Users: Right click on the icon and click Run as Administrator)
  • Make sure all other windows are closed.
    • You will see a console like the one below:

      Posted Image

    • Click the box beside Scan All Users at the top of the console
    • IF you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
    • Make sure the Output box at the top is set to Standard Output.
    • Check the boxes beside LOP Checkand Purity Check.
      Place the mouse pointer inside the Posted Image box, right click and click Paste. This will put the above script inside OTL
    • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
    • Let the scan run uninterrupted.
    • When the scan completes, it will open OTL.Txt on the desktop. The Extras.txt file will be minimized on the taskbar. These files is also saved in the same location as OTL (it should be on your desktop).
    • Please copy the contents of these files and paste it into your reply. To do that:
    • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
    • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.
[/list]Repeat for the Extras.txt file.

Attached Files


  • 0

#12
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Here are the files for FRST and FSS. OTL continually freezes up when it gets to (scanning firefox settings). I have tried rerunning the program several times and it does the same thing at the same point. I doubled checked to make sure the copy and paste matched exactly w you had given me to do. It is going on two hours since the last time I started running the program and it is still frozen. Unsure what to do from here.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-11-2013 01
Ran by DanTheMan at 2013-11-23 19:16:42 Run:3
Running from E:\
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKCU\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [481656 2013-11-19] (Updater)
HKLM-x32\...\Run: [dnsshield] - C:\Program Files (x86)\Social Privacy DNS\dnswatch.exe [148480 2013-11-13] ()
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [481656 2013-11-19] (Updater)
MountPoints2: E - E:\Install.exe
URLSearchHook: HKCU - Default Value = {086e63ec-0830-bb34-e51e-716c6eda635f}
URLSearchHook: HKCU - FCToolbarURLSearchHook Class - {086e63ec-0830-bb34-e51e-716c6eda635f} - C:\Program Files (x86)\Shop to Win 36\Helper.dll ()
BHO: Social Privacy - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp64.dll No File
BHO-x32: Shop to Win - {028E5C1E-E93A-FBA4-F949-AFB8EC7A5B86} - C:\Program Files (x86)\Shop to Win 36\Shop to Win 36.dll (Shop To Win, LLC)
BHO-x32: Social Privacy - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll No File
FF Extension: ScorpionSaver - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: Tube Dimmer - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: ShopAtHome.com Toolbar - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF Extension: 509ecf7ad3d08 - C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Social Privacy\FF\
CHR Plugin: (Babylon ToolBar) - C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR Plugin: (Wajam) - C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [511480 2013-10-31] ()
C:\Program Files (x86)\ScorpionSaver
C:\Program Files (x86)\Shop to Win 36
C:\Program Files (x86)\sp
C:\ProgramData\TubeDimmer
C:\ProgramData\ammyy
C:\Program Files\Level Quality Watcher
C:\Program Files (x86)\Social Privacy DNS
C:\ProgramData\RHelpers
C:\ProgramData\Updater
C:\Users\DanTheMan\AppData\Local\Temp\nsa2936.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsa2EB4.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsa7393.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsf7057.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsk6D69.exe
C:\Users\DanTheMan\AppData\Local\Temp\nskFA0C.exe
C:\Users\DanTheMan\AppData\Local\Temp\nsu2BD5.exe
C:\Users\DanTheMan\AppData\Local\Temp\Quarantine.exe
AlternateDataStreams: C:\ProgramData\Microsoft:1Kim3c4qWajzMIwIpy8etlgdr
AlternateDataStreams: C:\ProgramData\Microsoft:3KtP3GJmjH1tGcj9Y2cIoDL5vGnT3
AlternateDataStreams: C:\Users\DanTheMan\Cookies:f8yI37PjhVrH2zkJfsXkVr273Z
AlternateDataStreams: C:\Users\DanTheMan\Cookies:nadgMuSfR1zRH4ZqrtcBGhRbnDid
AlternateDataStreams: C:\Users\DanTheMan\Local Settings:mnyziougTbBQxvumfAFAg1
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local:mnyziougTbBQxvumfAFAg1
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Application Data:mnyziougTbBQxvumfAFAg1
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\BXlPSSCNDc:vlGnyY7uqybkqcJGAQE1Pn
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\j042nLKTZFW:ph8bj5ULzAcW0Ke606hRen
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Temp:DaHJw5lZ2qp09sRZIS3WSSY
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Temp:I7GNyQ0r0f6rCe6XeB0xaL
AlternateDataStreams: C:\Users\DanTheMan\AppData\Local\Temporary Internet Files:sr3Gxm48xmdZseSFS9OV8i

*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Updater => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\dnsshield => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Updater => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{086e63ec-0830-bb34-e51e-716c6eda635f} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{086e63ec-0830-bb34-e51e-716c6eda635f} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} => Key deleted successfully.
HKCR\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{028E5C1E-E93A-FBA4-F949-AFB8EC7A5B86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{028E5C1E-E93A-FBA4-F949-AFB8EC7A5B86} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} => Key deleted successfully.
C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected] => Moved successfully.
C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected] => Moved successfully.
C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected] => Moved successfully.
C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\Extensions\[email protected] => Moved successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\[email protected] => Value deleted successfully.
C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll not found.
C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
Level Quality Watcher => Service deleted successfully.
C:\Program Files (x86)\ScorpionSaver => Moved successfully.
C:\Program Files (x86)\Shop to Win 36 => Moved successfully.
C:\Program Files (x86)\sp => Moved successfully.
C:\ProgramData\TubeDimmer => Moved successfully.
"C:\ProgramData\ammyy" => File/Directory not found.
C:\Program Files\Level Quality Watcher => Moved successfully.
"C:\Program Files (x86)\Social Privacy DNS" => File/Directory not found.
C:\ProgramData\RHelpers => Moved successfully.
C:\ProgramData\Updater => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\nsa2936.exe => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\nsa2EB4.exe => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\nsa7393.exe => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\nsf7057.exe => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\nsk6D69.exe => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\nskFA0C.exe => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\nsu2BD5.exe => Moved successfully.
C:\Users\DanTheMan\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\ProgramData\Microsoft => ":1Kim3c4qWajzMIwIpy8etlgdr" ADS removed successfully.
C:\ProgramData\Microsoft => ":3KtP3GJmjH1tGcj9Y2cIoDL5vGnT3" ADS removed successfully.
"C:\Users\DanTheMan\Cookies" => ":f8yI37PjhVrH2zkJfsXkVr273Z" ADS not found.
"C:\Users\DanTheMan\Cookies" => ":nadgMuSfR1zRH4ZqrtcBGhRbnDid" ADS not found.
"C:\Users\DanTheMan\Local Settings" => ":mnyziougTbBQxvumfAFAg1" ADS not found.
C:\Users\DanTheMan\AppData\Local => ":mnyziougTbBQxvumfAFAg1" ADS removed successfully.
"C:\Users\DanTheMan\AppData\Local\Application Data" => ":mnyziougTbBQxvumfAFAg1" ADS not found.
C:\Users\DanTheMan\AppData\Local\BXlPSSCNDc => ":vlGnyY7uqybkqcJGAQE1Pn" ADS removed successfully.
C:\Users\DanTheMan\AppData\Local\j042nLKTZFW => ":ph8bj5ULzAcW0Ke606hRen" ADS removed successfully.
C:\Users\DanTheMan\AppData\Local\Temp => ":DaHJw5lZ2qp09sRZIS3WSSY" ADS removed successfully.
C:\Users\DanTheMan\AppData\Local\Temp => ":I7GNyQ0r0f6rCe6XeB0xaL" ADS removed successfully.
"C:\Users\DanTheMan\AppData\Local\Temporary Internet Files" => ":sr3Gxm48xmdZseSFS9OV8i" ADS not found.


The system needs a manual reboot.

==== End of Fixlog ====
Farbar Service Scanner Version: 23-11-2013
Ran by DanTheMan (administrator) on 23-11-2013 at 19:19:32
Running from "E:\"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of bfe. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of bfe. The value does not exist.
Unable to retrieve ServiceDll of bfe. The value does not exist.


Firewall Disabled Policy:
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" registry key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.

Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.
Checking Start type of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.
Checking ImagePath of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.
Checking ServiceDll of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.

Checking Start type of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.
Checking ImagePath of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.
Checking ServiceDll of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.



File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#13
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
I want you to uninstall following programs (XP: Start > Control Panel > Add/Remove Programs | Vista / Win7 / Win8: Start > Control Panel > uninstall a program):

  • Social Privacy
  • Social Privacy DNS
  • Tube Dimmer

If you don't find them procceed with the other points/steps.


ERUNT

The steps that I am about to suggest involve modifying the registry. Modifying the registry can be dangerous so we will make a backup of the registry first.
Modification of the registry can be EXTREMELY dangerous if you do not know exactly what you are doing so follow the steps that are listed below EXACTLY. if you cannot perform some of these steps or if you have ANY questions please ask BEFORE proceeding.

Backing Up Your Registry
  • Download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
Posted Image


Eset Service Repair

  • Please download ESET Services Repair Tool from here and save it to your Desktop;
  • Right click and choose Run as administrator
  • If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed
  • Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart

RegFix via RegFile

  • Please download the two Attachments to your Desktop (RemoteAccess.reg and PolicyAgent.reg)
  • Right-Click on RemoteAccess.reg, and select Merge
  • A confirmation prompt will appear. Click Ok.
  • Do the same for PolicyAgent.reg

Farbar Service Scanner

Please start FSS again.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

ZOEK Scan

Download zoek.exe(zip- or rar-file) from here: http://hijackthis.nl/smeenk/
  • Close/disable all anti virus and anti malware programs so they do not interfere download or run of Zoek.exe
    Here or here you can read a manual how to disable your security applications.
  • Unzip zoek.zip or zoek.rar to your desktop.
  • Doubleclick zoek.exe to start the program.
  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this users computer, do not use it on another computer even if the problems are similar :!:
    createsrpoint;
    StandardSearch;
    installer-list;
    installedprogs;
    uninstall-list;
    DIR /S /A:L "%systemdrive%\*">>"%temp%\log.txt";b
    
  • Close any open browsers.
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive.
  • Please post the logfile for further review in your next comment.

Attached Files


  • 0

#14
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Good news. I left OTL frozen on the laptop and woke up this morning and the scan completed. I deleted the three files from your latest post. Let me know if you want me to do anything else. Here are the txt files from the scan:

OTL logfile created on: 11/23/2013 8:46:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DanTheMan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 2.84 Gb Available Physical Memory | 72.04% Memory free
7.90 Gb Paging File | 6.74 Gb Available in Paging File | 85.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.82 Gb Total Space | 267.08 Gb Free Space | 58.98% Space Free | Partition Type: NTFS

Computer Name: DANTHEMAN-PC | User Name: DanTheMan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/23 19:04:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DanTheMan\Desktop\OTL.exe
PRC - [2013/11/22 17:33:58 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/22 17:33:58 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/03 13:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
PRC - [2011/02/01 14:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 14:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/05/05 01:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
PRC - [2010/03/10 16:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/22 17:34:00 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/22 17:33:58 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/11/22 16:41:33 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/01/27 10:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 10:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/12/05 06:02:44 | 005,739,008 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2010/12/09 18:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 16:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 15:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/11/22 16:44:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/28 20:12:26 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/02/03 13:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/02/01 14:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 14:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/29 15:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/05/05 01:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 16:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/03 22:25:10 | 000,159,744 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe -- (digiSPTIService)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/22 17:34:02 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/11/22 17:34:02 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/11/22 17:34:02 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/11/22 17:34:02 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/11/22 17:34:02 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/11/22 17:34:02 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/11/22 17:34:02 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/11/22 17:34:01 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/01/20 14:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/07 10:42:38 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/07 04:54:28 | 000,357,968 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gbxavs.sys -- (gbxavs)
DRV:64bit: - [2011/07/07 04:54:28 | 000,068,688 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gbxusb.sys -- (gbxusb_svc)
DRV:64bit: - [2011/05/13 05:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 05:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 05:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/04/04 21:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 13:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/02/09 12:29:08 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/02/08 20:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/01/05 02:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/08 12:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/10 19:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/12/04 09:26:56 | 000,462,968 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psabusbu.sys -- (PRESONUS_AUDIOBOX_USB)
DRV:64bit: - [2009/12/04 09:26:56 | 000,050,808 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psabusba.sys -- (PRESONUS_AUDIOBOX_WDM)
DRV:64bit: - [2009/12/04 09:26:56 | 000,037,496 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psabusbm.sys -- (PRESONUS_AUDIOBOX_MIDI)
DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/26 20:54:30 | 000,090,544 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 09:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/24 16:36:48 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/12/04 03:03:12 | 000,021,520 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\diginet.sys -- (DigiNet)
DRV:64bit: - [2008/09/08 13:05:00 | 000,105,520 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2007/04/27 09:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV - [2009/10/05 17:10:42 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{B9EFE0A0-89A3-46D9-905E-0BE8A46F1175}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{00A453ED-DDCB-47D4-8291-4E08EA7E0D23}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\..\SearchScopes\{00A453ED-DDCB-47D4-8291-4E08EA7E0D23}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\..\SearchScopes\{9A71687E-1E7A-4DDE-96FF-D16D78B1859B}: "URL" = http://search.yahoo....51,17118,0,18,0
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\..\SearchScopes\{A63D3F1D-B21A-4DDF-A5A1-8AD0D0C63132}: "URL" = http://www.google.co...1I7TSNF_enUS462
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\..\SearchScopes\{BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DanTheMan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DanTheMan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/22 17:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/28 20:12:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/28 20:12:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/11/02 02:05:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Extensions
[2011/12/12 18:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\extensions
[2011/12/12 18:46:09 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2013/11/23 19:16:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\extensions
[2012/10/25 20:40:00 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\extensions\[email protected]
[2013/05/18 19:44:15 | 000,554,855 | ---- | M] () (No name found) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default\extensions\{806215f3-1fe9-5c04-f5dd-1617f7bae315}.xpi
[2013/11/22 15:02:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\SOCIAL PRIVACY\FF
File not found (No name found) -- C:\USERS\DANTHEMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RQAI0FSS.DEFAULT\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\DANTHEMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RQAI0FSS.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 20:12:27 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/31 22:21:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/12 03:27:04 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = http://www.google.com
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: nphelper scriptable example plugin (Enabled) = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo\1.2_0\nphelper.dll
CHR - plugin: Wajam (Enabled) = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00C2\u2122 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: VDownloader (Enabled) = C:\Program Files\VDownloader\Addons\npVDownloader.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Social Privacy = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\
CHR - Extension: No name found = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-784218189-4065130257-2341892420-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\.DEFAULT..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-18..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-784218189-4065130257-2341892420-1000..\Run: [Updater] C:\ProgramData\Updater\updater.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E7FC2C5-81B5-405B-97D2-51B393EBCAB7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E7FC2C5-81B5-405B-97D2-51B393EBCAB7}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96F2D705-7341-47CF-9BDC-EF5A6DD8D385}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96F2D705-7341-47CF-9BDC-EF5A6DD8D385}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/11/23 19:30:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DanTheMan\Desktop\OTL.exe
[2013/11/23 09:11:24 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/11/23 09:01:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/23 07:29:58 | 000,000,000 | ---D | C] -- C:\windows\Temp2C03EFF6-1920-FF92-EDAF-6244EFE7D18C-Signatures
[2013/11/22 17:37:14 | 000,000,000 | ---D | C] -- C:\Users\DanTheMan\AppData\Roaming\AVAST Software
[2013/11/22 17:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/11/22 17:34:13 | 000,065,264 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/11/22 17:34:12 | 001,032,416 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/11/22 17:34:12 | 000,409,832 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/11/22 17:34:12 | 000,084,328 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/11/22 17:34:11 | 000,038,984 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/11/22 17:34:10 | 000,092,544 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013/11/22 17:34:06 | 000,334,648 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/11/22 17:34:01 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/11/22 17:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/22 17:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/11/22 16:46:17 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[2013/11/22 16:45:33 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/22 16:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Social Privacy DNS
[2013/11/22 16:41:44 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/22 16:41:44 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/11/22 16:41:34 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/11/22 16:41:34 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/11/22 16:41:34 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/11/22 16:41:34 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2013/11/22 16:41:34 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/11/22 16:41:34 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/11/22 16:41:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/11/22 16:41:34 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/11/22 16:41:34 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/11/22 16:41:34 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/11/22 16:41:34 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/11/22 16:41:34 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/11/22 16:41:34 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/11/22 16:41:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/22 16:41:34 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/11/22 16:41:34 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/11/22 16:41:34 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/11/22 16:41:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/11/22 16:41:34 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/11/22 16:41:34 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/22 16:41:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/11/22 16:41:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/11/22 16:41:33 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/11/22 16:41:33 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/11/22 16:41:33 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/11/22 16:41:33 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2013/11/22 16:41:33 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/11/22 16:41:33 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/11/22 16:41:33 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2013/11/22 16:41:33 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/11/22 16:41:33 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/11/22 16:41:33 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/11/22 16:41:33 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/11/22 16:41:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2013/11/22 16:41:33 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/11/22 16:41:33 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/11/22 16:41:33 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/11/22 16:41:33 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/11/22 16:41:33 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/11/22 16:41:33 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/11/22 16:41:33 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/11/22 16:41:33 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/11/22 16:41:33 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/11/22 16:41:33 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/11/22 16:41:33 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/11/22 16:41:33 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/11/22 16:41:33 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/11/22 16:41:33 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/11/22 16:41:33 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/11/22 16:41:33 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/11/22 16:41:33 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/11/22 16:41:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2013/11/22 16:41:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/11/22 16:41:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/11/22 16:41:33 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/11/22 16:41:33 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/11/22 16:41:33 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/11/22 16:41:33 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/11/22 16:41:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/11/22 16:41:33 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2013/11/22 16:41:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/11/22 16:41:33 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/11/22 16:41:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/11/22 16:41:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/11/22 16:41:33 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/11/22 16:41:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2013/11/22 16:41:33 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2013/11/22 16:41:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/11/22 16:41:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/11/22 16:41:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2013/11/22 16:41:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/11/22 16:41:33 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/22 16:41:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/11/22 16:41:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/11/22 16:41:33 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/11/22 16:41:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/11/22 16:41:33 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/11/22 16:41:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2013/11/22 16:39:50 | 000,000,000 | ---D | C] -- C:\windows\Temp1EFEC91A-6825-5B94-A982-4BBCDD89F599-Signatures
[2013/11/22 16:12:27 | 000,000,000 | ---D | C] -- C:\windows\Temp46AC38B7-0AAD-DDAA-03D4-EF582C437C90-Signatures
[2013/11/22 16:07:35 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013/11/22 16:04:23 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013/11/22 14:42:52 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013/11/22 14:42:32 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2013/11/22 14:42:32 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2013/11/22 14:42:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2013/11/22 14:42:32 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/22 14:42:32 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/22 14:42:25 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2013/11/22 14:42:25 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013/11/22 14:42:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2013/11/22 14:42:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2013/11/22 14:42:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2013/11/22 14:42:20 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2013/11/22 14:42:20 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2013/11/22 14:42:20 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013/11/22 14:42:20 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2013/11/22 14:42:20 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2013/11/22 14:24:30 | 000,000,000 | ---D | C] -- C:\Users\DanTheMan\AppData\Roaming\Malwarebytes
[2013/11/22 14:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/22 14:23:44 | 000,000,000 | ---D | C] -- C:\Users\DanTheMan\AppData\Local\Programs
[2013/11/22 13:55:16 | 000,000,000 | ---D | C] -- C:\windows\Temp1431E82F-B848-4210-F6F5-A7E2955E27C2-Signatures
[2013/11/22 12:28:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/21 18:22:50 | 000,000,000 | ---D | C] -- C:\windows\Temp05EF05A9-1375-4327-175F-B12CA9BD7E15-Signatures
[2013/11/21 11:31:09 | 000,000,000 | ---D | C] -- C:\windows\Temp1E8D64CA-5074-F8B9-9669-AD54B4C0262E-Signatures
[2013/11/10 05:01:15 | 000,000,000 | ---D | C] -- C:\windows\Temp19119A66-ECE5-16C3-0D36-FF3051727CC2-Signatures
[2013/11/09 03:45:10 | 000,000,000 | ---D | C] -- C:\windows\Temp8CAB040F-B135-15B9-4644-A64794D8CBAD-Signatures
[2013/11/09 03:45:07 | 000,000,000 | ---D | C] -- C:\e0bb54a30b3096dc1e
[2013/11/08 08:09:11 | 000,000,000 | ---D | C] -- C:\windows\TempF5254778-AC34-470C-F5A2-08AB70053793-Signatures
[2013/11/07 12:12:39 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2013/11/07 12:12:39 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2013/11/07 05:20:24 | 000,000,000 | ---D | C] -- C:\windows\TempD52D1B30-7C02-B05A-C61F-877AC7B8F37B-Signatures
[2013/11/06 22:42:07 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2013/11/06 22:42:04 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2013/11/06 22:41:58 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2013/11/06 22:41:58 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2013/11/06 22:41:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2013/11/06 22:41:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2013/11/06 22:41:58 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2013/11/06 22:41:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2013/11/06 22:41:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2013/11/06 22:41:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2013/11/06 22:41:56 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/11/06 22:41:56 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/11/06 22:41:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/11/06 22:41:56 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013/11/06 22:41:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013/11/06 22:41:55 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/11/06 22:41:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013/11/06 22:41:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2013/11/06 22:41:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/11/06 22:41:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/11/06 22:41:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/11/06 22:41:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/11/06 22:41:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/11/06 22:41:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/11/06 22:41:40 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2013/11/06 22:41:40 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys
[2013/11/06 22:41:37 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2013/11/06 22:41:19 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/11/06 22:41:19 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/11/06 22:41:18 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/11/06 22:41:18 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013/11/06 22:41:18 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2013/11/06 22:41:18 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2013/11/06 22:41:18 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2013/11/06 22:41:17 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/11/06 22:41:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/11/06 22:41:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/11/06 22:41:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/11/06 22:41:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/11/06 22:41:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/11/06 22:41:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2013/11/06 22:40:57 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/11/06 22:40:57 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/11/06 22:40:40 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2011/12/12 23:30:33 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files (x86)\Common Files\ApnStub.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/23 23:34:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/11/23 23:18:11 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA.job
[2013/11/23 23:13:14 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/23 22:13:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/23 20:48:09 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/23 20:48:09 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/23 20:45:12 | 000,779,116 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/11/23 20:45:12 | 000,660,546 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/11/23 20:45:12 | 000,121,442 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/11/23 20:40:38 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/11/23 20:40:29 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/23 19:04:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DanTheMan\Desktop\OTL.exe
[2013/11/23 07:30:23 | 000,002,141 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/11/23 07:29:28 | 000,000,872 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core.job
[2013/11/22 17:34:41 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/22 17:34:02 | 001,032,416 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/11/22 17:34:02 | 000,409,832 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/11/22 17:34:02 | 000,334,648 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/11/22 17:34:02 | 000,205,320 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/11/22 17:34:02 | 000,084,328 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/11/22 17:34:02 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/11/22 17:34:02 | 000,065,264 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/11/22 17:34:02 | 000,038,984 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/11/22 17:34:01 | 000,092,544 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013/11/22 17:34:01 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2013/11/22 16:44:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/11/22 16:44:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/22 16:41:44 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/22 16:41:44 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/11/22 16:41:34 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/11/22 16:41:34 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/11/22 16:41:34 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/11/22 16:41:34 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2013/11/22 16:41:34 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/11/22 16:41:34 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/11/22 16:41:34 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/11/22 16:41:34 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/11/22 16:41:34 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/11/22 16:41:34 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/11/22 16:41:34 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/11/22 16:41:34 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/11/22 16:41:34 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/11/22 16:41:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/22 16:41:34 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/11/22 16:41:34 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/11/22 16:41:34 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/11/22 16:41:34 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/11/22 16:41:34 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/11/22 16:41:34 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/22 16:41:34 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/11/22 16:41:34 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/11/22 16:41:34 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/22 16:41:33 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/11/22 16:41:33 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/11/22 16:41:33 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/11/22 16:41:33 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2013/11/22 16:41:33 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/11/22 16:41:33 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/11/22 16:41:33 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2013/11/22 16:41:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/11/22 16:41:33 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/11/22 16:41:33 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/11/22 16:41:33 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/11/22 16:41:33 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2013/11/22 16:41:33 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/11/22 16:41:33 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/11/22 16:41:33 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/11/22 16:41:33 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/11/22 16:41:33 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/11/22 16:41:33 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/11/22 16:41:33 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/11/22 16:41:33 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/11/22 16:41:33 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/11/22 16:41:33 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/11/22 16:41:33 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/11/22 16:41:33 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/11/22 16:41:33 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/11/22 16:41:33 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/11/22 16:41:33 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/11/22 16:41:33 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/11/22 16:41:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/11/22 16:41:33 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2013/11/22 16:41:33 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/11/22 16:41:33 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/11/22 16:41:33 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/11/22 16:41:33 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/11/22 16:41:33 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/11/22 16:41:33 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/11/22 16:41:33 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/11/22 16:41:33 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2013/11/22 16:41:33 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/11/22 16:41:33 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/11/22 16:41:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/11/22 16:41:33 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/11/22 16:41:33 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/11/22 16:41:33 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2013/11/22 16:41:33 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2013/11/22 16:41:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/11/22 16:41:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/11/22 16:41:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2013/11/22 16:41:33 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/11/22 16:41:33 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/22 16:41:33 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/11/22 16:41:33 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/11/22 16:41:33 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/11/22 16:41:33 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/11/22 16:41:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/11/22 16:41:33 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/11/22 16:41:33 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2013/11/07 05:53:02 | 005,006,000 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/11/07 05:35:20 | 000,773,332 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/11/06 22:34:53 | 017,813,896 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/22 17:34:41 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/22 17:34:13 | 000,205,320 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/11/22 17:34:12 | 000,065,776 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/11/22 16:41:34 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/22 16:41:33 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2012/12/13 06:11:33 | 000,217,088 | ---- | C] () -- C:\windows\SysWow64\qtmlClient.dll
[2012/10/16 02:15:07 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2012/08/11 17:36:47 | 000,484,352 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2012/04/10 20:20:02 | 000,145,408 | ---- | C] () -- C:\windows\SysWow64\Lame.exe
[2011/12/15 22:55:22 | 000,001,789 | ---- | C] () -- C:\Users\DanTheMan\Default.atp
[2011/12/15 22:55:21 | 000,000,302 | ---- | C] () -- C:\Users\DanTheMan\DanTheMan.properties
[2011/12/13 20:50:09 | 000,773,332 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/08 13:35:54 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Audacity
[2013/11/22 17:37:14 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\AVAST Software
[2011/12/15 22:53:26 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Avid
[2011/12/13 16:25:19 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Book Place
[2012/08/11 17:37:12 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\FreeAudioPack
[2012/12/13 08:02:46 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\PACE Anti-Piracy
[2012/10/04 12:49:49 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\PreSonus
[2011/12/30 14:07:10 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Propellerhead Software
[2012/12/10 16:48:48 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/12/13 07:09:06 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Structure
[2011/12/23 21:18:16 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\SynthMaker
[2012/11/02 02:13:28 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\TFP
[2013/10/05 13:14:49 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Tific
[2011/12/12 20:37:35 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Toshiba
[2012/12/13 08:04:29 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Trillium Lane
[2011/12/18 19:43:17 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Ulead Systems
[2011/12/12 20:33:30 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\WinBatch

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 19:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/26 23:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 19:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 21:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
No service found with a name of BFE
SRV:64bit: - [2013/09/24 19:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 19:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 19:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 16:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 23:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 22:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 21:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 21:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 21:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 00:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 19:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 19:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 19:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
No service found with a name of SharedAccess
No service found with a name of PolicyAgent
SRV:64bit: - [2013/01/27 10:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/01/27 10:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2009/07/13 19:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 19:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 19:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 19:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 19:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 11:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 19:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 05:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 00:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/09/24 19:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 19:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 21:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 21:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 21:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/09/24 19:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
No service found with a name of wscsvc
SRV:64bit: - [2010/11/20 21:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 21:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 21:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 21:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 21:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 21:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 19:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 23:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 21:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 21:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 21:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 21:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 21:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
No service found with a name of MpsSvc
SRV:64bit: - [2010/11/20 21:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 21:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 21:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 19:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 16:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 21:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 19:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 21:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 00:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 00:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 21:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 21:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 21:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\windows\SysNative\qmgr.dll
[2010/11/20 21:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 15:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2010/11/15 22:02:36 | 000,000,264 | ---- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2010/11/15 22:02:26 | 000,000,225 | ---- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2010/11/15 22:02:34 | 000,000,245 | ---- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 22:02:26 | 000,000,225 | ---- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2010/11/15 22:02:26 | 000,000,228 | ---- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2010/11/15 22:02:24 | 000,000,230 | ---- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2010/11/15 22:02:34 | 000,000,233 | ---- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2010/11/15 22:02:34 | 000,000,231 | ---- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2010/11/15 22:02:34 | 000,000,230 | ---- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2010/11/15 22:02:26 | 000,000,226 | ---- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx
[2010/11/15 22:02:36 | 000,000,232 | ---- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2010/11/15 22:02:34 | 000,000,233 | ---- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2010/11/15 22:02:36 | 000,000,231 | ---- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2010/11/15 22:02:26 | 000,000,231 | ---- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2010/11/15 22:02:30 | 000,000,225 | ---- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2010/11/15 22:02:30 | 000,000,228 | ---- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2010/11/15 22:02:24 | 000,000,231 | ---- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2010/11/15 22:02:32 | 000,000,228 | ---- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2010/11/15 22:02:34 | 000,000,232 | ---- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2010/11/15 22:02:38 | 000,000,231 | ---- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2010/11/15 22:02:26 | 000,000,231 | ---- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2010/11/15 22:02:32 | 000,000,228 | ---- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2010/11/15 22:02:32 | 000,000,229 | ---- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2010/11/15 22:02:30 | 000,000,234 | ---- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2010/11/15 22:02:26 | 000,000,227 | ---- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2010/11/15 22:02:34 | 000,000,229 | ---- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx

< MD5 for: SERVICES.CFG >
[2010/11/15 22:02:22 | 000,032,633 | ---- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.DAT >
[2013/11/05 16:18:20 | 000,003,117 | ---- | M] () MD5=5F3B95A58780ADA3F223F004CDEE9967 -- C:\Users\DanTheMan\AppData\Local\Temp\jrt\services.dat

< MD5 for: SERVICES.DLL >
[2010/03/01 14:47:38 | 004,463,896 | ---- | M] (SmartSound Software Inc.) MD5=3BA7FCEA9125BF98CE228551324E3EDA -- C:\Program Files (x86)\SmartSound Software\Quicktracks 5\Services.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 19:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 01:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\windows\SysNative\en-US\services.exe.mui
[2010/11/21 01:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 22:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 14:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 01:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2010/11/21 01:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 01:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 14:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 01:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 14:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.SETTINGS >
[2012/12/15 09:20:17 | 000,002,467 | ---- | M] () MD5=8D112DFFA078FB32CC3F82158A5F73A6 -- C:\Users\DanTheMan\AppData\Roaming\PreSonus\Studio One 2\x64\Services.settings

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is TI106136W0E
Volume Serial Number is 06BF-2DFF
Directory of C:\
07/13/2009 11:08 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 11:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 11:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 11:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 11:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 11:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/13/2009 11:08 PM <SYMLINKD> All Users [C:\ProgramData]
07/13/2009 11:08 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 11:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 11:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 11:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 11:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 11:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\DanTheMan
12/12/2011 08:33 PM <JUNCTION> Application Data [C:\Users\DanTheMan\AppData\Roaming]
12/12/2011 08:33 PM <JUNCTION> Cookies [C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Cookies]
12/12/2011 08:33 PM <JUNCTION> Local Settings [C:\Users\DanTheMan\AppData\Local]
12/12/2011 08:33 PM <JUNCTION> My Documents [C:\Users\DanTheMan\Documents]
12/12/2011 08:33 PM <JUNCTION> NetHood [C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/12/2011 08:33 PM <JUNCTION> PrintHood [C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/12/2011 08:33 PM <JUNCTION> Recent [C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Recent]
12/12/2011 08:33 PM <JUNCTION> SendTo [C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\SendTo]
12/12/2011 08:33 PM <JUNCTION> Start Menu [C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Start Menu]
12/12/2011 08:33 PM <JUNCTION> Templates [C:\Users\DanTheMan\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\DanTheMan\AppData\Local
12/12/2011 08:33 PM <JUNCTION> Application Data [C:\Users\DanTheMan\AppData\Local]
12/12/2011 08:33 PM <JUNCTION> History [C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\History]
12/12/2011 08:33 PM <JUNCTION> Temporary Internet Files [C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\DanTheMan\Documents
12/12/2011 08:33 PM <JUNCTION> My Music [C:\Users\DanTheMan\Music]
12/12/2011 08:33 PM <JUNCTION> My Pictures [C:\Users\DanTheMan\Pictures]
12/12/2011 08:33 PM <JUNCTION> My Videos [C:\Users\DanTheMan\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 11:08 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 11:08 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 11:08 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/13/2009 11:08 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 11:08 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 11:08 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 11:08 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 11:08 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 11:08 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 11:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/13/2009 11:08 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 11:08 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 11:08 PM <JUNCTION> My Music [C:\Users\Default\Music]
07/13/2009 11:08 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/13/2009 11:08 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 11:08 PM <JUNCTION> My Music [C:\Users\Public\Music]
07/13/2009 11:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/13/2009 11:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
07/19/2011 08:53 AM <JUNCTION> Application Data [C:\windows\system32\config\systemprofile\AppData\Roaming]
07/19/2011 08:53 AM <JUNCTION> Cookies [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
07/19/2011 08:53 AM <JUNCTION> Local Settings [C:\windows\system32\config\systemprofile\AppData\Local]
07/19/2011 08:53 AM <JUNCTION> My Documents [C:\windows\system32\config\systemprofile\Documents]
07/19/2011 08:53 AM <JUNCTION> NetHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/19/2011 08:53 AM <JUNCTION> PrintHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/19/2011 08:53 AM <JUNCTION> Recent [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
07/19/2011 08:53 AM <JUNCTION> SendTo [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
07/19/2011 08:53 AM <JUNCTION> Start Menu [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
07/19/2011 08:53 AM <JUNCTION> Templates [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
07/19/2011 08:53 AM <JUNCTION> Application Data [C:\windows\system32\config\systemprofile\AppData\Local]
07/19/2011 08:53 AM <JUNCTION> History [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
07/19/2011 08:53 AM <JUNCTION> Temporary Internet Files [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
07/19/2011 08:53 AM <JUNCTION> My Music [C:\windows\system32\config\systemprofile\Music]
07/19/2011 08:53 AM <JUNCTION> My Pictures [C:\windows\system32\config\systemprofile\Pictures]
07/19/2011 08:53 AM <JUNCTION> My Videos [C:\windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile
07/19/2011 08:53 AM <JUNCTION> Application Data [C:\windows\system32\config\systemprofile\AppData\Roaming]
07/19/2011 08:53 AM <JUNCTION> Cookies [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
07/19/2011 08:53 AM <JUNCTION> Local Settings [C:\windows\system32\config\systemprofile\AppData\Local]
07/19/2011 08:53 AM <JUNCTION> My Documents [C:\windows\system32\config\systemprofile\Documents]
07/19/2011 08:53 AM <JUNCTION> NetHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/19/2011 08:53 AM <JUNCTION> PrintHood [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/19/2011 08:53 AM <JUNCTION> Recent [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
07/19/2011 08:53 AM <JUNCTION> SendTo [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
07/19/2011 08:53 AM <JUNCTION> Start Menu [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
07/19/2011 08:53 AM <JUNCTION> Templates [C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local
07/19/2011 08:53 AM <JUNCTION> Application Data [C:\windows\system32\config\systemprofile\AppData\Local]
07/19/2011 08:53 AM <JUNCTION> History [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
07/19/2011 08:53 AM <JUNCTION> Temporary Internet Files [C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\Documents
07/19/2011 08:53 AM <JUNCTION> My Music [C:\windows\system32\config\systemprofile\Music]
07/19/2011 08:53 AM <JUNCTION> My Pictures [C:\windows\system32\config\systemprofile\Pictures]
07/19/2011 08:53 AM <JUNCTION> My Videos [C:\windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
82 Dir(s) 286,577,643,520 bytes free

========== Alternate Data Streams ==========

@Alternate Data Stream - 1128 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:QosDlzlPgyGQX7h2

< End of report >


OTL Extras logfile created on: 11/23/2013 8:46:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DanTheMan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 2.84 Gb Available Physical Memory | 72.04% Memory free
7.90 Gb Paging File | 6.74 Gb Available in Paging File | 85.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.82 Gb Total Space | 267.08 Gb Free Space | 58.98% Space Free | Partition Type: NTFS

Computer Name: DANTHEMAN-PC | User Name: DanTheMan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-784218189-4065130257-2341892420-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{20C9EDE0-8009-434b-9A52-12337A8C9625}" = Native Instruments Maschine Mikro
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Controller
"{2F227ACA-204C-4529-BA33-D095C42C72DB}" = Avid Audio Drivers (x64)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{79D320AB-8148-4BC7-B49B-77B5D849E2A5}" = Native Instruments Guitar Rig Elements for Maschine
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{824BB582-4B00-431E-A5B0-C5DC4DB023E9}" = Native Instruments Komplete Elements Mk2
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{8C04CE01-F7B8-4961-884B-6CE7EFFADCD4}" = Native Instruments Reaktor Spark R2
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D94FCA8D-A8B6-4F03-B0AE-416BFB7AF06A}" = Native Instruments Reaktor Elements Selection
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E206701F-713C-4799-B01C-AF24C17C826E}" = Native Instruments Kontakt Elements Selection R2
"{E236DA46-2EDD-4097-8CF4-444B4FC9E226}" = Native Instruments Abbey Road 60s Drums Vintage
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PreSonus Studio One 2" = PreSonus Studio One 2 x64
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB_AUDIO_DEusb-audio.depresonusAudioBoxUSB" = AudioBox USB driver
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AF17224-CF88-40B8-BB1A-D179369847B4}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24185972-C785-4D02-82A1-632FD14C14EC}" = Avid MediaLog
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3BB2CF34-1FC8-46E2-9D64-4A8D1D577549}" = Digidesign Pro Tools Creative Collection 8.0
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{409A13BD-5F3E-442B-BA7B-A1E32B2D8927}" = Digidesign Pro Tools LE 8.0
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5AE7D9E5-9530-4216-98EA-C3E7D0752FB3}" = Avid Log Exchange
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76907753-C8DC-406E-819B-20DF131FA052}" = Avid Media Composer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}" = Toshiba Book Place
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}" = TOSHIBA Hardware Setup
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B65F9A3-9D24-452A-B6EF-1457D65E4259}" = ScorpionSaver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F1D8E17-2AE6-4608-901D-42146D7D9C68}" = Digidesign Audio Drivers 8.0
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A24C2C43-4312-493E-96B3-5D1DCE24DEBF}" = Free DigiRack Plug-Ins 8.0
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7BE4592-E101-4806-BF9A-D88CF5E387E4}" = MetaSync
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}" = TOSHIBA Wireless LAN Indicator
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}" = Updater
"{D5BC49DF-35C6-4C01-A79F-E638E4BF19B3}" = Avid EDL Manager
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E8692F58-03E1-4DBB-8D1A-A70AB1DC634A}" = Avid FilmScribe
"{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}" = Google Talk Plugin
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FCE465F3-ACA2-487A-BCC9-5F1CB9F0CC42}" = VirtualDJ LE Lite (DJ2GO)
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"Avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"dnsshield" = Social Privacy DNS
"FL Studio 10" = FL Studio 10
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2
"Google Chrome" = Google Chrome
"IL Download Manager" = IL Download Manager
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"LAME_is1" = LAME v3.99.3 (for Windows)
"Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265)
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Abbey Road 60s Drums Vintage" = Native Instruments Abbey Road 60s Drums Vintage
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Elements for Maschine" = Native Instruments Guitar Rig Elements for Maschine
"Native Instruments Komplete Elements Mk2" = Native Instruments Komplete Elements Mk2
"Native Instruments Kontakt 5" = Native Instruments Kontakt 5
"Native Instruments Kontakt Elements Selection R2" = Native Instruments Kontakt Elements Selection R2
"Native Instruments Maschine" = Native Instruments Maschine
"Native Instruments Maschine Controller" = Native Instruments Maschine Controller
"Native Instruments Maschine Mikro" = Native Instruments Maschine Mikro
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Elements Selection" = Native Instruments Reaktor Elements Selection
"Native Instruments Reaktor Spark R2" = Native Instruments Reaktor Spark R2
"Native Instruments Service Center" = Native Instruments Service Center
"NortonPCCheckup" = Toshiba Laptop Checkup
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PowerISO" = PowerISO
"Reason5_is1" = Reason 5.0
"Screwlab Pro_is1" = Screwlab Pro
"[email protected]" = Social Privacy
"TubeDimmer" = Tube Dimmer
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WTA-19552635-ecc1-4198-baaf-daf5d228f770" = Tom Clancy's Splinter Cell
"WTA-59ae30ab-5fc0-40fb-8a9c-def76a3bcb84" = Chuzzle Deluxe
"WTA-69a5fde1-517f-495c-acb4-af98f05da7c2" = Bejeweled 3
"WTA-6adfdabe-30d1-483c-8cb1-eb1d54827efc" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-8b18b3d1-54e1-46ec-89ab-790f47f8e66d" = Penguins!
"WTA-9d875b9f-3d5f-4b03-a3b4-58e9c296d2fe" = Zuma's Revenge
"WTA-b894c8c1-30c7-4b8b-8f9a-4669f5999bbf" = FATE - The Traitor Soul
"WTA-bc27bdef-4547-4552-8e3f-cde91c878e53" = Plants vs. Zombies - Game of the Year
"WTA-d70218c9-b462-4192-886a-1d0e4788e249" = Polar Bowler
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/23/2013 9:54:49 PM | Computer Name = DanTheMan-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 29ec Start Time:
01cee8b4c50cd6cb Termination Time: 0 Application Path: C:\Users\DanTheMan\Desktop\OTL.exe

Report
Id: 2c642920-54ab-11e3-9d20-00266cd0568a

Error - 11/23/2013 9:59:10 PM | Computer Name = DanTheMan-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 2a64 Start Time:
01cee8b884f4e1c7 Termination Time: 0 Application Path: C:\Users\DanTheMan\Desktop\OTL.exe

Report
Id: ffeb35ea-54ab-11e3-9d20-00266cd0568a

Error - 11/23/2013 10:39:36 PM | Computer Name = DanTheMan-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 22ec Start Time:
01cee8b8c6d692d0 Termination Time: 0 Application Path: C:\Users\DanTheMan\Desktop\OTL.exe

Report
Id: a5c8ab58-54b1-11e3-9d20-00266cd0568a

Error - 11/23/2013 10:42:15 PM | Computer Name = DanTheMan-PC | Source = WinMgmt | ID = 10
Description =

[ SendoriLogs Events ]
Error - 11/21/2013 10:41:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/21/2013 10:46:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 3:55:48 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 4:00:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 4:05:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 4:10:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 4:15:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 4:20:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 4:25:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

Error - 11/22/2013 4:30:44 PM | Computer Name = DanTheMan-PC | Source = SendoriLog | ID = 99
Description = On EnableObject reference not set to an instance of an object.

[ System Events ]
Error - 11/23/2013 10:41:09 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.157.1127.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 11/23/2013 10:41:09 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 107.2.0.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%886 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 2.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 11/23/2013 10:50:50 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.157.1127.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 11/23/2013 10:50:50 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.157.1127.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 11/23/2013 10:50:50 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.157.1127.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 11/23/2013 10:50:50 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 107.2.0.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%886 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 2.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 11/23/2013 11:10:49 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.157.1127.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 11/23/2013 11:10:49 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.157.1127.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 11/23/2013 11:10:49 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.157.1127.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved

Error - 11/23/2013 11:10:49 PM | Computer Name = DanTheMan-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 107.2.0.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094

Signature
Type: %%886 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 2.1.9800.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved


< End of report >

Edited by 281RMJ, 24 November 2013 - 07:59 AM.

  • 0

#15
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Please do also the other steps I told you in Post #13. :) We will work from there.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP