Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Programs bogged down


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Can you run FRST again and just do a scan?
  • 0

Advertisements


#17
Frank382569

Frank382569

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013
Ran by Franklin (administrator) on FRANKLIN-ASUS on 29-12-2013 00:31:06
Running from C:\Users\Franklin\Pictures
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
( ) C:\Windows\System32\lxddcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe
() C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
() C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bluetooth Connection Assistant] - LBTWIZ.EXE -silent
HKLM\...\Run: [lxddmon.exe] - C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe [291496 2009-04-27] ()
HKLM\...\Run: [lxddamon] - C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe [25256 2009-04-27] ()
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-07-16] (VIA)
HKLM-x32\...\Run: [RunAIShell] - C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ATICustomerCare] - C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [ccApp] - C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2010-01-25] (Symantec Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [lxddmon.exe] - C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddmon.exe [291496 2009-04-27] ()
HKLM-x32\...\Run: [lxddamon] - C:\Program Files (x86) (x86)\Lexmark 2500 Series\lxddamon.exe [25256 2009-04-27] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
Winlogon\Notify\ScCertProp: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [5252408 2010-06-01] (Yahoo! Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3407496 2012-06-11] (Electronic Arts)
HKCU\...\Run: [Cbox] - C:\Program Files (x86)\Cbox\Cbox
Startup: C:\Users\Franklin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Franklin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PE_IE_Helper Class - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: x-owacid - {0215258f-f0a8-49de-bf1b-0ff02eda8807} - No File
Handler-x32: x-owacid - {0215258f-f0a8-49de-bf1b-0ff02eda8807} - C:\Program Files (x86)\Microsoft\Outlook Web Access SMIME Client\mimectl.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11

FireFox:
========
FF ProfilePath: C:\Users\Franklin\AppData\Roaming\Mozilla\Firefox\Profiles\mjqudjd9.default
FF DefaultSearchEngine: Ask Search
FF SearchEngineOrder.1: Ask Search
FF SearchEngineOrder.2: Ask Search
FF SelectedSearchEngine: Ask Search
FF Homepage: https://www.google.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Franklin\AppData\Local\Roblox\Versions\version-28a069d7dccb4f92\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF SearchPlugin: C:\Users\Franklin\AppData\Roaming\Mozilla\Firefox\Profiles\mjqudjd9.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Users\Franklin\AppData\Roaming\Mozilla\Firefox\Profiles\mjqudjd9.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\Franklin\AppData\Roaming\Mozilla\Firefox\Profiles\mjqudjd9.default\searchplugins\iBryte_playbryte.xml
FF Extension: WebSlingPlayer - C:\Users\Franklin\AppData\Roaming\Mozilla\Firefox\Profiles\mjqudjd9.default\Extensions\{9EB34849-81D3-4841-939D-666D522B889A}
FF Extension: Bitdefender QuickScan - C:\Users\Franklin\AppData\Roaming\Mozilla\Firefox\Profiles\mjqudjd9.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: Greasemonkey - C:\Users\Franklin\AppData\Roaming\Mozilla\Firefox\Profiles\mjqudjd9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\SaveValet\extension.xpi

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files (x86)\mystarttb\chrome-newtab-search.crx
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadpabahabkmdndndlimfikephnoka] - C:\Users\Franklin\AppData\Local\CRE\fcoadpabahabkmdndndlimfikephnoka.crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-05] (Advanced Micro Devices, Inc.)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-01-25] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-01-25] (Symantec Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 lxdd_device; C:\Windows\system32\lxddcoms.exe [567216 2007-05-25] ( )
R2 lxdd_device; C:\Windows\SysWow64\lxddcoms.exe [537520 2007-05-25] ( )
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3217344 2010-04-10] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [419656 2010-04-01] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1822296 2010-04-01] (Symantec Corporation)
S2 WSWNDA3100; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [278528 2009-11-04] ()

==================== Drivers (Whitelisted) ====================

S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2011-10-12] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-12] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2011-10-12] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20131228.006\eng64.sys [126040 2013-08-28] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20131228.006\ex64.sys [2099288 2013-08-28] (Symantec Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-10-12] ()
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [447536 2010-03-08] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWow64\Drivers\SRTSP64.SYS [447536 2010-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2010-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWow64\Drivers\SRTSPL64.SYS [482352 2010-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2010-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWow64\Drivers\SRTSPX64.SYS [32304 2010-03-08] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2011-03-23] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [64048 2009-12-28] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2010-04-10] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-10-04] (Symantec Corporation)
U3 avrh0blv; C:\Windows\System32\Drivers\avrh0blv.sys [0 ] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-28 20:27 - 2013-12-28 20:28 - 00000000 ____D C:\Windows\LastGood
2013-12-28 20:22 - 2013-12-28 20:22 - 00094204 _____ C:\ProgramData\1388280165.bdinstall.bin
2013-12-28 20:22 - 2013-12-28 20:22 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-12-28 20:20 - 2013-12-28 20:27 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\QuickScan
2013-12-28 14:32 - 2013-12-28 14:32 - 02347384 _____ (ESET) C:\Users\Franklin\Downloads\esetsmartinstaller_enu (1).exe
2013-12-28 05:37 - 2013-12-28 05:37 - 00000000 ___SD C:\ComboFix
2013-12-28 03:39 - 2013-12-28 03:40 - 00000000 ____D C:\Users\Franklin\The.Hobbit-The.Desolation.of.Smaug.2013.DVDScr.XVID.AC3.Hive-CM8
2013-12-28 03:32 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-12-28 03:32 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-12-28 03:32 - 2012-08-23 09:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-28 03:32 - 2012-08-23 08:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-12-28 03:32 - 2012-08-23 08:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-12-28 03:32 - 2012-08-23 08:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-28 03:32 - 2012-08-23 08:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-28 03:32 - 2012-08-23 08:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-28 03:32 - 2012-08-23 08:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-12-28 03:32 - 2012-08-23 08:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-12-28 03:32 - 2012-08-23 08:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-12-28 03:32 - 2012-08-23 08:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-28 03:32 - 2012-08-23 07:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-12-28 03:32 - 2012-08-23 06:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-28 03:32 - 2012-08-23 06:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-12-28 03:32 - 2012-08-23 06:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-28 03:32 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-12-28 03:32 - 2012-08-23 05:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-12-28 03:32 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-12-28 03:32 - 2012-08-23 05:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-28 03:32 - 2012-08-23 05:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-28 03:32 - 2012-08-23 04:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-12-28 03:32 - 2012-08-23 03:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-28 03:32 - 2012-08-23 03:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-28 03:25 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-28 03:25 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-28 03:25 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-28 03:25 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-28 03:25 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-28 03:25 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-28 03:25 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-28 03:14 - 2013-12-28 03:50 - 00006514 _____ C:\Windows\PFRO.log
2013-12-27 22:04 - 2013-12-27 22:04 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-27 22:03 - 2013-12-27 22:04 - 55915216 _____ (Microsoft Corporation) C:\Users\Franklin\Downloads\IE11-Windows6.1-x64-en-us.exe
2013-12-27 21:59 - 2013-12-27 22:04 - 02347384 _____ (ESET) C:\Users\Franklin\Downloads\esetsmartinstaller_enu.exe
2013-12-27 18:42 - 2013-12-28 05:37 - 00000000 ____D C:\Qoobox
2013-12-27 18:42 - 2013-12-27 19:10 - 00000000 ____D C:\Windows\erdnt
2013-12-27 18:42 - 2011-06-26 01:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-27 18:42 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-27 18:42 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-27 18:42 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-27 18:42 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-27 18:42 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-27 18:42 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-27 18:42 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-27 18:41 - 2013-12-27 18:41 - 05158590 ____R (Swearware) C:\Users\Franklin\Desktop\ComboFix.exe
2013-12-27 16:40 - 2013-09-24 09:53 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2013-12-27 12:17 - 2013-12-27 12:17 - 00000000 ____D C:\ProgramData\APN
2013-12-26 16:57 - 2013-12-26 16:57 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201312261657261496.log
2013-12-26 16:57 - 2013-12-26 16:57 - 00000000 ____D C:\ProgramData\ATI
2013-12-26 16:57 - 2013-12-26 16:57 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-12-26 16:37 - 2013-12-26 16:37 - 00275768 _____ C:\Windows\Minidump\122613-91790-01.dmp
2013-12-26 16:36 - 2013-12-26 16:36 - 880543163 _____ C:\Windows\MEMORY.DMP
2013-12-26 16:32 - 2013-12-26 16:32 - 00000000 ____D C:\Program Files\AMD
2013-12-26 04:11 - 2013-12-26 04:11 - 00003110 _____ C:\VEW.txt
2013-12-26 03:22 - 2013-12-29 00:30 - 00000000 ____D C:\FRST
2013-12-26 03:12 - 2013-12-26 03:12 - 00000000 ____D C:\Windows\ERUNT
2013-12-26 02:59 - 2013-12-26 03:00 - 00000000 ____D C:\AdwCleaner
2013-12-25 22:26 - 2013-12-25 22:28 - 00000000 ____D C:\Users\Franklin\Doctor_Who_2005.2013_Christmas_Special.The_Time_of_The_Doctor.HDTV_x264-FoV[rarbg]
2013-12-25 18:26 - 2013-12-25 18:27 - 00204496 _____ (Malwarebytes) C:\Users\Franklin\Downloads\startuplite-setup-1.07.exe
2013-12-25 16:07 - 2013-12-25 17:14 - 00000000 ____D C:\Users\Franklin\Books for Children and Parents
2013-12-25 15:54 - 2013-12-25 16:00 - 00000000 ____D C:\Users\Franklin\Kindle Books - K
2013-12-25 15:53 - 2013-12-25 15:57 - 00000000 ____D C:\Users\Franklin\Kindle Books - W, X, Y, Z
2013-12-25 15:53 - 2013-12-25 15:56 - 00000000 ____D C:\Users\Franklin\Kindle Books - Q, R
2013-12-25 14:26 - 2013-12-25 14:28 - 00000000 ____D C:\Users\Franklin\Kindle Books - C
2013-12-25 14:16 - 2013-12-25 14:16 - 00000000 ____D C:\Users\Franklin\Suzanne Collins
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\Malwarebytes
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 01:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-22 19:36 - 2013-12-22 19:45 - 267953767 _____ C:\Users\Franklin\Read_Our_Lips_SD.mp4
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 ____D C:\Users\Franklin\AppData\Local\genienext
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 ____D C:\Users\Franklin\AppData\Local\cache
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 ____D C:\Users\Franklin\.android
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 _____ C:\Users\Franklin\daemonprocess.txt
2013-12-20 14:30 - 2013-12-20 14:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 00:06 - 2013-12-20 00:11 - 00000000 ____D C:\Users\Franklin\The Monster Squad [1987] 1080p BluRay AAC x264-tomcat12[ETRG]
2013-12-18 03:27 - 2013-12-22 02:07 - 00000000 ____D C:\Users\Franklin\NCIS Los Angeles S05E12 HDTV x264-LOL[ettv]
2013-12-18 03:27 - 2013-12-18 03:32 - 00000000 ____D C:\Users\Franklin\Uncovering Aliens S01E01 Black Ops Conspiracy HDTV x264-SPASM
2013-12-13 13:31 - 2013-12-13 13:31 - 00000000 ____D C:\Users\Franklin\Penthouse Letters January 2013 [azizex666]
2013-12-12 03:13 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:13 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:13 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:13 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:03 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:03 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:03 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:03 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:03 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:03 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:03 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:03 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:03 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:03 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:03 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:03 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:03 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:03 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:03 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:03 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:03 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:03 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:03 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 03:03 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:03 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 14:58 - 2013-12-11 14:58 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 05:32 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 05:32 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 05:32 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 05:32 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 05:32 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 05:32 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 05:32 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 05:32 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 05:32 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 05:32 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 05:32 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 05:32 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 05:32 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 05:32 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 05:32 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 05:32 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 05:32 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 05:32 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 05:32 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 03:05 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-11 03:03 - 2013-12-11 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 03:03 - 2013-12-11 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 03:03 - 2013-12-11 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 03:03 - 2013-12-11 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 03:02 - 2013-12-11 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 03:02 - 2013-12-11 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 03:02 - 2013-12-11 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 03:02 - 2013-12-11 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-11 03:00 - 2013-12-27 22:04 - 00010159 _____ C:\Windows\IE11_main.log
2013-12-10 01:51 - 2013-12-10 01:55 - 00000000 ____D C:\Users\Franklin\The Mortal Instruments City of Bones (2013)
2013-12-10 00:16 - 2013-12-10 00:16 - 00000000 ____D C:\Users\Franklin\The Park Service Book One of Series - Ryan Winfield
2013-12-07 17:14 - 2013-12-07 17:27 - 00000000 ____D C:\Users\Franklin\Dexter.S08.Season.8.720p.WEB-DL.H264-BS [PublicHD]
2013-12-07 12:29 - 2013-12-07 12:30 - 00000000 ____D C:\Users\Franklin\Insidious Chapter 2 [2013] BRRip XViD[AC3]-juggs[ETRG]
2013-12-06 16:49 - 2013-12-06 16:49 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2013-12-06 16:44 - 2013-12-06 16:44 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00230912 _____ C:\Windows\system32\clinfo.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 00083968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2013-12-06 16:37 - 2013-12-06 16:37 - 29382144 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2013-12-06 16:35 - 2013-12-06 16:35 - 24860160 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2013-12-06 16:33 - 2013-12-06 16:33 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-12-06 16:33 - 2013-12-06 16:33 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-12-06 16:26 - 2013-12-06 16:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.251.dll
2013-12-06 16:13 - 2013-12-06 16:13 - 00550456 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-12-06 15:53 - 2013-12-06 15:53 - 00588288 _____ (AMD) C:\Windows\system32\SETE74A.tmp
2013-12-06 15:53 - 2013-12-06 15:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-12-06 15:53 - 2011-04-20 01:04 - 00480256 _____ (AMD) C:\Windows\system32\atieclxx.exe
2013-12-06 15:52 - 2013-12-06 15:52 - 00239616 _____ (AMD) C:\Windows\system32\SETDD0B.tmp
2013-12-06 15:52 - 2011-04-20 01:04 - 00203776 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2013-12-06 15:22 - 2013-12-06 15:22 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SETD44D.tmp
2013-12-06 15:22 - 2011-04-20 00:23 - 00366080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2013-12-02 00:29 - 2013-12-02 00:29 - 00000000 ____D C:\Users\Franklin\Witches of East End S01E09 HDTV x264-KILLERS[ettv]
2013-12-02 00:26 - 2013-12-02 00:36 - 115403822 ____R C:\Users\Franklin\Witches of East End S01E08 HDTV x264 AAC E-Subs [GWC].mp4
2013-12-02 00:25 - 2013-12-02 00:27 - 00000000 ____D C:\Users\Franklin\The Walking Dead S04E08 HDTV x264-2HD[ettv]
2013-12-01 00:02 - 2013-12-01 00:05 - 00000000 ____D C:\Users\Franklin\[www.Glotorrents.com] - Atlantis.2013.S01E09.Pandoras.Box.HDTV.x264-4PlayHD
2013-11-29 20:52 - 2013-11-29 20:58 - 00000000 ____D C:\Users\Franklin\Riddick[2013] DVDRip XViD[AC3]-juggs[ETRG]
2013-11-29 00:49 - 2013-11-29 01:43 - 2493600206 _____ C:\Users\Franklin\Blow Me Off.mp4

==================== One Month Modified Files and Folders =======

2013-12-29 00:30 - 2013-12-26 03:22 - 00000000 ____D C:\FRST
2013-12-29 00:19 - 2012-03-12 22:22 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-28 23:58 - 2012-05-11 04:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-28 20:55 - 2012-11-15 09:47 - 00000408 ____H C:\Windows\Tasks\Norton Security Scan for Franklin.job
2013-12-28 20:38 - 2011-03-19 21:49 - 01790160 _____ C:\Windows\WindowsUpdate.log
2013-12-28 20:28 - 2013-12-28 20:27 - 00000000 ____D C:\Windows\LastGood
2013-12-28 20:27 - 2013-12-28 20:20 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\QuickScan
2013-12-28 20:22 - 2013-12-28 20:22 - 00094204 _____ C:\ProgramData\1388280165.bdinstall.bin
2013-12-28 20:22 - 2013-12-28 20:22 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-12-28 15:58 - 2011-03-23 22:23 - 00000000 ____D C:\Users\Franklin\Documents\Outlook Files
2013-12-28 15:23 - 2009-07-14 00:13 - 00792792 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 15:22 - 2012-05-18 16:47 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\uTorrent
2013-12-28 14:32 - 2013-12-28 14:32 - 02347384 _____ (ESET) C:\Users\Franklin\Downloads\esetsmartinstaller_enu (1).exe
2013-12-28 12:19 - 2012-03-12 22:22 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-28 09:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-12-28 05:37 - 2013-12-28 05:37 - 00000000 ___SD C:\ComboFix
2013-12-28 05:37 - 2013-12-27 18:42 - 00000000 ____D C:\Qoobox
2013-12-28 04:47 - 2011-03-20 01:19 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\vlc
2013-12-28 04:00 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-28 04:00 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-28 03:56 - 2011-03-19 21:59 - 00000000 ____D C:\Users\Franklin\AppData\Local\Deployment
2013-12-28 03:56 - 2009-07-13 23:51 - 00510328 _____ C:\Windows\setupact.log
2013-12-28 03:52 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 03:50 - 2013-12-28 03:14 - 00006514 _____ C:\Windows\PFRO.log
2013-12-28 03:48 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-28 03:44 - 2013-07-24 02:40 - 00784914 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-28 03:40 - 2013-12-28 03:39 - 00000000 ____D C:\Users\Franklin\The.Hobbit-The.Desolation.of.Smaug.2013.DVDScr.XVID.AC3.Hive-CM8
2013-12-28 03:40 - 2011-03-23 21:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-28 03:40 - 2009-07-13 21:34 - 00000478 _____ C:\Windows\win.ini
2013-12-28 03:39 - 2011-03-19 21:49 - 00000000 ____D C:\Users\Franklin
2013-12-28 03:17 - 2011-03-19 21:59 - 00000000 ____D C:\Users\Franklin\AppData\Local\Apps\2.0
2013-12-27 22:04 - 2013-12-27 22:04 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-27 22:04 - 2013-12-27 22:03 - 55915216 _____ (Microsoft Corporation) C:\Users\Franklin\Downloads\IE11-Windows6.1-x64-en-us.exe
2013-12-27 22:04 - 2013-12-27 21:59 - 02347384 _____ (ESET) C:\Users\Franklin\Downloads\esetsmartinstaller_enu.exe
2013-12-27 22:04 - 2013-12-11 03:00 - 00010159 _____ C:\Windows\IE11_main.log
2013-12-27 21:05 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2013-12-27 19:12 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2013-12-27 19:11 - 2011-03-19 21:50 - 00000000 ___RD C:\Users\Franklin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-27 19:10 - 2013-12-27 18:42 - 00000000 ____D C:\Windows\erdnt
2013-12-27 18:52 - 2009-07-13 21:34 - 91226112 _____ C:\Windows\system32\config\software.bak
2013-12-27 18:52 - 2009-07-13 21:34 - 24641536 _____ C:\Windows\system32\config\system.bak
2013-12-27 18:52 - 2009-07-13 21:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-12-27 18:52 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-12-27 18:52 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-12-27 18:41 - 2013-12-27 18:41 - 05158590 ____R (Swearware) C:\Users\Franklin\Desktop\ComboFix.exe
2013-12-27 17:17 - 2011-03-19 22:29 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-27 16:20 - 2013-10-09 23:44 - 00000000 ____D C:\Program Files (x86)\EPUB to MOBI
2013-12-27 16:19 - 2012-09-06 18:40 - 00000000 ____D C:\Users\Franklin\AppData\Local\Facebook
2013-12-27 12:38 - 2012-10-20 20:42 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\.minecraft
2013-12-27 12:17 - 2013-12-27 12:17 - 00000000 ____D C:\ProgramData\APN
2013-12-27 12:15 - 2013-11-08 01:01 - 00000000 ____D C:\ProgramData\Oracle
2013-12-26 16:57 - 2013-12-26 16:57 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201312261657261496.log
2013-12-26 16:57 - 2013-12-26 16:57 - 00000000 ____D C:\ProgramData\ATI
2013-12-26 16:57 - 2013-12-26 16:57 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-12-26 16:57 - 2011-03-20 14:13 - 00000000 ____D C:\ProgramData\AMD
2013-12-26 16:57 - 2011-03-20 14:11 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-26 16:37 - 2013-12-26 16:37 - 00275768 _____ C:\Windows\Minidump\122613-91790-01.dmp
2013-12-26 16:37 - 2013-01-25 16:59 - 00000000 ____D C:\Windows\Minidump
2013-12-26 16:36 - 2013-12-26 16:36 - 880543163 _____ C:\Windows\MEMORY.DMP
2013-12-26 16:32 - 2013-12-26 16:32 - 00000000 ____D C:\Program Files\AMD
2013-12-26 16:29 - 2013-07-24 02:37 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-26 16:14 - 2012-05-11 04:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-26 16:14 - 2012-05-11 04:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-26 16:14 - 2011-06-13 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-26 16:13 - 2011-03-23 20:05 - 00000000 ____D C:\Users\Franklin\AppData\Local\Adobe
2013-12-26 04:53 - 2012-02-10 15:18 - 00000506 _____ C:\Users\Franklin\Desktop\prod key.txt
2013-12-26 04:11 - 2013-12-26 04:11 - 00003110 _____ C:\VEW.txt
2013-12-26 03:14 - 2010-07-28 17:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-26 03:14 - 2010-07-28 17:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-26 03:12 - 2013-12-26 03:12 - 00000000 ____D C:\Windows\ERUNT
2013-12-26 03:00 - 2013-12-26 02:59 - 00000000 ____D C:\AdwCleaner
2013-12-25 22:28 - 2013-12-25 22:26 - 00000000 ____D C:\Users\Franklin\Doctor_Who_2005.2013_Christmas_Special.The_Time_of_The_Doctor.HDTV_x264-FoV[rarbg]
2013-12-25 18:27 - 2013-12-25 18:26 - 00204496 _____ (Malwarebytes) C:\Users\Franklin\Downloads\startuplite-setup-1.07.exe
2013-12-25 17:14 - 2013-12-25 16:07 - 00000000 ____D C:\Users\Franklin\Books for Children and Parents
2013-12-25 16:00 - 2013-12-25 15:54 - 00000000 ____D C:\Users\Franklin\Kindle Books - K
2013-12-25 15:57 - 2013-12-25 15:53 - 00000000 ____D C:\Users\Franklin\Kindle Books - W, X, Y, Z
2013-12-25 15:56 - 2013-12-25 15:53 - 00000000 ____D C:\Users\Franklin\Kindle Books - Q, R
2013-12-25 14:28 - 2013-12-25 14:26 - 00000000 ____D C:\Users\Franklin\Kindle Books - C
2013-12-25 14:16 - 2013-12-25 14:16 - 00000000 ____D C:\Users\Franklin\Suzanne Collins
2013-12-25 13:40 - 2013-11-11 16:33 - 00000000 ____D C:\Users\Franklin\Tracing
2013-12-25 13:34 - 2011-03-19 22:49 - 00000000 ____D C:\Users\Franklin\Documents\UseNeXT
2013-12-25 02:22 - 2011-03-19 23:32 - 00007663 _____ C:\Users\Franklin\AppData\Local\resmon.resmoncfg
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\Malwarebytes
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-25 01:20 - 2013-12-25 01:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-24 21:21 - 2011-03-20 00:16 - 00000000 ____D C:\Users\Franklin\Documents\StarCraft II
2013-12-24 16:16 - 2011-03-20 00:16 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-12-23 04:26 - 2012-04-25 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-22 19:45 - 2013-12-22 19:36 - 267953767 _____ C:\Users\Franklin\Read_Our_Lips_SD.mp4
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 ____D C:\Users\Franklin\AppData\Local\genienext
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 ____D C:\Users\Franklin\AppData\Local\cache
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 ____D C:\Users\Franklin\.android
2013-12-22 08:15 - 2013-12-22 08:15 - 00000000 _____ C:\Users\Franklin\daemonprocess.txt
2013-12-22 08:13 - 2011-06-24 10:29 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\Mozilla
2013-12-22 02:07 - 2013-12-18 03:27 - 00000000 ____D C:\Users\Franklin\NCIS Los Angeles S05E12 HDTV x264-LOL[ettv]
2013-12-20 14:30 - 2013-12-20 14:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 00:11 - 2013-12-20 00:06 - 00000000 ____D C:\Users\Franklin\The Monster Squad [1987] 1080p BluRay AAC x264-tomcat12[ETRG]
2013-12-18 03:32 - 2013-12-18 03:27 - 00000000 ____D C:\Users\Franklin\Uncovering Aliens S01E01 Black Ops Conspiracy HDTV x264-SPASM
2013-12-14 11:27 - 2012-11-11 11:19 - 00001325 _____ C:\Users\Franklin\Desktop\ROBLOX Player.lnk
2013-12-14 11:27 - 2012-03-30 12:51 - 00000000 ____D C:\Users\Franklin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2013-12-14 03:04 - 2013-07-18 02:05 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 03:00 - 2011-03-20 16:52 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 13:31 - 2013-12-13 13:31 - 00000000 ____D C:\Users\Franklin\Penthouse Letters January 2013 [azizex666]
2013-12-13 03:55 - 2011-04-09 21:20 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-13 03:55 - 2011-04-09 21:19 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-12-12 04:41 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 04:39 - 2009-07-13 23:45 - 00416688 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 00:07 - 2013-11-08 01:05 - 00001038 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-11 14:58 - 2013-12-11 14:58 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 05:22 - 2011-03-19 21:59 - 00001425 _____ C:\Users\Franklin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 03:03 - 2013-12-11 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 03:03 - 2013-12-11 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 03:03 - 2013-12-11 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 03:03 - 2013-12-11 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 03:03 - 2013-12-11 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 03:03 - 2013-12-11 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 03:03 - 2013-12-11 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 03:02 - 2013-12-11 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 03:02 - 2013-12-11 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 03:02 - 2013-12-11 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 03:02 - 2013-12-11 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 03:02 - 2013-12-11 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 07:20 - 2012-03-12 22:21 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-10 01:55 - 2013-12-10 01:51 - 00000000 ____D C:\Users\Franklin\The Mortal Instruments City of Bones (2013)
2013-12-10 00:16 - 2013-12-10 00:16 - 00000000 ____D C:\Users\Franklin\The Park Service Book One of Series - Ryan Winfield
2013-12-09 02:24 - 2013-06-25 10:21 - 00000000 ____D C:\Program Files (x86)\gravitysensation.com
2013-12-09 02:24 - 2012-12-15 09:40 - 00000000 ____D C:\Users\Franklin\AppData\Local\Unity
2013-12-07 17:27 - 2013-12-07 17:14 - 00000000 ____D C:\Users\Franklin\Dexter.S08.Season.8.720p.WEB-DL.H264-BS [PublicHD]
2013-12-07 12:30 - 2013-12-07 12:29 - 00000000 ____D C:\Users\Franklin\Insidious Chapter 2 [2013] BRRip XViD[AC3]-juggs[ETRG]
2013-12-06 17:03 - 2012-12-19 14:31 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETFD15.tmp
2013-12-06 17:01 - 2012-12-19 15:08 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SET30BF.tmp
2013-12-06 16:57 - 2012-12-19 14:59 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETCEEB.tmp
2013-12-06 16:56 - 2012-12-19 14:44 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETCC3A.tmp
2013-12-06 16:49 - 2013-12-06 16:49 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2013-12-06 16:44 - 2013-12-06 16:44 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00230912 _____ C:\Windows\system32\clinfo.exe
2013-12-06 16:38 - 2013-12-06 16:38 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 00083968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-12-06 16:38 - 2013-12-06 16:38 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2013-12-06 16:37 - 2013-12-06 16:37 - 29382144 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2013-12-06 16:35 - 2013-12-06 16:35 - 24860160 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2013-12-06 16:33 - 2013-12-06 16:33 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-12-06 16:33 - 2013-12-06 16:33 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-12-06 16:26 - 2013-12-06 16:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.251.dll
2013-12-06 16:13 - 2013-12-06 16:13 - 00550456 _____ C:\Windows\SysWOW64\atiapfxx.blb
2013-12-06 15:53 - 2013-12-06 15:53 - 00588288 _____ (AMD) C:\Windows\system32\SETE74A.tmp
2013-12-06 15:53 - 2013-12-06 15:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2013-12-06 15:52 - 2013-12-06 15:52 - 00239616 _____ (AMD) C:\Windows\system32\SETDD0B.tmp
2013-12-06 15:22 - 2013-12-06 15:22 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SETD44D.tmp
2013-12-06 04:36 - 2012-12-03 02:10 - 00000000 ____D C:\Users\Franklin\Downloads\New folder
2013-12-02 00:36 - 2013-12-02 00:26 - 115403822 ____R C:\Users\Franklin\Witches of East End S01E08 HDTV x264 AAC E-Subs [GWC].mp4
2013-12-02 00:29 - 2013-12-02 00:29 - 00000000 ____D C:\Users\Franklin\Witches of East End S01E09 HDTV x264-KILLERS[ettv]
2013-12-02 00:27 - 2013-12-02 00:25 - 00000000 ____D C:\Users\Franklin\The Walking Dead S04E08 HDTV x264-2HD[ettv]
2013-12-01 00:05 - 2013-12-01 00:02 - 00000000 ____D C:\Users\Franklin\[www.Glotorrents.com] - Atlantis.2013.S01E09.Pandoras.Box.HDTV.x264-4PlayHD
2013-11-29 20:58 - 2013-11-29 20:52 - 00000000 ____D C:\Users\Franklin\Riddick[2013] DVDRip XViD[AC3]-juggs[ETRG]
2013-11-29 01:43 - 2013-11-29 00:49 - 2493600206 _____ C:\Users\Franklin\Blow Me Off.mp4

Some content of TEMP:
====================
C:\Users\Franklin\AppData\Local\Temp\bitdefender_isecurity_[quickscan].exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 05:42

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013
Ran by Franklin at 2013-12-29 00:32:32
Running from C:\Users\Franklin\Pictures
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303)
64 Bit HP CIO Components Installer (Version: 1.2.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.5.146)
AI Manager (x32 Version: 1.08.08)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0405.2205.37728)
AMD Fuel (Version: 2013.1206.1603.28764)
AMD Media Foundation Decoders (Version: 1.0.81206.1620)
AMD USB Filter Driver (x32 Version: 1.0.15.94)
AMD Wireless Display v3.0 (Version: 1.0.0.14)
Any Video Converter 3.4.0 (x32)
ASUS Backup Wizard (x32 Version: 1.00.09)
ASUS VIBE (x32 Version: 1.0.188)
ASUSUpdate (x32 Version: 7.18.03)
ATI AVIVO64 Codecs (Version: 11.6.0.50517)
ATI Catalyst Registration (x32 Version: 3.00.0000)
Best Buy pc app (Version: 3.0.0.0)
Bing Rewards Client Installer (x32 Version: 16.0.345.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764)
Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764)
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764)
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764)
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764)
CCC Help Czech (x32 Version: 2012.0405.2204.37728)
CCC Help Czech (x32 Version: 2013.1206.1602.28764)
CCC Help Danish (x32 Version: 2013.1206.1602.28764)
CCC Help Dutch (x32 Version: 2013.1206.1602.28764)
CCC Help English (x32 Version: 2013.1206.1602.28764)
CCC Help Finnish (x32 Version: 2013.1206.1602.28764)
CCC Help French (x32 Version: 2013.1206.1602.28764)
CCC Help German (x32 Version: 2013.1206.1602.28764)
CCC Help Greek (x32 Version: 2013.1206.1602.28764)
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764)
CCC Help Italian (x32 Version: 2013.1206.1602.28764)
CCC Help Japanese (x32 Version: 2013.1206.1602.28764)
CCC Help Korean (x32 Version: 2013.1206.1602.28764)
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764)
CCC Help Polish (x32 Version: 2013.1206.1602.28764)
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764)
CCC Help Russian (x32 Version: 2013.1206.1602.28764)
CCC Help Spanish (x32 Version: 2012.0405.2204.37728)
CCC Help Spanish (x32 Version: 2013.1206.1602.28764)
CCC Help Swedish (x32 Version: 2013.1206.1602.28764)
CCC Help Thai (x32 Version: 2013.1206.1602.28764)
CCC Help Turkish (x32 Version: 2013.1206.1602.28764)
ccc-utility64 (Version: 2013.1206.1603.28764)
Civilization III (x32)
Civilization III Play the World (x32)
Curse Client (HKCU Version: 5.1.1.792)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.41.3.0173)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
EA Download Manager (x32 Version: 4.0.0.396)
Empire Earth II (x32 Version: 1.20)
Empire Earth II: The Art of Supremacy (x32 Version: 1.0)
Empire Earth III (x32 Version: 1.00.0000)
Empire: Total War (x32)
EPU-4 Engine (x32 Version: 1.00.25)
eReg (x32 Version: 1.20.138.34)
ESET Online Scanner v3 (x32)
Freemake Video Converter version 3.2.1 (x32 Version: 3.2.1)
Google Earth Plug-in (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.22.3)
HP Product Detection (x32 Version: 10.7.9.0)
IBM Lotus Forms Viewer 3.5.1 (x32 Version: 7.6.1.315)
ImgBurn (x32 Version: 2.5.6.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Lexmark 2500 Series (x32)
LiveUpdate 3.3 (Symantec Corporation) (x32 Version: 3.3.0.96)
Logitech SetPoint 6.51 (Version: 6.51.8)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MechWarrior Online (x32 Version: 1.4.1.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Default Manager (x32 Version: 2.2.114.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Outlook Web Access S/MIME (2007) (x32 Version: 8.2.176.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (x32 Version: 1.0.0.133)
Norton Security Scan (x32 Version: 3.7.6.5)
NVIDIA PhysX (x32 Version: 9.10.0224)
Origin (x32 Version: 8.6.0.357)
Pirate101 (x32 Version: 1.0.0)
Platform (x32 Version: 1.34)
Railroad Tycoon 3 (x32 Version: 1.0)
Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0005)
Risk II (x32)
ROBLOX Player for Franklin (HKCU)
ROBLOX Studio 2013 for Franklin (HKCU)
Sanctum (x32)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Sid Meier's Civilization V (x32)
Sid Meier's Civilization V SDK (x32)
SPORE™ (x32 Version: 1.04.0000)
SPORE™ Galactic Adventures (x32 Version: 1.00.0000)
Star Trek Online (x32)
StarCraft II (x32)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
Symantec Endpoint Protection (Version: 11.0.6000.550)
THE SETTLERS - Rise of an Empire (All products) (x32 Version: 1.00.0000)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32)
UseNeXT (x32)
VIA Platform Device Manager (x32 Version: 1.34)
VLC media player 2.1.2 (x32 Version: 2.1.2)
WebSlingPlayer ActiveX (x32 Version: 1.5.2125)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)
WinZip 16.5 (Version: 16.5.10095)
World of Tanks (x32)
World of Warcraft (x32 Version: 5.0.4.16016)
World of Warcraft Beta (x32 Version: 5.0.5.16030)
World of Warcraft Public Test (x32 Version: 0.0.0.0)
World of Warplanes (x32)
Yahoo! Detect (x32)
Yahoo! Messenger (x32)

==================== Restore Points =========================

27-12-2013 17:13:51 Installed Java 7 Update 45
27-12-2013 21:17:37 Removed Java 7 Update 45
27-12-2013 21:18:45 Removed Facebook Messenger 2.1.4814.0
28-12-2013 08:31:01 Windows Update
29-12-2013 01:26:37 Windows Update

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-12-27 19:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {2164F44C-F409-48CE-B85C-3443A37B6D62} - System32\Tasks\Norton Security Scan for Franklin => C:\Program Files (x86)\Norton Security Scan\Engine\3.7.6.5\Nss.exe [2012-11-08] (Symantec Corporation)
Task: {28CEA053-4409-4841-A134-520046F777BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12] (Google Inc.)
Task: {43E545AD-79B4-43EE-A302-02B6209C2161} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {44EC718B-0A00-4E1A-B723-0F81B8B02433} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {6261F9AA-4A1A-48F6-8E3B-A0513D4C6F16} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\AsBackupWizard\AsRunBkWizardHelper.exe [2010-04-23] (ASUSTeK Computer Inc.)
Task: {76C8701D-7C91-42F2-9205-8F3226FE3C98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12] (Google Inc.)
Task: {847F7311-8AB0-4549-81CE-DCCADE2FB8F3} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2009-06-04] ()
Task: {E560DD01-E674-4A6F-8DE4-D7BA995F629C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-26] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Franklin.job => C:\PROGRA~2\NORTON~2\Engine\376~1.5\Nss.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-07-28 17:33 - 2009-05-07 19:51 - 00071680 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2010-07-28 17:33 - 2009-05-07 19:53 - 00379392 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-07-28 17:33 - 2008-01-18 17:50 - 00098816 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2010-07-28 17:33 - 2009-07-10 13:48 - 47601664 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2012-04-05 20:57 - 2012-04-05 20:57 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-01-03 13:48 - 2008-05-16 12:35 - 00040960 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.Monitor.Core.dll
2012-01-03 13:48 - 2008-05-16 12:35 - 00028672 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.Monitor.Common.dll
2012-01-03 13:48 - 2008-05-16 12:34 - 00057344 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.dll
2012-01-03 13:48 - 2007-04-30 08:19 - 00020480 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.NetworkCardDevMon.dll
2012-01-03 13:48 - 2007-04-30 08:19 - 00020480 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.ScanDevMon.dll
2012-01-03 13:48 - 2007-04-30 08:20 - 00011776 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
2010-07-28 17:34 - 2009-01-15 16:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2013-12-20 14:30 - 2013-12-20 14:30 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2013 09:29:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: Ribbons.scr, version: 6.1.7601.17514, time stamp: 0x4ce7a201
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x1c7c
Faulting application start time: 0xRibbons.scr0
Faulting application path: Ribbons.scr1
Faulting module path: Ribbons.scr2
Report Id: Ribbons.scr3

Error: (12/28/2013 08:38:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: Ribbons.scr, version: 6.1.7601.17514, time stamp: 0x4ce7a201
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x20e0
Faulting application start time: 0xRibbons.scr0
Faulting application path: Ribbons.scr1
Faulting module path: Ribbons.scr2
Report Id: Ribbons.scr3

Error: (12/28/2013 08:28:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: MMLoadDrv.exe, version: 2.0.0.0, time stamp: 0x52a239ed
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1bb0
Faulting application start time: 0xMMLoadDrv.exe0
Faulting application path: MMLoadDrv.exe1
Faulting module path: MMLoadDrv.exe2
Report Id: MMLoadDrv.exe3

Error: (12/28/2013 02:32:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/28/2013 02:32:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/28/2013 02:15:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/28/2013 02:13:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/28/2013 09:44:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/28/2013 09:44:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/28/2013 09:42:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (12/28/2013 08:30:49 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/28/2013 08:30:46 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/28/2013 05:44:39 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/28/2013 05:44:36 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/28/2013 03:57:07 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/28/2013 03:52:52 AM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error:
%%2

Error: (12/28/2013 03:52:26 AM) (Source: Service Control Manager) (User: )
Description: The lxddCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (12/28/2013 03:52:26 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxddCATSCustConnectService service to connect.

Error: (12/28/2013 03:52:24 AM) (Source: Service Control Manager) (User: )
Description: The atksgt service failed to start due to the following error:
%%1275

Error: (12/28/2013 03:52:24 AM) (Source: Application Popup) (User: )
Description: Driver atksgt.sys has been blocked from loading.


Microsoft Office Sessions:
=========================
Error: (12/28/2013 09:29:07 PM) (Source: Application Error)(User: )
Description: Ribbons.scr6.1.7601.175144ce7a201ntdll.dll6.1.7601.18247521eaf24c000037400000000000c41021c7c01cf043dbfdb6997C:\Windows\system32\Ribbons.scrC:\Windows\SYSTEM32\ntdll.dllfdb5a47b-7030-11e3-a839-20cf30a00be1

Error: (12/28/2013 08:38:52 PM) (Source: Application Error)(User: )
Description: Ribbons.scr6.1.7601.175144ce7a201ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410220e001cf0436b9ca2e93C:\Windows\system32\Ribbons.scrC:\Windows\SYSTEM32\ntdll.dllf8a76996-7029-11e3-a839-20cf30a00be1

Error: (12/28/2013 08:28:46 PM) (Source: Application Error)(User: )
Description: MMLoadDrv.exe2.0.0.052a239edntdll.dll6.1.7601.18247521ea8e7c0000374000ce7531bb001cf043550aac154C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exeC:\Windows\SysWOW64\ntdll.dll8f21a12c-7028-11e3-a839-20cf30a00be1

Error: (12/28/2013 02:32:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Franklin\Downloads\esetsmartinstaller_enu (1).exe

Error: (12/28/2013 02:32:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Franklin\Downloads\esetsmartinstaller_enu (1).exe

Error: (12/28/2013 02:15:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Franklin\Downloads\esetsmartinstaller_enu.exe

Error: (12/28/2013 02:13:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (12/28/2013 09:44:12 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Franklin\downloads\esetsmartinstaller_enu.exe

Error: (12/28/2013 09:44:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Franklin\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\8PSNZCMU\esetsmartinstaller_enu.exe

Error: (12/28/2013 09:42:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
Date: 2013-12-27 18:50:37.631
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-27 18:50:37.537
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-12 04:37:59.492
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-12 04:37:59.383
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-11 05:18:56.775
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-11 05:18:56.681
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-09 18:40:45.531
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-09 18:40:45.438
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-09 05:14:38.191
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-12-09 05:14:38.082
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 7935.18 MB
Available physical RAM: 5653.77 MB
Total Pagefile: 15868.53 MB
Available Pagefile: 13428.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Franklin) (Fixed) (Total:912.93 GB) (Free:480.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=19 GB) - (Type=1B)
Partition 2: (Active) - (Size=913 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
I'm still seeing the fake driver. Not sure it's a problem. Going to ask in our private forum.

Have you tried to update the video driver yet?

How is it running now?
  • 0

#19
Frank382569

Frank382569

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Glad you could help and yes i updated my video drivers and everything seems to be back to running normal.
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
OK. You might hold off removing our tools until I hear from my forum but I will go ahead and give you my standard goodbye speech now:

Unless you see other problems I think we are done and can clean up

Copy the following:

:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]

Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

That will get the last of the malware off the system.



You can uninstall or delete any tools we had you download and their logs.

If we ran Combofix:To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.



OTL has a cleanup tab but DO NOT USE IT!. There are reports that it leaves the PC unbootable. Instead just delete OTL.exe and the folder c:\_OTL.

To hide hidden files again:

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

Unless you have the latest version of Avast which has its own update checker: To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. Windows always hides its icon so you need to unhide it. Click on the up arrow to the left of the clock. Then click on Customize. Maximize the window so you can see all of the options. Scroll Down and find the File Hippo UpdateChecker and change its Behaviors to Show Icon and Notifications. OK. When you reboot you should see the icon. It will take it a minute to finish checking then it will put up a bubble if you need to update something. Click on the bubble and it should open in your browser. (Seems to work best if it uses Firefox. If you do not use Firefox as your default browser then right click on the icon and click on Settings. Then on Results. Change the Open Results in Default Browser to Custom Browser and then select the line that has Firefox.exe in it. While there, also check Hide Beta Versions. OK. ) You will see a list of programs that have updates with green down arrows next to them. You do not need to download any Beta Versions. There is an option Settings to Hide Beta Versions. I do not advise updating Windows Messenger unless you really use it so I right click on the Icon and Customize Results then find Microsoft Messenger and change Show All Releases to Hide All Releases. OK.

You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on. Go to adblockplus.org with each browser and get the add-on.

If Chrome/Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Close Chrome/Firefox. Hit Optimize. You can run it any time that Chrome/Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

CryptoPrevent

http://www.foolishIT.../cryptoprevent/

The free version does not update on its own so you should check for updated versions once in a while.



If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level. OK.

Make sure Windows Updates is turned and that it works. Go to Control panel, Windows Updates and see if it works.


My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)

Ron
  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
The designer of FRST replied to my post and tells me the driver really is from Daemon Tools Lite and nothing to worry about. You can remove the tools as in my previous post.
  • 0

#22
Frank382569

Frank382569

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
ok thank you for all your help
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP