Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware-bytes hanging computer [Solved]

Started by Snypa86 , Oct 30 2011 12:10 PM

  • This topic is locked This topic is locked

#31
michaelg9
Posted 02 December 2011 - 12:01 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
OK it worked.

Go to start > run and type:

compmgmt.msc

From the left panel click Disk management and maximize the window. Take a snapshot of it and post it here

Next:

Run combofix and post a fresh log of it.

Next:

Let's try to run AVP now that this file is replaced and tell me the results:

Delete AVP from your computer and download a new copy:

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

Advertisements

#32
Snypa86
Posted 02 December 2011 - 12:31 PM

Snypa86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Combofix wont open for some reason. Below are snapshots of it and the other thing you asked for.

Attached Thumbnails

  • fixhelp.JPG
  • comboprobs.JPG

  • 0

#33
michaelg9
Posted 03 December 2011 - 06:26 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Try avp and tell me if it worked
  • 0

#34
Snypa86
Posted 03 December 2011 - 12:42 PM

Snypa86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Didnt work. Stopped at 48% again, but the duration numbers kept going up. Notice the duration times in both snapshots.

Attached Thumbnails

  • IMG-20111203-00256.jpg
  • IMG-20111203-00257.jpg

  • 0

#35
michaelg9
Posted 04 December 2011 - 06:51 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello
Answer this please:
Do you get any unwanted redirects when using search engines?


Next:

  • Open up avast. Click on Scan Computer tab and select 'Boot Time Scan' sub-tab.
  • Click Settings button
  • At areas to scan select All Hard Disks
  • At Heuristics sensitivity select the final column representing High
  • Make sure that 'Scan for potentially unwanted programs (PUP)' is checked and Extract Archives is unchecked
  • Under 'When a threat is found, apply the following action:' select Move to Chest
  • Click OK
  • Click the Schedule now Button
  • Reboot and let avast scan your computer
  • When it finishes and you're in Windows, open up Avast, click Scan Computer tab and select 'Scan Logs' sub-tab. There will be a log on the top of the list named Boot-Time scan. Open it and tell me what it writes

  • 0

#36
Snypa86
Posted 04 December 2011 - 01:35 PM

Snypa86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
I have attached a snapshot of the information you asked for.

Attached Thumbnails

  • boot.JPG

  • 0

#37
michaelg9
Posted 07 December 2011 - 06:32 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
I can't find any trace of malware on your computer. Stalling scans doesn't necessarily mean that you're infected. Also it's on a specific file that stalls, that's not malware.


Next:
Run a final MBAM scan and tell me if it stalls. If not, post its log

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#38
Snypa86
Posted 08 December 2011 - 03:36 PM

Snypa86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
MBAM got stalled too,on a file called mstsc.exe
  • 0

#39
michaelg9
Posted 10 December 2011 - 06:46 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello
Sorry for the late reply, I was very busy

I'm going to ask for some of my colleagues opinion about this. Stay tuned
  • 0

#40
Snypa86
Posted 10 December 2011 - 01:09 PM

Snypa86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Will do. Thanks again Michael.
  • 0

Advertisements

#41
michaelg9
Posted 10 December 2011 - 01:28 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello
For now do this:
Open up OTL, press the None button
Under custom scans/fixes paste the following:

C:\mstsc.* /s

Press Run Scan
Post the log it will produce
  • 0

#42
Snypa86
Posted 10 December 2011 - 01:37 PM

Snypa86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
OTL logfile created on: 12/10/2011 2:31:05 PM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Darron\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 50.92% Memory free
8.18 Gb Paging File | 5.95 Gb Available in Paging File | 72.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.09 Gb Total Space | 111.83 Gb Free Space | 39.23% Space Free | Partition Type: NTFS

Computer Name: DARRON-PC | User Name: Darron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========


< C:\mstsc.* /s >
[2010/12/17 10:41:41 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2008/01/20 21:52:29 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\en-US\mstsc.exe.mui
[2006/09/18 16:27:11 | 000,001,110 | ---- | M] () -- C:\Windows\SysNative\wbem\mstsc.mof
[2010/12/17 08:54:03 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2008/01/20 21:52:33 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\en-US\mstsc.exe.mui
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\System32\wbem\mstsc.mof
[2010/12/17 08:54:03 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mstsc.exe
[2008/01/20 21:52:33 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\en-US\mstsc.exe.mui
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mstsc.mof
[2006/11/02 10:13:31 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesclient.resources_31bf3856ad364e35_6.0.6000.16386_en-us_ce858e3f2990be91\mstsc.exe.mui
[2008/01/20 21:52:29 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesclient.resources_31bf3856ad364e35_6.0.6001.18000_en-us_d0bc503b267bcf65\mstsc.exe.mui
[2008/01/20 21:50:42 | 000,730,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_a9fae918d9750134\mstsc.exe
[2006/09/18 16:27:11 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_a9fae918d9750134\mstsc.mof
[2010/12/17 10:35:26 | 000,730,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18564_none_a9be1436d9a1fff9\mstsc.exe
[2006/09/18 16:27:11 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18564_none_a9be1436d9a1fff9\mstsc.mof
[2010/12/17 10:27:34 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.22815_none_aa7ec4b3f29627b3\mstsc.exe
[2006/09/18 16:27:11 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.22815_none_aa7ec4b3f29627b3\mstsc.mof
[2009/04/11 02:10:31 | 000,731,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18005_none_abe66224d696cc80\mstsc.exe
[2006/09/18 16:27:11 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18005_none_abe66224d696cc80\mstsc.mof
[2010/12/17 10:41:41 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18356_none_abb15884d6be6901\mstsc.exe
[2006/09/18 16:27:11 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18356_none_abb15884d6be6901\mstsc.mof
[2010/12/17 10:43:40 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.22550_none_ac34f579efe16de8\mstsc.exe
[2006/09/18 16:27:11 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.22550_none_ac34f579efe16de8\mstsc.mof
[2006/11/02 10:13:39 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-t..cesclient.resources_31bf3856ad364e35_6.0.6000.16386_en-us_7266f2bb71334d5b\mstsc.exe.mui
[2008/01/20 21:52:33 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-t..cesclient.resources_31bf3856ad364e35_6.0.6001.18000_en-us_749db4b76e1e5e2f\mstsc.exe.mui
[2008/01/20 21:48:26 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_4ddc4d9521178ffe\mstsc.exe
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_4ddc4d9521178ffe\mstsc.mof
[2010/12/17 10:06:15 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18564_none_4d9f78b321448ec3\mstsc.exe
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18564_none_4d9f78b321448ec3\mstsc.mof
[2010/12/17 08:36:21 | 000,677,888 | ---- | M] () -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.22815_none_4e6029303a38b67d\mstsc.exe
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.22815_none_4e6029303a38b67d\mstsc.mof
[2009/04/11 01:27:46 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18005_none_4fc7c6a11e395b4a\mstsc.exe
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18005_none_4fc7c6a11e395b4a\mstsc.mof
[2010/12/17 08:54:03 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18356_none_4f92bd011e60f7cb\mstsc.exe
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.18356_none_4f92bd011e60f7cb\mstsc.mof
[2010/12/17 10:11:52 | 000,677,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.22550_none_501659f63783fcb2\mstsc.exe
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6002.22550_none_501659f63783fcb2\mstsc.mof

< End of report >
  • 0

#43
michaelg9
Posted 12 December 2011 - 07:06 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.

    :Services

    :Reg

    :Files

    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Next:

Open up notepad and paste the following in:

@Echo off
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
del %0


Go to File > Save as...
Name it scan.bat and make sure that at Save as type: All Files(*.*) is selected
Save it at the Desktop and run it
After the black window disappears a new text file named checkhd.txt should appear at your Desktop. Post its contents here
  • 0

#44
Snypa86
Posted 12 December 2011 - 10:38 AM

Snypa86

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts

OTL


OTL logfile created on: 12/12/2011 10:56:02 AM - Run 7
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Darron\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 56.95% Memory free
8.17 Gb Paging File | 6.26 Gb Available in Paging File | 76.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.09 Gb Total Space | 109.74 Gb Free Space | 38.49% Space Free | Partition Type: NTFS

Computer Name: DARRON-PC | User Name: Darron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/11/15 09:22:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Darron\Desktop\OTL.exe
PRC - [2011/05/25 15:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/05/02 09:48:08 | 000,216,064 | ---- | M] (DDHelper) -- C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\DDHelper.exe
PRC - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/15 00:39:54 | 000,420,920 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/15 00:39:53 | 003,702,840 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/15 00:38:16 | 000,122,952 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/15 00:38:15 | 000,222,280 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/15 00:38:14 | 001,746,504 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/01 14:33:13 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/11/01 14:33:09 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011/11/01 14:04:35 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/11/01 14:04:17 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/11/01 14:04:07 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/11/01 14:02:52 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/11/01 14:02:42 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2010/04/01 11:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdrs.dll
MOD - [2010/04/01 11:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2009/05/27 06:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009/02/20 03:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXECsmr.dll
MOD - [2009/02/20 03:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXECsm.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/04/14 14:08:30 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeccoms.exe -- (lxec_device)
SRV:64bit: - [2010/04/14 14:08:23 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV:64bit: - [2009/06/25 22:48:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2008/07/16 13:00:00 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/01/29 08:24:38 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService)
SRV - [2011/08/31 16:34:02 | 000,017,920 | ---- | M] (Microsoft) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe -- (MouseWithoutBordersSvc)
SRV - [2010/04/14 14:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxeccoms.exe -- (lxec_device)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/11 14:22:50 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/04 15:26:34 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/04 03:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2007/06/04 22:13:44 | 000,867,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/28 12:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 12:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 12:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 12:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 12:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 12:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/11/17 19:58:04 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\22481826.sys -- (22481826)
DRV:64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/10/07 07:11:50 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwLv64.sys -- (NETwLv64) Intel®
DRV:64bit: - [2010/07/20 05:38:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010/07/20 05:38:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010/07/20 05:38:24 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/07/20 05:38:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010/06/23 09:21:34 | 000,318,568 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2010/04/26 21:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/04/26 21:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010/04/26 21:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/30 09:32:44 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/25 23:24:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/09 00:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/11/17 15:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/11/04 03:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 08:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 08:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 08:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/06/27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/05/20 17:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/02/29 01:59:32 | 001,252,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/20 21:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2008/01/03 19:57:26 | 000,062,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2007/10/30 21:44:38 | 003,197,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw4v64.sys -- (NETw4v64) Intel®
DRV:64bit: - [2007/09/30 02:03:32 | 000,384,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2007/07/26 20:50:24 | 000,391,680 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2007/05/23 20:47:28 | 000,020,784 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2007/04/23 13:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/23 13:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007/04/23 13:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007/04/23 13:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007/04/23 13:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV:64bit: - [2006/11/17 01:22:06 | 000,297,272 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2006/06/18 10:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2005/06/14 12:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2008/07/16 12:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2004/07/14 11:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\hardlock.sys -- (Hardlock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...=0709&m=m-6888u
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...=0709&m=m-6888u

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Darron\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Darron\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)


[2009/10/15 11:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darron\AppData\Roaming\Mozilla\Extensions
[2009/10/15 11:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darron\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Chrome Refresh = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aifhnlnghddfdaccgbbpbhjfkmncekmn\1.7_0\
CHR - Extension: Turn Off the Lights = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.31_0\
CHR - Extension: Brushed = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: Air Transporter 3D = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadmcjlkjdnbjcdldpfhakfmfedgadjh\1.0.3_0\
CHR - Extension: Auto HD for YouTube = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaielpkecabnggniojjhghggjedkecfj\2.5_0\
CHR - Extension: InvisibleHand = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko\3.3.14_0\
CHR - Extension: Webpages CSS Styler = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbkhlepfbkdbmiogammhjnibakamiehg\1.9.1_0\

O1 HOSTS File: ([2011/11/30 12:06:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\15.0.874.121\npchrome_frame.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4 - Startup: C:\Users\Darron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Darron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_73340297.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: DOWNLOADWITH - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O8 - Extra context menu item: DOWNLOADWITH - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{152FC9C2-BCAE-427D-A325-2A710891001B}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CA007C9-AB9C-470E-B19A-76AC652BD1CB}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43AEFF13-4E04-4A60-9DE8-BF66552EF0B7}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\cf - No CLSID value found
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\15.0.874.121\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Darron\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Darron\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/12 00:26:57 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FEBBDD93-6204-4841-B470-A69931AEAA68}
[2011/12/12 00:26:34 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{6A5686EE-1415-4805-A6D3-39DAA9E12AE5}
[2011/12/11 12:25:58 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{3E4D85E4-6703-4685-A4B1-DB2E325C9043}
[2011/12/11 12:25:48 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{31305E8C-705F-46E6-9BF0-B80559B94C92}
[2011/12/10 14:09:55 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{1A3B8C46-42DA-4C2E-B2E1-E3B61295F0FE}
[2011/12/10 14:09:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{29B6A505-B30F-493A-A5D3-4E5E74A59BFC}
[2011/12/09 17:10:07 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Roaming\COWON
[2011/12/09 16:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COWON Media Center - jetAudio
[2011/12/09 16:56:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COWON
[2011/12/09 16:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JetAudio
[2011/12/09 15:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2011/12/09 10:31:10 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{29EEC368-40AD-4C6F-8A9D-E2BA5F3C56E5}
[2011/12/09 10:30:59 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{89C69164-236C-4406-BA69-F5C782FE484C}
[2011/12/08 21:09:04 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A5858C79-8B5D-4021-8308-3699C4426EE1}
[2011/12/08 21:08:41 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{6BB590F1-6AEA-4DCE-9603-E393D4AAAC7D}
[2011/12/08 09:08:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A9F42EEF-3687-4DC7-A320-C5B5733DA207}
[2011/12/08 09:07:58 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{BC43F234-A080-45E2-8D46-6460355B6599}
[2011/12/07 14:59:02 | 000,000,000 | -HSD | C] -- C:\found.001
[2011/12/07 14:59:02 | 000,000,000 | -HSD | C] -- \found.001
[2011/12/07 12:40:55 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{5E4A66EC-8BF3-453C-8DFD-E718A33FB0A8}
[2011/12/07 12:40:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{AEDFA0D3-3498-4AF6-94B8-7941F782DFAE}
[2011/12/06 21:48:50 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{D8705306-ED76-4D68-B324-BFC3C986D014}
[2011/12/06 21:48:29 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{BF165465-5721-492C-9889-4286C5EF568A}
[2011/12/06 09:48:06 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F8A1892A-D42E-4E3A-9888-93B47E886B20}
[2011/12/06 09:47:42 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{7A5AB7F7-2D87-4116-B538-8BCC73062587}
[2011/12/05 21:47:29 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E9776E58-0E23-40FC-AB22-77AC57DF8AFA}
[2011/12/05 21:47:06 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{7B955EFB-A088-4333-9733-4B683CB4270F}
[2011/12/05 09:46:52 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{EFFB4801-3BB5-4DBD-83D2-FA0E141CC5D9}
[2011/12/05 09:46:29 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{CA973832-6FCC-4B57-9927-FDE44BAEE833}
[2011/12/04 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{1F5377B5-F85E-464E-ADCD-5439B3B24B7B}
[2011/12/04 21:45:36 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{C97149EF-1B2F-47CA-A5CA-24D35F9EB595}
[2011/12/04 03:43:06 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{4CEB4660-9E7E-4FDC-A753-5C771FCE4A3A}
[2011/12/04 03:42:43 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{CF344ED4-748A-4447-A1E2-296422941102}
[2011/12/03 09:59:44 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{47C61AF7-8B3E-4071-BA81-C8C7825D77C1}
[2011/12/03 09:59:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{037C0978-511A-4658-B189-C1DAA03066DA}
[2011/12/02 13:23:42 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011/12/02 13:23:42 | 000,000,000 | --SD | C] -- \32788R22FWJFW
[2011/12/02 11:35:33 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FDB07AE2-E659-44B0-90DC-50343B9D7FAB}
[2011/12/02 11:35:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{3C3BB422-865C-4A91-B303-B680114B144D}
[2011/12/01 20:27:48 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{74D97710-51D8-4A31-9372-2CFF7895C8AC}
[2011/12/01 20:27:25 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{5152A8B3-5CB5-4070-A681-BFABA40953FC}
[2011/12/01 17:24:26 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Roaming\uTorrent
[2011/12/01 08:26:58 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A7FC66C3-8173-4F04-96B6-799458E99092}
[2011/12/01 08:26:33 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{9515E902-219A-4E3B-858A-E5D5E5226E27}
[2011/11/30 13:30:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/30 13:30:22 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN
[2011/11/30 12:27:15 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\temp
[2011/11/30 11:40:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative
[2011/11/30 10:47:16 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E25F4264-B57E-4D5E-A688-8FF18FD8E521}
[2011/11/30 10:47:06 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{8C2AF865-2E1F-4A9D-A77E-EDB27D56152B}
[2011/11/29 19:15:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{42BDF922-9507-4C5D-9761-670AA7A0EACB}
[2011/11/29 19:15:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A298927D-5C2E-4C52-BBB5-5BA7D325221F}
[2011/11/29 18:31:05 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{BE725741-D2B7-420E-A073-BBA97C7386A2}
[2011/11/29 02:40:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{4E2E762A-B70C-48EA-B808-361806481C30}
[2011/11/29 02:40:00 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{34117242-C771-4DD5-8EC5-67CD72F1164D}
[2011/11/28 14:39:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{1F57BEF6-459F-4FEE-922F-2C4421E40422}
[2011/11/28 14:39:23 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B4BB5E17-1F6A-41D1-A5FF-62F914976767}
[2011/11/28 10:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/11/28 10:53:21 | 004,845,856 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Darron\Desktop\procexp.exe
[2011/11/28 10:51:36 | 000,061,440 | ---- | C] ( ) -- C:\Users\Darron\Desktop\VEW.exe
[2011/11/28 02:38:56 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{AE817FED-7583-4A74-88A8-71851C22D77C}
[2011/11/28 02:38:32 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{0BEF834C-BB2E-467E-8934-DAC465BF69AA}
[2011/11/27 14:28:55 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{95CE190B-5436-4BCB-ACE3-6E6365007BD1}
[2011/11/27 14:28:31 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DD6F45B7-39F5-4303-9852-FC026B3264C8}
[2011/11/26 00:50:11 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E7D60AB0-2789-4A0E-A850-1C8351D08213}
[2011/11/26 00:49:47 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{76BE20E0-A9BE-4487-B11D-3A89B1012F3A}
[2011/11/25 12:49:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{D55EF5DF-1849-4D10-B382-412177297F7A}
[2011/11/25 12:49:07 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DE468982-D99B-49BD-8FAB-C21701E20EE7}
[2011/11/24 22:38:52 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{5A3F122D-DAF8-47EC-8F16-2A8D39FAB9E4}
[2011/11/24 22:38:30 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DFE324B6-753A-4275-9376-C43DF7712D5D}
[2011/11/24 03:57:30 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{842D6F53-5619-4927-B478-E2DEA6F911E5}
[2011/11/24 03:57:08 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E143B6E8-CB35-48F0-BBEC-49E3F3EBEC58}
[2011/11/23 14:07:28 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F415AC7F-23B4-4174-B52A-BC8309B2DDFA}
[2011/11/23 14:07:04 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F5FAD3F5-799E-4EEE-8D7F-683F9946D040}
[2011/11/23 01:23:07 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/11/22 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/11/22 22:35:52 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\uTorrent
[2011/11/22 15:00:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{2AC8F3E2-286C-44DA-898A-61D986FF4598}
[2011/11/22 14:59:50 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B9A63835-D71C-4FA0-904C-C6BAFA050813}
[2011/11/22 02:59:36 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A2FFC6B1-37E6-4C3C-81D8-380972763282}
[2011/11/22 02:59:10 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{40C0F2C4-F17F-4A16-ABFE-245B92E1D346}
[2011/11/21 14:58:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E80D5247-9D65-419D-8D1E-BF20524DEAC0}
[2011/11/21 14:58:35 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{CF2DACC0-0302-4FA4-8DB6-FFCB00CAD2A4}
[2011/11/21 14:58:26 | 000,000,000 | ---D | C] -- C:\Users\Darron\Desktop\tdsskiller
[2011/11/21 02:36:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{779B4A63-4B91-4290-AAB3-37A727635F33}
[2011/11/21 02:35:49 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{C6569961-D5DF-4ABC-B0E5-F3790CDD317D}
[2011/11/20 14:35:24 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{AE66123E-7D44-4938-9AAC-3D5157F4E224}
[2011/11/20 14:35:13 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{38A951D0-83C2-4427-955B-104E360FE976}
[2011/11/20 14:23:21 | 000,000,000 | ---D | C] -- C:\found.000
[2011/11/20 14:23:21 | 000,000,000 | ---D | C] -- \found.000
[2011/11/19 13:39:16 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{D7229AB4-C0DB-41B4-A2D8-811ED058E2E3}
[2011/11/19 13:38:54 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E47E7177-6B60-4917-957C-9B7A9D32D380}
[2011/11/19 01:38:40 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F0DF38A9-EC46-4609-B547-323A7E70B791}
[2011/11/19 01:38:18 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{CC9CD894-9985-4066-9017-5C1289B5D0BD}
[2011/11/18 13:38:26 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F0DEA2B1-E37B-4092-B56C-13812FAD0BC6}
[2011/11/18 01:16:18 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{2CDEB39C-C776-41F8-8B6A-A3565EBCF26A}
[2011/11/18 01:16:08 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{1E25EAE4-03EB-46A4-89A3-94562DB1E4E8}
[2011/11/17 12:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/11/17 12:45:19 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\22481826.sys
[2011/11/17 12:33:13 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{11772946-5210-4C8C-8822-5594B9A04D5B}
[2011/11/17 12:33:01 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{4D2BBBEF-9913-413B-A382-61CD70695C79}
[2011/11/17 12:17:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/17 12:17:30 | 000,000,000 | ---D | C] -- \_OTL
[2011/11/16 23:12:01 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{9372FFAB-E6E3-4F55-8BF1-D0A7AABBEC69}
[2011/11/16 23:11:38 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{19105E37-785C-42BE-A95C-5DEA04721752}
[2011/11/16 12:25:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/16 12:25:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/16 12:25:53 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/16 12:25:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/16 12:25:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/16 12:25:38 | 000,000,000 | ---D | C] -- \Qoobox
[2011/11/16 12:23:02 | 004,325,721 | R--- | C] (Swearware) -- C:\Users\Darron\Desktop\ComboFix.exe
[2011/11/16 11:11:05 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{968E812D-C826-4210-9C86-AEF3D9DB5CBA}
[2011/11/16 11:10:55 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{17C3BFF5-2083-4E03-AAFC-B306F99F777F}
[2011/11/15 19:36:59 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{3ED27406-13B9-45A9-9758-CA32217BCCAF}
[2011/11/15 19:36:35 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B90D6854-7E7F-4603-A193-F47DA1BADFD9}
[2011/11/15 10:11:27 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Darron\Desktop\aswMBR.exe
[2011/11/15 09:22:32 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Darron\Desktop\OTL.exe
[2011/11/15 07:35:56 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{2AC54AD9-5E59-4509-9F4C-A9DA5D8BF6AD}
[2011/11/15 07:35:46 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{0EA39C71-CFE1-4356-BCE6-B06ACE8FE62E}
[2011/11/14 13:34:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{465A9AFE-D4C7-4C9F-BC84-9A8C25F22CD9}
[2011/11/14 13:33:50 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FBC9C177-8A6D-48FE-A2B6-C5FBEC7BA715}
[2011/11/14 01:33:36 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DDB63B26-4F8E-4305-937A-9E7E671DB46B}
[2011/11/14 01:33:13 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A44C19B7-C506-4367-AF3D-182966FCBD01}
[2011/11/13 13:33:01 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{4D2C5984-387A-4F11-BF86-96054B9F39C4}
[2011/11/13 13:32:35 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DC2A9E16-90F4-4CDB-8FEB-C68B830A1941}
[2011/11/12 14:01:10 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{8A47663F-6683-437C-B76A-CE9CE061F489}
[2011/11/12 14:00:47 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FEF24643-6407-4BCF-A017-88E1F543D31E}
[2011/07/05 15:08:06 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll
[2011/07/05 15:08:06 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll
[2011/07/05 15:08:06 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll
[2011/07/05 15:08:06 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll
[2011/07/05 15:08:05 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll
[2011/07/05 15:08:05 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll
[2011/07/05 15:08:05 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll
[2011/07/05 15:08:05 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe
[2011/07/05 15:08:05 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll
[2011/07/05 15:08:05 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe
[2011/07/05 15:08:05 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll
[2011/07/05 15:08:05 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe
[2009/11/13 09:05:59 | 021,044,640 | ---- | C] (Sage Software ) -- C:\Users\Darron\AppData\Roaming\ACT1200HotFix_SS.exe

========== Files - Modified Within 30 Days ==========

[2011/12/12 10:59:41 | 000,768,952 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/12 10:59:41 | 000,651,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/12 10:59:41 | 000,121,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/12 10:56:48 | 000,000,093 | ---- | M] () -- C:\Users\Darron\Desktop\scan.bat
[2011/12/12 10:53:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2011/12/12 10:52:34 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/12 10:52:20 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/12 10:52:20 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/12 10:52:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/12 10:36:17 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000UA.job
[2011/12/12 00:08:59 | 000,220,160 | ---- | M] () -- C:\Users\Darron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/11 18:15:59 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/11 12:03:38 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000Core.job
[2011/12/09 16:56:58 | 000,001,662 | ---- | M] () -- C:\Users\Public\Desktop\COWON Media Center - jetAudio.lnk
[2011/12/07 18:36:06 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/12/07 14:22:40 | 000,808,385 | ---- | M] () -- C:\Users\Darron\Desktop\FCB Application.pdf
[2011/12/07 09:00:00 | 000,001,356 | ---- | M] () -- C:\Users\Darron\AppData\Local\d3d9caps.dat
[2011/12/03 10:08:09 | 104,486,648 | ---- | M] () -- C:\Users\Darron\Desktop\setup_11.0.0.1245.x01_2011_12_03_18_18.exe
[2011/12/03 10:00:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/12/02 13:26:58 | 004,325,721 | R--- | M] (Swearware) -- C:\Users\Darron\Desktop\ComboFix.exe
[2011/12/02 13:23:31 | 000,097,468 | ---- | M] () -- C:\Users\Darron\Desktop\fixhelp.JPG
[2011/11/30 14:15:39 | 000,000,806 | ---- | M] () -- C:\Users\Darron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_73340297.lnk
[2011/11/30 12:06:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/28 13:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/11/28 13:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/11/28 13:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/11/28 12:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/11/28 12:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/11/28 12:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/11/28 12:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/11/28 12:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/11/28 12:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/11/28 10:58:19 | 000,000,746 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/11/28 10:53:45 | 004,845,856 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Darron\Desktop\procexp.exe
[2011/11/28 10:51:30 | 000,061,440 | ---- | M] ( ) -- C:\Users\Darron\Desktop\VEW.exe
[2011/11/17 19:58:04 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\22481826.sys
[2011/11/16 17:20:40 | 000,187,632 | ---- | M] () -- C:\Users\Darron\Desktop\IMG-20111103-00106-1.jpg
[2011/11/16 13:31:48 | 000,008,926 | ---- | M] () -- C:\Users\Darron\Desktop\Label.png
[2011/11/16 11:39:20 | 000,080,384 | ---- | M] () -- C:\Users\Darron\Desktop\MBRCheck.exe
[2011/11/15 10:11:34 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Darron\Desktop\aswMBR.exe
[2011/11/15 09:22:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Darron\Desktop\OTL.exe
[2011/11/15 01:43:43 | 003,193,190 | ---- | M] () -- C:\Users\Darron\Desktop\Southwern Wine & Spirits career.pdf

========== Files Created - No Company Name ==========

[2011/12/12 10:56:48 | 000,000,093 | ---- | C] () -- C:\Users\Darron\Desktop\scan.bat
[2011/12/09 16:56:58 | 000,001,662 | ---- | C] () -- C:\Users\Public\Desktop\COWON Media Center - jetAudio.lnk
[2011/12/07 14:23:33 | 000,808,385 | ---- | C] () -- C:\Users\Darron\Desktop\FCB Application.pdf
[2011/12/03 10:04:58 | 104,486,648 | ---- | C] () -- C:\Users\Darron\Desktop\setup_11.0.0.1245.x01_2011_12_03_18_18.exe
[2011/12/02 13:23:29 | 000,097,468 | ---- | C] () -- C:\Users\Darron\Desktop\fixhelp.JPG
[2011/11/30 14:15:39 | 000,000,806 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_73340297.lnk
[2011/11/28 10:58:19 | 000,000,746 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/11/16 17:20:46 | 000,187,632 | ---- | C] () -- C:\Users\Darron\Desktop\IMG-20111103-00106-1.jpg
[2011/11/16 12:25:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/16 12:25:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/16 12:25:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/16 12:25:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/16 12:25:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/16 11:38:47 | 000,080,384 | ---- | C] () -- C:\Users\Darron\Desktop\MBRCheck.exe
[2011/11/15 01:44:05 | 003,193,190 | ---- | C] () -- C:\Users\Darron\Desktop\Southwern Wine & Spirits career.pdf
[2011/10/05 16:23:08 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\W32mkrc.dll
[2011/10/05 16:23:07 | 000,038,400 | ---- | C] () -- C:\Windows\SysWow64\OC25JPN.DLL
[2011/10/05 16:23:06 | 000,014,256 | ---- | C] () -- C:\Windows\SysWow64\VAJP2.DLL
[2011/10/05 16:22:58 | 000,000,255 | ---- | C] () -- C:\Windows\NSFASTW.INI
[2011/10/05 14:19:14 | 000,002,048 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\A&I Book Creator Prefs
[2011/09/28 10:53:41 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2011/07/28 11:29:00 | 000,001,332 | ---- | C] () -- \initdb526.ora
[2011/07/27 17:13:57 | 000,001,397 | ---- | C] () -- \newinitDB504.ora
[2011/07/27 17:13:57 | 000,001,332 | ---- | C] () -- \initfile.ora
[2011/07/05 15:08:06 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll
[2011/07/05 15:08:06 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll
[2011/07/05 15:08:06 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll
[2011/07/05 15:08:06 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll
[2011/07/05 15:08:06 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll
[2011/07/05 15:08:06 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll
[2011/07/05 15:08:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll
[2011/07/05 15:08:06 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll
[2011/07/05 15:04:49 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll
[2011/07/05 15:04:48 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll
[2011/02/22 00:42:43 | 000,000,600 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\winscp.rnd
[2011/02/14 03:32:58 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2011/02/14 03:32:09 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/02/14 03:32:01 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011/02/14 03:32:01 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/02/14 03:32:01 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/02/14 03:31:54 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/01/02 13:41:22 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010/10/15 02:07:05 | 000,000,701 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\init.dll
[2010/10/15 02:07:05 | 000,000,006 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\SYSTEM32.dll
[2010/10/15 02:06:54 | 000,000,701 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\sound.dll
[2010/10/15 02:05:09 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2010/10/13 21:52:46 | 000,001,456 | ---- | C] () -- C:\Users\Darron\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/10/12 18:09:28 | 000,000,132 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/08/16 13:17:23 | 000,000,732 | ---- | C] () -- C:\Users\Darron\AppData\Local\d3d9caps64.dat
[2009/12/08 14:10:45 | 000,130,503 | ---- | C] () -- C:\Windows\hpoins21.dat
[2009/12/08 14:10:45 | 000,008,138 | ---- | C] () -- C:\Windows\hpomdl21.dat
[2009/12/08 14:10:38 | 000,355,416 | ---- | C] () -- \hpzids40.dll
[2009/12/03 12:43:20 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 12:42:10 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/03 12:41:05 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/11/13 09:11:25 | 000,787,200 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/26 20:18:09 | 000,026,311 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\UserTile.png
[2009/10/24 15:06:39 | 000,000,256 | ---- | C] () -- \pool.bin
[2009/10/22 19:28:33 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2009/10/14 22:14:47 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX.INI
[2009/10/11 16:19:14 | 000,000,268 | RH-- | C] () -- C:\Users\Darron\AppData\Roaming\Rock
[2009/10/10 20:39:53 | 000,001,356 | ---- | C] () -- C:\Users\Darron\AppData\Local\d3d9caps.dat
[2009/10/10 14:37:19 | 000,220,160 | ---- | C] () -- C:\Users\Darron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/03 00:49:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/06/19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009/03/04 13:53:58 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/04 13:09:41 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2009/03/04 13:09:40 | 000,333,257 | RHS- | C] () -- \bootmgr
[2009/03/04 13:06:36 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/07 21:03:36 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\REWCACHE.DAT
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2005/09/23 02:39:38 | 000,894,976 | ---- | C] () -- \msdia80.dll

========== LOP Check ==========

[2009/11/17 16:10:18 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\.myibay
[2011/10/05 14:18:46 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\A&I Book Creator
[2009/11/13 09:05:40 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\ACT
[2011/01/09 00:32:44 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Ashampoo
[2011/03/03 16:53:02 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/12/09 17:10:07 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\COWON
[2011/12/12 10:54:18 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Dropbox
[2011/05/29 12:56:31 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\DRPSu
[2011/09/09 03:51:25 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\F6F31246D56317A2310463B7840217AF
[2009/10/30 11:51:37 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\GARMIN
[2011/06/29 13:56:05 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\GetRightToGo
[2011/07/02 11:23:33 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\HandBrake
[2011/06/27 19:36:54 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\HDRsoft
[2011/07/05 18:59:23 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\ICAClient
[2009/11/13 09:19:26 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\IsolatedStorage
[2009/12/22 02:04:15 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Mipony
[2010/07/24 23:08:41 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\mjusbsp
[2010/10/25 13:17:13 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\MyScribe
[2009/10/14 21:59:10 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Nikon
[2010/01/12 21:57:37 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\OxelonMC
[2009/11/03 12:41:07 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\PeerNetworking
[2010/11/16 14:03:49 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Prish
[2011/07/14 16:14:52 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Pro800-Pro900 Series
[2010/10/09 12:15:30 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\QuickScan
[2011/06/29 14:45:37 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Red Kawa
[2010/11/17 12:27:21 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Research In Motion
[2011/08/12 01:07:55 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\rinsebyreal
[2011/09/28 10:53:24 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Softouch
[2011/08/17 14:39:47 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Solveig Multimedia
[2011/10/30 18:57:25 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/02/02 01:15:09 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\SWiSH Max3
[2011/12/11 00:01:18 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\uTorrent
[2011/02/18 13:48:05 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Windows Live Writer
[2011/12/12 10:50:57 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:0CE7F3C9
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EA029835
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:63238B95

< End of report >

CHECKHD

The type of the file system is NTFS.
Volume label is OS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
1668 large file records processed.

0 bad file records processed.

0 EA records processed.

58 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
42564 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.

298937343 KB total disk space.
185401304 KB in 233798 files.
144996 KB in 42565 indexes.
0 KB in bad sectors.
481923 KB in use by the system.
65536 KB occupied by the log file.
112909120 KB available on disk.

4096 bytes in each allocation unit.
74734335 total allocation units on disk.
28227280 allocation units available on disk.
  • 0

#45
michaelg9
Posted 13 December 2011 - 11:46 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello there
Make sure Windows Defender is off. You can check its statues following this

Next:

Please uninstall Spybot - Search & Destroy. It may be interfering with the scans. You may re-install it after we finish if you want.

Next:

Follow this to reset firewall's settings

Next:

Try to run a Malware Bytes scan again and tell me if it finished.
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP