Hi,
And thank you. Yes, GMER and Hijackthis both showed 'bad' stuff. The first time Hijackthis ran it analysed and seemed to show something but before I could properly read it the system crashed and blue screened. I re ran Hijack this and had to cut and paste the log to the hijackthis website which showed some bad things - particularly a URL hook that when I deleted I got access to my emails again, only the URL hook regenerates fast and blocks me again. GMER's log had bad things in it according to hijackthis website where I pasted it for analysis.
I downloaded Farbar Recovery Scan Tool as you suggested and below are the log results.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2013
Ran by Neil (administrator) on 06-08-2013 09:34:58
Running from C:\Users\Neil\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TOSHIBA Corporation) C:\windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(FTR Pty. Ltd.) C:\Program Files (x86)\FTR\ForTheRecord\FTRSearchFolders.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Trend Micro Inc.) E:\1HijackThis2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [] - [x]
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-26] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-16] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-15] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-04] (Synaptics Incorporated)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1520552 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-12] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1289704 2012-09-12] (Microsoft Corporation)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-15] (SUPERAntiSpyware.com)
MountPoints2: {03eb8da2-6370-11e2-af5c-806e6f6e6963} - CD Wizard.exe
MountPoints2: {0f501b76-ce36-11e2-92fc-047d7b368ea5} - E:\Setup.exe
MountPoints2: {736f5cfb-fd5d-11e2-a6d6-001374000000} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A13B07 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
MountPoints2: {87f1e455-7182-11e2-9af1-047d7b368ea5} - E:\setup_QuickStart.exe
MountPoints2: {b08583a4-e1e0-11e2-b60f-047d7b368ea5} - E:\Setup.exe
MountPoints2: {d38ae019-dd67-11e2-b0b9-047d7b368ea5} - E:\Setup.exe
MountPoints2: {dae2876f-d00c-11e2-b5f3-047d7b368ea5} - F:\Setup.exe
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-23] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSleepSrv] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-05] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-30] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-11] (Microsoft Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FTR Search Folders] - C:\Program Files (x86)\FTR\ForTheRecord\FTRSearchFolders.exe [94208 2012-12-06] (FTR Pty. Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://toshiba.msn.com
SearchScopes: HKLM - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL =
http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL =
http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKCU - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL =
http://www.bing.com/...rc=IE-SearchBox
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {5DBF0043-899B-4B69-87A5-34555198C7C2}
http://winscribe.pac...ibeWebSetup.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 202.69.110.111 8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Neil\AppData\Roaming\Mozilla\Firefox\Profiles\6yflg091.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (SimilarWeb) - C:\Users\Neil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.1_0
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-24] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368896 2012-09-12] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-01] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-01] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-06 09:34 - 2013-08-06 09:34 - 00000000 ____D C:\FRST
2013-08-06 09:31 - 2013-08-06 09:31 - 00000015 _____ C:\Users\Neil\Desktop\geeks to go password.txt
2013-08-06 09:27 - 2013-08-06 09:28 - 01788685 _____ (Farbar) C:\Users\Neil\Desktop\FRST64.exe
2013-08-06 00:22 - 2013-08-06 00:22 - 00012122 _____ C:\Users\Neil\Desktop\hijackthis1
2013-08-06 00:04 - 2013-08-06 00:04 - 00001721 _____ C:\Users\Neil\Desktop\gmer log.log
2013-08-05 23:44 - 2013-08-05 23:44 - 00000288 _____ C:\Users\Neil\Downloads\RootkitRemover20130805234420.txt
2013-08-05 23:33 - 2013-08-05 23:33 - 00000008 _____ C:\Users\Neil\Desktop\new password.txt
2013-08-05 23:31 - 2013-08-05 23:31 - 00001105 _____ C:\Users\Public\Desktop\Express Zip.lnk
2013-08-05 23:24 - 2013-08-05 23:27 - 00000000 ____D C:\Users\Neil\Downloads\backups
2013-08-05 23:19 - 2013-08-05 23:19 - 00292288 _____ C:\windows\Minidump\080513-29016-01.dmp
2013-08-05 23:19 - 2013-08-05 23:19 - 00000000 ____D C:\windows\Minidump
2013-08-05 23:18 - 2013-08-05 23:18 - 979258949 _____ C:\windows\MEMORY.DMP
2013-08-05 23:15 - 2013-08-05 23:39 - 00011660 _____ C:\Users\Neil\Downloads\hijackthis.log
2013-08-05 23:10 - 2013-08-05 23:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Neil\Downloads\Hijack1This2.exe
2013-08-05 23:02 - 2013-08-05 23:03 - 03307552 _____ (PortableApps.com) C:\Users\Neil\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2013-08-05 22:45 - 2013-08-05 22:45 - 00208216 _____ (Kaspersky Lab, GERT) C:\windows\system32\Drivers\76286478.sys
2013-08-05 22:40 - 2013-08-05 22:40 - 00000227 _____ C:\Users\Neil\Downloads\mbr.log
2013-08-05 22:38 - 2013-08-05 22:38 - 00089088 _____ C:\Users\Neil\Downloads\ab48ab.exe
2013-08-05 22:36 - 2013-08-05 22:36 - 00377856 _____ C:\Users\Neil\Downloads\q6dy1m1r.exe
2013-08-05 21:17 - 2013-08-05 21:18 - 02014704 _____ (Google) C:\Users\Neil\Desktop\GoogleDesktopSetup.exe
2013-08-05 21:15 - 2013-08-05 21:15 - 00022003 _____ C:\ComboFix.txt
2013-08-05 19:02 - 2013-08-06 15:34 - 00000000 ____D C:\windows\erdnt
2013-08-05 19:02 - 2013-08-05 21:15 - 00000000 ____D C:\Qoobox
2013-08-05 18:48 - 2013-08-05 18:49 - 00002958 _____ C:\Users\Neil\Desktop\Rkill.txt
2013-08-05 18:39 - 2013-08-06 15:34 - 00000000 ____D C:\Program Files (x86)\Opera
2013-08-05 18:39 - 2013-08-05 18:39 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Opera Software
2013-08-05 18:39 - 2013-08-05 18:39 - 00000000 ____D C:\Users\Neil\AppData\Local\Opera Software
2013-08-05 18:01 - 2013-08-06 15:34 - 00000000 ____D C:\cb5b39c98904fc3399a1f334
2013-08-05 17:54 - 2013-08-05 17:54 - 00000000 ____D C:\Users\Neil\AppData\Roaming\GetRightToGo
2013-08-05 15:10 - 2013-08-05 15:10 - 00000112 ___RH C:\Users\Neil\Downloads\Stinger.opt
2013-08-05 14:31 - 2013-08-05 14:31 - 00000000 ____D C:\Stinger_Quarantine
2013-08-05 14:30 - 2013-08-05 14:30 - 00494388 _____ C:\Users\Neil\Downloads\runtime.dat
2013-08-05 14:19 - 2013-08-05 14:19 - 00002262 _____ C:\Users\Neil\Desktop\HitmanPro_20130805_1419.log
2013-08-05 14:13 - 2013-08-05 14:19 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-05 13:29 - 2013-08-05 13:32 - 00000000 ____D C:\Users\Neil\Downloads\TMRBLog
2013-08-05 13:29 - 2013-08-05 13:29 - 00000000 ____D C:\Users\Neil\Downloads\log
2013-08-05 13:05 - 2013-08-05 13:10 - 19275792 _____ (Bitdefender LLC) C:\Users\Neil\Downloads\BootkitRemoval_x64.exe
2013-08-05 12:18 - 2013-08-05 12:18 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-05 12:15 - 2013-08-05 12:15 - 00001424 _____ C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-05 11:31 - 2013-08-05 11:31 - 00846864 _____ (Microsoft Corporation) C:\Users\Neil\Downloads\IE10-Windows6.1-en-us.exe
2013-08-05 10:54 - 2013-08-05 10:54 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-05 10:45 - 2013-08-06 09:23 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-05 10:45 - 2013-08-06 09:23 - 00000508 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 96a171f5-05c1-468f-80a2-e687421985b0.job
2013-08-05 10:45 - 2013-08-06 02:00 - 00000508 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 86031341-a712-4b5b-bc21-5e482ab89f6a.job
2013-08-05 10:45 - 2013-08-06 00:17 - 00000890 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-05 10:45 - 2013-08-05 11:09 - 00003890 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-05 10:45 - 2013-08-05 11:09 - 00003638 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-05 10:45 - 2013-08-05 10:45 - 00003578 _____ C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 86031341-a712-4b5b-bc21-5e482ab89f6a
2013-08-05 10:45 - 2013-08-05 10:45 - 00003504 _____ C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 96a171f5-05c1-468f-80a2-e687421985b0
2013-08-05 10:45 - 2013-08-05 10:45 - 00001819 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-08-05 10:45 - 2013-08-05 10:45 - 00000000 ____D C:\Users\Neil\AppData\Roaming\SUPERAntiSpyware.com
2013-08-05 10:44 - 2013-08-05 10:45 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-08-05 10:44 - 2013-08-05 10:44 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-08-05 10:37 - 2013-08-05 10:38 - 00000288 _____ C:\Users\Neil\Downloads\RootkitRemover20130805103721.txt
2013-08-05 10:37 - 2013-08-05 10:38 - 00000288 _____ C:\Users\Neil\Downloads\RootkitRemover20130805103720.txt
2013-08-05 10:35 - 2013-08-05 10:35 - 00551408 _____ (McAfee, Inc.) C:\Users\Neil\Downloads\rootkitremover.exe
2013-08-05 10:29 - 2013-08-05 10:34 - 26851216 _____ (SUPERAntiSpyware) C:\Users\Neil\Downloads\SUPERAntiSpyware.exe
2013-08-05 09:55 - 2013-08-05 09:55 - 00001080 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-05 09:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-08-05 09:52 - 2013-08-05 09:52 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-05 09:50 - 2013-08-05 09:51 - 02347384 _____ (ESET) C:\Users\Neil\Downloads\esetsmartinstaller_enu.exe
2013-08-05 09:43 - 2013-08-05 09:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neil\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-05 01:47 - 2013-08-05 09:10 - 00000000 ____D C:\Program Files (x86)\Safari
2013-08-05 01:39 - 2013-08-05 01:39 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Malwarebytes
2013-08-05 01:38 - 2013-08-05 09:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-05 01:38 - 2013-08-05 01:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-05 01:16 - 2013-08-05 01:16 - 00000000 ____D C:\Users\Neil\Desktop\The Master of Wisdom
2013-08-02 15:53 - 2013-08-02 15:53 - 00000000 ____D C:\Users\Neil\AppData\Roaming\tor
2013-08-01 22:34 - 2013-08-02 13:17 - 00000000 ____D C:\Users\Neil\Desktop\Auscript
2013-07-26 23:30 - 2013-08-05 09:26 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-26 23:29 - 2013-07-26 23:29 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-26 22:58 - 2013-07-26 22:58 - 00004353 _____ C:\Users\Neil\Desktop\ip.txt
2013-07-26 22:04 - 2013-08-05 17:42 - 00000000 ____D C:\Users\Neil\AppData\Roaming\EurekaLog
2013-07-25 18:28 - 2013-07-25 18:28 - 00000043 _____ C:\Users\Neil\Documents\ipcam.txt
2013-07-25 17:37 - 2013-07-25 17:38 - 00000992 _____ C:\Users\Public\Desktop\IP Camera Tool.lnk
2013-07-25 17:33 - 2013-07-25 17:46 - 00000000 ____D C:\Program Files (x86)\IP Camera Super Client
2013-07-25 17:33 - 2013-07-25 17:33 - 00000994 _____ C:\Users\Neil\Desktop\IP Camera Super Client.lnk
2013-07-25 17:33 - 2012-12-24 14:19 - 01863640 _____ (TODO: <公司名>) C:\windows\SysWOW64\oPlayer.ocx
2013-07-25 17:33 - 2012-12-24 14:19 - 00394200 _____ C:\windows\SysWOW64\H264Decoder.dll
2013-07-25 17:33 - 2011-12-09 09:51 - 00352256 _____ (H264) C:\windows\SysWOW64\Video.ocx
2013-07-25 17:33 - 2011-12-08 19:59 - 00057344 _____ () C:\windows\SysWOW64\PlaySdk.dll
2013-07-25 17:33 - 2011-06-26 10:37 - 00040960 _____ (WwW.YlmF.CoM) C:\windows\SysWOW64\CamSearch.ocx
2013-07-25 17:33 - 2011-06-04 13:33 - 00036864 _____ () C:\windows\SysWOW64\Socket.dll
2013-07-22 13:31 - 2013-07-22 13:36 - 21728904 _____ (Microsoft Corporation) C:\Users\Neil\Downloads\Windows-KB890830-x64-V5.2.exe
2013-07-22 12:21 - 2013-07-22 12:21 - 00000000 ____D C:\Users\Neil\AppData\Roaming\ResearchWare
2013-07-22 11:53 - 2013-07-22 11:55 - 12783616 _____ (Researchware, Inc.) C:\Users\Neil\Downloads\HyperTRANSCRIBE160_Installer.exe
2013-07-22 09:40 - 2013-05-09 18:59 - 00072016 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-07-21 22:17 - 2013-07-21 22:17 - 00015454 _____ C:\Users\Neil\Desktop\imgres.htm
2013-07-21 15:42 - 2013-07-21 15:42 - 02246990 _____ C:\Users\Neil\Downloads\Transcribe! v8.31 Full + Patch by nitincin1team.rar
2013-07-21 11:19 - 2013-07-21 11:19 - 00000000 ____D C:\Users\Neil\AppData\Roaming\QuickScan
2013-07-21 01:18 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\VoiceWalker
2013-07-21 01:18 - 2013-07-21 01:18 - 00001046 _____ C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceWalker.LNK
2013-07-21 01:17 - 2013-07-21 01:18 - 03037251 _____ C:\Users\Neil\Downloads\vwalker2.zip
2013-07-21 01:16 - 2013-07-21 01:16 - 00000218 _____ C:\Users\Neil\.recently-used.xbel
2013-07-21 01:07 - 2013-07-21 01:07 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TranscriberAG
2013-07-21 01:06 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\TranscriberAG
2013-07-21 01:02 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\Transcriber
2013-07-21 00:59 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-07-21 00:46 - 2013-07-21 00:51 - 00000000 ____D C:\Users\Neil\AppData\Roaming\InqScribe
2013-07-21 00:43 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\InqScribe
2013-07-21 00:38 - 2013-07-21 16:01 - 00000000 ____D C:\windows\System32\Tasks\NCH Swift Sound
2013-07-21 00:38 - 2013-07-21 00:38 - 00000000 ____D C:\ProgramData\NCH Swift Sound
2013-07-20 23:52 - 2013-07-22 09:16 - 00000000 ____D C:\Users\Neil\AppData\Roaming\gtk-2.0
2013-07-20 23:52 - 2013-07-21 01:13 - 00000000 ____D C:\Users\Neil\WorkAG
2013-07-20 23:52 - 2013-07-21 01:12 - 00000000 ____D C:\Users\Neil\.TransAG-log
2013-07-20 23:52 - 2013-07-21 01:12 - 00000000 ____D C:\Users\Neil\.TransAG
2013-07-20 23:50 - 2013-07-22 09:16 - 00000000 ____D C:\windows\SysWOW64\Adobe
2013-07-20 23:36 - 2005-08-12 19:04 - 00606208 _____ () C:\windows\system32\CoreAAC.ax
2013-07-20 23:25 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\The FTW Transcriber
2013-07-20 21:06 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\Transcribe!
2013-07-20 21:05 - 2013-07-20 21:05 - 00001351 _____ C:\Users\Neil\Documents\AutoHotkey.ahk
2013-07-20 21:03 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files\AutoHotkey
2013-07-20 20:50 - 2013-07-22 09:16 - 00000000 ____D C:\Program Files (x86)\AST
2013-07-20 20:45 - 2013-07-22 09:16 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Audacity
2013-07-20 20:35 - 2013-07-20 20:38 - 04250753 _____ C:\Users\Neil\Downloads\AudacityTranscriber_Setup.zip
2013-07-20 12:43 - 2013-08-05 11:56 - 00000000 ____D C:\Users\Neil\Desktop\The Transcription People
2013-07-16 05:09 - 2013-07-16 05:09 - 00000027 _____ C:\Users\Neil\Desktop\MOnica's email address.txt
2013-07-12 01:59 - 2013-06-12 09:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-12 01:59 - 2013-06-12 09:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-12 01:59 - 2013-06-12 09:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-12 01:59 - 2013-06-12 09:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-12 01:59 - 2013-06-12 09:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-12 01:59 - 2013-06-12 09:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-12 01:59 - 2013-06-12 09:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-12 01:59 - 2013-06-12 09:42 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-12 01:59 - 2013-06-12 09:42 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-12 01:59 - 2013-06-12 09:42 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-12 01:59 - 2013-06-12 09:42 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-12 01:59 - 2013-06-12 09:42 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-12 01:59 - 2013-06-12 09:42 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-12 01:59 - 2013-06-12 09:26 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-12 01:59 - 2013-06-12 09:26 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-12 01:59 - 2013-06-12 09:26 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-12 01:59 - 2013-06-12 09:25 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-12 01:59 - 2013-06-12 09:25 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-12 01:59 - 2013-06-12 08:51 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 01:59 - 2013-06-12 08:50 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-12 01:59 - 2013-06-07 13:22 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-12 01:59 - 2013-06-07 12:37 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 18:03 - 2013-06-04 16:00 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 18:03 - 2013-06-04 14:53 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 18:03 - 2013-05-06 16:03 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 18:03 - 2013-05-06 14:56 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 17:58 - 2013-06-05 13:34 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 17:57 - 2013-04-10 09:34 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 17:57 - 2013-04-03 08:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 16:42 - 2013-07-10 17:03 - 51986432 _____ C:\Users\Neil\Downloads\Alfred_Health_Focus_Group_CE_July_9__2013.WMA
2013-07-09 14:29 - 2013-07-23 03:23 - 00000000 ____D C:\Users\Neil\.frostwire5
2013-07-09 14:29 - 2013-07-09 14:30 - 00000000 ____D C:\Users\Neil\FrostWire
2013-07-09 10:39 - 2013-07-09 10:39 - 00002057 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-07-09 10:39 - 2013-07-09 10:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-08 23:07 - 2013-06-24 12:50 - 00000000 ____D C:\Users\Neil\Downloads\Tor Browser
2013-07-08 22:56 - 2013-07-08 22:56 - 00000098 _____ C:\Users\Neil\Desktop\Important emails.txt
2013-07-08 22:49 - 2013-07-08 22:49 - 00001490 _____ C:\Users\Neil\AppData\Local\recently-used.xbel
2013-07-08 22:30 - 2013-07-08 22:30 - 00000000 ____D C:\Users\Neil\AppData\Local\webkit
2013-07-08 19:21 - 2013-07-08 22:49 - 05854910 _____ C:\Users\Neil\Downloads\Deprive injustice of her children.xcf
2013-07-08 18:32 - 2013-07-08 18:41 - 18815928 _____ (FrostWire Team) C:\Users\Neil\Downloads\frostwire-5.6.2.windows.exe
2013-07-08 11:55 - 2013-07-08 11:55 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Thunderbird
2013-07-08 11:55 - 2013-07-08 11:55 - 00000000 ____D C:\Users\Neil\AppData\Local\Thunderbird
2013-07-08 11:34 - 2013-07-08 11:43 - 19669472 _____ (Mozilla) C:\Users\Neil\Downloads\Thunderbird Setup 17.0.7.exe
2013-07-08 09:51 - 2013-07-08 22:56 - 00000137 _____ C:\Users\Neil\Desktop\8_7_13 open.txt
2013-07-07 18:04 - 2013-07-07 20:42 - 24916996 _____ C:\Users\Neil\Downloads\WS116202.WMA
2013-07-07 00:56 - 2013-07-15 04:15 - 00000752 _____ C:\Users\Neil\Desktop\Data on Natalia.txt
==================== One Month Modified Files and Folders =======
2013-08-06 16:11 - 2013-06-20 16:27 - 00000000 ____D C:\ProgramData\WinScribe
2013-08-06 16:11 - 2013-06-20 16:27 - 00000000 ____D C:\Program Files (x86)\WinScribe
2013-08-06 16:11 - 2013-05-24 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-06 16:11 - 2013-05-05 20:59 - 00000000 ____D C:\Users\Neil\AppData\Roaming\vlc
2013-08-06 16:11 - 2009-07-14 13:20 - 00000000 ____D C:\windows\system32\NDF
2013-08-06 16:10 - 2013-01-26 12:50 - 00000000 ____D C:\Users\hedev
2013-08-06 16:10 - 2009-07-14 13:20 - 00000000 ____D C:\windows\registration
2013-08-06 15:34 - 2013-08-05 19:02 - 00000000 ____D C:\windows\erdnt
2013-08-06 15:34 - 2013-08-05 18:39 - 00000000 ____D C:\Program Files (x86)\Opera
2013-08-06 15:34 - 2013-08-05 18:01 - 00000000 ____D C:\cb5b39c98904fc3399a1f334
2013-08-06 09:34 - 2013-08-06 09:34 - 00000000 ____D C:\FRST
2013-08-06 09:31 - 2013-08-06 09:31 - 00000015 _____ C:\Users\Neil\Desktop\geeks to go password.txt
2013-08-06 09:28 - 2013-08-06 09:27 - 01788685 _____ (Farbar) C:\Users\Neil\Desktop\FRST64.exe
2013-08-06 09:27 - 2009-07-14 15:13 - 00779266 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-06 09:23 - 2013-08-05 10:45 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-06 09:23 - 2013-08-05 10:45 - 00000508 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 96a171f5-05c1-468f-80a2-e687421985b0.job
2013-08-06 02:00 - 2013-08-05 10:45 - 00000508 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 86031341-a712-4b5b-bc21-5e482ab89f6a.job
2013-08-06 00:24 - 2009-07-14 14:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-06 00:24 - 2009-07-14 14:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-06 00:22 - 2013-08-06 00:22 - 00012122 _____ C:\Users\Neil\Desktop\hijackthis1
2013-08-06 00:20 - 2013-01-21 12:07 - 01755691 _____ C:\windows\WindowsUpdate.log
2013-08-06 00:17 - 2013-08-05 10:45 - 00000890 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-06 00:17 - 2013-01-22 17:59 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-08-06 00:16 - 2013-02-20 21:06 - 00045358 _____ C:\windows\setupact.log
2013-08-06 00:16 - 2013-01-21 12:09 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-06 00:16 - 2010-11-21 13:47 - 00453538 _____ C:\windows\PFRO.log
2013-08-06 00:16 - 2009-07-14 15:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-06 00:11 - 2013-01-21 19:34 - 00000000 ____D C:\Users\Neil
2013-08-06 00:04 - 2013-08-06 00:04 - 00001721 _____ C:\Users\Neil\Desktop\gmer log.log
2013-08-05 23:44 - 2013-08-05 23:44 - 00000288 _____ C:\Users\Neil\Downloads\RootkitRemover20130805234420.txt
2013-08-05 23:39 - 2013-08-05 23:15 - 00011660 _____ C:\Users\Neil\Downloads\hijackthis.log
2013-08-05 23:33 - 2013-08-05 23:33 - 00000008 _____ C:\Users\Neil\Desktop\new password.txt
2013-08-05 23:31 - 2013-08-05 23:31 - 00001105 _____ C:\Users\Public\Desktop\Express Zip.lnk
2013-08-05 23:31 - 2013-01-26 07:52 - 00000000 ____D C:\ProgramData\NCH Software
2013-08-05 23:31 - 2013-01-26 07:52 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-08-05 23:27 - 2013-08-05 23:24 - 00000000 ____D C:\Users\Neil\Downloads\backups
2013-08-05 23:19 - 2013-08-05 23:19 - 00292288 _____ C:\windows\Minidump\080513-29016-01.dmp
2013-08-05 23:19 - 2013-08-05 23:19 - 00000000 ____D C:\windows\Minidump
2013-08-05 23:18 - 2013-08-05 23:18 - 979258949 _____ C:\windows\MEMORY.DMP
2013-08-05 23:13 - 2013-01-23 17:20 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Skype
2013-08-05 23:10 - 2013-08-05 23:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Neil\Downloads\Hijack1This2.exe
2013-08-05 23:03 - 2013-08-05 23:02 - 03307552 _____ (PortableApps.com) C:\Users\Neil\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2013-08-05 22:45 - 2013-08-05 22:45 - 00208216 _____ (Kaspersky Lab, GERT) C:\windows\system32\Drivers\76286478.sys
2013-08-05 22:40 - 2013-08-05 22:40 - 00000227 _____ C:\Users\Neil\Downloads\mbr.log
2013-08-05 22:38 - 2013-08-05 22:38 - 00089088 _____ C:\Users\Neil\Downloads\ab48ab.exe
2013-08-05 22:36 - 2013-08-05 22:36 - 00377856 _____ C:\Users\Neil\Downloads\q6dy1m1r.exe
2013-08-05 22:33 - 2013-01-30 07:30 - 00000000 ____D C:\Users\Neil\Desktop\Pacific Solutions
2013-08-05 21:18 - 2013-08-05 21:17 - 02014704 _____ (Google) C:\Users\Neil\Desktop\GoogleDesktopSetup.exe
2013-08-05 21:15 - 2013-08-05 21:15 - 00022003 _____ C:\ComboFix.txt
2013-08-05 21:15 - 2013-08-05 19:02 - 00000000 ____D C:\Qoobox
2013-08-05 18:49 - 2013-08-05 18:48 - 00002958 _____ C:\Users\Neil\Desktop\Rkill.txt
2013-08-05 18:39 - 2013-08-05 18:39 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Opera Software
2013-08-05 18:39 - 2013-08-05 18:39 - 00000000 ____D C:\Users\Neil\AppData\Local\Opera Software
2013-08-05 17:54 - 2013-08-05 17:54 - 00000000 ____D C:\Users\Neil\AppData\Roaming\GetRightToGo
2013-08-05 17:42 - 2013-07-26 22:04 - 00000000 ____D C:\Users\Neil\AppData\Roaming\EurekaLog
2013-08-05 15:10 - 2013-08-05 15:10 - 00000112 ___RH C:\Users\Neil\Downloads\Stinger.opt
2013-08-05 14:31 - 2013-08-05 14:31 - 00000000 ____D C:\Stinger_Quarantine
2013-08-05 14:30 - 2013-08-05 14:30 - 00494388 _____ C:\Users\Neil\Downloads\runtime.dat
2013-08-05 14:19 - 2013-08-05 14:19 - 00002262 _____ C:\Users\Neil\Desktop\HitmanPro_20130805_1419.log
2013-08-05 14:19 - 2013-08-05 14:13 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-05 13:32 - 2013-08-05 13:29 - 00000000 ____D C:\Users\Neil\Downloads\TMRBLog
2013-08-05 13:29 - 2013-08-05 13:29 - 00000000 ____D C:\Users\Neil\Downloads\log
2013-08-05 13:10 - 2013-08-05 13:05 - 19275792 _____ (Bitdefender LLC) C:\Users\Neil\Downloads\BootkitRemoval_x64.exe
2013-08-05 12:45 - 2011-04-08 21:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-05 12:45 - 2011-04-08 21:05 - 00000000 ____D C:\Program Files\Toshiba
2013-08-05 12:18 - 2013-08-05 12:18 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-05 12:15 - 2013-08-05 12:15 - 00001424 _____ C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-05 11:56 - 2013-07-20 12:43 - 00000000 ____D C:\Users\Neil\Desktop\The Transcription People
2013-08-05 11:44 - 2013-04-16 08:57 - 00011002 _____ C:\windows\IE10_main.log
2013-08-05 11:31 - 2013-08-05 11:31 - 00846864 _____ (Microsoft Corporation) C:\Users\Neil\Downloads\IE10-Windows6.1-en-us.exe
2013-08-05 11:20 - 2009-07-14 13:20 - 00000000 ____D C:\windows\LiveKernelReports
2013-08-05 11:09 - 2013-08-05 10:45 - 00003890 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-05 11:09 - 2013-08-05 10:45 - 00003638 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-05 10:54 - 2013-08-05 10:54 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-05 10:45 - 2013-08-05 10:45 - 00003578 _____ C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 86031341-a712-4b5b-bc21-5e482ab89f6a
2013-08-05 10:45 - 2013-08-05 10:45 - 00003504 _____ C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 96a171f5-05c1-468f-80a2-e687421985b0
2013-08-05 10:45 - 2013-08-05 10:45 - 00001819 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-08-05 10:45 - 2013-08-05 10:45 - 00000000 ____D C:\Users\Neil\AppData\Roaming\SUPERAntiSpyware.com
2013-08-05 10:45 - 2013-08-05 10:44 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-08-05 10:45 - 2013-01-22 17:59 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-05 10:44 - 2013-08-05 10:44 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-08-05 10:38 - 2013-08-05 10:37 - 00000288 _____ C:\Users\Neil\Downloads\RootkitRemover20130805103721.txt
2013-08-05 10:38 - 2013-08-05 10:37 - 00000288 _____ C:\Users\Neil\Downloads\RootkitRemover20130805103720.txt
2013-08-05 10:35 - 2013-08-05 10:35 - 00551408 _____ (McAfee, Inc.) C:\Users\Neil\Downloads\rootkitremover.exe
2013-08-05 10:34 - 2013-08-05 10:29 - 26851216 _____ (SUPERAntiSpyware) C:\Users\Neil\Downloads\SUPERAntiSpyware.exe
2013-08-05 09:55 - 2013-08-05 09:55 - 00001080 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-05 09:55 - 2013-08-05 01:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-05 09:52 - 2013-08-05 09:52 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-05 09:51 - 2013-08-05 09:50 - 02347384 _____ (ESET) C:\Users\Neil\Downloads\esetsmartinstaller_enu.exe
2013-08-05 09:49 - 2013-08-05 09:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neil\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-05 09:28 - 2013-01-22 17:59 - 00001933 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-05 09:28 - 2013-01-22 17:59 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-08-05 09:26 - 2013-07-26 23:30 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-08-05 09:26 - 2013-06-25 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-05 09:26 - 2013-06-09 23:32 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Mozilla
2013-08-05 09:26 - 2013-02-04 06:50 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-08-05 09:26 - 2013-02-04 06:46 - 00000000 ___HD C:\ProgramData\CanonIJEGV
2013-08-05 09:26 - 2013-01-26 21:56 - 00000000 ____D C:\Users\Neil\AppData\Local\Microsoft Help
2013-08-05 09:26 - 2009-07-14 13:20 - 00000000 ____D C:\windows\AppCompat
2013-08-05 09:10 - 2013-08-05 01:47 - 00000000 ____D C:\Program Files (x86)\Safari
2013-08-05 01:39 - 2013-08-05 01:39 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Malwarebytes
2013-08-05 01:38 - 2013-08-05 01:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-05 01:16 - 2013-08-05 01:16 - 00000000 ____D C:\Users\Neil\Desktop\The Master of Wisdom
2013-08-02 15:53 - 2013-08-02 15:53 - 00000000 ____D C:\Users\Neil\AppData\Roaming\tor
2013-08-02 13:17 - 2013-08-01 22:34 - 00000000 ____D C:\Users\Neil\Desktop\Auscript
2013-07-26 23:29 - 2013-07-26 23:29 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-26 22:58 - 2013-07-26 22:58 - 00004353 _____ C:\Users\Neil\Desktop\ip.txt
2013-07-25 20:25 - 2013-01-23 17:13 - 00000000 ____D C:\Users\Neil\AppData\Local\CrashDumps
2013-07-25 18:28 - 2013-07-25 18:28 - 00000043 _____ C:\Users\Neil\Documents\ipcam.txt
2013-07-25 17:46 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files (x86)\IP Camera Super Client
2013-07-25 17:38 - 2013-07-25 17:37 - 00000992 _____ C:\Users\Public\Desktop\IP Camera Tool.lnk
2013-07-25 17:33 - 2013-07-25 17:33 - 00000994 _____ C:\Users\Neil\Desktop\IP Camera Super Client.lnk
2013-07-23 16:23 - 2013-02-08 18:31 - 00000000 ____D C:\Users\Neil\Documents\Bluetooth
2013-07-23 16:23 - 2013-01-21 19:44 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Toshiba
2013-07-23 09:53 - 2013-06-08 23:48 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Apple Computer
2013-07-23 03:24 - 2013-05-29 10:37 - 00000000 ____D C:\Program Files (x86)\Sony
2013-07-23 03:24 - 2013-02-11 20:33 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-23 03:23 - 2013-07-09 14:29 - 00000000 ____D C:\Users\Neil\.frostwire5
2013-07-22 13:36 - 2013-07-22 13:31 - 21728904 _____ (Microsoft Corporation) C:\Users\Neil\Downloads\Windows-KB890830-x64-V5.2.exe
2013-07-22 13:12 - 2013-06-08 23:48 - 00000000 ____D C:\Users\Neil\AppData\Local\Apple Computer
2013-07-22 12:21 - 2013-07-22 12:21 - 00000000 ____D C:\Users\Neil\AppData\Roaming\ResearchWare
2013-07-22 11:55 - 2013-07-22 11:53 - 12783616 _____ (Researchware, Inc.) C:\Users\Neil\Downloads\HyperTRANSCRIBE160_Installer.exe
2013-07-22 09:16 - 2013-07-21 01:18 - 00000000 ____D C:\Program Files (x86)\VoiceWalker
2013-07-22 09:16 - 2013-07-21 01:06 - 00000000 ____D C:\Program Files (x86)\TranscriberAG
2013-07-22 09:16 - 2013-07-21 01:02 - 00000000 ____D C:\Program Files (x86)\Transcriber
2013-07-22 09:16 - 2013-07-21 00:59 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-07-22 09:16 - 2013-07-21 00:43 - 00000000 ____D C:\Program Files (x86)\InqScribe
2013-07-22 09:16 - 2013-07-20 23:52 - 00000000 ____D C:\Users\Neil\AppData\Roaming\gtk-2.0
2013-07-22 09:16 - 2013-07-20 23:50 - 00000000 ____D C:\windows\SysWOW64\Adobe
2013-07-22 09:16 - 2013-07-20 23:25 - 00000000 ____D C:\Program Files (x86)\The FTW Transcriber
2013-07-22 09:16 - 2013-07-20 21:06 - 00000000 ____D C:\Program Files (x86)\Transcribe!
2013-07-22 09:16 - 2013-07-20 21:03 - 00000000 ____D C:\Program Files\AutoHotkey
2013-07-22 09:16 - 2013-07-20 20:50 - 00000000 ____D C:\Program Files (x86)\AST
2013-07-22 09:16 - 2013-07-20 20:45 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Audacity
2013-07-21 22:17 - 2013-07-21 22:17 - 00015454 _____ C:\Users\Neil\Desktop\imgres.htm
2013-07-21 16:01 - 2013-07-21 00:38 - 00000000 ____D C:\windows\System32\Tasks\NCH Swift Sound
2013-07-21 15:42 - 2013-07-21 15:42 - 02246990 _____ C:\Users\Neil\Downloads\Transcribe! v8.31 Full + Patch by nitincin1team.rar
2013-07-21 11:19 - 2013-07-21 11:19 - 00000000 ____D C:\Users\Neil\AppData\Roaming\QuickScan
2013-07-21 01:18 - 2013-07-21 01:18 - 00001046 _____ C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceWalker.LNK
2013-07-21 01:18 - 2013-07-21 01:17 - 03037251 _____ C:\Users\Neil\Downloads\vwalker2.zip
2013-07-21 01:16 - 2013-07-21 01:16 - 00000218 _____ C:\Users\Neil\.recently-used.xbel
2013-07-21 01:13 - 2013-07-20 23:52 - 00000000 ____D C:\Users\Neil\WorkAG
2013-07-21 01:12 - 2013-07-20 23:52 - 00000000 ____D C:\Users\Neil\.TransAG-log
2013-07-21 01:12 - 2013-07-20 23:52 - 00000000 ____D C:\Users\Neil\.TransAG
2013-07-21 01:07 - 2013-07-21 01:07 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TranscriberAG
2013-07-21 00:51 - 2013-07-21 00:46 - 00000000 ____D C:\Users\Neil\AppData\Roaming\InqScribe
2013-07-21 00:38 - 2013-07-21 00:38 - 00000000 ____D C:\ProgramData\NCH Swift Sound
2013-07-20 21:05 - 2013-07-20 21:05 - 00001351 _____ C:\Users\Neil\Documents\AutoHotkey.ahk
2013-07-20 20:38 - 2013-07-20 20:35 - 04250753 _____ C:\Users\Neil\Downloads\AudacityTranscriber_Setup.zip
2013-07-16 05:09 - 2013-07-16 05:09 - 00000027 _____ C:\Users\Neil\Desktop\MOnica's email address.txt
2013-07-15 04:15 - 2013-07-07 00:56 - 00000752 _____ C:\Users\Neil\Desktop\Data on Natalia.txt
2013-07-12 09:06 - 2009-07-14 14:45 - 00342000 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-12 09:05 - 2010-11-21 17:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 09:05 - 2009-07-14 15:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 09:05 - 2009-07-14 15:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 17:03 - 2013-07-10 16:42 - 51986432 _____ C:\Users\Neil\Downloads\Alfred_Health_Focus_Group_CE_July_9__2013.WMA
2013-07-09 14:30 - 2013-07-09 14:29 - 00000000 ____D C:\Users\Neil\FrostWire
2013-07-09 10:39 - 2013-07-09 10:39 - 00002057 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-07-09 10:39 - 2013-07-09 10:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-08 23:04 - 2013-06-08 14:59 - 00000000 ____D C:\Users\Neil\AppData\Roaming\EVDO_General
2013-07-08 22:56 - 2013-07-08 22:56 - 00000098 _____ C:\Users\Neil\Desktop\Important emails.txt
2013-07-08 22:56 - 2013-07-08 09:51 - 00000137 _____ C:\Users\Neil\Desktop\8_7_13 open.txt
2013-07-08 22:53 - 2013-02-12 00:18 - 00000000 ____D C:\Users\Neil\.gimp-2.8
2013-07-08 22:49 - 2013-07-08 22:49 - 00001490 _____ C:\Users\Neil\AppData\Local\recently-used.xbel
2013-07-08 22:49 - 2013-07-08 19:21 - 05854910 _____ C:\Users\Neil\Downloads\Deprive injustice of her children.xcf
2013-07-08 22:30 - 2013-07-08 22:30 - 00000000 ____D C:\Users\Neil\AppData\Local\webkit
2013-07-08 18:41 - 2013-07-08 18:32 - 18815928 _____ (FrostWire Team) C:\Users\Neil\Downloads\frostwire-5.6.2.windows.exe
2013-07-08 11:55 - 2013-07-08 11:55 - 00000000 ____D C:\Users\Neil\AppData\Roaming\Thunderbird
2013-07-08 11:55 - 2013-07-08 11:55 - 00000000 ____D C:\Users\Neil\AppData\Local\Thunderbird
2013-07-08 11:43 - 2013-07-08 11:34 - 19669472 _____ (Mozilla) C:\Users\Neil\Downloads\Thunderbird Setup 17.0.7.exe
2013-07-07 20:42 - 2013-07-07 18:04 - 24916996 _____ C:\Users\Neil\Downloads\WS116202.WMA
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-02 11:51
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2013
Ran by Neil at 2013-08-06 09:35:23
Running from C:\Users\Neil\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Bluetooth Filter Driver Package (Version: 1.00.007)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36)
Atheros Driver Installation Program (x32 Version: 9.2)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Bing Rewards Client Installer (x32 Version: 16.0.345.0)
Bluetooth Stack for Windows by Toshiba (Version: v8.00.04(T))
Canon Easy-WebPrint EX (x32)
Canon IJ Scan Utility (x32)
Canon MP230 series MP Drivers (Version: 1.00)
Canon MP230 series On-screen Manual (x32 Version: 7.5.0)
Canon My Image Garden (x32 Version: 1.0.0)
Canon My Image Garden Design Files (x32 Version: 1.0.0)
Canon My Printer (x32 Version: 3.0.0)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726) (x32)
dradis 2.9 (x32 Version: 2.9)
ESET Online Scanner v3 (x32)
exant HD Audio (Version: 8.51.1.0)
Express Scribe (x32)
Express Zip (x32)
FTR TheRecord Player (x32 Version: 5.6.1.0)
GIMP 2.8.4 (Version: 2.8.4)
Google Update Helper (x32 Version: 1.3.21.153)
Intel® Management Engine Components (x32 Version: 7.0.0.1144)
Intel® Rapid Storage Technology (x32 Version: 10.1.2.1004)
IP Camera Super Client 1.1.4.548 (x32)
IP Camera Viewer 1.0 (x32)
IPCamSetup (x32 Version: 1.00.0000)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (x32 Version: 2.2.114.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 9.0.21022)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (x32 Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 17.0.7)
Mozilla Thunderbird 17.0.7 (x86 en-GB) (x32 Version: 17.0.7)
MSVCRT (x32 Version: 15.4.2862.0708)
NVIDIA 3D Vision Driver 266.69 (Version: 266.69)
NVIDIA Control Panel 266.69 (Version: 266.69)
NVIDIA Graphics Driver 266.69 (Version: 266.69)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA PhysX (x32 Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6669)
Python 3.3.2 (x32 Version: 3.3.2150)
Realtek USB 2.0 Reader Driver (x32 Version: 1.0.0.12)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
Ruby 1.9.3-p0 (HKCU Version: 1.9.3-p0)
Skype™ 6.5 (x32 Version: 6.5.158)
Sony Player Plug-in for Windows Media Player (x32)
SUPERAntiSpyware (Version: 5.6.1020)
Switch Sound File Converter (x32)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TOSHIBA Bulletin Board (Version: 2.0.16.64)
TOSHIBA Bulletin Board (x32 Version: 2.0.16.64)
TOSHIBA ConfigFree (x32 Version: 8.0.37)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA eco Utility (Version: 1.2.25.64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Face Recognition (x32 Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 4.08.06.00)
TOSHIBA Hardware Setup (x32 Version: 4.08.06.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7)
TOSHIBA Media Controller (x32 Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (x32 Version: 1.0.6.1)
TOSHIBA PC Health Monitor (Version: 1.7.4.64)
TOSHIBA Recovery Media Creator (x32 Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA ReelTime (x32 Version: 1.7.17.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (x32 Version: 1.1.0)
TOSHIBA Service Station (x32 Version: 2.1.52)
TOSHIBA Sleep Utility (x32 Version: 1.4.2.7)
TOSHIBA Speech System Applications (x32 Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (x32)
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (x32)
TOSHIBA Supervisor Password (Version: 4.08.06.00)
TOSHIBA Supervisor Password (x32 Version: 4.08.06.00)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Value Added Package (x32 Version: 1.5.4.64)
TOSHIBA Web Camera Application (x32 Version: 2.0.0.19)
TOSHIBA Wireless LAN Indicator (x32 Version: 1.0.3)
VLC media player 2.0.6 (x32 Version: 2.0.6)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
WinScribe Client (x32 Version: 4.0.4)
==================== Restore Points =========================
04-08-2013 23:39:45 Windows Update
05-08-2013 00:58:27 Removed Java 7 Update 25
05-08-2013 01:47:44 Windows Modules Installer
05-08-2013 03:21:57 Removed WinScribe Client
==================== Hosts content: ==========================
2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {17A6E95D-67C0-4CD5-B6D9-7EF6DC053803} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {44EF5747-17E9-4BF8-873F-05137C4B6964} - System32\Tasks\SUPERAntiSpyware Scheduled Task 96a171f5-05c1-468f-80a2-e687421985b0 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-24] (SUPERAdBlocker.com)
Task: {49E94470-A45A-40EF-9DDC-DA0CEE6C91C6} - System32\Tasks\{ABE24EB4-1025-4C4B-B8CD-7F1C2CC824FF} => C:\Program Files\Internet Explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {51715239-3672-4E08-B82A-11F68032E05A} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-04] (TOSHIBA CORPORATION)
Task: {52FCA67B-3509-4CC0-8E80-167815121611} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {99B75612-4C91-4A8E-BA9F-F4836B1EA72A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2012-09-12] (Microsoft Corporation)
Task: {C5A3B7B3-456C-476D-A373-1E5A26146723} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {E7529B1D-228A-4BB9-BCF3-315660371F7C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {F4633A33-CFC7-44E1-9D57-01E5EF09EE66} - System32\Tasks\SUPERAntiSpyware Scheduled Task 86031341-a712-4b5b-bc21-5e482ab89f6a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-24] (SUPERAdBlocker.com)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 86031341-a712-4b5b-bc21-5e482ab89f6a.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 96a171f5-05c1-468f-80a2-e687421985b0.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/06/2013 00:57:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/06/2013 00:57:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/06/2013 00:57:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/06/2013 00:56:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/06/2013 00:18:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 11:43:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/05/2013 11:20:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 10:14:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 09:58:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 05:59:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/06/2013 09:23:28 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (08/06/2013 09:23:27 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (08/06/2013 09:23:26 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (08/06/2013 00:10:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/06/2013 00:10:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/06/2013 00:10:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/06/2013 00:10:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/06/2013 00:10:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/06/2013 00:10:39 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (08/06/2013 00:10:38 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Microsoft Office Sessions:
=========================
Error: (08/06/2013 00:57:15 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Neil\downloads\esetsmartinstaller_enu.exe
Error: (08/06/2013 00:57:12 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Neil\downloads\esetsmartinstaller_enu.exe
Error: (08/06/2013 00:57:10 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Neil\downloads\esetsmartinstaller_enu.exe
Error: (08/06/2013 00:56:18 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (08/06/2013 00:18:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 11:43:47 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Neil\Downloads\esetsmartinstaller_enu.exe
Error: (08/05/2013 11:20:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 10:14:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 09:58:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2013 05:59:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-08-05 22:40:51.308
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Neil\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-05 22:40:51.272
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Neil\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-05 22:40:51.142
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Neil\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-05 22:40:51.106
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Neil\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-05 22:40:45.447
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Neil\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-05 22:40:45.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Neil\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 8173.86 MB
Available physical RAM: 5552.73 MB
Total Pagefile: 16345.9 MB
Available Pagefile: 13388.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (S3A4489D001) (Fixed) (Total:581.31 GB) (Free:410.18 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive e: () (Removable) (Total:1.95 GB) (Free:1.85 GB) FAT (Disk=1 Partition=1)
Drive f: () (Removable) (Total:15 GB) (Free:14.9 GB) FAT32 (Disk=2 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: D77BF2C6)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=581 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=17)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================